ioc[.]one - OSINT Cyber Threat Intelligence Database

Current state of malicious Powershell script blocking - MRG Effitas

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	7a11e960-73b8-420e-93fb-5d08193be735
Fingerprint	c083ae080952eadf
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 10, 2018, 1:39 p.m.
Added to db	Jan. 18, 2023, 11:29 p.m.
Last updated	Sept. 20, 2024, 2:53 p.m.
Headline	Current state of malicious Powershell script blocking
Title	Current state of malicious Powershell script blocking - MRG Effitas
Detected Hints/Tags/Attributes	28/1/3

Source URLs

	Redirection	Url
Details	Source	https://www.mrg-effitas.com/research/current-state-of-malicious-powershell-script-blocking/

URL Provider

Details	Provider	Source level domain
Details	mrg-effitas.com	www.mrg-effitas.com

Attributes

Details	Type	#Events	Value
Details	File	27	invoke-mimikatz.ps1
Details	File	1	us-16-mittal-amsi-how-windows-10-plans-to-stop-script-based-attacks-and-how-well-it-does-it.pdf
Details	Url	1	https://www.blackhat.com/docs/us-16/materials/us-16-mittal-amsi-how-windows-10-plans-to-stop-script-based-attacks-and-how-well-it-does-it.pdf

Details

Type

#Events

CTI

Value

File

invoke-mimikatz.ps1

File

us-16-mittal-amsi-how-windows-10-plans-to-stop-script-based-attacks-and-how-well-it-does-it.pdf

Url

https://www.blackhat.com/docs/us-16/materials/us-16-mittal-amsi-how-windows-10-plans-to-stop-script-based-attacks-and-how-well-it-does-it.pdf