Microsoft Word - Fivehands-HelloKitty FLASH Cord Final (002)
Common Information
| Type | Value |
|---|---|
| UUID | 4ddfc865-c988-4c92-bb84-67277a9c2cfb |
| Fingerprint | 54b03d65eb66c54f687a9bbc1883bb4f0af5367eb7c53d74e6abba1968c2fec9 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 29, 2021, 10:01 a.m. |
| Added to db | April 14, 2024, 4 a.m. |
| Last updated | Aug. 31, 2024, 5:59 a.m. |
| Headline | Microsoft Word - Fivehands-HelloKitty FLASH Cord Final (002) |
| Title | Microsoft Word - Fivehands-HelloKitty FLASH Cord Final (002) |
| Detected Hints/Tags/Attributes | 66/2/53 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ic3.gov/Media/News/2021/211029.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 24 | cve-2021-20016 |
|
| Details | CVE | 7 | cve-2021-20021 |
|
| Details | CVE | 5 | cve-2021-20023 |
|
| Details | Domain | 41 | stopransomware.gov |
|
| Details | Domain | 128 | www.fbi.gov |
|
| Details | Domain | 167 | www.ic3.gov |
|
| Details | File | 44 | payload.bin |
|
| Details | File | 37 | rclone.exe |
|
| Details | File | 76 | mimikatz.exe |
|
| Details | File | 3 | 3850.exe |
|
| Details | File | 40 | netscan.exe |
|
| Details | File | 2 | routerscan.exe |
|
| Details | File | 1 | megaclient.exe |
|
| Details | File | 2 | pcloud.exe |
|
| Details | File | 5 | paexec.exe |
|
| Details | File | 1 | my15.ps1 |
|
| Details | File | 3 | grabff.exe |
|
| Details | File | 1 | grbachrome.exe |
|
| Details | File | 131 | spoolsv.exe |
|
| Details | File | 6 | rfusclient.exe |
|
| Details | File | 2 | s3browser-9-5-3.exe |
|
| Details | File | 2 | ionline.exe |
|
| Details | File | 1 | c24ca014c148f226d8dd98f.bin |
|
| Details | File | 1 | 122bf174d124ee03d2de8.bin |
|
| Details | File | 1 | b4512ae6abf3fb8b5eb04e.bin |
|
| Details | File | 1 | a4190bd3671152c51c4a7b.bin |
|
| Details | File | 1 | 7d49d63af237a57b36fd2a.bin |
|
| Details | File | 1 | 89b98a44279f8eddda2a77.bin |
|
| Details | File | 1 | 79c7e016c30a1cf6590a85c.bin |
|
| Details | File | 1 | servmanger.exe |
|
| Details | File | 1 | hi_kitty_2.exe |
|
| Details | File | 6 | ag.exe |
|
| Details | File | 1 | 88da2f7fcb8fde5dcc3a0e9.bin |
|
| Details | File | 1 | a7f3798ce3483e0526e3768.bin |
|
| Details | File | 173 | outlook.exe |
|
| Details | md5 | 2 | f568229e696c0e82abb35ec73d162d5e |
|
| Details | sha1 | 1 | 02a08b994265901a649f1bcf6772bc06df2eb51e |
|
| Details | sha1 | 1 | c2498845ed4b287fd0f95528926c8ee620ef0cbb |
|
| Details | sha1 | 1 | ef614b456ca4eaa8156a895f450577600ad41bd5 |
|
| Details | sha1 | 1 | bade05a30aba181ffbe4325c1ba6c76ef9e02cbe |
|
| Details | sha1 | 1 | 52dace403e8f9b4f7ea20c0c3565fa11b6953b40 |
|
| Details | sha1 | 1 | 0e5f7737704c8f25b2b8157561be54a463057cd4 |
|
| Details | sha1 | 1 | 501487b025f25ddf1ca32deb57a2b4db43ccf663 |
|
| Details | sha1 | 1 | 9a7daafc56300bd94ceef23eac56a0735b63ec6b |
|
| Details | sha1 | 1 | 3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1 |
|
| Details | sha256 | 1 | 61e286c62e556ac79b01c17357176e58efb67d86c5d17407e128094c3151f7f9 |
|
| Details | sha256 | 2 | 99baffcd7a6b939b72c99af7c1e88523a50053ab966a079d9bf268aff884426e |
|
| Details | sha256 | 2 | fdc2de095390ec046dc3f398a47a38670282bdc2ef76dd7fc1195ac4ee0421a8 |
|
| Details | sha256 | 1 | 71c97ea6d14f4a6da86d51d07ea284447cc486488b9637f9c1de0ba42054c6f2 |
|
| Details | sha256 | 3 | ccacf4658ae778d02e4e55cd161b5a0772eb8b8eee62fed34e2d8f11db2cc4bc |
|
| Details | sha256 | 1 | 15df17be2f97295b0d8d66e434e2949850c8edc2a8edddf9b30b2b638b20612b |
|
| Details | sha256 | 2 | e09ead5b6ac9ec9203b9fb6c9152ba451498bb291478a69ac71ff6c36c468f9e |
|
| Details | Url | 26 | https://www.ic3.gov/pifsurvey |