ioc[.]one - OSINT Cyber Threat Intelligence Database

[Blue Team Labs OnlineWrite-up] Masquerade

Tags

attack-pattern:

Data Data Encrypted For Impact - T1486 Dll Search Order Hijacking - T1574.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Standard Application Layer Protocol - T1071 Dll Search Order Hijacking - T1038 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	6af1f4d8-b24a-441c-8824-9249da8a9424
Fingerprint	be4f28136577a4f9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 11, 2024, 8:20 p.m.
Added to db	Nov. 11, 2024, 10:09 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	[Blue Team Labs Online Write-up] Masquerade
Title	[Blue Team Labs OnlineWrite-up] Masquerade
Detected Hints/Tags/Attributes	59/1/14

Source URLs

	Redirection	Url
Details	Redirection	https://systemweakness.com/blue-team-labs-onlinewrite-up-masquerade-6b6882f57c6c?source=rss------cybersecurity-5
Details	Redirection	https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fsystemweakness.com%2Fblue-team-labs-onlinewrite-up-masquerade-6b6882f57c6c%3Fsource%3Drss------cybersecurity-5
Details	Redirection	https://systemweakness.com/blue-team-labs-onlinewrite-up-masquerade-6b6882f57c6c?gi=5945bc241f7b&source=rss------cybersecurity-5
Details	Source	https://medium.com/@chaoskist/blue-team-labs-onlinewrite-up-masquerade-6b6882f57c6c?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com
Details	systemweakness.com	systemweakness.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		txxxx.xxx
Details	Domain	18		windows.info
Details	Domain	4127		github.com
Details	Domain	1		masquerade.md
Details	File	3		jlecmd.exe
Details	File	20		windows.inf
Details	File	61		systeminfo.exe
Details	File	137		conhost.exe
Details	File	2125		cmd.exe
Details	Github username	5		chickenloner
Details	MITRE ATT&CK Techniques	444		T1071
Details	MITRE ATT&CK Techniques	472		T1486
Details	MITRE ATT&CK Techniques	460		T1059.001
Details	Url	2		https://github.com/chickenloner/write_it_up/blob/main/security