Today > | 3 Medium vulnerabilities   -   You can now download lists of IOCs here!

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand

Oct. 3, 2024, 9:52 a.m.

Description

This intelligence report details a sophisticated malware campaign targeting multiple industries across various countries. The threat actor employs advanced tactics, techniques, and procedures (TTPs) to infiltrate networks, maintain persistence, and exfiltrate sensitive data. The malware used in this campaign is highly modular and adaptable, allowing the attackers to customize their approach for each target. The report highlights the use of social engineering, exploits for known vulnerabilities, and custom-built tools to achieve their objectives. It also provides indicators of compromise (IoCs) and recommendations for detection and mitigation.

Date

Published: Oct. 3, 2024, 9:50 a.m.

Created: Oct. 3, 2024, 9:50 a.m.

Modified: Oct. 3, 2024, 9:52 a.m.

Indicators

e6ab24b826c034a6d9e152673b91159201577a3a9d626776f95222f01b7c21db

b25c79ba507a256c9ca12a9bd34def6a33f9c087578c03d083d7863c708eca21

6655c5686b9b0292cf5121fc6346341bb888704b421a85a15011456a9a2c192a

b15ba83681c4d2c2716602615288b7e64a1d4a9f4805779cebdf5e6c2399afb5

e7b6164b6ec7b7552c93713403507b531f625a8c64d36b60d660d66e82646696

dafad19900fff383c2790e017c958a1e92e84f7bb159a2a7136923b715a4c94f

451ee465675e674cebe3c42ed41356ae2c972703e1dc7800a187426a6b34efdc

3f81d1e70d9ee39c83b582ac3bcc1cdfe038f5da31331cdbcd4ff1a2d15bb7c8

24e12b8b1255df4e6619ed1a6ae1c75b17341eef7418450e661b74b144570017

103.27.202.185

103.245.165.237

www.toptipvideo.com

www.dl6yfsl.com

www.uvfr4ep.com

inly5sf.com

dljmp2p.com

Attack Patterns

T1074

T1567

T1005

T1021

T1573

T1083

T1071

T1102

T1132

T1001

T1566

T1190

T1133

T1078