An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability
Tags
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Server - T1583.004 Server - T1584.004 Mshta - T1170
Show in Graph
Common Information
Type Value
UUID c01dde72-884a-4a05-b8b7-ce67efffa083
Fingerprint 2819ff6d402dd4f6
Analysis status DONE
Considered CTI value 2
Text language
Published June 4, 2017, midnight
Added to db Feb. 17, 2023, 11:19 p.m.
Last updated Nov. 18, 2024, 12:28 p.m.
Headline An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability
Title An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability
Detected Hints/Tags/Attributes 47/1/14
Source URLs
Redirection Url
Details Source https://blog.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
Details Redirection https://www.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
Details Source https://www.fortinet.com/blog/threat-research/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
URL Provider
Details Provider Source level domain
Details fortinet.com blog.fortinet.com
Details fortinet.com www.fortinet.com
Attributes
Details Type #Events CTI Value
Details CVE 269 
cve-2017-0199
Details CVE 4 
cve-2013-1331
Details Domain 5 
ms.office
Details File 86 
ole32.dll
Details File 8 
mso.dll
Details File 457 
mshta.exe
Details File 51 
urlmon.dll
Details File 62 
scrobj.dll
Details File 4 
hlink.dll
Details File 3 
office.rtf
Details File 41 
code.exe
Details sha256 1 
94d324cbd50ab65e2170514c49ce0e91c73335d0ec8af978d0ac99c62d8a431e
Details sha256 1 
b48055a517fe1077b95860c8816e3ae75174affac487554d7f812f3c96c36eae
Details sha256 1 
e0320c0066c69aa35a654d01e951fdc9e489bf66b4c79608156ad446f10d88dd