Russian-Speaking Attacker Exposes Their Toolbox While Attempting to…
Tags
Common Information
Type | Value |
---|---|
UUID | 11fd0d80-5bba-4f07-955c-c1506fdb0507 |
Fingerprint | a56834d9aa9f8e5c |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | May 29, 2024, midnight |
Added to db | Dec. 19, 2024, 9:26 p.m. |
Last updated | Dec. 25, 2024, 6:33 a.m. |
Headline | Russian-Speaking Attacker Exposes Their Toolbox While Attempting to Deploy the Phobos Ransomware to Community College |
Title | Russian-Speaking Attacker Exposes Their Toolbox While Attempting to… |
Detected Hints/Tags/Attributes | 143/3/58 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 12 | 10.zip |
|
Details | Domain | 1 | nc.exe-master.zip |
|
Details | File | 3 | any.exe |
|
Details | File | 4 | aps.exe |
|
Details | File | 1 | inst.txt |
|
Details | File | 68 | 2.exe |
|
Details | File | 5 | disable-defender.exe |
|
Details | File | 22 | everything.exe |
|
Details | File | 25 | 2.zip |
|
Details | File | 1 | handover.xlsx |
|
Details | File | 1 | library_sec_220704_085638.pdf |
|
Details | File | 1 | johnsuppttt987_2022-06-22_03-10.zip |
|
Details | File | 1 | mi.7z |
|
Details | File | 1 | library_sec_220704_085750.pdf |
|
Details | File | 37 | nc.exe |
|
Details | File | 1 | -master.zip |
|
Details | File | 10 | nc64.exe |
|
Details | File | 51 | netscan.exe |
|
Details | File | 2 | ntlm.txt |
|
Details | File | 1 | 6x64.exe |
|
Details | File | 1 | 6x86.exe |
|
Details | File | 31 | plink.exe |
|
Details | File | 1 | powertool_64.exe |
|
Details | File | 112 | 0.exe |
|
Details | File | 1 | prochack.exe |
|
Details | File | 3 | new.txt |
|
Details | File | 3 | result.xml |
|
Details | File | 1 | rtcleaner+.bat |
|
Details | File | 1 | арабы.xml |
|
Details | File | 2 | scan2.xml |
|
Details | File | 3 | passwords.xlsx |
|
Details | File | 1 | setup_undefined.msi |
|
Details | File | 13 | shadow.bat |
|
Details | File | 14 | 1.png |
|
Details | File | 5 | 2.png |
|
Details | File | 1 | ssh_tunnel.bat |
|
Details | File | 1 | mis.xml |
|
Details | File | 1 | tai.xml |
|
Details | File | 1 | uninstallsophos.bat |
|
Details | File | 1 | unlocker-setup.exe |
|
Details | File | 4 | sd.exe |
|
Details | File | 135 | psexec.exe |
|
Details | File | 6 | rdp.exe |
|
Details | MITRE ATT&CK Techniques | 38 | T1078.004 |
|
Details | MITRE ATT&CK Techniques | 524 | T1105 |
|
Details | MITRE ATT&CK Techniques | 110 | T1505.003 |
|
Details | MITRE ATT&CK Techniques | 178 | T1046 |
|
Details | MITRE ATT&CK Techniques | 191 | T1135 |
|
Details | MITRE ATT&CK Techniques | 155 | T1021.002 |
|
Details | MITRE ATT&CK Techniques | 177 | T1021.001 |
|
Details | MITRE ATT&CK Techniques | 180 | T1021 |
|
Details | MITRE ATT&CK Techniques | 139 | T1110 |
|
Details | MITRE ATT&CK Techniques | 324 | T1003 |
|
Details | MITRE ATT&CK Techniques | 106 | T1048 |
|
Details | MITRE ATT&CK Techniques | 246 | T1562 |
|
Details | MITRE ATT&CK Techniques | 98 | T1548.002 |
|
Details | MITRE ATT&CK Techniques | 302 | T1490 |
|
Details | MITRE ATT&CK Techniques | 522 | T1486 |