Christmas
Tags
attack-pattern: | Direct Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 |
Common Information
Type | Value |
---|---|
UUID | f3f9310d-3e1f-41f0-b67b-12d5366c2082 |
Fingerprint | e14c9918592e9ec3 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Dec. 20, 2024, midnight |
Added to db | Dec. 21, 2024, 3:44 a.m. |
Last updated | Dec. 23, 2024, 1:14 p.m. |
Headline | Internet Storm Center |
Title | Christmas |
Detected Hints/Tags/Attributes | 23/1/12 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://isc.sans.edu/diary/rss/31538 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 142 | ✔ | SANS Internet Storm Center, InfoCON: green | https://isc.sans.edu/rssfeed_full.xml | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | ip-geolocation.apple.com |
|
Details | Domain | 4 | rdap.arin.net |
|
Details | File | 2 | christmas_slab.pdf |
|
Details | File | 40 | ssh.exe |
|
Details | File | 4 | c:\windows\system32\openssh\ssh.exe |
|
Details | File | 3 | christmas-sale.exe |
|
Details | File | 1 | c:\users\public\christmas-sale.exe |
|
Details | IPv4 | 2 | 17.43.12.31 |
|
Details | IPv4 | 4 | 17.0.0.0 |
|
Details | IPv4 | 1 | 17.255.255.255 |
|
Details | Url | 1 | https://ip-geolocation.apple.com |
|
Details | Url | 1 | https://rdap.arin.net/registry/ip/17.0.0.0 |