← Back to Pulse Feed
PULSE DETAIL
摩诃草,又名 Patchwork、白象、Hangover、Dropping Elephant 等,奇安信内部跟踪编号 APT-Q-36。该组织被普遍认为具有南亚地区背景,其最早攻击活动可追溯到 2009 年 11 月,已持续活跃 10 余年。该组织主要针对亚洲地区的国家进行网络间谍活动,攻击目标包括政府、军事、电力、工业、科研教育、外交和经济等领域的组织机构。
Indicators of Compromise (15 / 45 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | http://adobefileshare.com/download | — | 2025-12-03 | |
| URL | http://adobefileshare.com/getData | — | 2025-12-03 | |
| URL | http://adobefileshare.com/getfilename | — | 2025-12-03 | |
| URL | http://azureinternalupdates.com/download | — | 2025-12-03 | |
| URL | http://azureinternalupdates.com/getData | — | 2025-12-03 | |
| URL | http://azureinternalupdates.com/getfilename | — | 2025-12-03 | |
| URL | http://www.mydropboxbackup.com/analytics/stream | — | 2025-12-03 | |
| URL | http://www.virtualworldsapinner.com/insights/stream | — | 2025-12-03 | |
| URL | http://www.virtualworldsapinner.com/metrics/stream | — | 2025-12-03 | |
| URL | https://brityservice.info/ZxStpliGBsfdutMawer/lkhgBrPUyXbgIlErAStyilzsh/N1/SA | — | 2025-12-03 | |
| URL | https://brityservice.info/ZxStpliGBsfdutMawer/sIOklbgrTYULKcsdGBZxsfetmw | — | 2025-12-03 | |
| URL | https://scrollzshare.info/eeCetyUo8Tr | — | 2025-12-03 | |
| URL | https://www.mydropboxbackup.com/analytics/ | — | 2025-12-03 | |
| URL | https://www.virtualworldsapinner.com/insights/ | — | 2025-12-03 | |
| URL | https://www.virtualworldsapinner.com/metrics/ | — | 2025-12-03 |
References (1)