MS Excel Command Execution Without Macros
Tags
Common Information
Type | Value |
---|---|
UUID | af3317bc-e892-4d79-b396-e7802ca0777e |
Fingerprint | af45284139a3aeb9 |
Analysis status | DONE |
Considered CTI value | 1 |
Text language | |
Published | Oct. 16, 2017, 8:16 p.m. |
Added to db | Jan. 18, 2023, 9:23 p.m. |
Last updated | Nov. 18, 2024, 1:38 a.m. |
Headline | NetWitness Community |
Title | MS Excel Command Execution Without Macros |
Detected Hints/Tags/Attributes | 35/1/9 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | File | 380 | notepad.exe |
|
Details | File | 1 | ygh.exe |
|
Details | File | 1209 | powershell.exe |
|
Details | File | 1 | c:\\users\public\\ygh.exe |
|
Details | File | 1 | c:\\users\\public\\ygh.exe |
|
Details | File | 2127 | cmd.exe |
|
Details | IPv4 | 27 | 192.168.1.3 |
|
Details | Threat Actor Identifier - APT | 297 | APT27 |
|
Details | Url | 1 | http://192.168.1.3/ygh.exe\",\"c:\\users\public\\ygh.exe |