When a malware is more complex than the paper.
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Rundll32 - T1218.011 Vulnerabilities - T1588.006 Rundll32 - T1085 |
Common Information
| Type | Value |
|---|---|
| UUID | 39370995-2198-4c2a-a419-458e943c0042 |
| Fingerprint | e0019800467ef3e3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 29, 2018, 9:06 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | When a malware is more complex than the paper. |
| Title | When a malware is more complex than the paper. |
| Detected Hints/Tags/Attributes | 24/2/9 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 269 | cve-2017-0199 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 1 | %ls.dbf |
|
| Details | File | 1 | c:\\windows\\system32\\msvcrt.dll |
|
| Details | File | 48 | c:\\windows\\system32\\cmd.exe |
|
| Details | File | 4 | run32dll.exe |
|
| Details | md5 | 1 | 78734CD268E5C9AB4184E1BBE21A6EB9 |
|
| Details | sha256 | 1 | 573ea78afb50100f896185164da3b8519e2e0f609a34a7c70460eca5b4ae640d |