??????????????????????????:?????????

?? > ?? > ??

???????????????????????:?????????

2025-01-19 12:12:12??:????:???

???????????????????????:?????????

??????????1??????????????????17???????????? ?????17?,????????????????????????

??????????????????

2024??????????????12??????????????????????????18?,?CNCERT?(

??????????????????????????????????????

(??????????)??

2024?8???????????????????19????????????????????????????,?,?/???????????????2024?8??????????????21?????????,??/????????????????

(?????????)???????????

2024???8????????21????12?,???????????,????????,?????????????????,???????????????????????????/xxx/xxxx?flag=syn_user_policy????????,??????????????/xxx/xxxStats?

(???)????????

2024??????????????11???????????6???2024?????11?8??2024??????????11?16?,?????276?????????????????????????????????????????

???????????????????????????

(?)?????????

????IP????,??????????,???????,???????????????,???

(???????????)?

2024???????????11??6????????????????11??????????16??????,???????????????????????????3?????????????IP??????,?,?,???,????????????????????,?????4.98GB?

???????????????

(??)????????????????

??????????????,????????????22??8??,????????????????10??????20??,??????,???????

(?)??

???????5?IP????????????,?,???????????????

(?)???????

???????,???,????????????????

??????????,?????,??

(?????????)??????????

?,?????,??????????,?276?,???????????????????????????,??????

????????????IP?

???????????????

2024??????12????????????????????????18????????,?CNCERT????????(

???????????????????????

(?)????????

?????Exchange?????2?????????????Exchange???????????,???????,?,?????

(????)??????????????

????,???????????2?????????????????,?????????????????,??????????????????????????????,????????????/owa/auth/xxx/xx.aspx?/owa/auth/xxx/yy.aspx,????????????????????????,??????????,?????

(?????)?30?

???????????????????????????,????,?????????????????????,???SSH?SMB????30????????????????????????????????????;??????,????????????????????????????????????????????????????????????????????????,??????????????????websocket+SSH??????????,??????,???WeChatxxxxxxxx.exe??????????????2??PIPE??????????????,??

????????????????????????

(????)???????????????

?????????????,??????????,??????,???????????????????????,?,???

(???????????)??????

????????????3?????,????????????????????????????????????????????????????,2023????5?2??????,??????????????????????(95.179.XX.XX)???????????,???????????????????,??????????,??????,????????�????�?�?�?�?�?�???(???????????+????)�?�??????IP?????????????�?�???????�???

(??????????????)?

?????,????????????????????????????????????,2023?????7????????26????,??????????????????????????????????(65.21.XX.XX)?,??????,?,?????????,?1.03GB???,??????�?????????�??�tip4XXXXXXXX.php�?

(???????)????????????

??,????,??????????????,?????????????????????????????????????????????SSH??,?????????,??

????????????????????

(?)?

?,???????????????????????22??8??????????????????????????????,????10????????????????????????????20?,?????,??????????????

(?)????????

2023???????????????????5?2023?10?,??????30?,??????????IP???????????????,??

(??????????????????????)???????????

?2?PIPE?????�c:\windows\system32\�?,?.net???????????????????????,??????????,???????????KB,?????TLS????????????????????????????????????????????????????,???????????????????https?,??????????????websocket+SSH?????????????????????,?????????????????????

?????????????????????IP?????

?????????????:??

??:

????
1. ????
2. ????
????
1. ????
2. ????
3. ????
????
1. ????
2. ????
3. ????
4. ???
????
1. ????
2. ????
3. ??????????

相关推荐