ioc[.]one - OSINT Cyber Threat Intelligence Database

GLOBAL THREAT REPORT

Show in Graph

Common Information

Type	Value
UUID	eba32e70-05a1-4365-aac0-632ba5921d18
Fingerprint	e47f5921845fa4bb130a1e71e0d40d2680aa3158fdbb0e310c3a6a1830a64028
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 1, 2018, 7:15 a.m.
Added to db	April 14, 2024, 9:37 a.m.
Last updated	Aug. 31, 2024, 4:16 a.m.
Headline	GLOBAL THREAT REPORT
Title	GLOBAL THREAT REPORT
Detected Hints/Tags/Attributes	568/4/87

Source URLs

	Redirection	Url
Details	Source	https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2018GlobalThreatReport.pdf

URL Provider

Details	Provider	Source level domain
Details	crowdstrike.com	go.crowdstrike.com

Attributes

Details	Type	#Events	Value
Details	CVE	269	cve-2017-0199
Details	CVE	126	cve-2017-0144
Details	CVE	57	cve-2017-8759
Details	CVE	375	cve-2017-11882
Details	CVE	14	cve-2017-0262
Details	CVE	15	cve-2017-11292
Details	Domain	1	symantecblog.com
Details	Domain	360	attack.mitre.org
Details	Domain	3	mvband.net
Details	Domain	5	mvtband.net
Details	Domain	2	win7-update.com
Details	Domain	368	microsoft.com
Details	Domain	4127	github.com
Details	Domain	1	onlineshoppingmole.epac.to
Details	Domain	2	vpsupdate.tk
Details	Domain	8	list.zip
Details	Domain	1	org.sa
Details	Domain	1	adobe-plugin.bid
Details	Domain	9	sectools.org
Details	Domain	1	microsoftwinword.com
Details	Domain	1	applenetsuppprt.com
Details	Domain	1	outline.zip
Details	Domain	1	www.geocities.jp
Details	Domain	2	geocities.jp
Details	Domain	1	service.microdownloadcenter.com
Details	Domain	1	service.read-books.org
Details	Domain	172	www.crowdstrike.com
Details	File	70	e.doc
Details	File	1	c:\windows\syswow64\winsrv.exe
Details	File	2	hotel_reservation_form.doc
Details	File	14	user.dat
Details	File	3	mvtband.dat
Details	File	3	mrset.bat
Details	File	2	framepkg.exe
Details	File	34	eventvwr.exe
Details	File	1018	rundll32.exe
Details	File	2	get-gpppassword.ps1
Details	File	41	mpsvc.dll
Details	File	198	msmpeng.exe
Details	File	1	c:\windows\system32\sqlsvc32.dll
Details	File	92	c:\windows\system32\svchost.exe
Details	File	4	description.doc
Details	File	59	csc.exe
Details	File	6	davclnt.dll
Details	File	2	ame_icon.png
Details	File	1	file.gif
Details	File	17	cv.doc
Details	File	459	regsvr32.exe
Details	File	29	www.geo
Details	File	62	scrobj.dll
Details	File	2	ldvpreg.exe
Details	File	27	attrib.exe
Details	File	1	outline.zip
Details	File	456	mshta.exe
Details	File	36	c:\windows\system32\mshta.exe
Details	File	1	ctfmon.vbs
Details	File	1122	svchost.exe
Details	File	1	consvc.vbs
Details	File	1	consvc.exe
Details	File	1	5_statement.doc
Details	File	1	7.gif
Details	File	1	bb490868.aspx
Details	File	6	mcoemcpy.exe
Details	File	2	imagingengine.dll
Details	md5	1	869d77ffde43f3591f16cfe509f87dda
Details	md5	1	11be13809e75ac30e09f1315c5a5d955
Details	IPv4	1	174.34.253.21
Details	IPv4	1	80.83.118.248
Details	IPv4	1	220.241.29.138
Details	IPv4	3	64.86.34.24
Details	IPv4	3	41.131.29.59
Details	IPv4	3	176.35.250.93
Details	IPv4	1	51.255.24.88
Details	IPv4	1	188.165.187.235
Details	IPv4	4	184.154.150.66
Details	IPv4	1	104.203.108.94
Details	IPv4	1	27.255.92.251
Details	IPv4	1	192.74.252.6
Details	IPv4	1	61.97.250.54
Details	Threat Actor Identifier - APT	132	APT32
Details	Threat Actor Identifier - FIN	73	FIN6
Details	Url	1	http://vpsupdate.tk/list.zip
Details	Url	1	http://184.154.150.66/ame_icon.png
Details	Url	1	http://188.165.187.235/file.gif
Details	Url	1	http://www.geocities
Details	Url	1	http://www.geocities.jp/bqwfvh9
Details	Url	1	http://61.97.250.54/download/7.gif