CVE-2017-1188210

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

#ParsedReport #CompletenessLow 30-05-2023

Subgroup of the Blind Eagle? Analysis of recent attack activities from the Hagga organization

https://ti.qianxin.com/blog/articles/Subgroup-of-Blind-Eagle-Analysis-of-Recent-Attack-Activities-from-Hagga-Group-CN

Report completeness: Low

Actors/Campaigns: Blindeagle (motivation: information theft) Aggaa (motivation: information theft) Gorgon

Threats: Raindrop tool Revenge rat Agent tesla Limerat Njrat Asyncrat rat Nanocore rat Remcos rat Mana tool Harpoon Imminentmonitor rat Avemaria rat Quasar rat Eziriz tool

Victims: Colombian government, financial institutions, large domestic companies and multinational companies

Industry: Petroleum, Financial, Foodtech, Government

Geo: Nigerian, Colombian, Colombia, Asia, Columbia, Chinese, Pakistani, Ecuador, America, Panama, Chile, Americas, Spanish, China, Taiwan

CVEs: CVE-2017-1188210 [Vulners] CVSS V3.1: Unknown, Vulners: Exploitation: Unknown X-Force: Risk: Unknown X-Force: Patch: Unknown

CVE-2017-11882 [Vulners] CVSS V3.1: 7.8, Vulners: Exploitation: True X-Force: Risk: 7.8 X-Force: Patch: Official fix Soft:

microsoft office (2007, 2013, 2010, 2016)

ChatGPT TTPs: do not use without manual check T1036, T1045, T1064, T1086, T1032, T1117, T1078, T1076

IOCs: IP: 5 File: 4 Hash: 46

Softs: mysql

Crypto: bitcoin

Algorithms: base64

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-1188210

Affected Products

Undefined

CVE-2017-1188210

Related Identifiers

Affected Products

References · 1