ioc[.]one - OSINT Cyber Threat Intelligence Database

PowerPoint Presentation

Show in Graph

Common Information

Type	Value
UUID	319cf50c-81e2-426f-aefb-c0a1e4691126
Fingerprint	8eb9b0a7959892d2fea112685373acc0cd40af59d49b1cf2f8a45e4e0d34a32a
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 21, 2023, 12:21 p.m.
Added to db	Feb. 7, 2024, 7:09 p.m.
Last updated	Aug. 31, 2024, 7:16 a.m.
Headline	PowerPoint Presentation
Title	PowerPoint Presentation
Detected Hints/Tags/Attributes	80/3/70

Source URLs

	Redirection	Url
Details	Source	https://www.hivepro.com/wp-content/uploads/2023/02/The-Intricate-Evolution-of-SoulSearcher-Loader-for-Multi-Stage-Malware-Execution_TA2023091.pdf

URL Provider

Details	Provider	Source level domain
Details	hivepro.com	www.hivepro.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	gmy.cimadlicks.net
Details	Domain	2	app.tomelife.com
Details	Domain	2	community.weblives.net
Details	Domain	144	www.fortinet.com
Details	Domain	6	research.openanalysis.net
Details	Domain	435	www.hivepro.com
Details	File	7	c:\windows\system32\wlbsctrl.dll
Details	File	2	c:\windows\system32\ikeext2.dll
Details	File	2	c:\windows\system32\d6w48ttth.dll
Details	File	2	c:\windows\system32\shsvc.dll
Details	File	2	c:\windows\system32\netcsvc.dll
Details	File	2	c:\windows\system32\fc2qhm7r9.dll
Details	File	2	c:\windows\sndvolsso.dll
Details	File	2	svrldr_xpsservices.dll
Details	File	2	timedateapi.dll
Details	File	12	msfte.dll
Details	File	2	wsecapi.dll
Details	File	2	c:\programdata\microsoft\svchost.exe
Details	File	2	nvstreamer.dll
Details	File	2	helpsvc32.dll
Details	File	2	svcldr64.dll
Details	File	2	dataoper64.dll
Details	File	2	c:\programdata\users.inf
Details	File	2	%localappdata%\onedrive\cache.dat
Details	File	2	c:\programdata\security_checker\sc.dll
Details	File	2	c:\programdata\xps viewer\xpsservices.dll
Details	File	2	msado28.dll
Details	File	2	c:\programdata\networks.dat
Details	File	2	c:\programdata\microsoft\crypto\rsa\keys.dat
Details	File	2	sntpservice.dll
Details	File	3	sdc-integrity.dat
Details	File	1	soulsearcher-worm.html
Details	IPv4	2	23.91.108.12
Details	MITRE ATT&CK Techniques	78	T1569
Details	MITRE ATT&CK Techniques	174	T1569.002
Details	MITRE ATT&CK Techniques	440	T1055
Details	MITRE ATT&CK Techniques	550	T1112
Details	MITRE ATT&CK Techniques	126	T1567
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	96	T1132
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	442	T1071.001
Details	MITRE ATT&CK Techniques	152	T1056
Details	MITRE ATT&CK Techniques	118	T1056.001
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	333	T1059.003
Details	MITRE ATT&CK Techniques	82	T1115
Details	MITRE ATT&CK Techniques	50	T1592
Details	MITRE ATT&CK Techniques	152	T1090
Details	MITRE ATT&CK Techniques	35	T1090.001
Details	MITRE ATT&CK Techniques	247	T1070
Details	MITRE ATT&CK Techniques	93	T1070.006
Details	Url	1	https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-
Details	Url	1	https://research.openanalysis.net/yara/soulsearcher/intel/malpedia/worm/2023/02/16
Details	Windows Registry Key	2	HKCR\.z\OpenWithProgidsEx
Details	Windows Registry Key	2	HKCR\.z\OpenWithListEx
Details	Windows Registry Key	2	HKCR\.sbr\Order
Details	Windows Registry Key	2	HKCR\.sbr\StartOverride
Details	Windows Registry Key	2	HKCR\.c\Type\Type00
Details	Windows Registry Key	33	HKLM\SYSTEM\CurrentControlSet\Services
Details	Windows Registry Key	2	HKCR\.3gp2\Perceived-Type
Details	Windows Registry Key	2	HKCR\.3gp2\Content-Type
Details	Windows Registry Key	2	HKCR\.rat\PersistentHandler\MagicNumber
Details	Windows Registry Key	2	HKCR\.rat\PersistentHandler\TypeFace
Details	Windows Registry Key	2	HKCU\Software\Microsoft\FTP\MostRecentApplication
Details	Windows Registry Key	2	HKCU\Software\Microsoft\FTP\UserInfo
Details	Windows Registry Key	2	HKCU\Software\F32xhfHX