Using Automation to Hunt for the Elusive LOLBAS
Tags
country: Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Botnet - T1583.005 Botnet - T1584.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Mshta - T1170 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 6faa78d1-6a20-4bad-a1d5-8ff232757d83
Fingerprint b1c0d9c00aa61f27
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 8, 2023, 2:53 p.m.
Added to db Aug. 8, 2023, 9:33 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Using Automation to Hunt for the Elusive LOLBAS
Title Using Automation to Hunt for the Elusive LOLBAS
Detected Hints/Tags/Attributes 36/3/2
Source URLs
Redirection Url
Details Source https://securityboulevard.com/2023/08/using-automation-to-hunt-for-the-elusive-lolbas/
URL Provider
Details Provider Source level domain
Details securityboulevard.com securityboulevard.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 376 
wscript.exe
Details File 456 
mshta.exe