2019-01-28: APT28 XTunnel Backdoor

Event ID 1040 UUID 5c500809-453c-4245-83e1-435c950d210f  Creator org CIRCL Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags misp-galaxy:mitre-enterprise-attack-intrusion-set=”APT28″x misp-galaxy:mitre-enterprise-attack-relationship=”APT28 (G0007) uses XTunnel (S0117)”x misp-galaxy:mitre-enterprise-attack-relationship=”APT28 uses XTunnel”x misp-galaxy:mitre-intrusion-set=”APT28″x misp-galaxy:mitre-mobile-attack-intrusion-set=”APT28″x misp-galaxy:mitre-enterprise-attack-malware=”XTunnel”x misp-galaxy:mitre-malware=”XTunnel”x ecsirt:intrusions=”backdoor”x veris:action:malware:variety=”Backdoor”x ms-caro-malware:malware-type=”Backdoor”x ms-caro-malware-full:malware-type=”Backdoor”x type:OSINTx osint:lifetime=”perpetual”x osint:certainty=”50″x tlp:whitex osint:source-type=”microblog-post”x    Date 2019-01-29 Threat Level Low Analysis Initial Distribution All communities    Published Yes 2022-08-17 16:57:52 #Attributes 20 (5 Objects) First recorded change 2019-01-29 08:37:40 Last change 2019-01-29 … Read more