ioc[.]one - OSINT Cyber Threat Intelligence Database

LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Dns - T1071.004 Dns - T1590.002 Exploits - T1587.004 Exploits - T1588.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Social Media - T1593.001 Tool - T1588.002 Vulnerabilities - T1588.006 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	450f3cd0-e723-4202-b8e4-1c052bb9d63a
Fingerprint	86c4b989b92277c3
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 29, 2024, 9:24 p.m.
Added to db	Sept. 29, 2024, 11:55 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected
Title	LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected
Detected Hints/Tags/Attributes	33/2/22

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@abalonpsalmer/letsdefend-sa-event-id-123-soc173-follina-0-day-detected-63423200d6c2?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	172	cve-2022-30190
Details	Domain	7	www.xmlformats.com
Details	Domain	110	owasp.org
Details	Domain	55	otx.alienvault.com
Details	Domain	93	bazaar.abuse.ch
Details	Domain	268	www.virustotal.com
Details	File	33	msdt.exe
Details	File	10	www.xml
Details	File	3	rdf842l.html
Details	File	323	winword.exe
Details	File	6	sdiagnhost.exe
Details	File	5	browse.php
Details	md5	3	52945af1def85b171870b31fa4782e52
Details	sha256	7	4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784
Details	IPv4	2	172.16.17.39
Details	IPv4	2	141.105.65.149
Details	Url	5	https://www.xmlformats.com/office/word/2022/wordprocessingdrawing/rdf842l.html
Details	Url	1	https://owasp.org/www-community/vulnerabilities/follina
Details	Url	1	https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784
Details	Url	1	https://otx.alienvault.com/indicator/file/52945af1def85b171870b31fa4782e52
Details	Url	1	https://bazaar.abuse.ch/browse.php?search=md5:52945af1def85b171870b31fa4782e52
Details	Url	1	https://www.virustotal.com/gui/domain/www.xmlformats.com?nocache=1