ioc[.]one - OSINT Cyber Threat Intelligence Database

You Don't Know the HAFNIUM of it...

Tags

cmtmf-attack-pattern:	Application Layer Protocol Command And Scripting Interpreter Exploit Public-Facing Application Obfuscated Files Or Information
country:	China
attack-pattern:	Application Layer Protocol - T1437 Archive Collected Data - T1560 Archive Collected Data - T1532 Archive Via Utility - T1560.001 Command And Scripting Interpreter - T1623 Data From Local System - T1533 Dns - T1071.004 Dns - T1590.002 Email Addresses - T1589.002 Exploit Public-Facing Application - T1377 File And Directory Discovery - T1420 Gather Victim Identity Information - T1589 Gather Victim Network Information - T1590 Indicator Removal On Host - T1630 Local Email Collection - T1114.001 Lsass Memory - T1003.001 Obfuscated Files Or Information - T1406 Network Service Scanning - T1423 Ntds - T1003.003 Powershell - T1059.001 Remote Data Staging - T1074.002 Server Software Component - T1505 Smb/Windows Admin Shares - T1021.002 Tool - T1588.002 Vulnerabilities - T1588.006 Standard Application Layer Protocol - T1071 Brute Force - T1110 Command-Line Interface - T1059 Create Account - T1136 Credential Dumping - T1003 Data From Local System - T1005 Data Staged - T1074 Email Collection - T1114 Exploit Public-Facing Application - T1190 File And Directory Discovery - T1083 Indicator Removal On Host - T1070 Network Service Scanning - T1046 Obfuscated Files Or Information - T1027 Powershell - T1086 Remote Services - T1021 Exploit Public-Facing Application Indicator Removal On Host Network Service Scanning

Show in Graph

Common Information

Type	Value
UUID	22d51af0-7af9-40ec-b735-0232627f2cb5
Fingerprint	97813831bbc4ce8b
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 12, 2024, midnight
Added to db	Aug. 31, 2024, 5:17 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	You Don't Know the HAFNIUM of it...
Title	You Don't Know the HAFNIUM of it...
Detected Hints/Tags/Attributes	88/3/27

Source URLs

	Redirection	Url
Details	Source	https://intel471.com/blog/you-dont-know-the-hafnium-of-it

URL Provider

Details	Provider	Source level domain
Details	intel471.com	intel471.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	138	✔	Intel471	https://intel471.com/blog/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	184	cve-2021-26855
Details	CVE	90	cve-2021-26857
Details	CVE	92	cve-2021-26858
Details	CVE	126	cve-2021-27065
Details	Mandiant Uncategorized Groups	9	UNC2639
Details	Mandiant Uncategorized Groups	9	UNC2640
Details	Mandiant Uncategorized Groups	11	UNC2643
Details	MITRE ATT&CK Techniques	173	T1003.001
Details	MITRE ATT&CK Techniques	460	T1059.001
Details	MITRE ATT&CK Techniques	34	T1114.001
Details	MITRE ATT&CK Techniques	86	T1136
Details	MITRE ATT&CK Techniques	67	T1003.003
Details	MITRE ATT&CK Techniques	139	T1021.002
Details	MITRE ATT&CK Techniques	534	T1005
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	168	T1046
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	247	T1070
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	20	T1074.002
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	125	T1110
Details	MITRE ATT&CK Techniques	542	T1190
Details	MITRE ATT&CK Techniques	67	T1505
Details	MITRE ATT&CK Techniques	116	T1560.001
Details	MITRE ATT&CK Techniques	22	T1589.002
Details	MITRE ATT&CK Techniques	8	T1590.002