Hexacorn | Blog Threat Hunting – A Tale of Wishful Thinking and Willful Ignorance …
Tags
| attack-pattern: | Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | 95590e47-cd96-48d8-a2dc-c18a8b15e59f |
| Fingerprint | b208aa8665514697 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 15, 2016, midnight |
| Added to db | Jan. 19, 2023, 12:12 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | UNKNOWN |
| Title | Hexacorn | Blog Threat Hunting – A Tale of Wishful Thinking and Willful Ignorance … |
| Detected Hints/Tags/Attributes | 37/1/33 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1 | unique_file_name.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 51 | ipconfig.exe |
|
| Details | File | 46 | netstat.exe |
|
| Details | File | 256 | net.exe |
|
| Details | File | 155 | cscript.exe |
|
| Details | File | 122 | psexec.exe |
|
| Details | File | 19 | nmap.exe |
|
| Details | File | 3 | ar.exe |
|
| Details | File | 2 | as.exe |
|
| Details | File | 6 | cp.exe |
|
| Details | File | 10 | dd.exe |
|
| Details | File | 3 | df.exe |
|
| Details | File | 2 | du.exe |
|
| Details | File | 3 | id.exe |
|
| Details | File | 4 | ld.exe |
|
| Details | File | 1 | ln.exe |
|
| Details | File | 5 | ls.exe |
|
| Details | File | 2 | mv.exe |
|
| Details | File | 2 | nl.exe |
|
| Details | File | 2 | nm.exe |
|
| Details | File | 1 | od.exe |
|
| Details | File | 2 | pg.exe |
|
| Details | File | 5 | pr.exe |
|
| Details | File | 11 | ps.exe |
|
| Details | File | 2 | rm.exe |
|
| Details | File | 16 | sh.exe |
|
| Details | File | 7 | tr.exe |
|
| Details | File | 1 | ul.exe |
|
| Details | File | 2 | vi.exe |
|
| Details | File | 14 | w.exe |
|
| Details | File | 4 | wc.exe |
|
| Details | File | 1 | xz.exe |