Clipboard to Compromise: PowerShell Script Self-Pwn | Proofpoint US
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Data Direct Dns - T1071.004 Dns - T1590.002 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Software - T1592.002 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | df4eeb91-fe3c-4758-866e-aa7b45973587 |
Fingerprint | a44d8ef28b1883e8 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | June 17, 2024, noon |
Added to db | Aug. 31, 2024, 9:50 a.m. |
Last updated | Nov. 13, 2024, 12:26 p.m. |
Headline | From Clipboard to Compromise: A PowerShell Self-Pwn |
Title | Clipboard to Compromise: PowerShell Script Self-Pwn | Proofpoint US |
Detected Hints/Tags/Attributes | 68/2/38 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 354 | ✔ | Proofpoint Threat Insight | https://www.proofpoint.com/us/threat-insight-blog.xml | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 21 | data.zip |
|
Details | Domain | 1 | pley.es |
|
Details | Domain | 1 | ra-silberkuhl.com |
|
Details | Domain | 1 | cdn3535.shop |
|
Details | Domain | 1 | lashakhazhalia86dancer.com |
|
Details | Domain | 1 | languangjob.com |
|
Details | Domain | 2 | start.zip |
|
Details | Domain | 1 | kostumn1.ilabserver.com |
|
Details | Domain | 1 | mylittlecabbage.net |
|
Details | Domain | 1 | jenniferwelsh.com |
|
Details | Domain | 1 | rtattack.baqebei1.online |
|
Details | Domain | 1 | oazevents.com |
|
Details | 1 | rechtsanwalt@ra-silberkuhl.com |
||
Details | File | 18 | data.zip |
|
Details | File | 2 | am.exe |
|
Details | File | 2 | ma.exe |
|
Details | File | 24 | cl.exe |
|
Details | File | 1 | fix.msi |
|
Details | File | 1 | fix.vbs |
|
Details | File | 1 | inkpad3.dll |
|
Details | File | 14 | c.txt |
|
Details | File | 2 | start.zip |
|
Details | File | 27 | client32.exe |
|
Details | File | 45 | 1.zip |
|
Details | File | 4 | header.png |
|
Details | sha256 | 1 | 9701fec71e5bbec912f69c8ed63ffb6dba21b9cca7e67da5d60a72139c1795d1 |
|
Details | sha256 | 1 | 07e0c15adc6fcf6096dd5b0b03c20145171c00afe14100468f18f01876457c80 |
|
Details | sha256 | 1 | 11909c0262563f29d28312baffb7ff027f113512c5a76bab7c5870f348ff778f |
|
Details | IPv4 | 1 | 91.222.173.113 |
|
Details | Url | 1 | https://cdn3535.shop/1.zip |
|
Details | Url | 1 | https://lashakhazhalia86dancer.com/c.txt |
|
Details | Url | 1 | http://languangjob.com/pandstvx |
|
Details | Url | 1 | https://kostumn1.ilabserver.com/1.zip |
|
Details | Url | 1 | http://mylittlecabbage.net/qhsddxna |
|
Details | Url | 1 | http://mylittlecabbage.net/xcdttafq |
|
Details | Url | 1 | https://jenniferwelsh.com/header.png |
|
Details | Url | 1 | https://rtattack.baqebei1.online/df/tt |
|
Details | Url | 1 | https://oazevents.com/loader.html |