{
  "name": "Exploring the Depths of Multi-tiered Infrastructure",
  "slug": "exploring-the-depths-of-multi-tiered-infrastructure",
  "description": "This report provides an in-depth analysis of SolarMarker, a highly persistent and evolving malware family. It delves into the malware's evolution since 2020, detailing its functionality, evasion tactics, and targeting strategies. The report also highlights the multi-tiered infrastructure supporting SolarMarker, illustrating the threat actor's resilience and sophistication in swiftly rebuilding and strategically shifting infrastructure to evade detection. Additionally, it outlines the high volume of victims across various sectors, particularly education, healthcare, government, hospitality, and SMEs, emphasizing the widespread impact of this threat.",
  "published": "2024-05-14T11:06:13+00:00",
  "created_at": "2024-05-14T11:06:13+00:00",
  "modified_at": "2024-05-14T11:30:11+00:00",
  "created_at_opencti": "2024-05-14T11:06:13+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-05-09",
    "2024-05-10",
    "2024-05-14",
    "evasive",
    "information-stealing",
    "modular",
    "multi-tiered",
    "persistent",
    "solarmarker",
    "solarphantom"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "84.252.94.184"
      },
      {
        "id": "",
        "name": "91.206.178.133"
      },
      {
        "id": "",
        "name": "45.86.163.163"
      },
      {
        "id": "",
        "name": "37.120.198.226"
      },
      {
        "id": "",
        "name": "23.29.115.186"
      },
      {
        "id": "",
        "name": "217.138.215.85"
      },
      {
        "id": "",
        "name": "217.138.215.79"
      },
      {
        "id": "",
        "name": "217.138.215.105"
      },
      {
        "id": "",
        "name": "212.237.217.156"
      },
      {
        "id": "",
        "name": "212.237.217.136"
      },
      {
        "id": "",
        "name": "212.237.217.133"
      },
      {
        "id": "",
        "name": "2.58.15.58"
      },
      {
        "id": "",
        "name": "2.58.15.214"
      },
      {
        "id": "",
        "name": "2.58.14.246"
      },
      {
        "id": "",
        "name": "2.58.14.183"
      },
      {
        "id": "",
        "name": "194.15.216.237"
      },
      {
        "id": "",
        "name": "185.243.115.88"
      },
      {
        "id": "",
        "name": "185.243.113.47"
      },
      {
        "id": "",
        "name": "146.70.92.187"
      },
      {
        "id": "",
        "name": "146.70.80.83"
      },
      {
        "id": "",
        "name": "146.70.80.79"
      },
      {
        "id": "",
        "name": "146.70.80.66"
      },
      {
        "id": "",
        "name": "146.70.71.135"
      },
      {
        "id": "",
        "name": "146.70.40.228"
      },
      {
        "id": "",
        "name": "146.70.161.15"
      },
      {
        "id": "",
        "name": "146.70.160.62"
      },
      {
        "id": "",
        "name": "146.70.145.242"
      },
      {
        "id": "",
        "name": "146.70.125.68"
      },
      {
        "id": "",
        "name": "146.70.125.119"
      },
      {
        "id": "",
        "name": "146.70.121.88"
      },
      {
        "id": "",
        "name": "146.70.106.174"
      },
      {
        "id": "",
        "name": "146.70.104.176"
      },
      {
        "id": "",
        "name": "146.70.101.83"
      },
      {
        "id": "",
        "name": "146.0.79.21"
      },
      {
        "id": "",
        "name": "193.29.104.25"
      },
      {
        "id": "",
        "name": "78.135.73.152"
      },
      {
        "id": "",
        "name": "185.236.203.159"
      },
      {
        "id": "",
        "name": "e7d165f3728b96921b43984733a92a51148ec87aec900c519a547c470e2a12d9"
      },
      {
        "id": "",
        "name": "ace82e39c0c7bba7b66f589ae8523aeffb1b34aeafe6d2f1f5ed873a0b980936"
      },
      {
        "id": "",
        "name": "870f691ec9a83e9c4acce142e0acbf110260e6c8e707410c23c02076244f3973"
      },
      {
        "id": "",
        "name": "837e7a67db612b25bfd0f94d37cdbe8b2dc1a298fe5641f27a233ea6daa73bf0"
      },
      {
        "id": "",
        "name": "814a9e7720ea8f283e779a43ee72bb215aa6d27a07adfadd45d5c710fb86ee3a"
      },
      {
        "id": "",
        "name": "2de324d57bb96154e70958eea97713553f59025ca39220aec5d53c908cbf4645"
      },
      {
        "id": "",
        "name": "10fc8f8cf1b45a6a6b2b929414a84fc513f80d31b988c3d70f9a21968e943bf2"
      },
      {
        "id": "",
        "name": "056f373077ca5b6a070975b22839d6f427cbcaeaec4dc31df86231cd3757f7e3"
      }
    ],
    "malware": [
      {
        "id": "aa3ad13f-d82b-4a61-ae1b-700b502b0627",
        "name": "SolarPhantom",
        "slug": "solarphantom"
      },
      {
        "id": "f2ed23a6-762b-440c-9b31-c84e210bc9dc",
        "name": "SolarMarker",
        "slug": "solarmarker"
      }
    ],
    "intrusion_sets": [
      {
        "id": "ff1e9ff7-b85c-41ba-9275-aaed0f059ec9",
        "name": "SolarMarker",
        "slug": "solarmarker"
      }
    ],
    "attack_patterns": [
      {
        "id": "7ec3a60f-8eaa-4766-ab47-1a220616a29c",
        "name": "T1584.004"
      },
      {
        "id": "d19f56ca-5ce8-4bd1-af90-7d83e394470c",
        "name": "T1583.001"
      },
      {
        "id": "effdd452-1540-48f5-9fff-347c7526f6ba",
        "name": "T1583.004"
      },
      {
        "id": "320df345-a473-4f17-9588-6cd021c14bd3",
        "name": "T1583.003"
      },
      {
        "id": "e7d42089-23ed-495f-a2bc-c942c4e56fb7",
        "name": "T1573.002"
      },
      {
        "id": "14660ccf-ca6b-42f6-8bca-e1b7a04650b3",
        "name": "T1573.001"
      },
      {
        "id": "1e043fe4-2413-4b8e-887c-0fe45d095a24",
        "name": "T1583"
      },
      {
        "id": "32b33067-6566-4b8d-be80-e96f765d84de",
        "name": "T1059.001"
      },
      {
        "id": "52b92395-d3d3-4e05-976a-0fccccfce8d2",
        "name": "T1566.002"
      },
      {
        "id": "5999052b-e9ae-49e8-9235-d9bf975c22af",
        "name": "T1547.001"
      },
      {
        "id": "93b2c4dd-5523-4464-8976-78754ee372fd",
        "name": "T1012"
      },
      {
        "id": "fe6f2946-a01e-460c-9636-8c48b45dd0e6",
        "name": "T1189"
      },
      {
        "id": "c9ee9b30-ba84-4c24-95e9-e8242d42af3f",
        "name": "T1071.001"
      },
      {
        "id": "70616b2f-4019-4963-b758-5d9f6f20e201",
        "name": "T1082"
      },
      {
        "id": "cbd87c8c-3bed-461a-acef-56ffc8b87571",
        "name": "T1105"
      },
      {
        "id": "09124a92-c11f-4571-b35b-ab0bce6dd081",
        "name": "T1112"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "British Indian Ocean Territory"
      },
      {
        "id": "",
        "name": "Nigeria"
      },
      {
        "id": "",
        "name": "Bulgaria"
      },
      {
        "id": "",
        "name": "India"
      },
      {
        "id": "",
        "name": "Canada"
      },
      {
        "id": "",
        "name": "Japan"
      },
      {
        "id": "",
        "name": "Germany"
      },
      {
        "id": "",
        "name": "United Kingdom of Great Britain and Northern Ireland"
      },
      {
        "id": "",
        "name": "United States of America"
      },
      {
        "id": "",
        "name": "Russian Federation"
      },
      {
        "id": "",
        "name": "Hospitality"
      },
      {
        "id": "",
        "name": "Healthcare"
      },
      {
        "id": "",
        "name": "Education"
      },
      {
        "id": "",
        "name": "Government"
      }
    ]
  },
  "external_refs": [
    "https://otx.alienvault.com/pulse/664361c5cc06f48cb86b7f7a"
  ]
}