Threat Insights Report
Common Information
| Type | Value |
|---|---|
| UUID | a65d1f14-8171-4cb2-9773-cb4af4ed2bba |
| Fingerprint | 23be5a3bdd1d35b7387602524cc8226cbc44804581247559ddcf916fae6b1cda |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 11, 2022, 9:16 p.m. |
| Added to db | April 14, 2024, 2:14 a.m. |
| Last updated | Aug. 31, 2024, 4:25 a.m. |
| Headline | Threat Insights Report |
| Title | Threat Insights Report |
| Detected Hints/Tags/Attributes | 125/3/63 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | CVE | 117 | cve-2018-0802 |
|
| Details | CVE | 269 | cve-2017-0199 |
|
| Details | Domain | 123 | ipinfo.io |
|
| Details | Domain | 3 | discrodappp.com |
|
| Details | Domain | 1 | upgraded.com |
|
| Details | Domain | 22 | hp.com |
|
| Details | Domain | 96 | malpedia.caad.fkie.fraunhofer.de |
|
| Details | Domain | 360 | attack.mitre.org |
|
| Details | Domain | 32 | lolbas-project.github.io |
|
| Details | Domain | 3 | www.autohotkey.com |
|
| Details | Domain | 15 | yoroi.company |
|
| Details | Domain | 14 | threatresearch.ext.hp.com |
|
| Details | Domain | 452 | msrc.microsoft.com |
|
| Details | Domain | 6 | enterprisesecurity.hp.com |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 6 | www.hpdaas.com |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 155 | cscript.exe |
|
| Details | File | 13 | shfolder.dll |
|
| Details | File | 11 | vmnat.exe |
|
| Details | File | 456 | mshta.exe |
|
| Details | File | 1 | fidelis_threat_intelligence_summary_jan2022_f.pdf |
|
| Details | File | 1 | hp-wolf-security-threat-insights-report-q4-2021.pdf |
|
| Details | Github username | 9 | hpthreatresearch |
|
| Details | MITRE ATT&CK Techniques | 23 | T1127 |
|
| Details | MITRE ATT&CK Techniques | 23 | T1027.006 |
|
| Details | MITRE ATT&CK Techniques | 70 | T1574.001 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1218.005 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 164 | T1574 |
|
| Details | MITRE ATT&CK Techniques | 121 | T1218 |
|
| Details | Url | 6 | https://hp.com/wolf |
|
| Details | Url | 1 | https://fidelissecurity.com/wp-content/uploads/2022/02/fidelis_threat_intelligence_summary_jan2022_f.pdf |
|
| Details | Url | 4 | https://malpedia.caad.fkie.fraunhofer.de/details/win.njrat |
|
| Details | Url | 2 | https://malpedia.caad.fkie.fraunhofer.de/details/win.asyncrat |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1127 |
|
| Details | Url | 8 | https://lolbas-project.github.io |
|
| Details | Url | 1 | https://research.checkpoint.com/2021/mekotio-banker-returns-with-improved-stealth-and-ancient-encryption |
|
| Details | Url | 3 | https://attack.mitre.org/techniques/t1027/006 |
|
| Details | Url | 1 | https://www.autohotkey.com |
|
| Details | Url | 3 | https://attack.mitre.org/techniques/t1574/001 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1218/005 |
|
| Details | Url | 4 | https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook |
|
| Details | Url | 7 | https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_tesla |
|
| Details | Url | 1 | https://yoroi.company/research/serverless-infostealer-delivered-in-est-european-countries |
|
| Details | Url | 1 | https://threatresearch.ext.hp.com/the-many-skins-of-snake-keylogger |
|
| Details | Url | 3 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2017-11882 |
|
| Details | Url | 5 | https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer |
|
| Details | Url | 1 | https://threatresearch.ext.hp.com/wp-content/uploads/2022/01/hp-wolf-security-threat-insights-report-q4-2021.pdf |
|
| Details | Url | 1 | https://threatresearch.ext.hp.com/malware-campaigns-targeting-african-banking-sector |
|
| Details | Url | 4 | https://malpedia.caad.fkie.fraunhofer.de/details/win.cloudeye |
|
| Details | Url | 1 | https://www.europol.europa.eu/media-press/newsroom/news/world%e2%80%99s-most-dangerous-malware-emotet-disrupted-through-global-action |
|
| Details | Url | 3 | https://malpedia.caad.fkie.fraunhofer.de/details/win.trickbot |
|
| Details | Url | 1 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2018-0802 |
|
| Details | Url | 1 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2017-0199 |
|
| Details | Url | 6 | https://enterprisesecurity.hp.com/s/article/threat-forwarding |
|
| Details | Url | 3 | https://enterprisesecurity.hp.com/s/article/bromium-threat-intelligence-cloud-service |
|
| Details | Url | 6 | https://enterprisesecurity.hp.com/s |
|
| Details | Url | 8 | https://github.com/hpthreatresearch |
|
| Details | Url | 6 | https://threatresearch.ext.hp.com/blog |
|
| Details | Url | 57 | https://attack.mitre.org |
|
| Details | Url | 6 | http://www.hpdaas.com/requirements. |