Magniber Ransomware Caught Using PrintNightmare Vulnerability
Tags
country: South Korea
maec-delivery-vectors: Watering Hole
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Malvertising - T1583.008 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 95154b18-f289-49af-8d26-986b941b8c9a
Fingerprint be1021598a559e84
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 11, 2021, 12:59 p.m.
Added to db Sept. 11, 2022, 12:46 p.m.
Last updated Nov. 15, 2024, 12:52 a.m.
Headline Teaching an Old Dog New Tricks: 2017 Magniber Ransomware Uses PrintNightmare Vulnerability to Infect Victims in South Korea
Title Magniber Ransomware Caught Using PrintNightmare Vulnerability
Detected Hints/Tags/Attributes 48/3/9
Source URLs
Redirection Url
Details Source https://www.crowdstrike.com/blog/magniber-ransomware-caught-using-printnightmare-vulnerability/
URL Provider
Details Provider Source level domain
Details crowdstrike.com www.crowdstrike.com
Attributes
Details Type #Events CTI Value
Details CVE 91 
cve-2021-34527
Details CVE 65 
cve-2021-1675
Details CVE 7 
cve-2020-1048
Details CVE 106 
cve-2018-8174
Details CVE 48 
cve-2021-26411
Details CVE 16 
cve-2020-0968
Details CVE 27 
cve-2019-1367
Details File 131 
spoolsv.exe
Details sha256 3 
10b9b1d8f6bafd9bb57ccfb1da4a658f10207d566781fa5fb3c4394d283e860e