ioc[.]one - OSINT Cyber Threat Intelligence Database

Weaponize Your Word - Malicious Template Injection | JUMPSEC LABS

Tags

attack-pattern:

Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Visual Basic - T1059.005 Template Injection - T1221 Powershell - T1086 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	8985359d-26fc-488a-92a4-5d4b2ba1dadc
Fingerprint	3c1d1a709fa5d7e0
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 30, 2024, 8:22 a.m.
Added to db	Oct. 30, 2024, 10:17 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Weaponize Your Word – Malicious Template Injection
Title	Weaponize Your Word - Malicious Template Injection \| JUMPSEC LABS
Detected Hints/Tags/Attributes	49/1/9

Source URLs

	Redirection	Url
Details	Source	https://labs.jumpsec.com/weaponize-your-word-malicious-template-injection/

URL Provider

Details	Provider	Source level domain
Details	jumpsec.com	labs.jumpsec.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	149	✔	JUMPSEC LABS	https://labs.jumpsec.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	339		system.net
Details	Domain	768		www.youtube.com
Details	Domain	1		tho-le.medium.com
Details	File	1		thisdocument.doc
Details	File	66		settings.xml
Details	File	2125		cmd.exe
Details	File	323		winword.exe
Details	Url	1		https://www.youtube.com/watch?v=5pr15ithjek
Details	Url	1		https://tho-le.medium.com/remote-ms-office-template-injection-ffbe0d81512d