Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024 ================================================================================================================== [File] [SHA-256] [Detection name] 88336746f2cf1034871c4ee334fae0d30c3eb101df6f3f1c94c777639293a031 Backdoor.Win32.WATERBEAR.ZTLD 609120ab45745bcfe8abc244ea1501ef563cb666abd9d730413c3986a76fb23d Backdoor.Win64.WATERBEAR.ZTLD 3ecbca7bf2e4557e92595fe23872658bc3337e6f77a3aff02fb7b460272de7f4 Backdoor.Win64.WATERBEAR.ZTLD d4b5127988fde3704193a30840e991dc745aea051d1551c7cb6f55853c8cb9da Backdoor.Win32.WATERBEAR.ZTLD 974c407dd918ccba245da0fb9d5a68f123c78aacfa85cdaba2271d6ad81380ae Trojan.Win64.DEUTERBEAR.ZTLD 3d8512a513e5f94ce49a742ae3e4853775f05d7481b29bfacef4316d7ba3bde2 Trojan.Win64.DEUTERBEAR.ZTLD.enc 057a0e0f522cc217ba8754abbb67f8a667c0054fe0dcdaf01f4930d75cd667cc Backdoor.Win64.DEUTERBEAR.ZTLD 31c76585ea703f96c95efab0778f599d8dc5c26eea5d155ce24f614e6bfe9e8c Trojan.Win64.DEUTERBEAR.ZTLD ================================================================================================================== [Network] *.quadrantbd[.]com *.taishanlaw[.]com *.bakhell[.]com *.gelatosg[.]com *.operatida[.]com *.randaln[.]com *.nestnewhome[.]com *.dailteeau[.]com *.lucashnancy[.]com *.ccarden[.]com *.availitond[.]com *.gayionsd[.]com *.rchitecture[.]org *.operatida[.]com *.centralizebd[.]com