Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India
· Published 29/07/2024 10:59 · Modified 29/07/2024 11:37
Essential information
- Published
- 29/07/2024 10:59
- Modified
- 29/07/2024 11:37
- Tags
- 2024-07-29 action rat apt crimson rat disgomoji espionage geta rat india pakistan poseidon reverse rat
- Related entities
- 89 observables, 1 intrusion sets (apt), 18 techniques (mitre), 6 malware, 5 others
Description
This report examines the convergence of tactics employed by Pakistani cyber threat groups, including Transparent Tribe, SideCopy, and RusticWeb, targeting Indian government entities and critical infrastructure. It uncovers overlaps in their infrastructure, tactics, and payloads, suggesting coordination or shared resources. The analysis delves into the groups' evolving malware arsenal, decoy documents, and attack vectors, underlining the persistent cyber threats posed to India by these actors.
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Observables (89)
84.247.170.237192.64.117.203165.22.221.71161.35.207.209159.65.146.80157.245.100.177152.42.162.105151.106.117.91149.28.95.195103.133.215.65178.128.166.148162.0.209.11464.188.27.144https://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/binastos10/newpictures.pnghttps://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/binastos10/https://utkalsevasamitikanjurmarg.in/assets/pdfs/Salary_Increment_FY_2024/Salary_Increment_FY_2024.ziphttps://slidesfinder.com/free-templates/freefiles/158/tmps.dotmhttps://slidesfinder.com/free-templates/freefiles/158/rtloki.pnghttps://slidesfinder.com/free-templates/freefiles/158/rt12.pnghttps://slidesfinder.com/free-templates/freefiles/158/Letter002.pdfhttps://slidesfinder.com/free-templates/freefiles/158/08978.pnghttps://mazagondoc.com/images/word/Project_and_Services_Section_report_10102023.docxhttps://mazagondoc.com/images/word/Naval_Projects_Payment_section_Report_131023.docxhttps://mazagondoc.com/images/templates/propritery/doc-logo.pnghttps://mazagondoc.com/images/templates/logo.pnghttps://mazagondoc.com/images/templates/Slide7.pnghttps://mazagondoc.com/images/templates/Naval_Projects_Payment_section_Report_131023.docxhttps://mazagondoc.com/images/templates/Aerospace.dotmhttps://mazagondoc.com/images/sigthief.pyhttps://mazagondoc.com/images/pdf/cheexe.exehttps://mazagondoc.com/images/pdf/Naval_Projects_Payment_section_Report_29092023.docxhttps://mazagondoc.com/images/msedgprefix.exehttps://mazagondoc.com/images/msedg.exehttps://mazagondoc.com/images/msedg.bathttps://mazagondoc.com/images/igfxtk.exehttps://mazagondoc.com/images/awccs.bathttps://mazagondoc.com/images/igfxtk.bathttps://mazagondoc.com/images/Chromes.exehttps://mazagondoc.com/images/AdobeReader.bathttps://mazagondoc.com/images/AdobeArm.exehttps://mazagondoc.com/documents01/sigthief.pyhttps://mazagondoc.com/documents01/rt12.pnghttps://mazagondoc.com/documents01/Letter002.pdfhttps://mazagondoc.com/documents01/Filezilla.exehttps://mazagondoc.com/documents01/08978.pnghttps://mazagondoc.com/documents01/001doc.pdfhttps://googleservices.live/dakshf_upload.phphttps://dipl.site/Content/2022-23/01/04/WhatsApp_Image_2024-05-06.ziphttps://dipl.site/Content/2022-23/01/03/Imge12542.htahttps://dipl.site/Content/2022-23/01/03/https://dipl.site/Content/2022-23/01/02/US_China_standoff-Opportunity-for-India-Chadha-21-Aug-23.ziphttps://dipl.site/Content/2022-23/01/01/ugt254d.htahttps://dipl.site/Content/2022-23/01/01/https://campusportals.in/myfiles/bdocuments/survey1.ziphttps://campusportals.in/files/documents/xmlnsprcs.htahttps://campusportals.in/files/documents/bs/survey/2.htahttps://campusportals.in/files/documents/bs/survey/1.htahttps://campusportals.in/files/documents/bs/survey/https://campusportals.in/files/documents/bs/it/2.htahttps://campusportals.in/files/documents/bs/it/1.htahttps://campusportals.in/files/documents/bs/it/https://campusportals.in/files/documents/bs/economy/2.htahttps://campusportals.in/files/documents/bs/2.htahttps://campusportals.in/files/documents/bs/economy/1.htahttps://campusportals.in/files/documents/bs/economy/https://campusportals.in//files//documents//backup//ap.txthttps://campusportals.in/files/2.htahttp://vocport.com/khalistanLeaderprotesthttp://vocport.com/Contactushttp://defender.windowupdatecache.in/officalupdateshttp://defender.windowupdatecache.in/http://178.128.166.148/cjs-binhttp://checkdailytips.servehttp.com/dailyworkouthttp://165.22.221.71/distro-dlnahttp://159.65.146.80/bin-xdghttp://149.28.95.195/dakshf_upload.phphttp://157.245.100.177/acpid-dito97m.dropper.dzdefender.windowupdatecache.incheckdailytips.servehttp.comvocport.comgoogleservices.liveordai.questdns1.indianblog.xyzreviewassignment.incabinet-gov-pk.ministry-pk.nete7d7d45677d1552950f74dbb72f214995382baaffea9465da1a412108210335d91a4093cbda11aa4e4816708fd58c3339315b389d87a34e5078338213c5e07d9802c3b63a5026a52c90e6e96b5f96e2a70b662d23ff0db63f9ebe2894da6f077
Intrusion sets (APT) (1)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 06:08 · Modified 21/12/2025 06:08
Techniques (MITRE) (18)
-
XDG Autostart Entries
-
Cron
-
Domains
-
Malware
-
Domains
-
Upload Malware
-
Malware
-
Tool
-
Link Target
-
Malicious Link
-
Spearphishing Link
-
Registry Run Keys / Startup Folder
-
Malicious File
-
Shared Modules
-
Native API
-
Spearphishing Attachment
-
Windows Management Instrumentation
-
Command and Scripting Interpreter
Malware (6)
-
FamilyPublished 29/07/2024 10:59 · Modified 29/07/2024 10:59
-
FamilyPublished 29/07/2024 10:59 · Modified 29/07/2024 10:59
-
FamilyPublished 29/07/2024 10:59 · Modified 29/07/2024 10:59
-
FamilyPublished 29/07/2024 10:59 · Modified 29/07/2024 10:59
-
FamilyPublished 01/08/2025 12:31 · Modified 01/08/2025 12:31
-
FamilyPublished 04/02/2026 15:57 · Modified 04/02/2026 15:57
Others (5)
- India
- Defense
- Transportation
- Government
- Manufacturing