ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Impersonation - T1656 Malware - T1587.001 Malware - T1588.001 Ntds - T1003.003 Phishing - T1660 Phishing - T1566 Vulnerabilities - T1588.006 Account Manipulation - T1098
Show in Graph
Common Information
Type Value
UUID d0ca3582-5c6f-40e7-b72e-6bcbaea3e04e
Fingerprint ed5995806d714c11
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 4, 2024, 11:30 a.m.
Added to db Sept. 4, 2024, 2:22 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline UNKNOWN
Title ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
Detected Hints/Tags/Attributes 41/2/4
Source URLs
Redirection Url
Details Source https://gbhackers.com/toddycat-apt-exploits/
URL Provider
Details Provider Source level domain
Details gbhackers.com gbhackers.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 125 GBHackers Security | #1 Globally Trusted Cyber Security News Platform https://gbhackers.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 184 
cve-2021-26855
Details Domain 911 
any.run
Details File 28 
wlbsctrl.dll
Details File 172 
dllhost.exe