Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

Earth Baku: An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor

WHITE APT41 AlienVault 2021-09-10 Modified: 2024-08-16

76

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

An APT group known as Earth Baku has updated its arsenal of malware tools to target companies in the Indo-Pacific region. Earth Baku, a cyberespionage and cybercriminal group, was charged by the US Department of Justice in August 2020 with computer intrusion offenses related to data theft, ransomware, and cryptocurrency mining attacks.

cobalt strike stealthmutant scramblecross stealthvector apt41 eath baku

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1190 T1566.001 T1059.003 T1059.005 T1569.002 T1053.005 T1574.002 T1055.012 T1562.006 T1027 T1218.004 T1036.003 T1027.002 T1573.001 T1071.001 T1071.004 T1090.004 T1105

MALWARE FAMILIES

StealthMutant ScrambleCross StealthVector Cobalt Strike - S0154

Indicators of Compromise (1 / 76 total)

All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
CVE	CVE-2021-26855	—	2021-09-10

References (1)

↗ https://documents.trendmicro.com/assets/white_papers/wp-earth-baku-an-apt-group-targeting-indo-pacific-countries.pdf