Back

The Overlapping Cyber Strategies Of Transparent Tribe And SideCopy Against India

May 15, 2024, 3:32 p.m.

Tags

malware
apt
rat
action rat
india
infection chain
2024-05-15
2024-05-10
reverserat

External References

https://cyble.com/

https://otx.alienvault.com/

Description

CRIL's analysis revealed SideCopy APT group's sophisticated malware campaign, employing malicious LNK files and a complex infection chain involving HTAs and loader DLLs to deploy malware like ReverseRAT and Action RAT. SideCopy targets Indian universities and government entities, suggesting potential overlap with Transparent Tribe's tactics. The campaign leverages spam emails with malicious links to initiate infections and establish backdoor access for data exfiltration and remote control of victim systems. SideCopy demonstrates evolving techniques, demanding heightened cybersecurity vigilance to defend against persistent threats.

Date

Published Created Modified
May 15, 2024, 3:16 p.m. May 15, 2024, 3:16 p.m. May 15, 2024, 3:32 p.m.

Indicators

d777bcb6fba73faf96cb422383404c3b81a8afa5aebbc8ed70076081de7daa0c

bc1acdca196f1ff72722243be2afe1429b88122afb9d4852d6d6e57689411d3d

93fb036e65c0683af5ffb98e2b61e30499dec068a4e15bf3bec8066d3e246852

902e087711ab8e612bd7cea9864bbadbe20a3500ba57f26f6eeb0b5b20b803ec

81038a217237afd16d80da7fc9219cbd145f9698bb512e2b625559a47ba73fec

4a81bb3f9f9fe8a10002c043210ff537c2fd4a879a694d0f18468c70eaf65cfe

37f20f232aa86316901baccbb44af1668b1d868c1ca9aba8fcb36584352b3e0f

a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91

9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507

64.188.27.144

www.seqrite.com

https://reviewassignment.online/files/documents/bs/survey/1.hta

https://www.seqrite.com/blog/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat/&nbsp

https://reviewassignment.online/files/documents/bs/it/1.hta

https://reviewassignment.online/files/documents/bs/economy/1.hta

https://reviewassignment.online//files//backup//ap.txt

https://reviewassignment.online/files/backup/ap.txt

http://dns1.indianblog.xyz/dailyworkout

dns1.indianblog.xyz

reviewassignment.online

reviewassignment.in

Attack Patterns

ReverseRAT

Action RAT - S1028

SideCopy

T1574.002

T1027.002

T1547.001

T1518.001

T1082

T1105

T1083

T1071

T1047

T1140

T1027

T1053

T1112

T1059

Additional informations

Education

Government

British Indian Ocean Territory

India