Netcat Attack Cases Targeting MS-SQL Servers (LOLBins) - ASEC BLOG
Tags
Common Information
| Type | Value |
|---|---|
| UUID | f5f7df7e-b71d-4805-83cd-700bb36937f0 |
| Fingerprint | b16cba1db9a99c43 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 10, 2023, 9:55 a.m. |
| Added to db | March 10, 2023, 7:25 a.m. |
| Last updated | Dec. 18, 2024, 2:14 p.m. |
| Headline | Netcat Attack Cases Targeting MS-SQL Servers (LOLBins) |
| Title | Netcat Attack Cases Targeting MS-SQL Servers (LOLBins) - ASEC BLOG |
| Detected Hints/Tags/Attributes | 61/2/31 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/49249/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 17 | ✔ | ASEC | https://asec.ahnlab.com/en/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | ccbsec.ccb.fyi |
|
| Details | File | 35 | nc.exe |
|
| Details | File | 2 | d:\db\artifact.exe |
|
| Details | File | 2 | d:\db\git.exe |
|
| Details | File | 2 | d:\db\mimih3.exe |
|
| Details | File | 2 | d:\db\nc64m.exe |
|
| Details | File | 2 | d:\db\rasman.exe |
|
| Details | File | 2 | d:\db\sharpdecryptpwd.exe |
|
| Details | File | 2 | d:\db\info.exe |
|
| Details | File | 2 | d:\db\agent.exe |
|
| Details | File | 2 | rasman.exe |
|
| Details | File | 2 | nc64m.exe |
|
| Details | File | 2226 | cmd.exe |
|
| Details | File | 30 | ftp.exe |
|
| Details | File | 17 | artifact.exe |
|
| Details | File | 14 | git.exe |
|
| Details | File | 2 | mimih3.exe |
|
| Details | File | 9 | sharpdecryptpwd.exe |
|
| Details | File | 13 | info.exe |
|
| Details | File | 48 | agent.exe |
|
| Details | File | 231 | min.js |
|
| Details | md5 | 2 | 7cc986338d60af5f2b0f1a17d5ed0542 |
|
| Details | md5 | 2 | 3cdc614b55c9426a73fcfc194f3c13bc |
|
| Details | md5 | 2 | d16c0494d4ad7cf0c353eafe38985c7d |
|
| Details | md5 | 2 | 844a9d708d3beb530b18d9ed7f3490a3 |
|
| Details | md5 | 2 | 5ffad0ca02a426664249e9b9c0a2a122 |
|
| Details | md5 | 2 | 6ca5c7421c246efeb938eb73d3a93dd0 |
|
| Details | md5 | 2 | 4d3e3dab638640e4995357d6df2ea131 |
|
| Details | md5 | 2 | 21c2d9e1586d7fb7ac6fe8174a966513 |
|
| Details | md5 | 2 | deb07c605672a5b37873c2377cba1c09 |
|
| Details | IPv4 | 3 | 107.175.111.199 |