More Steganography! - SANS Internet Storm Center
Common Information
| Type | Value |
|---|---|
| UUID | b8657b02-08ce-415d-9d92-05dae6c5afa0 |
| Fingerprint | ba218c0a17946d5f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 5, 2025, midnight |
| Added to db | June 14, 2025, 10:05 a.m. |
| Last updated | July 11, 2025, 4:25 p.m. |
| Headline | Internet Storm Center |
| Title | More Steganography! - SANS Internet Storm Center |
| Detected Hints/Tags/Attributes | 41/2/58 |
Archive Viewer
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://isc.sans.edu/diary/rss/32044 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 525 | ✔ | SANS Internet Storm Center, InfoCON: green | https://www.dshield.org/rssfeed.xml | 2025-06-06 22:06 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 87 | oledump.py |
|
| Details | Domain | 33 | zipdump.py |
|
| Details | Domain | 371 | wscript.shell |
|
| Details | Domain | 1 | raconteur.open |
|
| Details | Domain | 1 | adarme.run |
|
| Details | Domain | 90 | paste.ee |
|
| Details | Domain | 4 | zynova.kesug.com |
|
| Details | Domain | 348 | system.net |
|
| Details | Domain | 763 | isc.sans.edu |
|
| Details | Domain | 348 | learn.microsoft.com |
|
| Details | File | 3 | blcopy.xls |
|
| Details | File | 87 | oledump.py |
|
| Details | File | 33 | zipdump.py |
|
| Details | File | 3 | workbook.xml |
|
| Details | File | 1 | sheet4.xml |
|
| Details | File | 1 | sheet5.xml |
|
| Details | File | 1 | sheet3.xml |
|
| Details | File | 4 | sheet2.xml |
|
| Details | File | 9 | sheet1.xml |
|
| Details | File | 1 | sheet6.xml |
|
| Details | File | 1 | sheet7.xml |
|
| Details | File | 1 | sheet8.xml |
|
| Details | File | 1 | sheet13.xml |
|
| Details | File | 1 | sheet12.xml |
|
| Details | File | 1 | sheet11.xml |
|
| Details | File | 1 | sheet10.xml |
|
| Details | File | 1 | sheet9.xml |
|
| Details | File | 21 | styles.xml |
|
| Details | File | 13 | theme1.xml |
|
| Details | File | 10 | sharedstrings.xml |
|
| Details | File | 1 | printersettings5.bin |
|
| Details | File | 1 | printersettings4.bin |
|
| Details | File | 1 | printersettings2.bin |
|
| Details | File | 1 | printersettings6.bin |
|
| Details | File | 1 | printersettings7.bin |
|
| Details | File | 1 | printersettings8.bin |
|
| Details | File | 1 | printersettings9.bin |
|
| Details | File | 1 | printersettings10.bin |
|
| Details | File | 1 | printersettings11.bin |
|
| Details | File | 1 | printersettings12.bin |
|
| Details | File | 1 | printersettings13.bin |
|
| Details | File | 1 | printersettings3.bin |
|
| Details | File | 2 | printersettings1.bin |
|
| Details | File | 13 | core.xml |
|
| Details | File | 13 | app.xml |
|
| Details | File | 2 | c:\windows\temp\invertase.bat |
|
| Details | File | 2 | c:\windows\temp\poikilohydric.vbs |
|
| Details | File | 2274 | cmd.exe |
|
| Details | File | 23 | new_image.jpg |
|
| Details | sha256 | 2 | c92c761a4c5c3f44e914d6654a678953d56d4d3a2329433afe1710b59c9acd3a |
|
| Details | sha256 | 2 | 352ef6f5c4568d6ed6a018a5128cf538d33ea72bd040f0fd3b9bca6bd6a5dae9 |
|
| Details | sha256 | 2 | 5a73927d56c0fd4a805489d5817e1aa4fbd491e5a91ed36f4a2babef74158912 |
|
| Details | IPv4 | 2 | 107.172.235.203 |
|
| Details | Url | 2 | http://107.172.235.203/245/wecreatedbestsolutionswithniceworkingskill.hta |
|
| Details | Url | 2 | http://paste.ee/d/tifhAljb/0 |
|
| Details | Url | 4 | https://zynova.kesug.com/new_image.jpg |
|
| Details | Url | 2 | https://isc.sans.edu/diary/A |
|
| Details | Url | 1 | https://learn.microsoft.com/en-us/microsoft-365-apps/security/internet-macros-blocked |