ioc[.]one - OSINT Cyber Threat Intelligence Database

Malware Delivered Through .inf File, (Mon, Jun 19th) – Cyber Safe NV

Tags

country:	United States Of America
attack-pattern:	Cmstp - T1218.003 Hardware - T1592.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Cmstp - T1191 Powershell - T1086 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	b2cb26ea-02f8-4f76-96cf-f2230e6e1334
Fingerprint	1ec5a86e5de64ce7
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 19, 2023, 10:12 a.m.
Added to db	June 19, 2023, 2:01 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Malware Delivered Through .inf File, (Mon, Jun 19th)
Title	Malware Delivered Through .inf File, (Mon, Jun 19th) – Cyber Safe NV
Detected Hints/Tags/Attributes	32/2/22

Source URLs

	Redirection	Url
Details	Source	https://cybersafenv.org/2023/06/19/malware-delivered-through-inf-file-mon-jun-19th/

URL Provider

Details	Provider	Source level domain
Details	cybersafenv.org	cybersafenv.org

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	112	cdn.discordapp.com
Details	Domain	61	system.windows
Details	Domain	207	learn.microsoft.com
Details	Domain	425	isc.sans.edu
Details	File	4	0powershell.exe
Details	File	3	task.ps1
Details	File	47	cmstp.exe
Details	File	2	get.txt
Details	File	35	'powershell.exe
Details	File	6	cmstp.inf
Details	File	3	serviceprofilefilename.inf
Details	File	2	uas32.ps1
Details	File	46	automation.ps
Details	File	1	windowssystem32cmstp.exe
Details	sha256	2	15b97c5182a30d4c85b31835b44d978dc065892587a7656038575bd32a62ac32
Details	sha256	2	20295311db1228935ddbba18678c88db78b4fc7efb54d2853cfb801851de0e19
Details	sha256	2	fb4f92adc2a9c920ce9a77d1f66050c69728d1f3773c02f9da42e7809fb10d1c
Details	Url	2	https://cdn.discordapp.com/attachments/1114670648028049408/1119347463023759521/task.ps1
Details	Url	2	https://cdn.discordapp.com/attachments/1114670648028049408/1119333871213879356/get.txt
Details	Url	2	https://learn.microsoft.com/en-us/windows-hardware/drivers/install/overview-of-inf-files
Details	Url	2	https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/cmstp
Details	Url	33	https://isc.sans.edu