ioc[.]one - OSINT Cyber Threat Intelligence Database

UNKNOWN

Show in Graph

Common Information

Type	Value
UUID	ed302234-9384-475c-ae56-f3270be3d0b2
Fingerprint	1be61f089219f4037ae85be7f9f9fc018e4ec6ec674d7defdc97f3c5ace7f277
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 1, 2020, 11:17 a.m.
Added to db	May 19, 2024, 2:25 p.m.
Last updated	Aug. 31, 2024, 7:20 a.m.
Headline	UNKNOWN
Title	UNKNOWN
Detected Hints/Tags/Attributes	572/4/129

Source URLs

	Redirection	Url
Details	Source	https://www.ptsecurity.com/upload/corporate/ww-en/analytics/positive-research-2020-eng.pdf

URL Provider

Details	Provider	Source level domain
Details	ptsecurity.com	www.ptsecurity.com

Attributes

Details	Type	#Events	Value
Details	CVE	4	cve-2019-18683
Details	CVE	11	cve-2019-3568
Details	CVE	161	cve-2019-19781
Details	CVE	17	cve-2019-11043
Details	CVE	197	cve-2019-0708
Details	CVE	128	cve-2019-11510
Details	CVE	117	cve-2018-0802
Details	CVE	106	cve-2018-8174
Details	CVE	92	cve-2018-4878
Details	CVE	59	cve-2018-15982
Details	CVE	15	cve-2017-11292
Details	CVE	57	cve-2017-8759
Details	CVE	4	cve-2018-10731
Details	CVE	12	cve-2018-15133
Details	CVE	14	cve-2018-15473
Details	CVE	3	cve-2014-9223
Details	CVE	16	cve-2018-0171
Details	CVE	5	cve-2018-9276
Details	CVE	3	cve-2016-2004
Details	CVE	10	cve-2019-0686
Details	CVE	81	cve-2017-10271
Details	CVE	375	cve-2017-11882
Details	CVE	15	cve-2019-1181
Details	CVE	13	cve-2012-0002
Details	CVE	9	cve-2019-0547
Details	CVE	5	cve-2019-0726
Details	CVE	5	cve-2019-0697
Details	CVE	11	cve-2018-8581
Details	CVE	2	cve-2018-15708
Details	Domain	317	bit.ly
Details	Domain	5	zd.net
Details	Domain	2	com.malware.app
Details	Domain	48	baidu.com
Details	Domain	1	emails.com
Details	Domain	81	haveibeenpwned.com
Details	Domain	246	mail.ru
Details	Domain	2	abctest.me
Details	Domain	2	phishing.com
Details	Domain	1	phisching.com
Details	Domain	3	sorbs.net
Details	Domain	14	spamhaus.org
Details	Domain	3	reut.rs
Details	Domain	3	sie.ag
Details	Domain	2	libipinfusionweb.so
Details	Domain	4	who.int
Details	Domain	6	cdc.gov
Details	Domain	4	cdc-gov.org
Details	Domain	2	nbcnews.to
Details	Domain	17	host.name
Details	Domain	2	zynamics.com
Details	Domain	68	tools.ietf.org
Details	Domain	2	ru.microsoft.com
Details	Domain	13	ru.wikipedia.org
Details	Domain	2	eng.apple.com
Details	Domain	2	marketing.apple.com
Details	Domain	2	eng.apple
Details	Domain	2	marketing.apple
Details	Domain	23	kernel.org
Details	Domain	1373	twitter.com
Details	Domain	4127	github.com
Details	Domain	360	attack.mitre.org
Details	Domain	397	asp.net
Details	Domain	22	getuserspns.py
Details	Domain	25	getnpusers.py
Details	Domain	5	getadusers.py
Details	Domain	2	ldap3.extend.microsoft
Details	Domain	30	adsecurity.org
Details	Domain	154	arxiv.org
Details	Domain	33	eprint.iacr.org
Details	Domain	4	apple.co
Details	Domain	3	iacr.org
Details	Domain	37	securitylab.ru
Details	Domain	1	on.natgeo.com
Details	Domain	2	robot-davinci.ru
Details	Domain	4	on.wsj.com
Details	Domain	2	pewrsr.ch
Details	Domain	23	ntlmrelayx.py
Details	Domain	80	linkedin.com
Details	Domain	226	ptsecurity.com
Details	Email	2	support-team~._@abctest.me
Details	Email	2	person@who.int
Details	Email	4	security@kernel.org
Details	File	2	malware.apk
Details	File	5	psexecsvc.exe
Details	File	376	wscript.exe
Details	File	155	cscript.exe
Details	File	478	lsass.exe
Details	File	67	get.php
Details	File	50	hashlib.md5
Details	File	6	msvcr110.dll
Details	File	3	dhcpcore.dll
Details	File	7	bindiff.html
Details	File	1122	svchost.exe
Details	File	3	vb.vb
Details	File	20	getuserspns.py
Details	File	22	getnpusers.py
Details	File	5	getadusers.py
Details	File	2	conn.bin
Details	File	2	0610105.pdf
Details	File	2	10558.pdf
Details	File	2	00459.pdf
Details	File	2	281.pdf
Details	File	2	535.pdf
Details	File	2	085.pdf
Details	File	2	03224.pdf
Details	File	257	robots.txt
Details	File	1	incognito.exe
Details	File	2125	cmd.exe
Details	File	1	ntlmrelayx.exe
Details	File	22	ntlmrelayx.py
Details	Github username	2	xairy
Details	Github username	14	secureauthcorp
Details	Github username	3	shellster
Details	Mandiant Temporary Group Assumption	44	TEMP.PERISCOPE
Details	Mandiant Temporary Group Assumption	21	TEMP.REAPER
Details	Mandiant Temporary Group Assumption	44	TEMP.HERMIT
Details	MITRE ATT&CK Techniques	52	T1199
Details	Threat Actor Identifier - APT	144	APT38
Details	Threat Actor Identifier - APT	278	APT10
Details	Threat Actor Identifier - APT	783	APT28
Details	Threat Actor Identifier - APT	665	APT29
Details	Threat Actor Identifier - APT	194	APT35
Details	Threat Actor Identifier - APT	132	APT32
Details	Threat Actor Identifier - APT	143	APT40
Details	Threat Actor Identifier - APT	277	APT37
Details	Windows Registry Key	2	HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\word\security
Details	Windows Registry Key	2	HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\excel\security
Details	Windows Registry Key	1	HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\office\16.0\powerpoint
Details	Windows Registry Key	2	HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces