Shadows in the Rain
Tags
country: Russia
attack-pattern: Data Direct Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Msiexec - T1218.007 Powershell - T1059.001 Tool - T1588.002 Bits Jobs - T1197 Mshta - T1170 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 5a2965ce-8839-4c91-9e68-14d518484f3f
Fingerprint 6522ab32f110783
Analysis status DONE
Considered CTI value 2
Text language
Published March 16, 2020, 5:25 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 10:40 p.m.
Headline Shadows in the Rain
Title Shadows in the Rain
Detected Hints/Tags/Attributes 56/2/15
Source URLs
Redirection Url
Details Source https://medium.com/insomniacs/shadows-in-the-rain-a16efaf21aae
URL Provider
Details Provider Source level domain
Details medium.com medium.com
Attributes
Details Type #Events CTI Value
Details Domain 4 
bot.googlerenewals.net
Details Domain 281 
docs.microsoft.com
Details Domain 360 
attack.mitre.org
Details File 23 
diskshadow.exe
Details File 3 
diskwinshadow.exe
Details File 269 
msiexec.exe
Details File 2126 
cmd.exe
Details File 53 
iphlpapi.dll
Details File 456 
mshta.exe
Details File 26 
forum.php
Details md5 1 
368B555321F56699D2431A3908D52487
Details md5 2 
8CD233D3F226CB1BF6BF15ACA52E0E36
Details md5 1 
F0AB7E27B8DE336B14C8756E6CD41CEA
Details MITRE ATT&CK Techniques 40 
T1197
Details Windows Registry Key 1 
HKCU\M\M