Overview - Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Url | 1 | https://github.com/suyukun666/ufo |
|
| Details | md5 | 1 | ccd75dc88dd86f8d5064f7776171d642 |
|
| Details | md5 | 1 | be60d8d49e9890d487437534c8705095 |
|
| Details | md5 | 1 | bb6a2d8e7ce1d1747f5feba71c756843 |
|
| Details | md5 | 1 | 9804a69053af56673b50bbae936d87c4 |
|
| Details | sha1 | 1 | cf1b737a4da6f9cfe2cebde015df1be6ee48df3c |
|
| Details | Url | 1 | https://stackzero.net/implement-substitution-ciphers |
|
| Details | CVE | 2 | cve-2023-1962 |
|
| Details | Domain | 2 | blog.domain.com |
|
| Details | sha256 | 1 | a5d3a5ff2e873b4c50deefb61ba906b6443470581276c8c75c4f8798592df796 |
|
| Details | Domain | 1 | stag.domain.com |
|
| Details | Domain | 1 | majestic.com |
|
| Details | sha256 | 1 | aab2868a6ebc6bdee5bd12104191db9fc1950b30bcf96eab99801624651e77b6 |
|
| Details | sha256 | 1 | aa52307d2705498ef5d40acfd35f785611e41dcf6884c7805f933e2115cb182a |
|
| Details | Yara rule | 1 | rule CISA_3P_10135536_02 : rc4_key_2 {
meta:
Author = "CISA Trusted Third Party"
Incident = "10135536"
Date = "2018-04-19"
Actor = "Hidden Cobra"
Category = "n/a"
Family = "n/a"
Description = "n/a"
strings:
$s1 = { C6 ?? ?? 79 C6 ?? ?? E1 C6 ?? ?? 0A C6 ?? ?? 5D C6 ?? ?? 87 C6 ?? ?? 7D C6 ?? ?? 9F C6 ?? ?? F7 C6 ?? ?? 5D C6 ?? ?? 12 C6 ?? ?? 2E C6 ?? ?? 11 C6 ?? ?? 65 C6 ?? ?? AC C6 ?? ?? E3 C6 ?? ?? 25 }
$s2 = { C7 ?? ?? 79 E1 0A 5D C7 ?? ?? 87 7D 9F F7 C7 ?? ?? 5D 12 2E 11 C7 ?? ?? 65 AC E3 25 }
condition:
(uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and any of them
} |
|
| Details | sha256 | 1 | ae02f8c1432efe0a42f81d0f83309c002c48300b465ed423e903ea0e225b08f6 |
|
| Details | sha256 | 1 | ae37a6bffb04782a2b3fe8e44d5f8e8bd4fa8016cc7218792963af8be2e6eede |
|
| Details | sha256 | 1 | ae7b9b6315fd212b92ce4027c305d3ddc7b8775051af319ca9e8f14fc43dc0b3 |
|
| Details | sha256 | 1 | afa7326b8eccf6afdcfa8505da1f7819c0477e3970f359079821b4721a4fb6c8 |
|
| Details | Domain | 1 | mythicsettings.py |
|
| Details | CVE | 1 | cve-2022-24838 |
|
| Details | Domain | 3 | www.sslforfree.com |
|
| Details | CVE | 1 | cve-2022-26840 |
|
| Details | File | 1 | mailgun-webhook.log |
|
| Details | File | 1 | direct.txt |