Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials
Tags
country: Malaysia Indonesia Mongolia Philippines Russia Slovakia
attack-pattern: Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Web Services - T1583.006 Web Services - T1584.006 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 3cb6a5c1-c31b-4a94-9c85-0d93069b3545
Fingerprint b619f3d2243194d7
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 15, 2021, 5:38 p.m.
Added to db Jan. 18, 2023, 10:36 p.m.
Last updated Sept. 2, 2024, 3:58 a.m.
Headline Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials
Title Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials
Detected Hints/Tags/Attributes 35/2/0
Source URLs
Redirection Url
Details Source https://thehackernews.com/2021/12/hackers-using-malicious-iis-server.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com