Threat Advisory
Common Information
| Type | Value |
|---|---|
| UUID | 35f4fd63-7ba1-4fba-8d49-99fb167fd90e |
| Fingerprint | 13947152736ef9944edbdaf9bec471848a75be1e7c26172f4d4411548ee07466 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 16, 2023, 5:27 p.m. |
| Added to db | Feb. 7, 2024, 7:29 p.m. |
| Last updated | Aug. 31, 2024, 2:34 a.m. |
| Headline | Threat Advisory |
| Title | Threat Advisory |
| Detected Hints/Tags/Attributes | 70/3/34 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | wplsummit.com |
|
| Details | Domain | 31 | onedrive.live.com |
|
| Details | Domain | 2 | mctelemetryzone.com |
|
| Details | Domain | 2 | netstaticsinformation.com |
|
| Details | Domain | 2 | redditanalytics.pm |
|
| Details | Domain | 1 | wirelessvezion.com |
|
| Details | Domain | 1 | budgetnews.org |
|
| Details | Domain | 1 | pap-cut.com |
|
| Details | Domain | 1 | speedymarker.com |
|
| Details | Domain | 1 | kayakahead.net |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 435 | www.hivepro.com |
|
| Details | File | 3 | 1-20230802t122531-002-sfx.exe |
|
| Details | File | 8 | security.dll |
|
| Details | File | 1 | onedriveservice.dll |
|
| Details | File | 29 | 5.exe |
|
| Details | File | 1 | new-romcom-variant.html |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |
|
| Details | MITRE ATT&CK Techniques | 183 | T1566.002 |
|
| Details | MITRE ATT&CK Techniques | 46 | T1608 |
|
| Details | MITRE ATT&CK Techniques | 49 | T1608.001 |
|
| Details | MITRE ATT&CK Techniques | 164 | T1574 |
|
| Details | MITRE ATT&CK Techniques | 227 | T1574.002 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1587 |
|
| Details | MITRE ATT&CK Techniques | 16 | T1587.002 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 442 | T1071.001 |
|
| Details | MITRE ATT&CK Techniques | 420 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 365 | T1204.002 |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 17 | DEV-0978 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 79 | Storm-0978 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 7 | storm-0978 |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with- |
|
| Details | Url | 1 | https://www.hivepro.com/storm-0978-actively-exploited-the-unpatched-office-zero-day |