SYMBOL | COMMON_NAME | aka. SYNONYMS |
Actor(s): Axiom
There is no description at this point.
2022-05-04 ⋅ Cybereason ⋅ Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive PRIVATELOG Spyder STASHLOG Winnti |
2022-05-04 ⋅ Cybereason ⋅ Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques PRIVATELOG Spyder STASHLOG Winnti |
2022-05-01 ⋅ BushidoToken ⋅ Gamer Cheater Hacker Spy Egregor HelloKitty NetfilterRootkit RagnarLocker Winnti |
2021-11-16 ⋅ vmware ⋅ Monitoring Winnti 4.0 C2 Servers for Two Years Winnti |
2021-09-28 ⋅ Recorded Future ⋅ 4 Chinese APT Groups Identified Targeting Mail Server of Afghan Telecommunications Firm Roshan PlugX Winnti |
2021-09-21 ⋅ Recorded Future ⋅ China-Linked Group TAG-28 Targets India’s “The Times Group” and UIDAI (Aadhaar) Government Agency With Winnti Malware Winnti |
2021-09-14 ⋅ McAfee ⋅ Operation ‘Harvest’: A Deep Dive into a Long-term Campaign MimiKatz PlugX Winnti |
2021-07-08 ⋅ PTSecurity ⋅ How winnti APT grouping works Korlia ShadowPad Winnti |
2021-07-08 ⋅ Recorded Future ⋅ Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan Using Winnti and Other Tooling ShadowPad Spyder Winnti |
2021-07-08 ⋅ YouTube (PT Product Update) ⋅ How winnti APT grouping works Korlia ShadowPad Winnti |
2021-04-29 ⋅ NTT ⋅ The Operations of Winnti group Cobalt Strike ShadowPad Spyder Winnti |
2021-03-10 ⋅ ESET Research ⋅ Exchange servers under siege from at least 10 APT groups Microcin MimiKatz PlugX Winnti ToddyCat |
2021-02-28 ⋅ PWC UK ⋅ Cyber Threats 2020: A Year in Retrospect elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare |
2021-02-23 ⋅ CrowdStrike ⋅ 2021 Global Threat Report RansomEXX Amadey Anchor Avaddon BazarBackdoor Clop Cobalt Strike Conti Cutwail DanaBot DarkSide DoppelPaymer Dridex Egregor Emotet Hakbit IcedID JSOutProx KerrDown LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker NedDnLoader Nemty Pay2Key PlugX Pushdo PwndLocker PyXie QakBot Quasar RAT RagnarLocker Ragnarok RansomEXX REvil Ryuk Sekhmet ShadowPad SmokeLoader Snake SUNBURST SunCrypt TEARDROP TrickBot WastedLocker Winnti Zloader KNOCKOUT SPIDER OUTLAW SPIDER RIDDLE SPIDER SOLAR SPIDER VIKING SPIDER |
2021-01-20 ⋅ FireEye ⋅ Emulation of Kernel Mode Rootkits With Speakeasy Winnti |
2020-12-24 ⋅ IronNet ⋅ China cyber attacks: the current threat landscape PLEAD TSCookie FlowCloud Lookback PLEAD PlugX Quasar RAT Winnti |
2020-11-03 ⋅ Kaspersky Labs ⋅ APT trends report Q3 2020 WellMail EVILNUM Janicab Poet RAT AsyncRAT Ave Maria Cobalt Strike Crimson RAT CROSSWALK Dtrack LODEINFO MoriAgent Okrum PlugX poisonplug Rover ShadowPad SoreFang Winnti |
2020-09-18 ⋅ Symantec ⋅ APT41: Indictments Put Chinese Espionage Group in the Spotlight CROSSWALK PlugX poisonplug ShadowPad Winnti |
2020-08-06 ⋅ Wired ⋅ Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry Cobalt Strike MimiKatz Winnti Operation Skeleton Key |
2020-08-04 ⋅ BlackHat ⋅ Operation Chimera - APT Operation Targets Semiconductor Vendors Cobalt Strike MimiKatz Winnti Operation Skeleton Key |
2020-04-20 ⋅ QuoScient ⋅ WINNTI GROUP: Insights From the Past Winnti |
2020-03-04 ⋅ CrowdStrike ⋅ 2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT31 APT39 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group Leviathan MONTY SPIDER Mustang Panda NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER Pirate Panda SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER |
2020-03-03 ⋅ PWC UK ⋅ Cyber Threats 2019:A Year in Retrospect KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare Axiom |
2020-03-03 ⋅ GIthub (superkhung) ⋅ GitHub Repository: winnti-sniff Winnti |
2020-02-20 ⋅ Carbon Black ⋅ Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0) Winnti |
2020-01-31 ⋅ ESET Research ⋅ Winnti Group targeting universities in Hong Kong ShadowPad Winnti |
2020-01-31 ⋅ Tagesschau ⋅ Deutsches Chemieunternehmen gehackt Winnti |
2020 ⋅ Secureworks ⋅ BRONZE ATLAS Speculoos Winnti ACEHASH CCleaner Backdoor CHINACHOPPER Empire Downloader HTran MimiKatz PlugX Winnti Axiom |
2019-10 ⋅ CrowdStrike ⋅ Don't miss the forest for the trees gleaning hunting value from too much intrusion data Winnti |
2019-09-30 ⋅ Lastline ⋅ HELO Winnti: Attack or Scan? Winnti |
2019-09-04 ⋅ FireEye ⋅ APT41: Double Dragon APT41, a dual espionage and cyber crime operation EASYNIGHT Winnti |
2019-09-04 ⋅ CarbonBlack ⋅ CB TAU Threat Intelligence Notification: Winnti Malware 4.0 Winnti |
2019-08-09 ⋅ FireEye ⋅ Double Dragon APT41, a dual espionage and cyber crime operation CLASSFON crackshot CROSSWALK GEARSHIFT HIGHNOON HIGHNOON.BIN JUMPALL poisonplug Winnti |
2019-07-24 ⋅ Bayerischer Rundfunk ⋅ Attacking the Heart of the German Industry Winnti |
2019-07-24 ⋅ Github (br-data) ⋅ Winnti analysis Winnti |
2019-04-22 ⋅ Trend Micro ⋅ C/C++ Runtime Library Code Tampering in Supply Chain shadowhammer ShadowPad Winnti |
2018-10-01 ⋅ Macnica Networks ⋅ Trends in cyber espionage (targeted attacks) targeting Japan | First half of 2018 Anel Cobalt Strike Datper FlawedAmmyy Quasar RAT RedLeaves taidoor Winnti xxmm |
2018-05-22 ⋅ Github (TKCERT) ⋅ Nmap Script to scan for Winnti infections Winnti |
2018-03-05 ⋅ Github (TKCERT) ⋅ Suricata rules to detect Winnti communication Winnti |
2017-04-19 ⋅ Trend Micro ⋅ Of Pigs and Malware: Examining a Possible Member of the Winnti Group Winnti |
2017-03-22 ⋅ Trend Micro ⋅ Winnti Abuses GitHub for C&C Communications Winnti |
2016-03-06 ⋅ Github (TKCERT) ⋅ Network detector for Winnti malware Winnti |
2015-06-22 ⋅ Kaspersky Labs ⋅ Games are over: Winnti is now targeting pharmaceutical companies Winnti Axiom |
2015-04-06 ⋅ Novetta ⋅ WINNTI ANALYSIS Winnti |
2015 ⋅ Ruxcon ⋅ WHY ATTACKER TOOLSETS DO WHAT THEY DO Winnti |
2013-04 ⋅ Kaspersky Labs ⋅ Winnti - More than just a game portless Winnti |