← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation Tejas: A dying elephant curled up in the Kunlun Mountains
WHITE APT-Q-41 AlienVault 2022-06-08 Modified: 2022-07-08
75
IOCs
HIGH VOLUME
Qi Anxin Threat Intelligence Center once published the article named "Operation Magichm: A Brief Talk on the Manlinghua Organization's CHM File Delivery and Follow-up Operations" in 2021 . In addition to the new attack methods and samples used in the latest attack in April, the linked article will also provide an overview of the recent phishing activities of the Maya Elephant (APT-Q-41) and the basics of the Diamondback (APT-Q-39) this year.
aptq37aptq41aptq39manling floweraptq42tengyun snakemaya elephantrattlesnakeartradownloadermuuydownloader
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
ArtraDownloader MuuyDownLoader
Indicators of Compromise (7 / 75 total)
All domain CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 485283048babbc5a2fdd49063ea1f15ed27437d6 SHA1 of b63e9710cb67f4a649a83929ed9f0322 2022-06-08
FileHash-SHA1 a0c4ee924cd2a57e1b62b722c3b89a05ffc74663 SHA1 of 660a678cd7202475cf0d2c48b4b52bab 2022-06-08
FileHash-SHA1 b00c49638ec7eb0b3d265c54082128819366bb57 SHA1 of 9790ef74625b4f9b67bc64aa7eff0e4b 2022-06-08
FileHash-SHA1 bcc9e35c28430264575831e851182eca7219116f SHA1 of 71e1cfb5e5a515cea2c3537b78325abf 2022-06-08
FileHash-SHA1 c330ef43bbee001296c6c120cf68e4c90d078d9c SHA1 of 6e4b4eb701f3410ebfb5925db32b25dc 2022-06-08
FileHash-SHA1 cdd9ef479aaa61e8916e2c8a047f341b053b97cd SHA1 of ade9a4ee3acbb0e6b42fb57f118dbd6b 2022-06-08
FileHash-SHA1 ceb95d3cda3e389be72dd1546e9f730a544ce5a3 SHA1 of 5be886f7a6cbc23a0a00bdb2153f435b 2022-06-08
References (1)
↗ https://mp.weixin.qq.com/s/8j_rHA7gdMxY1_X8alj8Zg