ioc[.]one - OSINT Cyber Threat Intelligence Database

8月以降、WhatsUp Goldを狙うハッカーが公開エクスプロイトを使用 - PRSOL:CC

Tags

attack-pattern:

Msiexec - T1218.007 Powershell - T1059.001 Software - T1592.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	5363d6d0-3b84-40e6-8ba0-07f3cc66d1b7
Fingerprint	afc6af7db37597c
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 13, 2024, 10:22 p.m.
Added to db	Sept. 13, 2024, 3:36 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	8月以降、WhatsUp Goldを狙うハッカーが公開エクスプロイトを使用
Title	8月以降、WhatsUp Goldを狙うハッカーが公開エクスプロイトを使用 - PRSOL:CC
Detected Hints/Tags/Attributes	4/1/2

Source URLs

	Redirection	Url
Details	Source	https://www.prsol.cc/2024/09/13/hackers-targeting-whatsup-gold-with-public-exploit-since-august/

URL Provider

Details	Provider	Source level domain
Details	prsol.cc	www.prsol.cc

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	473	✔	PRSOL:CC	https://www.prsol.cc/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	1		リモートurlから取得したnmpoller.exe
Details	File	269		msiexec.exe