IIS modules: The evolution of web shells and how to detect them  - Microsoft Security Blog
Tags
Show in Graph
Common Information
Type Value
UUID 87ffeb6f-0ed0-4451-8f87-83a2c48d9bbb
Fingerprint f2111bc209f425a2
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 12, 2022, 9 a.m.
Added to db Dec. 12, 2022, 7:10 p.m.
Last updated Nov. 15, 2024, 9:31 p.m.
Headline IIS modules: The evolution of web shells and how to detect them
Title IIS modules: The evolution of web shells and how to detect them  - Microsoft Security Blog
Detected Hints/Tags/Attributes 0/0/9
Source URLs
Redirection Url
Details Source https://www.microsoft.com/en-us/security/blog/2022/12/12/iis-modules-the-evolution-of-web-shells-and-how-to-detect-them/
URL Provider
Details Provider Source level domain
Details microsoft.com www.microsoft.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 6 
app.name
Details Domain 397 
asp.net
Details File 128 
w3wp.exe
Details File 3 
%windir%\system32\inetsrv\appcmd.exe
Details File 70 
web.config
Details File 10 
appcmd.exe
Details File 2 
gacutil.exe
Details File 8 
'w3wp.exe
Details File 1 
'httpd.exe