ioc[.]one - OSINT Cyber Threat Intelligence Database

SolarWinds Trust Center Security Advisories | CVE-2021-35211

Tags

attack-pattern:

Data Ip Addresses - T1590.005 Mshta - T1218.005 Network Topology - T1590.004 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Vulnerabilities - T1588.006 Mshta - T1170 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	45cdb8a3-b36b-46a6-acdf-d11565651392
Fingerprint	948138d61e16d404
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 15, 2021, midnight
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 18, 2024, 1:24 p.m.
Headline	UNKNOWN
Title	SolarWinds Trust Center Security Advisories \| CVE-2021-35211
Detected Hints/Tags/Attributes	51/1/17

Source URLs

	Redirection	Url
Details	Source	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
Details	Source	https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211#FAQ

URL Provider

Details	Provider	Source level domain
Details	solarwinds.com	www.solarwinds.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	17		cve-2021-35211
Details	File	2		debugsocketlog.txt
Details	File	1		c:\programdata\rhinosoft\serv-u\debugsocketlog.txt
Details	File	1		c:\programfiles\rhinosoft\serv-u\debugsocketlog.txt
Details	File	2		c:\windows\temp\serv-u.bat
Details	File	2		c:\windows\temp\test\current.dmp
Details	File	3		serv-u.exe
Details	File	457		mshta.exe
Details	File	1212		powershell.exe
Details	File	2130		cmd.exe
Details	File	137		conhost.exe
Details	IPv4	2		98.176.196.89
Details	IPv4	2		68.235.178.32
Details	IPv4	2		208.113.35.58
Details	IPv4	2		144.34.179.162
Details	IPv4	2		97.77.97.58
Details	Url	2		http://144.34.179.162/a