Attacking Entra Metaverse: Part 1
Common Information
Type Value
UUID 003e744c-3b57-4e1c-833b-8db8d4cee15c
Fingerprint bb1843df0fc286dc
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 13, 2024, 5 p.m.
Added to db Dec. 13, 2024, 6:12 p.m.
Last updated Dec. 20, 2024, 6:24 p.m.
Headline Attacking Entra Metaverse: Part 1
Title Attacking Entra Metaverse: Part 1
Detected Hints/Tags/Attributes 32/1/15
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2
adminwebservice.onmicrosoft.com
Details Domain 3
enterpriseregistration.windows.net
Details Domain 2
hybrid.hotnops.com
Details Domain 2
dc1-hybrid.hybrid.hotnops.com
Details Domain 14
dirkjanm.io
Details Domain 6
aadinternals.com
Details File 2
devicel.key
Details File 2
winhello.key
Details File 2
winhello_cert_req.cs
Details File 2
jack_burton.pfx
Details File 37
rubeus.exe
Details File 2
c:\keys\jack_burton.pfx
Details File 4
api.pdf
Details Url 2
https://dirkjanm.io/lateral-movement-and-hash-dumping-with-temporary-access-passes-microsoft-entra
Details Url 2
https://aadinternals.com/talks/attacking