Armageddon 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (10)

言語

en	10

国・地域

cn	8
us	2

アクター

Armageddon	1

関心

タイプ

Not Defined	6
Smartphone Operating System	2

ベンダー

Not Defined	4
Google	2
SalesAgility	2

製品

OpenResty	4
Google Android	2
SalesAgility SuiteCRM	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CTI	CVE
1	OpenResty ngx.req.get_post_args SQLインジェクション	8.5	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00637	0.00	CVE-2018-9230
2	SalesAgility SuiteCRM SQLインジェクション	8.5	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00359	0.00	CVE-2019-6506
3	Tencent RapidJSON stream.h Peek メモリ破損	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	0.02	CVE-2018-11125
4	netkit Telnet telnetd utility.c メモリ破損	9.8	9.8	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.83252	0.04	CVE-2020-10188
5	OpenResty API ngx_http_lua_subrequest.c 特権昇格	7.4	7.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00580	0.05	CVE-2020-11724
6	POCO C++ Libraries verify 弱い暗号化	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00077	0.00	CVE-2014-0350
7	POCO C++ Libraries Compression ZipCommon.cpp isValidPath ディレクトリトラバーサル	5.9	5.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00283	0.04	CVE-2017-1000472
8	Google Android Qualcomm msm_dba_register_client 特権昇格	6.5	6.3	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00074	0.03	CVE-2017-8277

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	Identified	タイプ	信頼度
1	66.42.95.123	66.42.95.123.vultrusercontent.com	Armageddon	2022年07月30日	verified	高
2	XX.XX.XXX.XXX	xxxxxxxx.xxxxxxx.xx	Xxxxxxxxxx	2022年07月30日	verified	高
3	XXX.XX.XXX.XXX	xxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xx	Xxxxxxxxxx	2022年07月30日	verified	高
4	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	2022年07月30日	verified	高

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	高
2	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
3	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高
4	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	高

IOA - Indicator of Attack (4)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	ngx_http_lua_subrequest.c	predictive	高
2	File	xxxxxx.x	predictive	中
3	File	xxxxxxx.x	predictive	中
4	File	xxx/xxx/xxxxxxxxx.xxx	predictive	高

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!