ioc[.]one - OSINT Cyber Threat Intelligence Database

Tags

attack-pattern:

Data Direct Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Vulnerabilities - T1588.006 Connection Proxy - T1090 Powershell - T1086 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	274e12fd-cefe-45b5-adee-4b71b6266e93
Fingerprint	b7a95de0488767ce
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 16, 2023, midnight
Added to db	June 1, 2023, 10:56 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	URGENT \| PaperCut MF/NG vulnerability bulletin (March 2023)
Title
Detected Hints/Tags/Attributes	63/1/31

Source URLs

	Redirection	Url
Details	Source	https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

URL Provider

Details	Provider	Source level domain
Details	papercut.com	www.papercut.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	140		cve-2023-27350
Details	CVE	54		cve-2023-27351
Details	Domain	62		www.zerodayinitiative.com
Details	Domain	7		upd488.windowservicecemter.com
Details	Domain	5		anydeskupdate.com
Details	Domain	5		anydeskupdates.com
Details	Domain	5		netviewremote.com
Details	Domain	5		updateservicecenter.com
Details	Domain	5		windowcsupdates.com
Details	Domain	5		windowservicecentar.com
Details	Domain	8		windowservicecenter.com
Details	Domain	5		winserverupdates.com
Details	Domain	1		study.abroad.ge
Details	Domain	5		ber6vjyb.com
Details	Domain	68		gmx.com
Details	Email	3		integratorlogin=fimaribahundqf@gmx.com
Details	File	16		server.log
Details	File	3		ld.txt
Details	File	5		appprint.msi
Details	File	3		a2.msi
Details	File	5		a3.msi
Details	File	15		update.dll
Details	File	20		setup.msi
Details	File	1208		powershell.exe
Details	File	11		pc-app.exe
Details	File	2125		cmd.exe
Details	sha256	3		f9947c5763542b3119788923977153ff8ca807a2e535e6ab28fc42641983aabb
Details	sha256	6		c0f8aeeb2d11c6e751ee87c40ee609aceb1c1036706a5af0d3d78738b6cc4125
Details	IPv4	2		5.188.206.14
Details	Url	1		https://www.zerodayinitiative.com/advisories/upcoming
Details	Url	2		https://www.zerodayinitiative.com/advisories/published