Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India
July 29, 2024, 11:37 a.m.
Tags
External References
Description
This report examines the convergence of tactics employed by Pakistani cyber threat groups, including Transparent Tribe, SideCopy, and RusticWeb, targeting Indian government entities and critical infrastructure. It uncovers overlaps in their infrastructure, tactics, and payloads, suggesting coordination or shared resources. The analysis delves into the groups' evolving malware arsenal, decoy documents, and attack vectors, underlining the persistent cyber threats posed to India by these actors.
Date
Published: July 29, 2024, 10:59 a.m.
Created: July 29, 2024, 10:59 a.m.
Modified: July 29, 2024, 11:37 a.m.
Indicators
e7d7d45677d1552950f74dbb72f214995382baaffea9465da1a412108210335d
91a4093cbda11aa4e4816708fd58c3339315b389d87a34e5078338213c5e07d9
802c3b63a5026a52c90e6e96b5f96e2a70b662d23ff0db63f9ebe2894da6f077
84.247.170.237
192.64.117.203
165.22.221.71
161.35.207.209
159.65.146.80
157.245.100.177
152.42.162.105
151.106.117.91
149.28.95.195
103.133.215.65
178.128.166.148
162.0.209.114
64.188.27.144
https://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/binastos10/newpictures.png
https://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/binastos10/
https://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/Salary_Increment_FY_2024.zip
https://slidesfinder.com/free-templates/freefiles/158/tmps.dotm
https://slidesfinder.com/free-templates/freefiles/158/rtloki.png
https://slidesfinder.com/free-templates/freefiles/158/rt12.png
https://slidesfinder.com/free-templates/freefiles/158/Letter002.pdf
https://slidesfinder.com/free-templates/freefiles/158/08978.png
https://mazagondoc.com/images/word/Project_and_Services_Section_report_10102023.docx
https://mazagondoc.com/images/word/Naval_Projects_Payment_section_Report_131023.docx
https://mazagondoc.com/images/templates/propritery/doc-logo.png
https://mazagondoc.com/images/templates/logo.png
https://mazagondoc.com/images/templates/Slide7.png
https://mazagondoc.com/images/templates/Naval_Projects_Payment_section_Report_131023.docx
https://mazagondoc.com/images/templates/Aerospace.dotm
https://mazagondoc.com/images/sigthief.py
https://mazagondoc.com/images/pdf/cheexe.exe
https://mazagondoc.com/images/pdf/Naval_Projects_Payment_section_Report_29092023.docx
https://mazagondoc.com/images/msedgprefix.exe
https://mazagondoc.com/images/msedg.exe
https://mazagondoc.com/images/msedg.bat
https://mazagondoc.com/images/igfxtk.exe
https://mazagondoc.com/images/awccs.bat
https://mazagondoc.com/images/igfxtk.bat
https://mazagondoc.com/images/Chromes.exe
https://mazagondoc.com/images/AdobeReader.bat
https://mazagondoc.com/images/AdobeArm.exe
https://mazagondoc.com/documents01/sigthief.py
https://mazagondoc.com/documents01/rt12.png
https://mazagondoc.com/documents01/Letter002.pdf
https://mazagondoc.com/documents01/Filezilla.exe
https://mazagondoc.com/documents01/08978.png
https://mazagondoc.com/documents01/001doc.pdf
https://googleservices.live/dakshf_upload.php
https://dipl.site/Content/2022-23/01/04/WhatsApp_Image_2024-05-06.zip
https://dipl.site/Content/2022-23/01/03/Imge12542.hta
https://dipl.site/Content/2022-23/01/03/
https://dipl.site/Content/2022-23/01/02/US_China_standoff-Opportunity-for-India-Chadha-21-Aug-23.zip
https://dipl.site/Content/2022-23/01/01/ugt254d.hta
https://dipl.site/Content/2022-23/01/01/
https://campusportals.in/myfiles/bdocuments/survey1.zip
https://campusportals.in/files/documents/xmlnsprcs.hta
https://campusportals.in/files/documents/bs/survey/2.hta
https://campusportals.in/files/documents/bs/survey/1.hta
https://campusportals.in/files/documents/bs/survey/
https://campusportals.in/files/documents/bs/it/2.hta
https://campusportals.in/files/documents/bs/it/1.hta
https://campusportals.in/files/documents/bs/it/
https://campusportals.in/files/documents/bs/economy/2.hta
https://campusportals.in/files/documents/bs/2.hta
https://campusportals.in/files/documents/bs/economy/1.hta
https://campusportals.in/files/documents/bs/economy/
https://campusportals.in//files//documents//backup//ap.txt
https://campusportals.in/files/2.hta
http://vocport.com/khalistanLeaderprotest
http://vocport.com/Contactus
http://defender.windowupdatecache.in/officalupdates
http://defender.windowupdatecache.in/
http://178.128.166.148/cjs-bin
http://checkdailytips.servehttp.com/dailyworkout
http://165.22.221.71/distro-dlna
http://159.65.146.80/bin-xdg
http://149.28.95.195/dakshf_upload.php
http://157.245.100.177/acpid-dit
o97m.dropper.dz
defender.windowupdatecache.in
checkdailytips.servehttp.com
vocport.com
googleservices.live
ordai.quest
dns1.indianblog.xyz
reviewassignment.in
cabinet-gov-pk.ministry-pk.net
Attack Patterns
Geta RAT
DISGOMOJI
Reverse RAT
Action RAT - S1028
Poseidon
Crimson RAT
APT36, SideCopy
T1547.013
T1053.003
T1584.001
T1588.001
T1583.001
T1608.001
T1587.001
T1588.002
T1608.005
T1204.001
T1566.002
T1547.001
T1204.002
T1129
T1106
T1566.001
T1047
T1059
Additional Informations
Defense
Transportation
Government
Manufacturing
India