Common Information
| Type | Value |
|---|---|
| Value |
mshta.exe |
| Category | |
| Type | File |
| Misp Type | |
| Description |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-10-05 | 43 | German Embassy Lure: Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs | ||
| Details | Website | 2023-10-03 | 94 | Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement | Microsoft Security Blog | ||
| Details | 2023-09-24 | 68 | SharpTongue: pwning your foreign policy, one interview request at a time | |||
| Details | Website | 2023-09-18 | 59 | Dynamic Approaches seen in AveMaria's Distribution Strategy | ||
| Details | 2023-09-11 | 186 | Threat Trend Report on Kimsuky | |||
| Details | Website | 2023-09-04 | 8 | Tracking Fileless Malware Distributed Through Spam Mails - ASEC BLOG | ||
| Details | Website | 2023-08-31 | 99 | Analysis of Andariel's New Attack Activities - ASEC BLOG | ||
| Details | 2023-08-23 | 94 | Defending Against 8base: Uncovering Their Arsenal and Crafting Responses | |||
| Details | Website | 2023-08-09 | 24 | Distribution of Malware Disguised as Coin and Investment-related Content - ASEC BLOG | ||
| Details | Website | 2023-08-09 | 18 | Kimsuky APT IOCs - Part 15 - SEC-1275-1 | ||
| Details | Website | 2023-08-09 | 56 | AgentTesla Malware Targets Users with Malicious Control Panel File | ||
| Details | Website | 2023-08-08 | 2 | Using Automation to Hunt for the Elusive LOLBAS | ||
| Details | Website | 2023-08-08 | 11 | LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes - RedPacket Security | ||
| Details | Website | 2023-08-07 | 9 | Letsdefend-SOC Fundamentals | ||
| Details | Website | 2023-08-03 | 43 | Sysmon | TryHackMe | ||
| Details | Website | 2023-07-31 | 25 | 코인 및 투자 관련 내용으로 위장한 악성코드 유포 중 - ASEC BLOG | ||
| Details | Website | 2023-07-24 | 5 | Detecting SmokeLoader Campaign: UAC-0006 Keep Targeting Ukrainian Financial Institutions in a Series of Phishing Attacks - SOC Prime | ||
| Details | Website | 2023-07-24 | 10 | Rewterz Threat Alert – LockBit Ransomware – Active IOCs | ||
| Details | Website | 2023-07-21 | 15 | SOC164 EventID:114 — SOC164 — Suspicious Mshta Behavior — letsdefend.io | ||
| Details | 2023-07-20 | 158 | Understanding LockBit Ransomware: TTPs and Behavioral Insights for Effective Defense | |||
| Details | Website | 2023-07-18 | 56 | Ursnif VS Italy: Il PDF del Destino | ||
| Details | Website | 2023-07-18 | 12 | What Are LOLBins? - SOC Prime | ||
| Details | Website | 2023-07-17 | 5 | UAC-0010 aka Armageddon APT Attacks Detection: Overview of Group’s Ongoing Offensive Operations Targeting Ukraine - SOC Prime | ||
| Details | Website | 2023-07-17 | 8 | Black Box Penetration Testing: Perform External Pentesting With “ZERO” Data - 2023 | ||
| Details | Website | 2023-07-16 | 5 | Gamaredon hackers start stealing data 30 minutes after a breach - RedPacket Security |