Cập nhật 'nhẹ' về lỗ hổng bảo mật 0day Microsoft Exchange đang được sử dụng để tấn công các tổ chức tại Việt Nam
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID f0bdba1e-aabd-41c4-ae0a-27cee163b954
Fingerprint 330912c5eb873cf5
Analysis status DONE
Considered CTI value 2
Text language
Published March 3, 2021, 4:14 p.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 17, 2024, 5:56 p.m.
Headline
Title Cập nhật 'nhẹ' về lỗ hổng bảo mật 0day Microsoft Exchange đang được sử dụng để tấn công các tổ chức tại Việt Nam
Detected Hints/Tags/Attributes 20/1/36
Source URLs
Redirection Url
Details Source https://gteltsc.vn/blog/cap-nhat-nhe-ve-lo-hong-bao-mat-0day-microsoft-exchange-dang-duoc-su-dung-de-tan-cong-cac-to-chuc-tai-viet-nam-9685.html
URL Provider
Details Provider Source level domain
Details gteltsc.vn gteltsc.vn
Attributes
Details Type #Events CTI Value
Details CVE 184 
cve-2021-26855
Details CVE 90 
cve-2021-26857
Details CVE 92 
cve-2021-26858
Details Domain 285 
microsoft.net
Details Domain 34 
msrc-blog.microsoft.com
Details File 15 
x.js
Details File 6 
y.js
Details File 1 
z.js
Details File 1 
sbs_clrhost.dll
Details File 1 
c:\program files\common files\microsoft shared\wmi\iiswmi.dll
Details File 1 
c:\program files\common files\system\websvc.dll
Details File 3 
util.config
Details File 89 
version.dll
Details File 6 
aspnet_client.aspx
Details File 1 
errorv.aspx
Details File 1 
access.aspx
Details File 1 
iisvmi.dll
Details File 1 
websvc.dll
Details File 1 
mới.dll
Details sha1 1 
286f877dad9e7cecc69a0fa30de582de910a1e6e
Details sha1 1 
c3fa8f4b7a2d84e1a54a2dc973985c76652bbcf2
Details sha1 1 
3ed18fbe06d6ef2c8332db70a3221a00f7251d55
Details sha1 1 
c8675c1578d3fdd22cbb0f64340258bcfdd5743f
Details sha1 1 
3399681cfd6f7f2a270d9a543021ed9b93e85675
Details sha1 1 
1ee063a2b7b29334e7388b621ae8b37dd2488210
Details IPv4 619 
0.0.0.0
Details IPv4 6 
167.99.168.251
Details IPv4 4 
185.220.101.204
Details IPv4 3 
162.247.72.199
Details IPv4 2 
194.156.98.191
Details IPv4 2 
202.182.100.134
Details IPv4 2 
109.70.100.55
Details IPv4 2 
185.220.101.18
Details IPv4 2 
193.36.119.144
Details Url 2 
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server
Details Url 3 
https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities