Understanding WMI Malware
Common Information
| Type | Value |
|---|---|
| UUID | f91bcd00-200e-4b3f-9476-c1e9a129eb89 |
| Fingerprint | b7df254ee8b2e688650e27dc5c343c7941862f4ad46eca691d62cdc72223c858 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 26, 2021, 2:24 a.m. |
| Added to db | April 14, 2024, 12:06 p.m. |
| Last updated | Aug. 30, 2024, 11:04 p.m. |
| Headline | Understanding WMI Malware |
| Title | Understanding WMI Malware |
| Detected Hints/Tags/Attributes | 83/1/39 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | abhisheksingh.blog.com |
|
| Details | Domain | 2 | hiok125.blog.com |
|
| Details | Domain | 368 | microsoft.com |
|
| Details | Domain | 397 | www.microsoft.com |
|
| Details | Domain | 177 | blog.trendmicro.com |
|
| Details | Domain | 201 | msdn.microsoft.com |
|
| Details | Domain | 1 | ha.cked.net |
|
| Details | Domain | 10 | www.nartv.org |
|
| Details | Domain | 1 | sybase.com |
|
| Details | Domain | 2 | kb.iu.edu |
|
| Details | Domain | 1 | threatinfo.trendmicro.com |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 23 | scrcons.exe |
|
| Details | File | 1 | mywmimutex.dat |
|
| Details | File | 38 | details.aspx |
|
| Details | File | 13 | 85%29.aspx |
|
| Details | File | 6 | shadows-in-the-cloud.pdf |
|
| Details | File | 47 | index.jsp |
|
| Details | File | 1 | sybase.dc3 |
|
| Details | File | 1 | ecgunix112.htm |
|
| Details | File | 1 | ahtd.html |
|
| Details | File | 1 | permevtsubscriptionmof.aspx |
|
| Details | Url | 1 | http://abhisheksingh.blog.com/feed |
|
| Details | Url | 1 | http://hiok125.blog.com/feed |
|
| Details | Url | 1 | http://www.microsoft.com/downloads/details. |
|
| Details | Url | 1 | http://blog.trendmicro.com/windows-wmi-abused-for- |
|
| Details | Url | 1 | http://msdn.microsoft.com/en-us/library/aa826354%28vs.85%29.aspx |
|
| Details | Url | 1 | http://msdn.microsoft.com/en-us/library/aa394582%28vs.85 |
|
| Details | Url | 1 | http://ha.cked.net |
|
| Details | Url | 4 | http://www.nartv.org/mirror/shadows-in-the-cloud.pdf |
|
| Details | Url | 1 | http://kb.iu.edu/data |
|
| Details | Url | 1 | http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5. |
|
| Details | Url | 1 | http://www.codeproject |
|
| Details | Url | 3 | http://en.wikipedia |
|
| Details | Url | 1 | http://en.wikipedia.org/wiki/active_template_library |
|
| Details | Url | 1 | http://en.wikipedia.org/wiki/namespace_%28computer_science%29 |
|
| Details | Url | 11 | http://en.wikipedia.org |