Search Operators and Wildcards for Cyber Threat Investigations
Common Information
Type Value
UUID 3b8c924b-a561-4b2a-b07b-78e366c0b2f8
Fingerprint 33490bd36fbcaf17
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 4, 2024, 11:20 a.m.
Added to db Dec. 4, 2024, 12:52 p.m.
Last updated Dec. 24, 2024, 9:47 a.m.
Headline Search Operators and Wildcards for Cyber Threat Investigations
Title Search Operators and Wildcards for Cyber Threat Investigations
Detected Hints/Tags/Attributes 43/2/10
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1171
any.run
Details Domain 4
thum.io
Details Domain 63
logo.clearbit.com
Details File 1
%5c%22mshta.exe
Details File 545
mshta.exe
Details Url 1
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&utm_medium=article&utm_campaign=operators_wildcards&utm_term=041224&utm_content=linktolookup#{%22query%22:%22domainname:%5c%22thum.io%5c%22%20and%20domainname:%5c%22logo.clearbit.com
Details Url 4
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&amp
Details Url 1
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&utm_medium=article&utm_campaign=operators_wildcards&utm_term=041224&utm_content=linktolookup#{%22query%22:%22imagepath:%5c%22mshta.exe
Details Url 1
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&utm_medium=article&utm_campaign=operators_wildcards&utm_term=041224&utm_content=linktolookup#{%22query%22:%22commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.vbs%5c%22%20and%20commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.bat%5c%22%20and%20commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.ps1
Details Url 1
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&utm_medium=article&utm_campaign=operators_wildcards&utm_term=041224&utm_content=linktolookup#{%22query%22:%22domainname:%5c%22^0ffice.*.com