ioc[.]one - OSINT Cyber Threat Intelligence Database

Ransomware Spotlight: Magniber - Security News

Tags

cmtmf-attack-pattern:	Application Layer Protocol Command And Scripting Interpreter Exploit Public-Facing Application Masquerading Process Injection Stage Capabilities
country:	Australia Japan South Korea Taiwan
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Application Layer Protocol - T1437 Command And Scripting Interpreter - T1623 Control Panel - T1218.002 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Exploit Public-Facing Application - T1377 Exploitation For Client Execution - T1658 Exploits - T1587.004 Exploits - T1588.005 File And Directory Discovery - T1420 Hardware - T1592.001 Inhibit System Recovery - T1490 Javascript - T1059.007 Link Target - T1608.005 Malware - T1587.001 Malware - T1588.001 Mark-Of-The-Web Bypass - T1553.005 Masquerading - T1655 Match Legitimate Name Or Location - T1036.005 Match Legitimate Name Or Location - T1655.001 Process Discovery - T1424 Msiexec - T1218.007 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Reflective Code Loading - T1620 Regsvr32 - T1218.010 Software - T1592.002 Stage Capabilities - T1608 Subvert Trust Controls - T1632 Subvert Trust Controls - T1553 Thread Execution Hijacking - T1055.003 Windows Command Shell - T1059.003 Web Protocols - T1071.001 Web Protocols - T1437.001 Vulnerabilities - T1588.006 Standard Application Layer Protocol - T1071 Command-Line Interface - T1059 Deobfuscate/Decode Files Or Information - T1140 Exploit Public-Facing Application - T1190 Exploitation For Client Execution - T1203 File And Directory Discovery - T1083 Masquerading - T1036 Modify Registry - T1112 Network Share Discovery - T1135 Process Discovery - T1057 Process Injection - T1055 Regsvr32 - T1117 Scripting - T1064 Signed Binary Proxy Execution - T1218 System Information Discovery - T1082 Windows Management Instrumentation - T1047 User Execution - T1204 Exploit Public-Facing Application Masquerading Scripting User Execution

Show in Graph

Common Information

Type	Value
UUID	7327b297-1bcb-4303-82bb-6d94e087331b
Fingerprint	b45128508cd4af8d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 26, 2023, midnight
Added to db	Oct. 24, 2023, 1:30 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Ransomware Spotlight: Magniber
Title	Ransomware Spotlight: Magniber - Security News
Detected Hints/Tags/Attributes	154/4/33

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	CVE	77	cve-2016-0189
Details	CVE	106	cve-2018-8174
Details	CVE	27	cve-2019-1367
Details	CVE	16	cve-2020-0968
Details	CVE	48	cve-2021-26411
Details	CVE	102	cve-2021-40444
Details	CVE	91	cve-2021-34527
Details	CVE	31	cve-2022-44698
Details	File	263	iexplore.exe
Details	File	62	fodhelper.exe
Details	MITRE ATT&CK Techniques	542	T1190
Details	MITRE ATT&CK Techniques	333	T1059.003
Details	MITRE ATT&CK Techniques	310	T1047
Details	MITRE ATT&CK Techniques	93	T1059.007
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	245	T1203
Details	MITRE ATT&CK Techniques	44	T1218.010
Details	MITRE ATT&CK Techniques	20	T1055.003
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	550	T1112
Details	MITRE ATT&CK Techniques	39	T1218.007
Details	MITRE ATT&CK Techniques	7	T1218.002
Details	MITRE ATT&CK Techniques	183	T1036.005
Details	MITRE ATT&CK Techniques	91	T1620
Details	MITRE ATT&CK Techniques	25	T1553.005
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	176	T1135
Details	MITRE ATT&CK Techniques	433	T1057
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	442	T1071.001
Details	MITRE ATT&CK Techniques	276	T1490
Details	MITRE ATT&CK Techniques	472	T1486
Details	MITRE ATT&CK Techniques	17	T1608.005