Defeating Device Guard: A look into CVE-2017-0007
Tags
attack-pattern: Code Signing - T1553.002 Powershell - T1059.001 Code Signing - T1116 Powershell - T1086 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID b5118dba-4c18-4c8a-911d-44d83013aa24
Fingerprint 2c02a8860a7ce5c8
Analysis status DONE
Considered CTI value 0
Text language
Published April 3, 2017, 1:26 p.m.
Added to db Jan. 18, 2023, 9:41 p.m.
Last updated Oct. 31, 2024, 11:02 a.m.
Headline enigma0x3
Title Defeating Device Guard: A look into CVE-2017-0007
Detected Hints/Tags/Attributes 20/1/6
Source URLs
Redirection Url
Details Source https://enigma0x3.net/2017/04/03/defeating-device-guard-a-look-into-cve-2017-0007/
URL Provider
Details Provider Source level domain
Details enigma0x3.net enigma0x3.net
Attributes
Details Type #Events CTI Value
Details CVE 1 
cve-2017-0007
Details Domain 212 
technet.microsoft.com
Details File 19 
wintrust.dll
Details File 1 
microsoftsigned.ps1
Details Microsoft Patch Numbers 2 
KB4013429
Details Url 2 
https://technet.microsoft.com/en-us/itpro/windows/keep-secure/device-guard-deployment-guide.