Analysis of Suspected APT Attack Activities by “Silver Fox”
July 10, 2024, 10:31 a.m.
Tags
External References
Description
This document examines the recent activities of the Silver Fox cybercrime group, which has traditionally targeted financial and tax entities but has now shifted its focus towards impersonating national institutions and security companies. The analysis involves a phishing website, Winos remote control samples, a downloader trojan, and a PowerShell obfuscation tool. The group's tactics suggest a potential overlap between cybercrime and APT (Advanced Persistent Threat) operations, necessitating further monitoring.
Date
Published: July 10, 2024, 10:19 a.m.
Created: July 10, 2024, 10:19 a.m.
Modified: July 10, 2024, 10:31 a.m.
Indicators
https://paper.seebug.org/3192/
http://6014.anonymousrat7.com:80
http://6014.anonymousrat6.com:8888
http://6014.anonymousrat5.com:5555
6014.anonymousrat7.com
6014.anonymousrat6.com
6014.anonymousrat5.com
Attack Patterns
UpdateDll
Winos
Silver Fox
T1107
T1064
T1574.002
T1574
T1105
T1055
T1140
T1027
T1059