BelialDemon 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (22)

タイムライン

言語

en22

国・地域

tt8

アクター

BelialDemon1

アクティビティ

関心

タイムライン

タイプ

Not Defined16
Packet Analyzer Software2

ベンダー

Not Defined8
Tenda4
Aviatrix2
Star2
United Planet2

製品

WPG Plugin2
Wireshark2
Tenda Tenda W30E2
Aviatrix Controller2
Tenda W30E2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1SonicBOOM riscv-boom 特権昇格5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000550.00CVE-2020-29561
2United Planet Intrexx Professional クロスサイトスクリプティング4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000890.00CVE-2020-24188
3Huawei Mate 20 Digital Balance 特権昇格3.93.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000580.00CVE-2020-1831
4Aviatrix Controller Web Interface 未知の脆弱性5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000530.04CVE-2020-13416
5Tenda Tenda W30E NatStaticSetting メモリ破損6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.000750.00CVE-2022-45516
6Tenda W30E CertListInfo メモリ破損5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000750.00CVE-2022-45525
7thinkphp-bjyblog AdminBaseController.class.php exit クロスサイトスクリプティング4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000780.00CVE-2021-43682
8WPG Plugin メモリ破損8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.013670.00CVE-2021-27362
9ownCloud 特権昇格6.86.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001030.00CVE-2020-28645
10Star Practice Management Web WIP Detail 特権昇格4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000650.00CVE-2020-28401
11Microsoft .NET Framework XML サービス拒否6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.004100.00CVE-2018-0764
12Wireshark Dissection Engine サービス拒否4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.003340.00CVE-2020-26419
13Sympa SOAP API authenticateAndRun 特権昇格6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002660.00CVE-2020-29668
14Symantec Messaging Gateway Web UI 情報の漏洩4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000650.02CVE-2020-12595
15Google Chrome Omnibox 弱い認証6.46.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.005420.00CVE-2020-6565
16osTicket ajax.draft.php _uploadInlineImage クロスサイトスクリプティング5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000780.00CVE-2020-24917
17uppy Package 特権昇格7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.003270.00CVE-2020-8205

キャンペーン (1)

These are the campaigns that can be associated with the actor:

  • Matanbuchus

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
134.94.151.129129.151.94.34.bc.googleusercontent.comBelialDemonMatanbuchus2021年08月29日verified
2XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxxXxxxxxxxxxx2021年08月29日verified
3XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxxXxxxxxxxxxx2021年08月29日verified

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1059.007CAPEC-209CWE-79Cross Site Scriptingpredictive
2TXXXXCAPEC-CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
3TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
4TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (7)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/goform/CertListInfopredictive
2File/goform/NatStaticSettingpredictive
3Filexxxxxxxxxxxxxxxxxxx.xxxxx.xxxpredictive
4Filexxxxxxx/xxxx.xxxxx.xxxpredictive
5Argumentxxxxxxxxxxpredictive
6Argumentxxxxpredictive
7Argumentxxxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Might our Artificial Intelligence support you?

Check our Alexa App!