进程注入——通过VEH向量异常处理进行进程注入
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | 68f10995-bf48-4cfb-9b5e-7ea80e20e470 |
| Fingerprint | 634906cb9d4c011 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 20, 2024, midnight |
| Added to db | Sept. 2, 2024, 3:22 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | 进程注入——通过VEH向量异常处理进行进程注入 |
| Title | 进程注入——通过VEH向量异常处理进行进程注入 |
| Detected Hints/Tags/Attributes | 13/1/8 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://cn-sec.com/archives/3120647.html |
| Details | Source | http://cn-sec.com/archives/3120647.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 483 | ✔ | CN-SEC 中文网 | https://cn-sec.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | File | 33 | c:\windows\system32\notepad.exe |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 1 | 的.dat |
|
| Details | Github username | 1 | xforcered |
|
| Details | Url | 1 | https://github.com/xforcered/vectoredexceptionhandling |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/yrb36d-xsneuf9ahuuukag |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/czgxzpkl2pgx1ivotgfbeq |