How Threat Actors Can Use GitHub Repositories to Deploy Malware | CrowdStrike
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Model Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Malicious File - T1204.002 Malicious Link - T1204.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Remote Access Tools - T1219
Show in Graph
Common Information
Type Value
UUID d1752f56-ca22-4b7c-8f26-7e3e67f12aa9
Fingerprint ad653a1ecf720fab
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 30, 2022, 4:31 p.m.
Added to db June 1, 2023, 10:59 a.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline “Gitting” the Malware: How Threat Actors Use GitHub Repositories to Deploy Malware
Title How Threat Actors Can Use GitHub Repositories to Deploy Malware | CrowdStrike
Detected Hints/Tags/Attributes 56/2/2
Source URLs
Redirection Url
Details Source https://www.crowdstrike.com/blog/how-threat-actors-use-github-repositories-to-deploy-malware/
URL Provider
Details Provider Source level domain
Details crowdstrike.com www.crowdstrike.com
Attributes
Details Type #Events CTI Value
Details File 27 
client32.exe
Details File 2130 
cmd.exe