ioc[.]one - OSINT Cyber Threat Intelligence Database

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Tags

attack-pattern:

Exploits - T1587.004 Exploits - T1588.005 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	670752fa-6248-4ccd-a9f8-c1e385e31c4d
Fingerprint	bf2a9972260757c9
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 7, 2012, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Internet Storm Center
Title	InfoSec Handlers Diary Blog - SANS Internet Storm Center
Detected Hints/Tags/Attributes	28/1/19

Source URLs

	Redirection	Url
Details	Source	https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

URL Provider

Details	Provider	Source level domain
Details	sans.edu	isc.sans.edu

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	1		cve-2005-1185
Details	CVE	1		cve-2000-1128
Details	Domain	1		blakhal0.blogspot.com
Details	File	1		c:\windows\system32\notepad \temp\file.txt
Details	File	380		notepad.exe
Details	File	1		c:\windows\system32\ directory and pass it the argument \temp\file.txt
Details	File	79		file.txt
Details	File	1		c:\program files\microsoft office\winword.exe
Details	File	9		c:\program.exe
Details	File	323		winword.exe
Details	File	1		c:\program files\microsoft.exe
Details	File	1		c:\program files\common files\java\java update\jusched.exe
Details	File	312		calc.exe
Details	File	1		c:\program files\common.exe
Details	File	1		c:\documents.exe
Details	File	28		program.exe
Details	File	1		hiding-files-by-exploiting-spaces-in.html
Details	Url	1		http://blakhal0.blogspot.com/2012/08/hiding-files-by-exploiting-spaces-in.html
Details	Windows Registry Key	19		HKLM\SYSTEM\CurrentControlSet\Control\Session