ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Advisory

Show in Graph

Common Information

Type	Value
UUID	792787ac-6e86-408b-990f-73f3b38371e1
Fingerprint	5d911d836fc52fb11ed628beb37971e79c0369d95a4f7464db4a5cb5201fde2a
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 16, 2024, 4:28 p.m.
Added to db	Feb. 7, 2024, 7:47 p.m.
Last updated	Aug. 31, 2024, 2:49 a.m.
Headline	Threat Advisory
Title	Threat Advisory
Detected Hints/Tags/Attributes	64/3/61

Source URLs

	Redirection	Url
Details	Source	https://www.hivepro.com/wp-content/uploads/2024/01/Windows-SmartScreen-Exploit-Paves-the-Way-for-Phemedrone-Stealer_TA2024017.pdf

URL Provider

Details	Provider	Source level domain
Details	hivepro.com	www.hivepro.com

Attributes

Details	Type	#Events	Value
Details	CVE	45	cve-2023-36025
Details	Domain	291	raw.githubusercontent.com
Details	Domain	112	cdn.discordapp.com
Details	Domain	27	shorturl.at
Details	Domain	2	data4.zip
Details	Domain	2	kay.zip
Details	Domain	2	data2.zip
Details	Domain	2	data1.zip
Details	Domain	21	data.zip
Details	Domain	2	data3.zip
Details	Domain	4128	github.com
Details	Domain	604	www.trendmicro.com
Details	Domain	435	www.hivepro.com
Details	Domain	452	msrc.microsoft.com
Details	File	1018	rundll32.exe
Details	File	1	defense-evasion-in-phemedrone-steal.html
Details	sha1	1	08ea24126262ff865a1ab0c79f20e41e9e53896d
Details	sha1	1	2aeb65239a890e6b070957136681600ca33584e5
Details	IPv4	2	51.79.185.145
Details	MITRE ATT&CK Techniques	243	T1018
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	227	T1574.002
Details	MITRE ATT&CK Techniques	110	T1588.006
Details	MITRE ATT&CK Techniques	440	T1055
Details	MITRE ATT&CK Techniques	460	T1059.001
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	30	T1211
Details	MITRE ATT&CK Techniques	492	T1105
Details	MITRE ATT&CK Techniques	17	T1659
Details	MITRE ATT&CK Techniques	409	T1566
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	172	T1555
Details	Url	1	https://raw.githubusercontent.com/nateeintanan2527/joyce_d
Details	Url	1	https://cdn.discordapp.com/attachments/10833115143683605
Details	Url	2	https://shorturl.at/ixez7
Details	Url	1	file://51.79.185.145/pdf/data4.zip/pdf4.cpl
Details	Url	1	http://51.79.185.145/pdf/kay.zip/kay.cpl
Details	Url	1	http://51.79.185.145/pdf/data2.zip/pdf2.cpl
Details	Url	1	http://51.79.185.145/pdf
Details	Url	2	https://shorturl.at/flek5
Details	Url	2	https://shorturl.at/vzad2
Details	Url	2	https://shorturl.at/bsucr
Details	Url	1	file://51.79.185.145/pdf/data1.zip/pdf1.cpl
Details	Url	1	file://51.79.185.145/pdf/data2.zip/pdf2.cpl
Details	Url	1	file://51.79.185.145/pdf/data.zip/docusign_pdf.cpl
Details	Url	2	https://shorturl.at/clpio
Details	Url	1	file://51.79.185.145/pdf/data3.zip/pdf3.cpl
Details	Url	2	https://shorturl.at/eqxu0
Details	Url	1	file://51.79.185.145/pdf/kay.zip/kay.cpl
Details	Url	2	https://shorturl.at/dmy69
Details	Url	1	https://cdn.discordapp.com/attachments/85327043442245633
Details	Url	2	https://shorturl.at/oorv9
Details	Url	2	https://shorturl.at/gnl15
Details	Url	1	https://shorturl.at/dkor6
Details	Url	1	https://github.com/nateeintanan2527/joyce_data.git
Details	Url	1	https://github.com/nateeintanan2527/data_document.git
Details	Url	1	https://raw.githubusercontent.com/nateeintanan2527/data_d
Details	Url	1	https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-
Details	Url	1	https://www.hivepro.com/threat-advisory/microsofts-november-2023-patch-tuesday-
Details	Url	2	https://msrc.microsoft.com/update-guide/en-us/advisory/cve-2023-36025