Uncorking Old Wine: Zero-Day from 2017 + Loader in Unholy Alliance

216.73.216.6

Uncorking Old Wine: Zero-Day from 2017 + Loader in Unholy Alliance

· Published 29/04/2024 17:51 · Modified 01/05/2024 23:05

Essential information

Published: 29/04/2024 17:51
Modified: 01/05/2024 23:05
Tags: CVE-2017-8570 apt cobalt strike cobalt strike beacon malicious document ukraine zero-day
Related entities: 6 observables, 8 techniques (mitre), 1 malware, 1 others

Description

An analysis uncovered a suspected malicious campaign targeting entities in Ukraine. The attack employed an old vulnerability from 2017, CVE-2017-8570, as the initial entry vector. The operation utilized a customized loader to deliver the Cobalt Strike Beacon payload. While the specific threat actor behind this activity could not be conclusively determined, the campaign exhibited sophisticated techniques to evade detection and hinder analysis efforts.

External references

https://www.deepinstinct.com/blog/uncorking-old-wine-zero-day-cobalt-strike-loader
https://otx.alienvault.com/pulse/662fde22f452655672ad8aae