Operation PowerFall: CVE-2020-0986 and variants
Tags
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID b86bf97c-349a-47db-a2bb-87be2713a422
Fingerprint 8e599d9378053301
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 2, 2020, 10 a.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Oct. 25, 2024, 1:02 p.m.
Headline Operation PowerFall: CVE-2020-0986 and variants
Title Operation PowerFall: CVE-2020-0986 and variants
Detected Hints/Tags/Attributes 27/1/7
Source URLs
Redirection Url
Details Source https://securelist.com/operation-powerfall-cve-2020-0986-and-variants/98329/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details CVE 14 
cve-2020-0986
Details CVE 7 
cve-2019-0880
Details File 12 
splwow64.exe
Details File 2 
createdc.exe
Details File 1 
messageheader.dat
Details File 7 
gdi32full.dll
Details File 19 
winspool.drv