A Defenders Guide to GraphRunner — Part II
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Credentials - T1589.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Sharepoint - T1213.002 Tool - T1588.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | d7e0a627-a0e8-4f92-a54e-87d94291e940 |
| Fingerprint | 7e6306734da50d0c |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Nov. 23, 2023, midnight |
| Added to db | Aug. 31, 2024, 10:49 a.m. |
| Last updated | Nov. 6, 2024, 4:12 p.m. |
| Headline | A Defenders Guide to GraphRunner — Part II |
| Title | A Defenders Guide to GraphRunner — Part II |
| Detected Hints/Tags/Attributes | 41/2/17 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.invictus-ir.com/news/a-defenders-guide-to-graphrunner-part-ii |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 417 | ✔ | Invictus Incident Response blog | https://www.invictus-ir.com/news/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 32 | graph.microsoft.com |
|
| Details | Domain | 3 | bonacu.onmicrosoft.com |
|
| Details | Domain | 2 | chat.read |
|
| Details | 1 | fortunahodan@bonacu.onmicrosoft.com |
||
| Details | 1 | graph.microsoft.com/v1.0/users/fortunahodan@bonacu.onmicrosoft.com |
||
| Details | Url | 2 | https://graph.microsoft.com/v1.0/search/query |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/drives |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/me/messages |
|
| Details | Url | 3 | https://graph.microsoft.com/v1.0/users |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/me/chats? |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/chats |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/applications/bb019e82-2b52-4de6-b138-d5d28e997153. |
|
| Details | Url | 2 | https://graph.microsoft.com/v1.0/applications |
|
| Details | Url | 2 | https://graph.microsoft.com/v1.0/groups |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/drives/b |
|
| Details | Url | 2 | https://graph.microsoft.com/v1.0/me |
|
| Details | Url | 1 | https://graph.microsoft.com/v1.0/users/fortunahodan@bonacu.onmicrosoft.com |