Emekçi bir SOC — Investigating Windows 2.0'yi çözelim.
Tags
Common Information
| Type | Value |
|---|---|
| UUID | f3f2883f-5274-4819-9360-df74192aef4a |
| Fingerprint | 9a7d8ebb6d3d135e |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 21, 2023, 9:51 p.m. |
| Added to db | July 22, 2023, 12:28 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Emekçi bir SOC — Investigating Windows 2.0'yi çözelim. |
| Title | Emekçi bir SOC — Investigating Windows 2.0'yi çözelim. |
| Detected Hints/Tags/Attributes | 47/1/42 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 47 | letsdefend.io |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | Domain | 6 | www.pluralsight.com |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 1 | www.bgasecurity.com |
|
| Details | Domain | 6 | hakin9.org |
|
| Details | Domain | 17 | www.varonis.com |
|
| Details | Domain | 1 | www.section.io |
|
| Details | Domain | 768 | www.youtube.com |
|
| Details | File | 40 | procexp64.exe |
|
| Details | File | 1 | wmibackdoor.ps1 |
|
| Details | File | 3 | mim.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 27 | procmon64.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 3 | loki.exe |
|
| Details | File | 9 | nbtscan.exe |
|
| Details | File | 15 | p.exe |
|
| Details | File | 31 | psexesvc.exe |
|
| Details | File | 1 | somethingwindows.dmp |
|
| Details | File | 2 | schtasks-backdoor.ps1 |
|
| Details | File | 2 | xcmd.exe |
|
| Details | File | 5 | c:\users\public\svchost.exe |
|
| Details | File | 1 | en-us.js |
|
| Details | File | 1 | string64.exe |
|
| Details | File | 4 | strings64.exe |
|
| Details | File | 1 | c:\tmp\mim.exe |
|
| Details | File | 1 | mk.ps1 |
|
| Details | File | 2 | mk.exe |
|
| Details | File | 42 | www.pl |
|
| Details | Github username | 35 | neo23x0 |
|
| Details | sha1 | 2 | 4d5a90000300000004000000ffff0000b8000000 |
|
| Details | Url | 1 | https://docs.microsoft.com/en-us/windows-server/identity/ad-ds |
|
| Details | Url | 2 | https://www.pluralsight.com |
|
| Details | Url | 2 | https://github.com/neo23x0/loki |
|
| Details | Url | 1 | https://www.bgasecurity.com/etiket/loki-scanner |
|
| Details | Url | 1 | https://hakin9.org/loki-simple-ioc-and-incident-response-scanner |
|
| Details | Url | 1 | https://www.varonis.com/blog/yara-rules |
|
| Details | Url | 1 | https://www.section.io/engineering-education/getting-started-with-yara-for-malware-analysis |
|
| Details | Url | 1 | https://www.youtube.com/watch?v=di5zv_vgjc0 |
|
| Details | Url | 1 | https://www.youtube.com/watch?v=35exd9grr5i |
|
| Details | Windows Registry Key | 9 | HKCU\Environment\UserInitMprLogonScript |