Malware Family KQL Queries — Week of 2023–07–17
Tags
attack-pattern: Credentials - T1589.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Dynamic Resolution - T1637 Dynamic Resolution - T1568 Impair Defenses - T1562 Impair Defenses - T1629 Input Capture - T1417 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Input Capture - T1056
Show in Graph
Common Information
Type Value
UUID 97af16ee-9319-43e9-982f-fad2ea8a59bd
Fingerprint 4e132159a9a55470
Analysis status DONE
Considered CTI value 2
Text language
Published July 17, 2023, 8:13 p.m.
Added to db July 17, 2023, 10:29 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Malware Family KQL Queries — Week of 2023–07–17
Title Malware Family KQL Queries — Week of 2023–07–17
Detected Hints/Tags/Attributes 43/1/10
Source URLs
Redirection Url
Details Source https://medium.com/reversinglabs-integrations/malware-family-kql-queries-week-of-2023-07-17-cf7a1beee9ed?source=rss------cybersecurity-5
Details Source https://medium.com/reversinglabs-integrations/malware-family-kql-queries-week-of-2023-07-17-cf7a1beee9ed?source=rss------malware-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 29 
duckdns.org
Details Domain 30 
ngrok.io
Details Domain 41 
ddns.net
Details Domain 1 
ply.gg
Details Domain 6 
linkpc.net
Details File 76 
netsh.exe
Details File 4 
'.pl
Details MITRE ATT&CK Techniques 152 
T1056
Details MITRE ATT&CK Techniques 235 
T1562
Details MITRE ATT&CK Techniques 27 
T1568