MS 정상 유틸리티 mavinject.exe를 이용한 인젝션 공격 사례 - ASEC
Tags
| attack-pattern: | Data Mavinject - T1218.013 Signed Binary Proxy Execution - T1218 |
Common Information
| Type | Value |
|---|---|
| UUID | 47503b3e-80a0-4de3-8769-0ceed4f9e7f6 |
| Fingerprint | 4936f6db7be543e |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | April 14, 2025, 3 p.m. |
| Added to db | April 15, 2025, 5:25 a.m. |
| Last updated | April 17, 2025, 3:29 p.m. |
| Headline | MS 정상 유틸리티 mavinject.exe를 이용한 인젝션 공격 사례 |
| Title | MS 정상 유틸리티 mavinject.exe를 이용한 인젝션 공격 사례 - ASEC |
| Detected Hints/Tags/Attributes | 15/1/13 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/ko/87475/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 18 | ✔ | ASEC | https://asec.ahnlab.com/ko/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 476 | attack.mitre.org |
|
| Details | File | 20 | mavinject.exe |
|
| Details | File | 482 | notepad.exe |
|
| Details | File | 369 | calc.exe |
|
| Details | File | 1 | c:\test\run_calc.dll |
|
| Details | File | 138 | test.txt |
|
| Details | File | 10 | waitfor.exe |
|
| Details | File | 4 | originlegacycli.exe |
|
| Details | File | 9 | eacore.dll |
|
| Details | File | 1475 | explorer.exe |
|
| Details | MITRE ATT&CK Techniques | 2 | T1218.013 |
|
| Details | MITRE ATT&CK Techniques | 143 | T1218 |
|
| Details | Url | 1 | https://attack.mitre.org/techniques/t1218/013 |