otx.alienvault.com
Open in
urlscan Pro
143.204.98.54
Public Scan
URL:
https://otx.alienvault.com/pulse/61cdba240cd1f98f6a1e138f?utm_userid=swimlanecyou&utm_medium=inproduct&utm_source=otx&utm_c...
Submission: On December 30 via api from US — Scanned from DE
Submission: On December 30 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (169972) Suggest Edit Clone Embed Download Report Spam FLAGPRO: THE NEW MALWARE USED BY BLACKTECH * Created 33 minutes ago by AlienVault * Public * TLP: White BlackTech has been actively attacking Japanese companies for several years, using a new type of malware called Flagpro, according to NTT Security Japan and its security operation centre in Japan. Reference: https://insight-jp.nttsecurity.com/post/102hf3q/flagpro-the-new-malware-used-by-blacktech Tags: flagpro, blacktech Industries: Media, Defense, Telecommunications Targeted Countries: Taiwan , Japan Malware Family: FlagPro Att&ck IDs: T1104 - Multi-Stage Channels , T1027 - Obfuscated Files or Information , T1193 - Spearphishing Attachment , T1137.001 - Office Template Macros , T1060 - Registry Run Keys / Startup Folder , T1059 - Command and Scripting Interpreter , T1407 - Download New Code at Runtime , T1003 - OS Credential Dumping Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (24) * Related Pulses (20) * Comments (0) * History (0) IPv4 (5)Hostname (2)FileHash-MD5 (5)FileHash-SHA256 (7)FileHash-SHA1 (5) TYPES OF INDICATORS Japan (4)Singapore (1) THREAT INFRASTRUCTURE Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses hostnameupdate.centosupdates.comDec 30, 2021, 1:54:46 PM15 hostnameorg.misecure.comDec 30, 2021, 1:54:46 PM7 IPv445.32.23.140Dec 30, 2021, 1:54:46 PM7 IPv4172.104.109.217Dec 30, 2021, 1:54:46 PM4 IPv4139.162.87.180Dec 30, 2021, 1:54:46 PM7 FileHash-SHA256e81255ff6e0ed937603748c1442ce9d6588decf6922537037cf3f1a7369a8876Dec 30, 2021, 1:54:46 PM4 FileHash-SHA256e197c583f57e6c560b576278233e3ab050e38aa9424a5d95b172de66f9cfe970Dec 30, 2021, 1:54:46 PM10 FileHash-SHA256ba27ae12e6f3c2c87fd2478072dfa2747d368a507c69cd90b653c9e707254a1dOle2.Macro.Agent-9858828-0Dec 30, 2021, 1:54:46 PM7 FileHash-SHA256840ce62f92fc519cd1a33b62f4b9f92a962b7fb28c12d2f607dec0b520e6a4b2Dec 30, 2021, 1:54:46 PM6 FileHash-SHA25677680fb906476f0d84e15d5032f09108fdef8933bcad0b941c9f375fedd0b2c9Dec 30, 2021, 1:54:46 PM4 SHOWING 1 TO 10 OF 24 ENTRIES 1 2 3 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2021 AlienVault, Inc. * Legal * Status