Detecting Follina Exploits Using a Remote Answer File - Binary Defense
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 0a8dda9e-b245-427d-a5f9-f2f45b0d17b5 |
| Fingerprint | c221a9d83847d681 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 15, 2022, 8:16 p.m. |
| Added to db | March 14, 2023, 4:29 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Detecting Follina Exploits Using a Remote Answer File |
| Title | Detecting Follina Exploits Using a Remote Answer File - Binary Defense |
| Detected Hints/Tags/Attributes | 29/1/17 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 275 | ✔ | Binary Defense | https://www.binarydefense.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 172 | cve-2022-30190 |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | Domain | 1 | sneaky-domain-name.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 87 | app.any.run |
|
| Details | Domain | 4128 | github.com |
|
| Details | File | 33 | msdt.exe |
|
| Details | File | 2 | answers.xml |
|
| Details | File | 4 | file.tmp |
|
| Details | File | 3 | 'msdt.exe |
|
| Details | Github username | 27 | sigmahq |
|
| Details | Url | 2 | https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/wsim/answer-files-overview |
|
| Details | Url | 2 | https://docs.microsoft.com/en-us/powershell/module/troubleshootingpack/get-troubleshootingpack?view=windowsserver2019 |
|
| Details | Url | 3 | https://twitter.com/nao_sec/status/1530196847679401984 |
|
| Details | Url | 4 | https://app.any.run/tasks/713f05d2-fe78-4b9d-a744-f7c133e3fafb |
|
| Details | Url | 2 | https://twitter.com/impetuousdanny/status/1531650953082023936 |
|
| Details | Url | 2 | https://github.com/sigmahq/sigma/wiki/specification#escaping |