Mustang Panda - PE Injection through Opera Mail - K7 Labs
Tags
| cmtmf-attack-pattern: | Process Injection |
| country: | Hungary |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Process Injection - T1631 Mshta - T1170 Process Injection - T1055 |
Common Information
| Type | Value |
|---|---|
| UUID | e17ca199-3b9e-4530-855f-4fc0b3d1954c |
| Fingerprint | b2649b0bafb7f24b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 24, 2023, 11:51 a.m. |
| Added to db | April 24, 2023, 2:14 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Mustang Panda – PE Injection through Opera Mail |
| Title | Mustang Panda - PE Injection through Opera Mail - K7 Labs |
| Detected Hints/Tags/Attributes | 24/3/12 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 512 | ✔ | K7 Labs | https://labs.k7computing.com/index.php/feed/ | 2024-08-31 15:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 456 | mshta.exe |
|
| Details | File | 2 | lydwcb.rar |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 2 | operamail.exe |
|
| Details | File | 1 | körjegyzék.rar |
|
| Details | File | 1 | qdhxcqwrggxcbtqndeaejmhl.pdf |
|
| Details | File | 1 | operamail.dll |
|
| Details | File | 1 | opermail.dat |
|
| Details | File | 1 | operamail.dat |
|
| Details | File | 1 | opermail.dll |
|
| Details | md5 | 1 | 821ec39800471963a4ccef10b587b8d6 |
|
| Details | IPv4 | 1 | 45.90.59.39 |