Today > | 7 High | 22 Medium | 6 Low vulnerabilities   -   You can now download lists of IOCs here!

Uncorking Old Wine: Zero-Day from 2017 + Loader in Unholy Alliance

May 1, 2024, 11:05 p.m.

Description

An analysis uncovered a suspected malicious campaign targeting entities in Ukraine. The attack employed an old vulnerability from 2017, CVE-2017-8570, as the initial entry vector. The operation utilized a customized loader to deliver the Cobalt Strike Beacon payload. While the specific threat actor behind this activity could not be conclusively determined, the campaign exhibited sophisticated techniques to evade detection and hinder analysis efforts.

Date

Published: April 29, 2024, 5:51 p.m.

Created: April 29, 2024, 5:51 p.m.

Modified: May 1, 2024, 11:05 p.m.

Indicators

b0b762106c22e44f7acaa3177baabd64ea28990d16672e1f902b53f49b2027c4

976f57442452cd54cada011c565ada0c01f5b1460e31ee6cea330d210d3e8f50

0bc0e9410f4a9703ff0b5af7ec9383a1cc929572ade09fbd2c69ed2ae1486939

109.107.178.241

weavesilk.space

petapixel.fun

Attack Patterns

Cobalt Strike Beacon

T1218.010

T1027.002

T1547.001

T1059.007

T1573

T1057

T1055

T1566

Additional Informations

Ukraine