ioc[.]one - OSINT Cyber Threat Intelligence Database

2018-035-software bloat is forever; malicious file extensions; WMIC abuses

Tags

attack-pattern:

Data Control Panel - T1218.002 Javascript - T1059.007 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Unix Shell - T1059.004 Visual Basic - T1059.005 Unix Shell - T1623.001 Mshta - T1170 Powershell - T1086 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	b7e783c4-7598-449c-ac81-670ce7b76398
Fingerprint	26542a767fc6e0d6
Analysis status	DONE
Considered CTI value	1
Text language
Published	Sept. 30, 2018, 9:40 p.m.
Added to db	Jan. 18, 2023, 7:44 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	Brakeing Down Security Podcast Blog
Title	2018-035-software bloat is forever; malicious file extensions; WMIC abuses
Detected Hints/Tags/Attributes	67/1/45

Source URLs

	Redirection	Url
Details	Source	http://brakeingsecurity.blogspot.com/2018/09/2018-035-software-bloat-is-forever.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	brakeingsecurity.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	8	www.eventbrite.com
Details	Domain	1	tonsky.me
Details	Domain	10	hackernoon.com
Details	Domain	1	hackerhurricane.blogspot.com
Details	Domain	175	www.zdnet.com
Details	Domain	360	attack.mitre.org
Details	Domain	70	nakedsecurity.sophos.com
Details	Domain	151	www.bbc.com
Details	Domain	4128	github.com
Details	Domain	251	www.bleepingcomputer.com
Details	Domain	3	brakesec.com
Details	Domain	1175	gmail.com
Details	Domain	2	www.teepublic.com
Details	Domain	768	www.youtube.com
Details	Domain	7	player.fm
Details	Email	6	bds.podcast@gmail.com
Details	File	1	avoiding-ransomware-with-built-in-basic.html
Details	Github username	26	eset
Details	MITRE ATT&CK Techniques	12	T1170
Details	Threat Actor Identifier - APT	783	APT28
Details	Url	1	https://www.eventbrite.com/e/brakesec-derbycon-pizza-meetup-tickets-50719385046
Details	Url	1	http://tonsky.me/blog/disenchantment
Details	Url	1	https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f
Details	Url	1	https://hackerhurricane.blogspot.com/2016/09/avoiding-ransomware-with-built-in-basic.html
Details	Url	1	https://www.zdnet.com/article/windows-utility-used-by-malware-in-new-information-theft-campaigns
Details	Url	1	https://attack.mitre.org/wiki/technique/t1170
Details	Url	1	https://nakedsecurity.sophos.com/2018/09/26/finally-a-fix-for-the-encrypted-webs-achilles-heel
Details	Url	1	https://www.bbc.com/news/technology-45686890
Details	Url	1	https://github.com/eset/malware-ioc/blob/master/sednit/lojax.adoc
Details	Url	1	https://www.bleepingcomputer.com/news/security/apt28-uses-lojax-first-uefi-rootkit-seen-in-the-wild
Details	Url	2	https://brakesec.com/store
Details	Url	2	https://www.teepublic.com/user/bdspodcast
Details	Url	3	https://brakesec.com/spotifybds
Details	Url	3	https://brakesec.com/brakesecrss
Details	Url	3	http://www.youtube.com/c/bdspodcast
Details	Url	3	https://brakesec.com/bdsitunes
Details	Url	3	https://brakesec.com/bds-googleplay
Details	Url	3	https://brakesec.com/bdswebsite
Details	Url	3	https://brakesec.com/iheartbrakesec
Details	Url	3	https://brakesec.com/soundcloudbrakesec
Details	Url	3	https://brakesec.com/paypalbds
Details	Url	3	https://brakesec.com/bdspatreon
Details	Url	3	https://brakesec.com/bds-playerfm
Details	Url	3	https://brakesec.com/brakesecstitcher
Details	Url	3	https://brakesec.com/tuneinbrakesec