Malware Development Part 12: APC Injection Via NtTestAlert
Tags
cmtmf-attack-pattern: Code Injection Process Injection
attack-pattern: Data Asynchronous Procedure Call - T1055.004 Code Injection - T1540 Malware - T1587.001 Malware - T1588.001 Native Api - T1575 Process Injection - T1631 Execution Through Api - T1106 Process Injection - T1055
Show in Graph
Common Information
Type Value
UUID 3d39b820-88bf-410c-a7d8-4bf98574c7b5
Fingerprint 3e1c8313a8a21669
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 24, 2024, 8:48 a.m.
Added to db Dec. 24, 2024, 9:54 a.m.
Last updated Dec. 25, 2024, 4:20 p.m.
Headline Malware Development Part 12: APC Injection Via NtTestAlert
Title Malware Development Part 12: APC Injection Via NtTestAlert
Detected Hints/Tags/Attributes 31/2/7
Source URLs
Redirection Url
Details Source https://sid4hack.medium.com/malware-development-part-12-apc-injection-via-nttestalert-8beb70834dff?source=rss------cybersecurity-5
Details Source https://sid4hack.medium.com/malware-development-part-12-apc-injection-via-nttestalert-8beb70834dff?source=rss------malware-5
URL Provider
Details Provider Source level domain
Details medium.com sid4hack.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 5 
payload.data
Details Domain 12 
forms.gle
Details File 585 
ntdll.dll
Details File 333 
calc.exe
Details File 5 
payload.dat
Details File 1 
apc_v2.exe
Details Url 2 
https://forms.gle/9dn58yujpqztdmsf6