LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected
Common Information
Type Value
UUID 450f3cd0-e723-4202-b8e4-1c052bb9d63a
Fingerprint 86c4b989b92277c3
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 29, 2024, 9:24 p.m.
Added to db Sept. 29, 2024, 11:55 p.m.
Last updated Oct. 12, 2024, 8:56 a.m.
Headline LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected
Title LetsDefend SA Event ID: 123, SOC173 — Follina 0-Day Detected
Detected Hints/Tags/Attributes 33/2/22
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 163
cve-2022-30190
Details Domain 6
www.xmlformats.com
Details Domain 104
owasp.org
Details Domain 54
otx.alienvault.com
Details Domain 89
bazaar.abuse.ch
Details Domain 258
www.virustotal.com
Details File 34
msdt.exe
Details File 9
www.xml
Details File 2
rdf842l.html
Details File 313
winword.exe
Details File 6
sdiagnhost.exe
Details File 5
browse.php
Details md5 3
52945af1def85b171870b31fa4782e52
Details sha256 7
4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784
Details IPv4 2
172.16.17.39
Details IPv4 2
141.105.65.149
Details Url 4
https://www.xmlformats.com/office/word/2022/wordprocessingdrawing/rdf842l.html
Details Url 1
https://owasp.org/www-community/vulnerabilities/follina
Details Url 1
https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784
Details Url 1
https://otx.alienvault.com/indicator/file/52945af1def85b171870b31fa4782e52
Details Url 1
https://bazaar.abuse.ch/browse.php?search=md5:52945af1def85b171870b31fa4782e52
Details Url 1
https://www.virustotal.com/gui/domain/www.xmlformats.com?nocache=1