ioc[.]one - OSINT Cyber Threat Intelligence Database

The PLAY with OWASSRF

Show in Graph

Common Information

Type	Value
UUID	62b65a2c-141b-46ae-8df3-e21d7e790b88
Fingerprint	57411b0e5f843520f0585e10d868cf8bd3eb2386958fcef106765cf0cee8cd0a
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 7, 2023, 10:26 a.m.
Added to db	June 5, 2024, 1:12 p.m.
Last updated	Aug. 31, 2024, 8:17 a.m.
Headline	The PLAY with OWASSRF
Title	The PLAY with OWASSRF
Detected Hints/Tags/Attributes	215/3/140

Source URLs

	Redirection	Url
Details	Source	https://www.logpoint.com/wp-content/uploads/2023/02/emerging-threats-the-play-report.pdf

URL Provider

Details	Provider	Source level domain
Details	logpoint.com	www.logpoint.com

Attributes

Details	Type	#Events	Value
Details	File	23	diskshadow.exe
Details	File	43	wbadmin.exe
Details	File	21	tiworker.exe
Details	File	8	poqexec.exe
Details	File	269	msiexec.exe
Details	File	39	www.log
Details	sha256	8	fc2b98c4f03a246f6564cc778c03f1f9057510efb578ed3e9d8e8b0e5516bd49
Details	sha256	7	c316627897a78558356662a6c64621ae25c3c3893f4b363a4b3f27086246038d
Details	sha256	14	c92c158d7c37fea795114fa6491fe5f145ad2f8c08776b18ae79db811e8e36a3
Details	sha256	7	e1c75f863749a522b244bfa09fb694b0cc2ae0048b4ab72cb74fcf73d971777b
Details	sha256	10	094d1476331d6f693f1d546b53f1c1a42863e6cde014e2ed655f3cbe63e5ecde
Details	sha256	12	e8a3e804a96c716a3e9b69195db6ffb0d33e2433af871e4d4e1eab3097237173
Details	sha256	10	d4a0fe56316a2c45b9ba9ac1005363309a3edc7acf9e4df64d326a0ff273e80f
Details	sha256	8	c88b284bac8cd639861c6f364808fac2594f0069208e756d2f66f943a23e3022
Details	sha256	7	f18bc899bcacd28aaa016d220ea8df4db540795e588f8887fe8ee9b697ef819f
Details	sha256	7	e641b622b1f180fe189e3f39b3466b16ca5040b5a1869e5d30c92cca5727d3f0
Details	sha256	8	608e2b023dc8f7e02ae2000fc7dbfc24e47807d1e4264cbd6bb5839c81f91934
Details	sha256	9	006ae41910887f0811a3ba2868ef9576bbd265216554850112319af878f06e55
Details	sha256	7	e4f32fe39ce7f9f293ccbfde30adfdc36caf7cfb6ccc396870527f45534b840b
Details	sha256	8	8962de34e5d63228d5ab037c87262e5b13bb9c17e73e5db7d6be4212d66f1c22
Details	sha256	8	5573cbe13c0dbfd3d0e467b9907f3a89c1c133c774ada906ea256e228ae885d5
Details	sha256	8	f6072ff57c1cfe74b88f521d70c524bcbbb60c561705e9febe033f51131be408
Details	sha256	8	7d14b98cdc1b898bd0d9be80398fc59ab560e8c44e0a9dedac8ad4ece3d450b0
Details	sha256	8	dcaf62ee4637397b2aaa73dbe41cfb514c71565f1d4770944c9b678cd2545087
Details	sha256	7	f5c2391dbd7ebb28d36d7089ef04f1bd9d366a31e3902abed1755708207498c0
Details	sha256	8	3e6317229d122073f57264d6f69ae3e145decad3666ddad8173c942e80588e69
Details	sha256	2	dd101db5d9503f33a0c23d79da3642e999375748f7c1532e98c813b114bdfa1a
Details	sha256	2	47c7cee3d76106279c4c28ad1de3c833c1ba0a2ec56b0150586c7e8480ccae57
Details	sha256	2	703075181922eb8db8d23279eaed8f7263dfa2b64383cff675da4cedc2394af5
Details	sha256	2	f39d6741cbb99a81decbe5e75c07e846b5a36b40bc1bb0c0c61415300cc43b6c
Details	sha256	2	8d94028bfaac5bef84c56b01f40e429ae4cdf799b2b755dfba9eee3b72448b5b
Details	sha256	2	f0a3047e9d557e2150501e302d5e96a1c2669858fb0072f97024fe0dd07d5271
Details	sha256	2	8556dfe5582a5647a5e96cd77e6239874504a01a9c7b9e512e70329ec6f61aea
Details	sha256	2	5e94626c6bcb825acede3826811ed693644d6dbb7caeeefb8575c2ec711a65a6
Details	sha256	2	a29e20d89e8c933e05b690b2779f82716fb31f688594b99d868e4382058caa8f
Details	sha256	2	757524b09e5d4f2399172c4ac0f6996ec34dec90110542973d438d5370aff280
Details	sha256	2	3a36e917a4a6587290a393d5b10d0bd42f99cf0c72a2e7de751a4bfaeb9d30c5
Details	sha256	2	92f3abed62d710064a19f2a50c4482cd02adfd821ace4c2f3030f96290166189
Details	sha256	2	157c43a3a4e014827e42cf4dd20cc8efa71cdf098f5d1d04b6cd1a972d6a8c7a
Details	sha256	2	5eca08ddca898427de5ab13fedf25426102c3a0621d086b63f2e37d2d04ba3e9
Details	sha256	2	2b4111121fb35b46665c42e3ea2cf1b8eda5afce580e310465cb259bb1abd053
Details	sha256	2	12d1a0dc37d877dbf81bd18e8bd57b2843cc254c9a3cfcbecb70305612e60cae
Details	sha256	2	bb51255ec929ae1fb34981b8b988769027ee49e68c0958a4a2a76b59a0dc1cff
Details	sha256	2	51f44e31b0f3718a5d145a1f77fd79cbd7ff21fecf8bba3181fea019b508cfeb
Details	sha256	2	73e19be4da76bb4e52cb82493c75690977fc3a5f589a9b47e834362545ef512a
Details	sha256	2	bbd84d10f6a56bfeca23fd5d11d9e370fdfa91be73aa60c9d460b2671145c109
Details	sha256	2	0ed328af77f2576071bfd543938fc01101daac01f216dc43bc091a8da4aff18d
Details	sha256	2	f054f373cead893f868fd9b4acc24f751afefbb80cf961e305f97741f952a641
Details	sha256	2	176476f9d924d83343a51a90ade097d12b7594dc5dbca1771c440047dfbe81eb
Details	sha256	2	957a6aee2437a5c4d31372af2f6bceb29e1c7a49d650fe207cefc624bf6bca82
Details	sha256	2	2e9126dfad03bdaf54f9b29ade42038c83f65ac7288376f45768901660f62d7b
Details	sha256	2	2ab190542c3ec7b2b6e6d4bccce4c5d6a572f98c6bc89b014fea0c8fd6db6723
Details	IPv4	7	185.150.117.186
Details	IPv4	7	84.32.190.37
Details	IPv4	1441	127.0.0.1
Details	IPv4	8	172.67.176.244
Details	IPv4	8	104.21.43.80
Details	IPv4	7	67.205.182.129
Details	IPv4	2	139.177.192.90
Details	IPv4	2	84.32.190.6
Details	IPv4	3	216.128.146.38
Details	IPv4	3	95.179.162.125
Details	IPv4	4	192.248.176.138
Details	IPv4	3	140.82.52.35
Details	IPv4	3	45.32.144.71
Details	IPv4	3	217.69.10.255
Details	IPv4	3	45.76.246.112
Details	IPv4	3	188.114.97.0
Details	IPv4	48	204.79.197.200
Details	MITRE ATT&CK Techniques	6	T2747
Details	Url	6	https://servicedesk.logpoint.com/hc/en-us/articles/115003928409
Details	Url	2	http://185.150.117.186:80/asdfgs-
Details	Url	7	http://84.32.190.37:80/ahgffxvbghgfv
Details	Url	7	http://newspraize.com
Details	Url	7	http://realmacnow.com
Details	Url	7	http://67.205.182.129/u2/upload.php
Details	CVE	50	cve-2022-41080
Details	CVE	105	cve-2022-41040
Details	CVE	127	cve-2022-41082
Details	CVE	26	cve-2020-12812
Details	CVE	150	cve-2018-13379
Details	Domain	11	servicedesk.logpoint.com
Details	Domain	21	poc.py
Details	Domain	2	40outlook.com
Details	Domain	272	outlook.com
Details	Domain	68	gmx.com
Details	Domain	7	newspraize.com
Details	Domain	7	realmacnow.com
Details	Domain	22	www.logpoint.com
Details	Email	3	owa/mastermailbox@outlook.com
Details	Email	4	mastermailbox@outlook.com
Details	File	11	servicedesk.log
Details	File	6	%public%\music\svhost.exe
Details	File	6	%userprofile%\music\t2747.exe
Details	File	9	socks.exe
Details	File	6	%systemroot%\system32\sok.exe
Details	File	6	%public%\music\soks.exe
Details	File	6	c:\perflogs\xxx.exe
Details	File	24	xxx.exe
Details	File	367	readme.txt
Details	File	20	poc.py
Details	File	9	packages.url
Details	File	1208	powershell.exe
Details	File	128	w3wp.exe
Details	File	81	werfault.exe
Details	File	59	csc.exe
Details	File	2	speechuxwiz.exe
Details	File	9	systemsettings.exe
Details	File	14	trustedinstaller.exe
Details	File	4	printdialog.exe
Details	File	6	mpsigstub.exe
Details	File	26	lms.exe
Details	File	240	wmic.exe
Details	File	249	schtasks.exe
Details	File	13	scheduledtasks.xml
Details	File	20	c:\windows\system32\conhost.exe
Details	File	31	c:\windows\system32\wbem\wmic.exe
Details	File	4	c:\windows\syswow64\wbem\wmic.exe
Details	File	9	c:\windows\system32\werfault.exe
Details	File	8	c:\windows\syswow64\werfault.exe
Details	File	2125	cmd.exe
Details	File	256	net.exe
Details	File	48	net1.exe
Details	File	82	taskkill.exe
Details	File	118	sc.exe
Details	File	95	wevtutil.exe
Details	File	478	lsass.exe
Details	File	142	wmiprvse.exe
Details	File	117	taskmgr.exe
Details	File	40	procexp64.exe
Details	File	64	procexp.exe
Details	File	31	lsm.exe
Details	File	165	csrss.exe
Details	File	89	wininit.exe
Details	File	74	vmtoolsd.exe
Details	File	29	c:\windows\system32\lsass.exe
Details	File	16	sharphound.exe
Details	File	96	rar.exe
Details	File	105	bcdedit.exe
Details	File	345	vssadmin.exe