ioc[.]one - OSINT Cyber Threat Intelligence Database

Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine

Tags

country:	North Korea South Korea
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	dd3d1261-695d-45d4-a9c4-1adeaa2b6e4e
Fingerprint	8698fb13a9261686
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 16, 2024, 12:05 p.m.
Added to db	Oct. 16, 2024, 2:15 p.m.
Last updated	Nov. 17, 2024, 5:58 p.m.
Headline	Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine
Title	Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine
Detected Hints/Tags/Attributes	68/3/24

Source URLs

	Redirection	Url
Details	Source	https://medium.com/s2wblog/unmasking-cve-2024-38178-the-silent-threat-of-windows-scripting-engine-91ad954dbf83
Details	Source	https://medium.com/s2wblog/unmasking-cve-2024-38178-the-silent-threat-of-windows-scripting-engine-91ad954dbf83?source=rss-b408bb1e7c46------2

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	220	✔	Stories by S2W on Medium	https://s2w.medium.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	44	cve-2024-38178
Details	CVE	29	cve-2022-41128
Details	CVE	22	cve-2020-1380
Details	Domain	4	googleprojectzero.github.io
Details	Domain	452	msrc.microsoft.com
Details	Domain	2	kisa-vuln.notion.site
Details	Domain	2	mini.gomlab.com
Details	File	29	jscript9.dll
Details	File	2	ad_toast.html
Details	File	748	kernel32.dll
Details	File	2	cve-2022-41128.html
Details	File	2	cve-2020-1380-analysis-of-recently-fixed-ie-zero-day.html
Details	File	2	toast_kr_n.html
Details	md5	2	e11bb2478930d0b5f6c473464f2a2b6e
Details	md5	2	f6906de00a124b9fadee90722bf854c2
Details	md5	2	09994a03b0a04853894f5d70b3afe85e
Details	IPv4	6	1.0.0.8
Details	IPv4	4	4.2.3.14
Details	Threat Actor Identifier - APT	277	APT37
Details	Url	2	https://googleprojectzero.github.io/0days-in-the-wild/0day-rcas/2022/cve-2022-41128.html
Details	Url	2	https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-41128
Details	Url	2	https://www.trendmicro.com/ko_kr/research/20/h/cve-2020-1380-analysis-of-recently-fixed-ie-zero-day.html
Details	Url	2	https://kisa-vuln.notion.site/ms-f6906de00a124b9fadee90722bf854c2#09994a03b0a04853894f5d70b3afe85e
Details	Url	2	https://mini.gomlab.com/player/html/toast/toast_kr_n.html