Network traffic detected: HTTP traff ic on port 62563 -> 49174 Network traffic detected: HTTP traff ic on port 49174 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49173 Network traffic detected: HTTP traff ic on port 49173 -> 62563 Network traffic detected: HTTP traff ic on port 62563 -> 49172 Network traffic detected: HTTP traff ic on port 49172 -> 62563
Network traffic detected: HTTP traff ic on port 62563 -> 49171 Network traffic detected: HTTP traff ic on port 49171 -> 62563
Uses known network protocols on non-standard ports Source: unknown Yara detected Microsoft Office Exploit Follina / CVE-2022-30190Ĭ:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.M SO\42A30EF B.htmĬ:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.I E5\ZAE7RW1 P\exploit.htm C:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.M SO\6B087DC 1.htmĮXPL_Follina_CVE_2022_30190_Msdt_MSProtocolURI_May22ĭetects the malicious usage of the ms-msdt URI as seen in CVE-2022-30190 / Follina exploitation
0 kommentar(er)
