Overview - Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | sha256 | 1 | d4003e6978bcfef44fda3cb13d618ec89bf93debb75c0440c3ac4c1ed2472742 |
|
| Details | Domain | 1 | aol.net |
|
| Details | Github username | 1 | vernieri |
|
| Details | Url | 1 | https://github.com/vernieri |
|
| Details | Domain | 1 | xn--80a2a18a.net |
|
| Details | sha256 | 1 | 06ad9ddc92869e989c1df8e991b1bd18fb47bceb8ecc9806756493ba3a1a17d6 |
|
| Details | Url | 1 | https://www.nuspire.com/blog/vmware-vcenter-rce-vulnerability-what-you-need-to-know/ |
|
| Details | File | 1 | dx.exe |
|
| Details | Domain | 1 | lists.samba.org |
|
| Details | File | 1 | updata.dll |
|
| Details | File | 1 | c:\windows\system32\tttracer.exe |
|
| Details | File | 1 | c:\windows\syswow64\tttracer.exe |
|
| Details | File | 1 | 002877.html |
|
| Details | Url | 1 | https://twitter.com/oulusoyum/status/1191329746069655553 |
|
| Details | Url | 1 | https://twitter.com/mattifestation/status/1196390321783025666 |
|
| Details | Url | 1 | https://lists.samba.org/archive/cifs-protocol/2016-April/002877.html |
|
| Details | Url | 1 | https://github.com/SigmaHQ/sigma/blob/683b63f8184b93c9564c4310d10c571cbe367e1e/rules/windows/process_creation/proc_creation_win_lolbin_tttracer_mod_load.yml |
|
| Details | Url | 1 | https://github.com/SigmaHQ/sigma/blob/683b63f8184b93c9564c4310d10c571cbe367e1e/rules/windows/image_load/image_load_tttracer_mod_load.yml |
|
| Details | Windows Registry Key | 1 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Updata |
|
| Details | Windows Registry Key | 1 | HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\RelieveStressPaint\guid |
|
| Details | sha256 | 1 | 615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0 |
|
| Details | File | 1 | alertmsg.zip |
|
| Details | sha256 | 1 | f31285ae705ff60007bf48aefbc7ac75a3ea507c2e76b01ba5f478076fa5d1b3 |
|
| Details | Github username | 1 | codesiddhant |
|
| Details | File | 3 | wlrmdr.exe |