Charming Kitten Hackers Uses Weaponized MS Word Doc to Deploy Powershell Backdoor
Tags
country: Iran
maec-delivery-vectors: Watering Hole
attack-pattern: Data Email Accounts - T1585.002 Email Accounts - T1586.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 5265cb23-7d4a-4d89-b620-1720cc820478
Fingerprint a1adbdab2b25bb69
Analysis status DONE
Considered CTI value 0
Text language
Published July 10, 2023, 10:48 a.m.
Added to db July 10, 2023, 1:29 p.m.
Last updated Sept. 4, 2024, 11:52 p.m.
Headline Charming Kitten Hackers Uses Weaponized MS Word Doc to Deploy Powershell Backdoor
Title Charming Kitten Hackers Uses Weaponized MS Word Doc to Deploy Powershell Backdoor
Detected Hints/Tags/Attributes 33/3/5
Source URLs
Redirection Url
Details Source https://medium.com/@mikejefferson1974/charming-kitten-hackers-uses-weaponized-ms-word-doc-to-deploy-powershell-backdoor-851b8f796bcf?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 7 
fuschia-rhinestone.cleverapps.io
Details Domain 6 
library-store.camdvr.org
Details File 2 
mena.rar
Details File 3 
mena.pdf
Details IPv4 4 
144.217.129.176