Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
Oct. 3, 2024, 9:52 a.m.
Description
This intelligence report details a sophisticated malware campaign targeting multiple industries across various countries. The threat actor employs advanced tactics, techniques, and procedures (TTPs) to infiltrate networks, maintain persistence, and exfiltrate sensitive data. The malware used in this campaign is highly modular and adaptable, allowing the attackers to customize their approach for each target. The report highlights the use of social engineering, exploits for known vulnerabilities, and custom-built tools to achieve their objectives. It also provides indicators of compromise (IoCs) and recommendations for detection and mitigation.
Date
| Published | Created | Modified |
|---|---|---|
| Oct. 3, 2024, 9:50 a.m. | Oct. 3, 2024, 9:50 a.m. | Oct. 3, 2024, 9:52 a.m. |
Indicators
e6ab24b826c034a6d9e152673b91159201577a3a9d626776f95222f01b7c21db
b25c79ba507a256c9ca12a9bd34def6a33f9c087578c03d083d7863c708eca21
6655c5686b9b0292cf5121fc6346341bb888704b421a85a15011456a9a2c192a
b15ba83681c4d2c2716602615288b7e64a1d4a9f4805779cebdf5e6c2399afb5
e7b6164b6ec7b7552c93713403507b531f625a8c64d36b60d660d66e82646696
dafad19900fff383c2790e017c958a1e92e84f7bb159a2a7136923b715a4c94f
451ee465675e674cebe3c42ed41356ae2c972703e1dc7800a187426a6b34efdc
3f81d1e70d9ee39c83b582ac3bcc1cdfe038f5da31331cdbcd4ff1a2d15bb7c8
24e12b8b1255df4e6619ed1a6ae1c75b17341eef7418450e661b74b144570017
103.27.202.185
103.245.165.237
www.toptipvideo.com
www.dl6yfsl.com
www.uvfr4ep.com
Attack Patterns
T1074
T1567
T1005
T1021
T1573
T1083
T1071
T1102
T1132
T1001
T1566
T1190
T1133
T1078