From Exploit to Ransomware: Detecting CVE-2025-29824
Tags
country: Venezuela Saudi Arabia Spain United States Of America
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID c34880d2-e040-4f94-a3a8-fb16a2c7daa1
Fingerprint 22992371f93554cb
Analysis status DONE
Considered CTI value 2
Text language
Published April 11, 2025, 5:14 a.m.
Added to db April 11, 2025, 7:55 a.m.
Last updated April 25, 2025, 10:01 p.m.
Headline From Exploit to Ransomware: Detecting CVE-2025-29824
Title From Exploit to Ransomware: Detecting CVE-2025-29824
Detected Hints/Tags/Attributes 63/2/9
Source URLs
Redirection Url
Details Source https://www.logpoint.com/en/blog/emerging-threats/from-exploit-to-ransomware-detecting-cve-2025-29824/
URL Provider
Details Provider Source level domain
Details logpoint.com www.logpoint.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 327 Logpoint https://www.logpoint.com/en/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 60 
cve-2025-29824
Details CVE 60 
cve-2025-24983
Details Domain 7 
aaaaabbbbbbb.eastus.cloudapp.azure.com
Details File 297 
certutil.exe
Details File 202 
msbuild.exe
Details File 372 
winword.exe
Details File 47 
procdump.exe
Details File 2 
toolbcdedit.exe
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 24 
Storm-2460