GitHub - mdsecactivebreach/CACTUSTORCH: CACTUSTORCH: Payload Generation for Adversary Simulations
Tags
| attack-pattern: | Javascript - T1059.007 Python - T1059.006 Rundll32 - T1218.011 Rundll32 - T1085 |
Common Information
| Type | Value |
|---|---|
| UUID | aa0a00ac-e4ef-48fe-bbd1-c5d89ebdbfd4 |
| Fingerprint | 882fd1232b851dbd |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 16, 2017, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | mdsecactivebreach/CACTUSTORCH |
| Title | GitHub - mdsecactivebreach/CACTUSTORCH: CACTUSTORCH: Payload Generation for Adversary Simulations |
| Detected Hints/Tags/Attributes | 16/1/14 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/mdsecactivebreach/CACTUSTORCH |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 1 | splitvba.py |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 380 | notepad.exe |
|
| Details | File | 312 | calc.exe |
|
| Details | File | 44 | payload.bin |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 1 | cactustorch.js |
|
| Details | File | 1 | cactustorch.vbs |
|
| Details | File | 9 | code.txt |
|
| Details | File | 1 | splitvba.py |
|
| Details | File | 63 | output.txt |
|
| Details | Github username | 6 | tyranid |
|
| Details | Url | 4 | https://github.com/tyranid/dotnettojscript |