MS Excel Command Execution Without Macros
Common Information
Type Value
UUID af3317bc-e892-4d79-b396-e7802ca0777e
Fingerprint af45284139a3aeb9
Analysis status DONE
Considered CTI value 1
Text language
Published Oct. 16, 2017, 8:16 p.m.
Added to db Jan. 18, 2023, 9:23 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline NetWitness Community
Title MS Excel Command Execution Without Macros
Detected Hints/Tags/Attributes 35/1/9
Attributes
Details Type #Events CTI Value
Details File 380
notepad.exe
Details File 1
ygh.exe
Details File 1209
powershell.exe
Details File 1
c:\\users\public\\ygh.exe
Details File 1
c:\\users\\public\\ygh.exe
Details File 2127
cmd.exe
Details IPv4 27
192.168.1.3
Details Threat Actor Identifier - APT 297
APT27
Details Url 1
http://192.168.1.3/ygh.exe\",\"c:\\users\public\\ygh.exe