KQL KC7 — TitanShield (Microsoft Defender) Part 2
Tags
country: Russia
attack-pattern: Data Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 4855cd65-fc4b-46a5-8760-f935d524df95
Fingerprint 52e31e512b96547a
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 15, 2024, 9:21 a.m.
Added to db Oct. 15, 2024, 11:42 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline KQL KC7 — TitanShield (Microsoft Defender) Part 2
Title KQL KC7 — TitanShield (Microsoft Defender) Part 2
Detected Hints/Tags/Attributes 25/2/19
Source URLs
Redirection Url
Details Source https://medium.com/@Abdalla116/kql-kc7-titanshield-microsoft-defender-part-2-1d086e1a2406?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
mingeloem.com
Details Domain 1 
matrixane.com
Details Domain 2 
topsecret.zip
Details Domain 155 
yandex.com
Details Domain 2 
healthylifestyle.com
Details File 1 
nvunityplugin.dll
Details File 2 
unityplayer.dll
Details File 1 
c:\readytogo\topsecret.zip
Details File 2 
topsecret.zip
Details File 2125 
cmd.exe
Details File 2 
%temp%\logs.txt
Details File 12 
logs.txt
Details File 1 
c:\temp\macro.xlsm
Details File 2 
new_diet_plan_for_my_love.xlsx
Details File 7 
edge.exe
Details sha256 1 
09d152aa2b6261e3b0a1d1c19fa8032f215932186829cfcca954cc5e84a6cc38
Details sha256 1 
6aeef036eb85a470dbd6d039250172a510a8627b873e8b3b79fae5a7dd767e73
Details Url 1 
ftp://matrixane.com/upload
Details Url 2 
https://healthylifestyle.com/share/new_diet_plan_for_my_love.xlsx