Pulse Detail — Threat Intelligence

PULSE NAME

Evolution of Russian APT29 – New Attacks and Techniques Uncovered

WHITE tr2222200 2023-07-28 Modified: 2023-07-28

IOCs

MEDIUM VOLUME

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1055 T1057 T1070 T1102 T1134 T1176 T1566 T1574

Indicators of Compromise (25)

All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain

TYPE	INDICATOR	DESCRIPTION	CREATED
CVE	CVE-2021-31207	—	2023-07-28
CVE	CVE-2021-34473	—	2023-07-28
CVE	CVE-2021-34523	—	2023-07-28
CVE	CVE-2022-30170	—	2023-07-28
FileHash-MD5	31867eb002d468df6ed7267d3db66a63	MD5 of b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d	2023-07-28
FileHash-MD5	b1820abc3a1ce2d32af04c18f9d2bfc3	MD5 of 6c55195f025fb895f9d0ec3edbf58bc0aa46c43eeb246cfb88eef1ae051171b3	2023-07-28
FileHash-MD5	d2b2f086bf9241954435caecc3ea851e	MD5 of e7c49758bae63c83d251cacbfada7c09af0c3038e8ff755c4c04f916385805d8	2023-07-28
FileHash-MD5	f29083f25d876bbc245a1f977169f8c2	MD5 of a61b35a9a9650396223bb82aad02c0ec1f1bb44b	2023-07-28
FileHash-SHA1	2194c9d88a3f90ace25733dad8a3dad004dc0e4e	SHA1 of b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d	2023-07-28
FileHash-SHA1	a61b35a9a9650396223bb82aad02c0ec1f1bb44b	—	2023-07-28
FileHash-SHA1	b260d80fa81885d63565773480ca1e436ab657a0	SHA1 of 6c55195f025fb895f9d0ec3edbf58bc0aa46c43eeb246cfb88eef1ae051171b3	2023-07-28
FileHash-SHA1	e16d41f69f5dbcffd39b9a6c1f8b5b5eda7f6651	SHA1 of e7c49758bae63c83d251cacbfada7c09af0c3038e8ff755c4c04f916385805d8	2023-07-28
FileHash-SHA256	4875a9c4af3044db281c5dc02e5386c77f331e3b92e5ae79ff9961d8cd1f7c4f	—	2023-07-28
FileHash-SHA256	59e5b2a7a3903e4fb9a23174b655adb75eb490625ddb126ef29446e47de4099f	—	2023-07-28
FileHash-SHA256	5f6219ade8e0577545b9f13afd28f6d6e991326f3c427d671d1c1765164b0d57	—	2023-07-28
FileHash-SHA256	6c55195f025fb895f9d0ec3edbf58bc0aa46c43eeb246cfb88eef1ae051171b3	—	2023-07-28
FileHash-SHA256	7fc9e830756e23aa4b050f4ceaeb2a83cd71cfc0145392a0bc03037af373066b	—	2023-07-28
FileHash-SHA256	966e070a52de1c51976f6ea1fc48ec77f6b89f4bf5e5007650755e9cd0d73281	SHA256 of a61b35a9a9650396223bb82aad02c0ec1f1bb44b	2023-07-28
FileHash-SHA256	a8ae10b43cbf4e3344e0184b33a699b19a29866bc1e41201ace1a995e8ca3149	—	2023-07-28
FileHash-SHA256	af1922c665e9be6b29a5e3d0d3ac5916ae1fc74ac2fe9931e5273f3c4043f395	—	2023-07-28
FileHash-SHA256	b422ba73f389ae5ef9411cf4484c840c7c82f2731c6324db0b24b6f87ce8477d	—	2023-07-28
FileHash-SHA256	d7bda5e39327fe12b0c1f42c8e27787f177a352f8eebafbe35d3e790724eceff	—	2023-07-28
FileHash-SHA256	e7c49758bae63c83d251cacbfada7c09af0c3038e8ff755c4c04f916385805d8	—	2023-07-28
URL	https://kefas.id/search/s.php	—	2023-07-28
domain	kefas.id	—	2023-07-28

References (1)

↗ https://www.avertium.com/resources/threat-reports/evolution-of-russian-apt29-new-attacks-and-techniques-uncovered