ioc[.]one - OSINT Cyber Threat Intelligence Database

Malicious Outlook Rules - NetSPI

Tags

attack-pattern:

Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Account - T1087.003 Keylogging - T1056.001 Keylogging - T1417.001 Malicious File - T1204.002 Outlook Rules - T1137.005 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	67b66cd1-fb9a-4fb0-bb0f-86e7ffed5dd1
Fingerprint	a6994b1239260c01
Analysis status	DONE
Considered CTI value	0
Text language
Published	Dec. 4, 2015, 12:55 p.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	Malicious Outlook Rules
Title	Malicious Outlook Rules - NetSPI
Detected Hints/Tags/Attributes	51/1/17

Source URLs

	Redirection	Url
Details	Source	https://silentbreaksecurity.com/malicious-outlook-rules/

URL Provider

Details	Provider	Source level domain
Details	silentbreaksecurity.com	silentbreaksecurity.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	27		responder.py
Details	Domain	219		gist.github.com
Details	Domain	2		www.powershellempire.com
Details	Domain	4128		github.com
Details	Domain	79		install.sh
Details	Domain	1		www.f2ko.de
Details	Domain	1		rulz.py
Details	Domain	198		youtube.com
Details	File	25		responder.py
Details	File	1		b2e.php
Details	File	1		rulz.py
Details	Github username	3		monoxgas
Details	Github username	4		powershellempire
Details	Url	1		https://gist.github.com/monoxgas/7fec9ec0f3ab405773fc
Details	Url	1		https://www.powershellempire.com
Details	Url	1		https://github.com/powershellempire/empire.git
Details	Url	1		https://www.f2ko.de/en/b2e.php