TIDRONE Targets Military and Satellite Industries in Taiwan

    Monday, September 9, 2024 In: Threat Research Print

    Date: 09/09/2024

    Severity: Medium

    Summary

    "TIDRONE Targets Military and Satellite Industries in Taiwan" refers to a situation where TIDRONE, a company specializing in drone technology, is focusing its efforts on the military and satellite sectors in Taiwan. This likely involves TIDRONE offering advanced drone solutions for defense purposes and satellite communications, aiming to enhance Taiwan's capabilities in these critical areas. The move might reflect growing geopolitical tensions and the increasing importance of advanced technology in national security and defense.

    Indicators of Compromise (IOC) List

    URL/Domain

    bestadll.fghytr.com

    client.wns.windowswns.com

    server.microsoftsvc.com

    service.symantecsecu ritycloud.com

    time.vmwaresync.com

    Hash

    1b08f1af849f34bd3eaf2c8a97100d1ac4d78ff4f1c82dbea9c618d2fcd7b4c8

f3897381b9a4723b5f1f621632b1d83d889721535f544a6c0f5b83f6ea3e50b3

4b5f609c6b6788bdf0b900dd3df3c982cd547e7925840000bdc4014f8a980070

f13869390dda83d40960d4f8a6b438c5c4cd31b4d25def7726c2809ddc573dc7

0d91dfd16175658da35e12cafc4f8aa22129b42b7170898148ad516836a3344f

db600b0ae5f7bfc81518a6b83d0c5d73e1b230e7378aab70b4e98a32ab219a18

1f22be2bbe1bfcda58ed6b29b573d417fa94f4e10be0636ab4c364520cda748e

19bbc2daa05a0e932d72ecfa4e08282aa4a27becaabad03b8fc18bb85d37743a

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    URL/Domain

    userdomainname like "server.microsoftsvc.com" or url like "server.microsoftsvc.com" or userdomainname like "bestadll.fghytr.com" or url like "bestadll.fghytr.com" or userdomainname like "client.wns.windowswns.com" or url like "client.wns.windowswns.com" or userdomainname like "service.symantecsecuritycloud.com" or url like "service.symantecsecuritycloud.com" or userdomainname like "time.vmwaresync.com" or url like "time.vmwaresync.com"

    Hash

    sha256hash IN ("1b08f1af849f34bd3eaf2c8a97100d1ac4d78ff4f1c82dbea9c618d2fcd7b4c8","f3897381b9a4723b5f1f621632b1d83d889721535f544a6c0f5b83f6ea3e50b3","4b5f609c6b6788bdf0b900dd3df3c982cd547e7925840000bdc4014f8a980070","f13869390dda83d40960d4f8a6b438c5c4cd31b4d25def7726c2809ddc573dc7","0d91dfd16175658da35e12cafc4f8aa22129b42b7170898148ad516836a3344f","db600b0ae5f7bfc81518a6b83d0c5d73e1b230e7378aab70b4e98a32ab219a18","1f22be2bbe1bfcda58ed6b29b573d417fa94f4e10be0636ab4c364520cda748e","19bbc2daa05a0e932d72ecfa4e08282aa4a27becaabad03b8fc18bb85d37743a")

    Reference: 

    https://www.trendmicro.com/en_us/research/24/i/tidrone-targets-military-and-satellite-industries-in-taiwan.html


    Tags

    Malware

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2024 by Gurucul - All rights reserved.