ioc[.]one - OSINT Cyber Threat Intelligence Database

Malicious PowerPoint Documents on the Rise | McAfee Blog

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Add-Ins - T1137.006 Keylogging - T1056.001 Keylogging - T1417.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Mshta - T1218.005 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Scheduled Task - T1053.005 Mshta - T1170 Powershell - T1086 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	544d14d7-8ef7-4964-9e97-a73c5c6b135b
Fingerprint	ac09995b5d378aa8
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 22, 2021, 1:47 a.m.
Added to db	Nov. 6, 2023, 7:11 p.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Malicious PowerPoint Documents on the Rise
Title	Malicious PowerPoint Documents on the Rise \| McAfee Blog
Detected Hints/Tags/Attributes	43/2/34

Source URLs

	Redirection	Url
Details	Source	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malicious-powerpoint-documents-on-the-rise/

URL Provider

Details	Provider	Source level domain
Details	mcafee.com	www.mcafee.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	333	✔	—	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	7	www.bitly.com
Details	Domain	1	p8hj.blogspot.com
Details	Domain	1	ia801403.us.archive.org
Details	Domain	2	0v2x.blogspot.com
Details	File	1	300093.pdf
Details	File	1	presentation.xml
Details	File	1	asjdaaasdasdsdaasdsdasasdasddoasddasasddasasdsasdjasddasdoasjdasasddoajsdjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.bin
Details	File	456	mshta.exe
Details	File	2	27.html
Details	File	1209	powershell.exe
Details	File	1	27-1.txt
Details	File	1	27-2.txt
Details	File	1	27-3.txt
Details	File	149	msbuild.exe
Details	File	249	schtasks.exe
Details	File	60	c:\windows\system32\schtasks.exe
Details	File	92	powerpnt.exe
Details	sha256	1	fb594d96d2eaeb8817086ae8dcc7cc5bd1367f2362fc2194aea8e0802024b182
Details	sha256	1	72e910652ad2eb992c955382d8ad61020c0e527b1595619f9c48bf66cc7d15d3
Details	sha256	1	0afd443dedda44cdd7bd4b91341bd87ab1be8d3911d0f1554f45bd7935d3a8d0
Details	sha256	1	fd887fc4787178a97b39753896c556fff9291b6d8c859cdd75027d3611292253
Details	sha256	1	38188d5876e17ea620bbc9a30a24a533515c8c2ea44de23261558bb4cad0f8cb
Details	sha256	1	6c45bd6b729d85565948d4f4deb87c8668dcf2b26e3d995ebc1dae1c237b67c3
Details	sha256	1	9df84ffcf27d5dea1c5178d03a2aa9c3fb829351e56aab9a062f03dbf23ed19b
Details	sha256	1	ad9eeff86d7e596168d86e3189d87e63bbb8f56c85bc9d685f154100056593bd
Details	sha256	1	c22313f7e12791be0e5f62e40724ed0d75352ada3227c4ae03a62d6d4a0efe2d
Details	sha256	1	71b878adf78da89dd9aa5a14592a5e5da50fcbfbc646f1131800d02f8d2d3e99
Details	sha256	2	90674a2a4c31a65afc7dc986bae5da45342e2d6a20159c01587a8e0494c87371
Details	Url	1	https://www.bitly.com/asdhodwkodwkidwowdiahsidh
Details	Url	1	https://p8hj.blogspot.com/p/27.html
Details	Url	1	https://ia801403.us.archive.org/23/items/150-re-crypted-25-june/27-1.txt
Details	Url	1	https://ia801403.us.archive.org/23/items/150-re-crypted-25-june/27-2.txt
Details	Url	1	https://ia801403.us.archive.org/23/items/150-re-crypted-25-june/27-3.txt
Details	Url	1	http://123094830948@0v2x.blogspot.com/p/27.html