PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware - CyberSRC
Tags
cmtmf-attack-pattern: Process Injection
attack-pattern: Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Process Injection - T1631 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 Process Injection - T1055
Show in Graph
Common Information
Type Value
UUID 2a7c309f-c0fc-4e4a-8ce1-5eeb3b6a262b
Fingerprint a7932d317cfeae1f
Analysis status DONE
Considered CTI value 2
Text language
Published April 15, 2025, 8:35 a.m.
Added to db April 15, 2025, 11:13 a.m.
Last updated April 17, 2025, 9:21 p.m.
Headline PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware
Title PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware - CyberSRC
Detected Hints/Tags/Attributes 69/2/12
Source URLs
Redirection Url
Details Source https://cybersrcc.com/2025/04/15/pipemagic-trojan-exploits-windows-zero-day-vulnerability-to-deploy-ransomware/
URL Provider
Details Provider Source level domain
Details cybersrcc.com cybersrcc.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 94 CyberSRC https://cybersrcc.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 58 
cve-2025-29824
Details CVE 59 
cve-2025-24983
Details CVE 87 
cve-2023-28252
Details Domain 3 
jbdg4buq6jd7ed3rd6cynqtq5abttuekjnxqrqyvk4xam5i7ld33jvqd.onion
Details Domain 3 
uyhi3ypdkfeymyf5v35pbk3pz7st3zamsbjzf47jiqbcm3zmikpwf3qd.onion
Details Domain 7 
aaaaabbbbbbb.eastus.cloudapp.azure.com
Details File 131 
win32k.sys
Details File 15 
clfs.sys
Details File 293 
certutil.exe
Details File 206 
dllhost.exe
Details File 256 
winlogon.exe
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 24 
Storm-2460