Rectifyq📃Title: Actor behind Operation LagTime targets Russia
📅Date: 2020-11-26
🔗References:
Description
A look at some of the malware used in Operation LagTime and how it may have been used to target Russia and the rest of Europe. and other countries in a campaign of cyber-espionage.
🔖Rectifyq Taxonomies:
- relevancy: 🟡 Somewhat Relevant
- category: ⚔Threat
- sub-category: intrusion-analysis
- target: targeted
- MY-relevancy: somewhat-relevant
🔖MISP Galaxies:
- target-information=“Malaysia”
- target-information=“Russia”
- malpedia=“8.t Dropper”
- producer Medium
- mitre-attack-pattern=[]
MISP event uuid: d8a848e6-56b5-48d5-8088-69ff0f0bad05
Indicator of Compromise (IoCs)
type,value,comment
hostname, custom.songuulcomiss.com, ''
ip-dst, 103.106.250.239, 'The configuration of the backdoor’s C2, 103.106.250.239 which is hosted in Malaysia'
Full IOCs available in Rectifyq's MISP```