Scheduled Task Tampering
Tags
Common Information
Type | Value |
---|---|
UUID | 2b4c77e2-8a65-4830-88c0-0aafd26fe1c3 |
Fingerprint | 76344041bd63cee0 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | May 4, 2022, midnight |
Added to db | Dec. 19, 2024, 8:32 p.m. |
Last updated | Dec. 21, 2024, 4:49 a.m. |
Headline | Scheduled Task Tampering |
Title | Scheduled Task Tampering |
Detected Hints/Tags/Attributes | 66/2/13 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://labs.withsecure.com/publications/scheduled-task-tampering |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 5 | reg.py |
|
Details | Domain | 101 | secretsdump.py |
|
Details | Domain | 15 | ticketer.py |
|
Details | File | 1199 | svchost.exe |
|
Details | File | 5 | c:\evil.exe |
|
Details | File | 1 | c:\legitimate.exe |
|
Details | File | 5 | reg.py |
|
Details | File | 98 | secretsdump.py |
|
Details | File | 13 | ticketer.py |
|
Details | File | 4 | 'reg.exe |
|
Details | IPv4 | 2 | 192.168.182.132 |
|
Details | Windows Registry Key | 174 | HKLM\SOFTWARE\Microsoft\Windows |
|
Details | Windows Registry Key | 112 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows |