RESEARCHERS IDETIFIED NEW CHINESE SPYING CAMPAIGN TARGETING SOUTHEAST ASIA
Attackers have used spear-phishing techniques to implant the previously unknown backdoor on Victims. Further analysis reveals that attackers have used old Microsoft Office exploits and loaders with anti-analysis and anti-debugging techniques to access the victim’s machines.
1. Who Is Behind This New Chinese Spying Campaign?
2. Targets Of This New Chinese Spying Campaign?
3. How Is This New ‘Chinese Spying Campaign’ Operated?
4. Backdoor Commands
5. Indicators Of Compromise
Table of Contents :
* Delete/Create/Rename/Read/Write Files and get files attributes
* Get processes and services information
* Get screenshots
* Pipe Read/Write – run commands through cmd.exe
* Create/Terminate Process
* Get TCP/UDP tables
* Get CDROM drives data
* Get registry keys info
* Get titles of all top-level windows
* Get victim’s computer information – computer name, user name, gateway address, adapter data, Windows version (major/minor version and build number), and type of user
* Shutdown PC