Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks - RedPacket Security
Tags
cmtmf-attack-pattern: Code Injection
attack-pattern: Data Code Injection - T1540 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Powershell - T1059.001 Software - T1592.002 Web Service - T1481 Vulnerabilities - T1588.006 Powershell - T1086 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID fc740291-1049-4a66-b3f2-02da15c13781
Fingerprint 8543afd3c337c689
Analysis status DONE
Considered CTI value 1
Text language
Published Nov. 10, 2023, 5:04 a.m.
Added to db Nov. 10, 2023, 7:22 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Title Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks - RedPacket Security
Detected Hints/Tags/Attributes 40/2/7
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/microsoft-sysaid-zero-day-flaw-exploited-in-clop-ransomware-attacks/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 31 
cve-2023-47246
Details File 131 
spoolsv.exe
Details File 269 
msiexec.exe
Details File 1122 
svchost.exe
Details File 22 
user.exe
Details File 11 
wrapper.exe
Details Threat Actor Identifier - FIN 127 
FIN11