PowerPoint Presentation
Common Information
| Type | Value |
|---|---|
| UUID | 941d78fe-c021-4d2f-a3f5-84998782711d |
| Fingerprint | 9053684bd830626839fe19a506baf3c8bd0383ab0a9c862bd00078a0f2935a5c |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 11, 2022, 6:23 p.m. |
| Added to db | March 11, 2024, 7:11 p.m. |
| Last updated | Aug. 31, 2024, 5:50 a.m. |
| Headline | PowerPoint Presentation |
| Title | PowerPoint Presentation |
| Detected Hints/Tags/Attributes | 106/3/110 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 150 | cve-2018-13379 |
|
| Details | CVE | 3 | cve-2021-38001 |
|
| Details | CVE | 168 | cve-2021-34473 |
|
| Details | CVE | 26 | cve-2021-36942 |
|
| Details | Domain | 1 | seebug.updetasrvers.org |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 1 | support.office365excel.org |
|
| Details | Domain | 2 | update.office365excel.org |
|
| Details | Domain | 2 | update.huobibtc.net |
|
| Details | Domain | 1 | ssl.360antivirus.org |
|
| Details | Domain | 2 | www.omgod.org |
|
| Details | Domain | 2 | yt-sslvpn.itcom888.live |
|
| Details | Domain | 2 | vappvcsa.itcom888.live |
|
| Details | Domain | 1 | lnc.com |
|
| Details | Domain | 1 | mail.bren-inc.info |
|
| Details | Domain | 1 | bren-inc.email |
|
| Details | Domain | 3 | ns162.nsakadns.com |
|
| Details | Domain | 2 | cs.full-subscription.com |
|
| Details | Domain | 1 | full-subscription.com |
|
| Details | Domain | 1 | subscription.com |
|
| Details | Domain | 2 | yd.full-subscription.com |
|
| Details | Domain | 2 | zk.full-subscription.com |
|
| Details | Domain | 2 | api.gpk-demo.com |
|
| Details | Domain | 2 | api.geming8888.com |
|
| Details | Domain | 1 | ate.com |
|
| Details | Domain | 1 | rs.com |
|
| Details | Domain | 1 | enough-8fe4.com |
|
| Details | Domain | 1 | microsofts.info |
|
| Details | Domain | 1 | osofts.com |
|
| Details | Domain | 1 | chat.net |
|
| Details | Domain | 1 | ksy.com |
|
| Details | Domain | 1 | betwln520.com |
|
| Details | Domain | 1 | mod.goodyouxi.co |
|
| Details | Domain | 1 | normostat.com |
|
| Details | Domain | 1 | nenasporte.co |
|
| Details | Domain | 1 | ftlab.top |
|
| Details | Domain | 4 | www.microsoft |
|
| Details | Domain | 1 | caibi379.com |
|
| Details | Domain | 1 | ogag.daji8.me |
|
| Details | Domain | 1 | plus.daji8.me |
|
| Details | Domain | 1 | hina.net |
|
| Details | Domain | 1 | ina.net |
|
| Details | Domain | 3 | tools.daji8.me |
|
| Details | Domain | 2 | linux.daji8.me |
|
| Details | Domain | 1 | www.daji8.me |
|
| Details | Domain | 1 | daji8.me |
|
| Details | Domain | 1 | av.daji8.me |
|
| Details | Domain | 18 | teamt5.org |
|
| Details | File | 1 | bren-inc.inf |
|
| Details | File | 1 | microsofts.inf |
|
| Details | File | 2 | s.inf |
|
| Details | IPv4 | 1 | 35.187.194.33 |
|
| Details | IPv4 | 2 | 47.106.112.106 |
|
| Details | IPv4 | 1 | 23.106.123.236 |
|
| Details | IPv4 | 1 | 103.255.179.54 |
|
| Details | IPv4 | 1 | 158.247.220.169 |
|
| Details | IPv4 | 4 | 156.240.104.149 |
|
| Details | IPv4 | 1 | 45.77.174.106 |
|
| Details | IPv4 | 5 | 103.79.78.48 |
|
| Details | IPv4 | 1 | 52.163.225.199 |
|
| Details | IPv4 | 1 | 40.122.105.12 |
|
| Details | IPv4 | 1 | 13.76.136.18 |
|
| Details | IPv4 | 3 | 104.209.198.177 |
|
| Details | IPv4 | 4 | 47.75.49.32 |
|
| Details | IPv4 | 1 | 167.179.92.82 |
|
| Details | IPv4 | 4 | 89.35.178.105 |
|
| Details | IPv4 | 2 | 107.148.131.210 |
|
| Details | IPv4 | 3 | 35.187.148.253 |
|
| Details | IPv4 | 3 | 104.168.211.246 |
|
| Details | IPv4 | 3 | 45.77.250.141 |
|
| Details | IPv4 | 1 | 206.189.156.0 |
|
| Details | IPv4 | 2 | 45.153.242.41 |
|
| Details | IPv4 | 1 | 23.106.123.244 |
|
| Details | IPv4 | 1 | 23.106.122.225 |
|
| Details | IPv4 | 1 | 45.138.172.138 |
|
| Details | IPv4 | 2 | 23.106.125.132 |
|
| Details | IPv4 | 2 | 23.106.124.156 |
|
| Details | IPv4 | 1 | 45.76.188.46 |
|
| Details | IPv4 | 1 | 23.106.122.182 |
|
| Details | IPv4 | 1 | 23.106.122.205 |
|
| Details | IPv4 | 1 | 23.106.123.16 |
|
| Details | IPv4 | 1 | 23.106.122.58 |
|
| Details | IPv4 | 1 | 23.106.122.5 |
|
| Details | IPv4 | 1 | 23.19.58.13 |
|
| Details | IPv4 | 1 | 139.180.156.45 |
|
| Details | IPv4 | 1 | 27.102.106.132 |
|
| Details | IPv4 | 1 | 27.102.106.183 |
|
| Details | IPv4 | 2 | 27.102.114.246 |
|
| Details | IPv4 | 2 | 27.102.115.249 |
|
| Details | IPv4 | 1 | 27.102.127.182 |
|
| Details | IPv4 | 1 | 27.50.162.19 |
|
| Details | IPv4 | 1 | 42.51.22.68 |
|
| Details | IPv4 | 1 | 54.180.89.244 |
|
| Details | IPv4 | 2 | 172.16.2.1 |
|
| Details | IPv4 | 1 | 112.175.238.60 |
|
| Details | IPv4 | 1 | 103.24.205.128 |
|
| Details | IPv4 | 1 | 112.121.165.138 |
|
| Details | IPv4 | 1 | 117.18.14.20 |
|
| Details | IPv4 | 1 | 185.99.133.209 |
|
| Details | IPv4 | 1 | 162.33.178.57 |
|
| Details | IPv4 | 1 | 172.105.162.84 |
|
| Details | IPv4 | 1 | 182.16.71.234 |
|
| Details | IPv4 | 1 | 103.253.40.126 |
|
| Details | IPv4 | 1 | 182.255.63.53 |
|
| Details | Pdb | 1 | f:\xproject\project\salon4\iisaccept\x64\release\iisaccept.pdb |
|
| Details | Pdb | 1 | f:\xproject\salon\sqlcmsps\x64\release\sqlcmsps.pdb |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - APT | 297 | APT27 |
|
| Details | Threat Actor Identifier - APT | 278 | APT10 |
|
| Details | Url | 2 | https://www.welivesecurity.com/2019/10/21/winnti-group-skip2-0-microsoft-sql-server-backdoor |