Vulnerabilità su SySAd attivamente sfruttata in-the-wild - Yoroi
Tags
country: | Israel |
attack-pattern: | Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Software - T1592.002 Tool - T1588.002 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | a52711a9-1c24-4515-839e-7f10313715ca |
Fingerprint | a92a0fe2f4ad476c |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Nov. 9, 2023, 5:41 p.m. |
Added to db | Nov. 9, 2023, 4:44 p.m. |
Last updated | Nov. 17, 2024, 6:55 p.m. |
Headline | Vulnerabilità su SySAd attivamente sfruttata in-the-wild |
Title | Vulnerabilità su SySAd attivamente sfruttata in-the-wild - Yoroi |
Detected Hints/Tags/Attributes | 26/2/15 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 409 | ✔ | Yoroi | https://yoroi.company/feed/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 31 | cve-2023-47246 |
|
Details | File | 22 | user.exe |
|
Details | File | 269 | msiexec.exe |
|
Details | File | 131 | spoolsv.exe |
|
Details | File | 1122 | svchost.exe |
|
Details | File | 2 | getlogo.jsp |
|
Details | File | 4 | meshagent.exe |
|
Details | sha256 | 9 | b5acf14cdac40be590318dee95425d0746e85b1b7b1cbd14da66f21f2522bf4d |
|
Details | sha256 | 3 | 2035a69bc847dbad3b169cc74eb43fc9e6a0b6e50f0bbad068722943a71a4cca |
|
Details | IPv4 | 9 | 179.60.150.34 |
|
Details | IPv4 | 9 | 81.19.138.52 |
|
Details | IPv4 | 9 | 45.182.189.100 |
|
Details | IPv4 | 8 | 45.155.37.105 |
|
Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 39 | DEV-0950 |
|
Details | Url | 6 | http://179.60.150.34:80/a |