← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Operation Tejas: A dying elephant curled up in the Kunlun Mountains
WHITE APT-Q-41 AlienVault 2022-06-08 Modified: 2022-07-08
75
IOCs
HIGH VOLUME
Qi Anxin Threat Intelligence Center once published the article named "Operation Magichm: A Brief Talk on the Manlinghua Organization's CHM File Delivery and Follow-up Operations" in 2021 . In addition to the new attack methods and samples used in the latest attack in April, the linked article will also provide an overview of the recent phishing activities of the Maya Elephant (APT-Q-41) and the basics of the Diamondback (APT-Q-39) this year.
aptq37aptq41aptq39manling floweraptq42tengyun snakemaya elephantrattlesnakeartradownloadermuuydownloader
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
ArtraDownloader MuuyDownLoader
Indicators of Compromise (7 / 75 total)
All domain CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 092ba0e23d1eb7ff11a8c317977b52534e6ae3e2458916382f3eeea5715a618b SHA256 of b63e9710cb67f4a649a83929ed9f0322 2022-06-08
FileHash-SHA256 167bb1e45373a5b5878f3d9c1cb266fe7210da174026a47f66754d405ac36db8 SHA256 of ade9a4ee3acbb0e6b42fb57f118dbd6b 2022-06-08
FileHash-SHA256 55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396 SHA256 of 71e1cfb5e5a515cea2c3537b78325abf 2022-06-08
FileHash-SHA256 82fb9681d8e7dfd83ae95852b1572e5a54f745a8b38c5d0e77717eb47e0fd034 SHA256 of 9790ef74625b4f9b67bc64aa7eff0e4b 2022-06-08
FileHash-SHA256 91ddbe011f1129c186849cd4c84cf7848f20f74bf512362b3283d1ad93be3e42 SHA256 of 6e4b4eb701f3410ebfb5925db32b25dc 2022-06-08
FileHash-SHA256 d957239ba4d314e47de9748e77a229f4f969f55b3fcf54a096e7971c7f1bab7d SHA256 of 660a678cd7202475cf0d2c48b4b52bab 2022-06-08
FileHash-SHA256 dbd72490ce2642721ba8919b27a5f4854d2a8199132e9c4bb08f54b48282febc SHA256 of 5be886f7a6cbc23a0a00bdb2153f435b 2022-06-08
References (1)
↗ https://mp.weixin.qq.com/s/8j_rHA7gdMxY1_X8alj8Zg