ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Intelligence Report 5th November - 11th November

Tags

cmtmf-attack-pattern:	Boot Or Logon Autostart Execution Obfuscated Files Or Information
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Boot Or Logon Autostart Execution - T1547 Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Data From Local System - T1533 Domains - T1583.001 Domains - T1584.001 Exfiltration Over C2 Channel - T1646 Exploitation For Privilege Escalation - T1404 Exploits - T1587.004 Exploits - T1588.005 Firmware - T1592.003 Impair Defenses - T1562 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 Network Service Scanning - T1423 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Service Execution - T1569.002 Software - T1592.002 Spearphishing Attachment - T1566.001 Spearphishing Attachment - T1598.002 Vulnerabilities - T1588.006 Credential Dumping - T1003 Data From Local System - T1005 Exfiltration Over Command And Control Channel - T1041 Exploitation For Privilege Escalation - T1068 Network Service Scanning - T1046 Obfuscated Files Or Information - T1027 Remote Services - T1021 Service Execution - T1035 Spearphishing Attachment - T1193 User Execution - T1204 Network Service Scanning Spearphishing Attachment User Execution

Show in Graph

Common Information

Type	Value
UUID	8fdac593-5de9-45c0-acb5-e162b8b92b8e
Fingerprint	84b110d18c55afcb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 11, 2024, midnight
Added to db	Nov. 11, 2024, 9:23 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Threat Intelligence Report November 5 - November 11 2024
Title	Threat Intelligence Report 5th November - 11th November
Detected Hints/Tags/Attributes	125/3/35

Source URLs

	Redirection	Url
Details	Source	https://redpiranha.net/news/threat-intelligence-report-november-5-november-11-2024

URL Provider

Details	Provider	Source level domain
Details	redpiranha.net	redpiranha.net

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	482	✔	Red Piranha	https://redpiranha.net/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	24	cve-2024-8956
Details	CVE	4	cve-2023-27076
Details	CVE	5	cve-2023-26801
Details	CVE	3	cve-2023-26802
Details	CVE	21	cve-2024-8957
Details	CVE	10	cve-2019-16278
Details	CVE	33	cve-2024-43093
Details	CVE	52	cve-2024-5910
Details	Domain	1	helldown.org
Details	Domain	1	onyxcb44xvqra35m3lp3z26kf2pxrlbn64nbzvyvzjyc3uykzrwcjdid.onion
Details	Domain	3	onyxcgfg4pjevvp5h34zvhaj45kbft3dg5r33j5vu3nyp7xic3vrzvad.onion
Details	Domain	1	onyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion
Details	md5	1	140aad1f823157222af3da2d23de8789
Details	md5	1	5e7f5bb24a7cdaabcf3d2e77ed31fa4e
Details	IPv4	1	20.190.159.68
Details	IPv4	1	51.11.168.232
Details	IPv4	1	162.255.119.18
Details	IPv4	2	20.223.35.26
Details	IPv4	1	52.168.112.66
Details	IPv4	1	63.250.36.235
Details	IPv4	3	192.229.221.95
Details	IPv4	1	199.232.210.172
Details	MITRE ATT&CK Techniques	49	T1193
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	207	T1547
Details	MITRE ATT&CK Techniques	208	T1068
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	235	T1562
Details	MITRE ATT&CK Techniques	289	T1003
Details	MITRE ATT&CK Techniques	168	T1046
Details	MITRE ATT&CK Techniques	159	T1021
Details	MITRE ATT&CK Techniques	534	T1005
Details	MITRE ATT&CK Techniques	422	T1041
Details	Threat Actor Identifier - APT	27	APT73
Details	Url	1	https://forum.redpiranha.net/t/known-exploited-vulnerabilities-catalog-1st-week-of-november-2024/522