TLP:WHITE6 IOCs
China-Linked Group Deploys Custom ASPX and ASHX Web Shells
Malware Families
Diamond Model
Adversary
Infrastructure(6)
Capability(3)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise6
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| IP | 124.156.129.151 exploitintel-blogmalware | High | 64 | Jun 7, 26 |
| Domain | hcgos.com intel-blogmalwarenetwork | High | 63 | Jun 7, 26 |
| Domain | ashx.lhlsjcb.com aptespionageintel-blog | High | 68 | Jun 7, 26 |
| Domain | c.hcgos.com c2intel-blogmalware | High | 63 | Jun 7, 26 |
| IP | 140.206.161.227 c2intel-blogmalware | High | 58 | Jun 7, 26 |
| IP | 43.160.202.246 c2intel-blogmalware | High | 64 | Jun 7, 26 |
IOC Relationship Graph
IOC Relationship Graph6 total IOCs
IPDomain