top of page
Talos Blog || Cisco Talos Intelligence Group - Comprehensive ...
C45-2020-10-14-6
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKCU\Software\Classes\ms-settings\shell\open\command or HKCU\Software\Classes\mscfile\shell\open\command to launch the PowerShell payload so that the payload is executed indirectly by launching either | 14/10/2020 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office | 14/10/2020 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Office | 14/10/2020 | Win_Registry |
CVE-2017-8464 | 14/10/2020 | CVE |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Wow6432Node\Software\Microsoft\Office | 14/10/2020 | Win_Registry |
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office | 14/10/2020 | Win_Registry |
9e0c65e28bf2539966364468a5fba8bf8bbcbc76b84aa37348b3bad19047c73a | 14/10/2020 | SHA-256 |
27040edd4917b6963f89d1d80073d20713dcea439a5b0f9a0cdaca655c1b4322 | 14/10/2020 | SHA-256 |
CVE-2017-8570 | 14/10/2020 | CVE |
CVE-2017-0144 | 14/10/2020 | CVE |
605ac25ebe8ab41ba291b467281e4f361e87df26fb0085636060d4972725958d | 14/10/2020 | SHA-256 |
bottom of page