sunburst_countermeasures.md
Tags
| attack-pattern: | Credentials - T1589.001 |
Common Information
| Type | Value |
|---|---|
| UUID | db7f1eb8-676b-4434-8406-12741ec2c76b |
| Fingerprint | 61033278abbe4c5a |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 26, 2021, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | olafhartong/sunburst_countermeasures.md |
| Title | sunburst_countermeasures.md |
| Detected Hints/Tags/Attributes | 8/1/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://gist.github.com/olafhartong/71ffdd4cab4b6acd5cbcd1a0691ff82f |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 3 | netsetupsvc.dll |
|
| Details | File | 13 | businesslayerhost.exe |
|
| Details | File | 4 | apmservicecontrol.exe |
|
| Details | File | 4 | exporttopdfcmd.exe |
|
| Details | File | 4 | webapi.exe |
|
| Details | File | 15 | calculator.exe |
|
| Details | File | 4 | database-maint.exe |
|
| Details | File | 86 | service.exe |
|
| Details | File | 81 | werfault.exe |
|
| Details | md5 | 7 | b91ce2fa41029f6955bff20079468448 |
|
| Details | md5 | 3 | 02af7cec58b9a5da1c542b5a32151ba1 |
|
| Details | md5 | 4 | 2c4a910a1299cdae2a4e55988a2f102e |
|
| Details | md5 | 5 | 846e27a652a5e1bfbd0ddd38a16dc865 |
|
| Details | md5 | 2 | 4f2eb62fa529c0283b28d05ddd311fae |
|
| Details | md5 | 5 | 56ceb6d0011d87b6e4d7023d7ef85676 |