Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
Tags
attack-pattern: Data Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Msbuild - T1127.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID ded65e66-49bf-42e1-93ec-c02b8e4094f5
Fingerprint 8130afdd39839c5f
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 22, 2022, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
Title Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
Detected Hints/Tags/Attributes 44/1/4
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/vulnerable-microsoft-sql-servers-targeted-with-cobalt-strike/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
Attributes
Details Type #Events CTI Value
Details File 2130 
cmd.exe
Details File 1212 
powershell.exe
Details File 149 
msbuild.exe
Details File 2 
wwanmm.dll