Rectifyq📃Title: The Naikon APT
📅Date: 2015-05-14
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: TA-profile
- target: targeted
- MY-relevancy: relevant
🔖MISP Galaxies:
- producer Kaspersky
- threat-actor Naikon
- target-information=“Cambodia”
- target-information=“China”
- target-information=“Indonesia”
- target-information=“Laos”
- target-information=“Malaysia”
- target-information=“Myanmar”
- target-information=“Nepal”
- target-information=“Philippines”
- target-information=“Singapore”
- target-information=“Thailand”
- target-information=“Vietnam”
- sector=“Civil society”
- sector=“Government, Administration”
- sector=“Military”
- mitre-attack-pattern=[]
MISP event uuid: 55e34dbc-1e1c-48f7-b63d-68e857eaa3c0
Indicator of Compromise (IoCs)
type,value,comment
md5, b4a8dc9eb26e727eafb6c8477963829c, 'No sample in VT\r\nLast check:08/03/2025'
md5, 172fd9cce78de38d8cbcad605e3d6675, 'No sample in VT\r\nLast check:08/03/2025'
md5, d74a7e7a4de0da503472f1f051b68745, 'No sample in VT\r\nLast check:08/03/2025'
md5, 93e84075bef7a11832d9c5aa70135dc6, 'No sample in VT\r\nLast check:08/03/2025'
hostname, linda.googlenow.in, 'C2'
hostname, admin0805.gnway.net, 'C2'
hostname, free.googlenow.in, 'C2'
hostname, frankhere.oicp.net, 'C2'
hostname, telcom.dhtu.info, 'C2'
hostname, laotel08.vicp.net, 'C2'
hostname, greensky27.vicp.net, 'C2'
hostname, googlemm.vicp.net, 'C2'
hostname, peacesyou.imwork.net, 'C2'
hostname, sayakyaw.xicp.net, 'C2'
hostname, ubaoyouxiang.gicp.net, 'C2'
hostname, htkg009.gicp.net, 'C2'
hostname, kyawthumyin.xicp.net, 'C2'
hostname, myanmartech.vicp.net, 'C2'
hostname, test-user123.vicp.cc, 'C2'
hostname, us.googlereader.pw, 'C2'
hostname, net.googlereader.pw, 'C2'
hostname, lovethai.vicp.net, 'C2'
hostname, yahoo.goodns.in, 'C2'
hostname, xl.findmy.pw, 'C2'
hostname, xl.kevins.pw, 'C2'
hostname, oraydns.googlesec.pw, 'C2'
hostname, gov.yahoomail.pw, 'C2'
hostname, pp.googledata.pw, 'C2'
hostname, mlfjcjssl.gicp.net, 'C2'
hostname, o.wm.ggpw.pw, 'C2'
hostname, oooppp.findmy.pw, 'C2'
hostname, cipta.kevins.pw, 'C2'
hostname, phi.yahoomail.pw, 'C2'
hostname, dd.googleoffice.in, 'C2'
hostname, moziliafirefox.wicp.net, 'C2'
hostname, bkav.imshop.in, 'C2'
hostname, baomoi.coyo.eu, 'C2'
hostname, macstore.vicp.cc, 'C2'
hostname, downloadwindows.imwork.net, 'C2'
hostname, vietkey.xicp.net, 'C2'
hostname, baomoi.vicp.cc, 'C2'
hostname, downloadwindow.imwork.net, 'C2'
hostname, www.ttxvn.net, 'C2'
hostname, vietlex.gnway.net, 'C2'
Full IOCs available in Rectifyq's MISP```