Internet Explorer and Windows zero-day exploits used in Operation PowerFall
Tags
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Powershell - T1059.001 Vulnerabilities - T1588.006 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 3b1831b7-22e6-46a1-a010-58fbb50d3572
Fingerprint 8a399a11a8f71309
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 12, 2020, 7 a.m.
Added to db Sept. 11, 2022, 12:40 p.m.
Last updated Nov. 16, 2024, 8:16 a.m.
Headline Internet Explorer and Windows zero-day exploits used in Operation PowerFall
Title Internet Explorer and Windows zero-day exploits used in Operation PowerFall
Detected Hints/Tags/Attributes 43/1/27
Source URLs
Redirection Url
Details Source https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details CVE 14 
cve-2020-0986
Details CVE 22 
cve-2020-1380
Details CVE 43 
cve-2020-0674
Details CVE 12 
cve-2019-1429
Details CVE 9 
cve-2019-0676
Details CVE 11 
cve-2018-8653
Details CVE 27 
cve-2019-1367
Details Domain 28 
date.now
Details Domain 1 
www.static-cdn1.com
Details Domain 22 
update.zip
Details File 27 
jscript.dll
Details File 29 
jscript9.dll
Details File 1 
'worker.js
Details File 6 
ok.exe
Details File 12 
splwow64.exe
Details File 2 
createdc.exe
Details File 1 
popc.dll
Details File 24 
update.zip
Details File 2 
upgrader.exe
Details md5 1 
B06F1F2D3C016D13307BC7CE47C90594
Details md5 1 
5877EAECA1FE8A3A15D6C8C5D7FA240B
Details md5 1 
B72731B699922608FF3844CCC8FC36B4
Details md5 1 
E01254D7AF1D044E555032E1F78FF38F
Details sha256 1 
d02632cffc18194107cc5bf76aeca7e87e9082fed64a535722ad4502a4d51199
Details sha256 1 
7577e42177ed7fc811de4bc854ec226eb037f797c3b114e163940a86fd8b078b
Details sha256 1 
7765f836d2d049127a25376165b1ac43cd109d8b9d8c5396b8da91adc61eccb1
Details sha256 1 
81d07cae45caf27cbb9a1717b08b3ab358b647397f08a6f9c7652d00dbf2ae24