ioc[.]one - OSINT Cyber Threat Intelligence Database

PowerPoint Presentation

Show in Graph

Common Information

Type	Value
UUID	eabffc5f-d3a5-4281-8749-07f5692a2bdf
Fingerprint	7bdb753cd397f7adf4aa39621a03234a4f590d554d5e4da549edfb7b6e4c3795
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 6, 2023, 6:24 p.m.
Added to db	Feb. 7, 2024, 7:20 p.m.
Last updated	Aug. 31, 2024, 2:35 a.m.
Headline	PowerPoint Presentation
Title	PowerPoint Presentation
Detected Hints/Tags/Attributes	104/2/68

Source URLs

	Redirection	Url
Details	Source	https://www.hivepro.com/wp-content/uploads/2023/06/Volt-Typhoon-Chinese-Espionage-Group-Targets-U.S.-Government_TA2023252.pdf

URL Provider

Details	Provider	Source level domain
Details	hivepro.com	www.hivepro.com

Attributes

Details	Type	#Events	Value
Details	CVE	67	cve-2021-40539
Details	Domain	36	media.defense.gov
Details	Domain	67	www.tenable.com
Details	Domain	397	www.microsoft.com
Details	Domain	98	www.secureworks.com
Details	Domain	167	www.ic3.gov
Details	Domain	26	www.manageengine.com
Details	Domain	1	www.fatpipeinc.com
Details	Domain	435	www.hivepro.com
Details	File	59	ntdsutil.exe
Details	File	9	backup.bat
Details	File	4	cl64.exe
Details	File	24	update.bat
Details	File	25	win.exe
Details	File	3	billagent.exe
Details	File	33	nc.exe
Details	File	175	update.exe
Details	File	142	wmiprvse.exe
Details	File	3	billaudit.exe
Details	File	96	rar.exe
Details	File	7	vm3dservice.exe
Details	File	4	wmipresv.exe
Details	File	3	cisco_up.exe
Details	File	4	smsvcservice.exe
Details	File	4	watchdogd.exe
Details	File	33	1.pdf
Details	File	3	211117-2.pdf
Details	File	1	40539.html
Details	File	1	cve-list.php
Details	md5	2	006c4a5950f75c2c9049cda1a62c09a0
Details	md5	2	af3a81605aa8e29c8be9e91d2ce19fc1
Details	md5	2	670545a24a2ce2ac7a0e863790bfe2e1
Details	sha1	2	4d3572cfc8460fe0299377f6bc05d865a987529f
Details	sha1	2	a9e32e2bd499c1070f4e0b5a6d85119f1aa0a778
Details	sha1	2	4ba6b043313c8d163f2ab7c4505c8b9b8cd68061
Details	IPv4	2	109.166.39.139
Details	IPv4	2	23.227.198.247
Details	IPv4	2	104.161.54.203
Details	MITRE ATT&CK Techniques	289	T1003
Details	MITRE ATT&CK Techniques	173	T1003.001
Details	MITRE ATT&CK Techniques	67	T1003.003
Details	MITRE ATT&CK Techniques	245	T1016
Details	MITRE ATT&CK Techniques	230	T1033
Details	MITRE ATT&CK Techniques	310	T1047
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	460	T1059.001
Details	MITRE ATT&CK Techniques	333	T1059.003
Details	MITRE ATT&CK Techniques	65	T1069
Details	MITRE ATT&CK Techniques	32	T1069.001
Details	MITRE ATT&CK Techniques	74	T1069.002
Details	MITRE ATT&CK Techniques	247	T1070
Details	MITRE ATT&CK Techniques	92	T1070.001
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	152	T1090
Details	MITRE ATT&CK Techniques	36	T1090.002
Details	MITRE ATT&CK Techniques	125	T1110
Details	MITRE ATT&CK Techniques	49	T1110.003
Details	MITRE ATT&CK Techniques	542	T1190
Details	MITRE ATT&CK Techniques	67	T1505
Details	MITRE ATT&CK Techniques	104	T1505.003
Details	MITRE ATT&CK Techniques	172	T1555
Details	Url	2	https://media.defense.gov/2023/may/24/2003229517/-1/-
Details	Url	1	https://www.tenable.com/blog/volt-typhoon-cybersecurity-advisory
Details	Url	3	https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-
Details	Url	1	https://www.secureworks.com/blog/chinese-cyberespionage-group-bronze-silhouette-targets-
Details	Url	3	https://www.ic3.gov/media/news/2021/211117-2.pdf
Details	Url	1	https://www.manageengine.com/products/self-service-password/advisory/cve-2021-
Details	Url	1	https://www.fatpipeinc.com/support/cve-list.php