SOC First Defense - Understanding The Cyber Attack Chain - A Defense with/without SOC
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Dynamic Data Exchange - T1559.002 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Process Doppelgänging - T1055.013 Process Hollowing - T1055.012 Regsvr32 - T1218.010 Remote Desktop Protocol - T1021.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Brute Force - T1110 Dynamic Data Exchange - T1173 Mshta - T1170 Powershell - T1086 Process Doppelgänging - T1186 Process Hollowing - T1093 Regsvr32 - T1117 Remote Desktop Protocol - T1076 Windows Management Instrumentation - T1047
Show in Graph
Common Information
Type Value
UUID 13d8bae5-87cb-4817-b8e3-2584ba4d995b
Fingerprint 9c911919b977ae8b
Analysis status DONE
Considered CTI value 1
Text language
Published June 17, 2023, 10:51 a.m.
Added to db June 17, 2023, 1:31 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline SOC First Defense – Understanding The Cyber Attack Chain – A Defense with/without SOC
Title SOC First Defense - Understanding The Cyber Attack Chain - A Defense with/without SOC
Detected Hints/Tags/Attributes 83/2/8
Source URLs
Redirection Url
Details Source https://gbhackers.com/soc-defense-attack-chain/
URL Provider
Details Provider Source level domain
Details gbhackers.com gbhackers.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 375 
cve-2017-11882
Details Domain 1 
extensions.gmail
Details File 1 
10.rtf
Details File 226 
certutil.exe
Details File 456 
mshta.exe
Details File 459 
regsvr32.exe
Details File 63 
bitsadmin.exe
Details File 93 
curl.exe