Bronze Silhouette 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

タイムライン

言語

en910
zh18
de18
ru16
es12

国・地域

us976
cn20
de2

アクター

RedLine Stealer4
Bronze Silhouette2
AsyncRAT1
NjRAT1
Venom RAT1

アクティビティ

関心

タイムライン

タイプ

Not Defined162
Operating System22
Content Management System20
Programming Language Software18
Forum Software14

ベンダー

Not Defined114
Cisco18
Oracle12
Apple12
Microsoft10

製品

Microsoft Windows8
Pearlinger Products6
Linux Kernel6
PHPWind4
PHP4

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000004.18
2DZCP deV!L`z Clanportal config.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.44CVE-2010-0966
3FLDS redir.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.002030.10CVE-2008-5928
4Bitrix Site Manager redirect.php 特権昇格5.34.7$0-$5k$0-$5kUnprovenUnavailable0.001130.00CVE-2008-2052
5Tiki Admin Password tiki-login.php 弱い認証8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009364.32CVE-2020-15906
6My Link Trader out.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.05
7SAS Web Report Studio javascript: URL logonAndRender.do クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000890.00CVE-2022-25256
8Vunet VU Web Visitor Analyst redir.asp SQLインジェクション7.37.1$0-$5k$0-$5kHighWorkaround0.001190.15CVE-2010-2338
9Serendipity exit.php 特権昇格6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.20
10OpenX adclick.php Redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.004400.51CVE-2014-2230
11vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001060.04CVE-2018-6200
12Microsoft Windows Roaming Security Rights Management Services Remote Code Execution8.17.4$100k 以上$5k-$25kUnprovenOfficial Fix0.003780.06CVE-2022-21974
13GetSimpleCMS index.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001230.00CVE-2019-9915
14PHPWind goto.php Redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.003480.25CVE-2015-4134
15Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.00CVE-2021-43943
16Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.018710.21CVE-2007-2046
17Atlassian JIRA Server/Data Center Thread Contention/CPU Monitoring Service ViewInstrumentation.jspa 未知の脆弱性4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000740.00CVE-2021-43953
18Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k計算中HighWorkaround0.020160.00CVE-2007-1192
19vu Mass Mailer Login Page redir.asp SQLインジェクション7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002380.11CVE-2007-6138
20Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation8.17.4$100k 以上$5k-$25kUnprovenOfficial Fix0.000430.02CVE-2022-24507

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
123.227.198.24723-227-198-247.static.hvvc.usBronze Silhouette2024年02月23日verified
2XXX.XXX.XX.XXXxx.xxxx.xxxxxxx.xx.xxxxxxx.xxxXxxxxx Xxxxxxxxxx2024年02月23日verified
3XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx2024年02月23日verified

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22, CWE-23Path Traversalpredictive
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CAPEC-242CWE-94Argument Injectionpredictive
5TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
9TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
11TXXXXCAPEC-CWE-XXXXxxxxxxxxx Xxxxxxpredictive
12TXXXXCAPEC-108CWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
14TXXXXCAPEC-CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
15TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
16TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictive
17TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
18TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
19TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
20TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (304)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin/general.cgipredictive
2File/admin/reminders/manage_reminder.phppredictive
3File/CCMAdmin/serverlist.asppredictive
4File/cgi/get_param.cgipredictive
5File/crmeb/app/admin/controller/store/CopyTaobao.phppredictive
6File/crmeb/crmeb/services/UploadService.phppredictive
7File/csms/admin/inquiries/view_details.phppredictive
8File/cstecgi.cgipredictive
9File/files.md5predictive
10File/forum/away.phppredictive
11File/hrm/employeeview.phppredictive
12File/images/predictive
13File/include/chart_generator.phppredictive
14File/librarian/bookdetails.phppredictive
15File/loginpredictive
16File/messageboard/view.phppredictive
17File/modules/profile/index.phppredictive
18File/one_church/userregister.phppredictive
19File/out.phppredictive
20File/owa/auth/logon.aspxpredictive
21File/public/plugins/predictive
22File/SAP_Information_System/controllers/add_admin.phppredictive
23File/SASWebReportStudio/logonAndRender.dopredictive
24File/secure/admin/InsightDefaultCustomFieldConfig.jspapredictive
25File/secure/admin/ViewInstrumentation.jspapredictive
26File/SVFE2/pages/feegroups/country_group.jsfpredictive
27File/textpattern/index.phppredictive
28File/upfile.cgipredictive
29File/v2/quantum/save-data-upload-big-filepredictive
30File/wordpress/wp-admin/admin.phppredictive
31File4.edu.phppredictive
32Fileaccount_footer.phppredictive
33Fileadclick.phppredictive
34Fileadd_edit_cat.asppredictive
35Fileadd_edit_user.asppredictive
36Fileadmin.cropcanvas.phppredictive
37Filexxxxx.xxxxxxxxx.xxxpredictive
38Filexxxxx/xxxxxxxxxxx.xxxpredictive
39Filexxxxx/xxxx_xxxxxxxx.xxxpredictive
40Filexxxxx/xxxxx.xxxpredictive
41Filexxxxx/xxxxxxxxxxxxx.xxxpredictive
42Filexxxxxxxxxxxxxxxx.xxxpredictive
43Filexxxxxxxxxxx.xxxpredictive
44Filexxxxxxxxxxx.xxxpredictive
45Filexxxx_xxxx_xxxxxxxx.xxxpredictive
46Filexx_xxxxxxxxxx.xxxpredictive
47Filexxx/xxxxxx/xxxx_xxxxxx.xxxpredictive
48Filexxxxxxxxxxxxxx.xxxpredictive
49Filexxxxxxxx.xxxxxxx.xxxpredictive
50Filexx_xxxxx_xxxxx.xxxpredictive
51Filexx_xxxx.xxxpredictive
52Filexxx_xxxxxxxxx.xxxpredictive
53Filex:\xxxxpredictive
54Filexxxxxx/xxxxx/xxxxx.xxxpredictive
55Filexxxx_xxxxxxx.xxxpredictive
56Filexxxxxxxx.xxxpredictive
57Filexxxxxxxx.xxxpredictive
58Filexxx-xxx/xxxxxxxxxxxx.xxxpredictive
59Filexxx-xxx/xxxxxxxxxxxx.xxx/xxxxxxxxxxxxpredictive
60Filexxx-xxx/xxx/xxxxxxxx_xxx.xxxpredictive
61Filexxxxxxxxxxx.xxxpredictive
62Filexxxxx.xxxxx.xxxpredictive
63Filexxxxx/xxxxx_xxxxxx.xxxpredictive
64Filexxxxxxxxxx_xxxxx.xxxpredictive
65Filexxxxx_xx_xxxxxxxxx.xxxpredictive
66Filexxxxx_xxxx.xxxpredictive
67Filexxxxx.xxxpredictive
68Filexxx.xxx?xxx=xxxxx_xxxxpredictive
69Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictive
70Filexxxxxxx.xxxpredictive
71Filexxxxxxxxxx.xxxpredictive
72Filexxxxxxxxxxxxxxxxxxx.xxpredictive
73Filexxxxxxxxx.xxxpredictive
74Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
75Filexx.xxxpredictive
76Filexxxxxxx.xxxpredictive
77Filexxxxxx.xxxpredictive
78Filexxxxxx.xxxpredictive
79Filexxxxxxxx.xxxpredictive
80Filexxxxxxxxxx-xxxxxxxxxxxxx.xxxpredictive
81Filexxxxxxx/xxxxx/xxxxx.xpredictive
82Filexxxxx.xxxpredictive
83Filexxxxx.xxxpredictive
84Filexxxx.xxxpredictive
85Filexxxxxxxx.xxxpredictive
86Filexxxxxxxx.xxxpredictive
87Filexxxxxxxxx.xxxpredictive
88Filexxxxxx.xxxxpredictive
89Filexxxx.xxxpredictive
90Filexxxx.xxxpredictive
91Filexxxx_xxxxxxx.xxx.xxxpredictive
92Filexxxxxxxxxx.xxxpredictive
93Filexxxxx_xxxxxx.xxxpredictive
94Filexxxxxxxxx.xxxpredictive
95Filexxx/xxxxxxxx.xxxpredictive
96Filexxx/xxxxxx.xxxpredictive
97Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictive
98Filexxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictive
99Filexxxxxxx.xxxpredictive
100Filexxxxxxx/xxxx.xxxpredictive
101Filexxxxxxxx/xxxx.xxxpredictive
102Filexxxxx.xxxpredictive
103Filexxxx.xxxxpredictive
104Filexxxxxxxxxxxxx.xxxpredictive
105Filexxxxxx/xxxx/xxxxxx_xxx.xxxpredictive
106Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictive
107Filexxxx_xxxx.xxxpredictive
108Filexxx.xxxxpredictive
109Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictive
110Filexxxx/xx.xxxpredictive
111Filexxxxxx.xxxpredictive
112Filexxxxx.xxxxpredictive
113Filexxxxx.xxxpredictive
114Filexxxxx.xxxxpredictive
115Filexxxxx_xxxxxxx.xxxpredictive
116Filexxx_xxxxxxxx.xxxpredictive
117Filexxx/xxxx_xxx.xxxpredictive
118Filexxxxxxx/xxx.xxxpredictive
119Filexxx/xxxxxxxxx/xx_xxx_xxxxxx.xpredictive
120Filexxx.xxxpredictive
121Filexxxxxx_xx.xxxpredictive
122Filexxx/xxxxx.xxxxpredictive
123Filex-xxxx.xxxpredictive
124Filexxxx.xxxxxxxxx.xxxpredictive
125Filexxxxxxxxx.xxx.xxxpredictive
126Filexxxxxx.xxxpredictive
127Filexxxx.xxxpredictive
128Filexxxx.xxxpredictive
129Filexxxxx/xxxxxxx.xxxpredictive
130Filexxxxxxxxx/xxxxxxxxxxxxxx.xxxxpredictive
131Filexxxxx.xxxpredictive
132Filexxxxx.xxxpredictive
133Filexxxxxxxx.xxxpredictive
134Filexxxxxxxxxx.xxxpredictive
135Filexxxxxxxx.xxxpredictive
136Filexxxxxxxx.xxxpredictive
137Filexxxxxxxx_xxxxxxxxxxxx_xxxxxx.xxpredictive
138Filexxxxxxxx_xxxx.xxxpredictive
139Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictive
140Filexxxxxx.xxxpredictive
141Filexxxxxxxx.xpredictive
142Filexx_xxxx.xpredictive
143Filexxxx_xxxx_xxxxxx.xxxpredictive
144Filexxxxxx.xxxpredictive
145Filexxxxxx.xxxpredictive
146Filexxxx/xxxxxxx/xxxxxxxxxxxxx_xxx.xxxpredictive
147Filexxxxxx.xxxxpredictive
148Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictive
149Filexxxx.xxxpredictive
150Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictive
151Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictive
152Filexxxxxxxxxxx.xxxpredictive
153Filexxxxxxx.xxxpredictive
154Filexxx/xxx/xxxxxxx/xxxx.xxxpredictive
155Filexxxxx_xxxxx.xxxpredictive
156Filexxxxxxxxxxxxxxxx.xxxpredictive
157Filexxxx-xxxxx.xxxpredictive
158Filexxxx-xxxxxxxx.xxxpredictive
159Filexxxxx.xxpredictive
160Filexxxxx.xxxpredictive
161Filexxxxxx.xxxpredictive
162Filexxxx.xxxpredictive
163Filexxxxx-xxxxxxxx-xxxxx-xxxxxxxxxxx-xxx-xxxxx.xxxpredictive
164Filexxxx/xxx/xxxx-xxxxx.xxxpredictive
165Filexxxxx.xxxxpredictive
166Filexxxxxxxxx.xxxxpredictive
167Filexxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictive
168Filexxxxxxx.xxxpredictive
169Filexx-xxxxx/xxxxx.xxxpredictive
170Filexx.xxxpredictive
171Filexxxxxxxxxxxx.xxxpredictive
172File~/xxxxx-xxxxx.xxxpredictive
173File~/xxxxxxxx-xxxxxxxx.xxxpredictive
174Libraryxxxxxx[xxxxxx_xxxxpredictive
175Libraryxxxxxx.xxxxxxxxx.xxxxxxx.xxxxx_xxxxx.xxxpredictive
176Libraryxxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxx.xxxpredictive
177Libraryxxxxxxxx.xxxpredictive
178Library~/xxx/xxxxx-xxxxxxxx-xxxxxxxxxx.xxxpredictive
179Argument$_xxxxxxpredictive
180Argumentxxx_xxxxpredictive
181Argumentxxxxxpredictive
182Argumentxx_xxpredictive
183Argumentxxxxxxpredictive
184Argumentxxpredictive
185Argumentxxx_xxpredictive
186Argumentxxpredictive
187Argumentxxpredictive
188Argumentxxxxxxxxpredictive
189Argumentxxxxxxxxpredictive
190Argumentxxxxxpredictive
191Argumentxxxxpredictive
192Argumentxxxx_xxx_xxxxpredictive
193Argumentxxxpredictive
194Argumentxxxxxxxxxxpredictive
195Argumentxxxxxxxx_xxxxpredictive
196Argumentxxx_xxpredictive
197Argumentxx_xxxxxxpredictive
198Argumentxxxpredictive
199Argumentxxxxpredictive
200Argumentxxxx_xxpredictive
201Argumentxxxxxxxxxxpredictive
202Argumentxxxxxx[xxxxxx_xxxx]predictive
203Argumentxxxxxxpredictive
204Argumentxxxx_xxpredictive
205Argumentxxxxxxxxxxxxpredictive
206Argumentxxxpredictive
207Argumentxxxxxxxxpredictive
208Argumentxxxxxpredictive
209Argumentxxxxpredictive
210Argumentxxxxxxxxxxxxxxxpredictive
211Argumentxxxxx_xxxx_xxxxpredictive
212Argumentxxxxxxx=xxxxxxxxpredictive
213Argumentxxxxpredictive
214Argumentxxxxxxxpredictive
215Argumentxxxxxxx_xxxxxxxpredictive
216Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictive
217Argumentxxxxxxxxpredictive
218Argumentxxxxpredictive
219Argumentxxpredictive
220Argumentxx/xx_xxxxxx_xxxx/xx_xxxx_xxxxxxpredictive
221Argumentxxxxxxxxxpredictive
222Argumentxx_xxxxxpredictive
223Argumentxxxxxpredictive
224Argumentxxxxx_xxxxpredictive
225Argumentxxxxxxpredictive
226Argumentxxxx_xxpredictive
227Argumentxxxxpredictive
228Argumentxxxxxxxx_xxxpredictive
229Argumentxxx_xxxpredictive
230Argumentxxxxxxxpredictive
231Argumentxxxpredictive
232Argumentxxxxpredictive
233Argumentxxxxxxxpredictive
234Argumentxxx_xxxx_xxxxpredictive
235Argumentxxxxxxxxxxpredictive
236Argumentxxxpredictive
237Argumentxx_xxxxpredictive
238Argumentxxx/xxxxxxxxxpredictive
239Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictive
240Argumentxxxxxpredictive
241Argumentxxxxxxx_xxxxpredictive
242Argumentxxxxpredictive
243Argumentxxxx/xxxxxxxx/xxx/xxx/xxxxxxxx/xxxxxxxpredictive
244Argumentxxxxxxx_xxpredictive
245Argumentxxxxxx xxxxxxpredictive
246Argumentxxxxpredictive
247Argumentxxx_xxx[]predictive
248Argumentxxxxxxxxpredictive
249Argumentxxxx_xxxxxpredictive
250Argumentxxxx_xx_xx_xxxpredictive
251Argumentxxxxxxxpredictive
252Argumentxxxxxxxxxxxxxpredictive
253Argumentxxxxxxxxxpredictive
254Argumentxxxxx_xxxx_xxxxpredictive
255Argumentxxxxxpredictive
256Argumentxxxxpredictive
257Argumentxx_xxxxpredictive
258Argumentxx_xxxxpredictive
259Argumentxxxxxxpredictive
260Argumentxxxxxxx_xxpredictive
261Argumentxxxxxpredictive
262Argumentxxxxxxxxpredictive
263Argumentxxxxxxxxxxpredictive
264Argumentxxxxxpredictive
265Argumentxxxxxxx_xxpredictive
266Argumentxxxxxxxxxxpredictive
267Argumentxxxxxxxpredictive
268Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictive
269Argumentxxxpredictive
270Argumentxxxxxxpredictive
271Argumentxxxpredictive
272Argumentxxxxxx_xxxpredictive
273Argumentxxxx_xxxxpredictive
274Argumentxxxxxxxpredictive
275Argumentxxxxxx_xxpredictive
276Argumentxxxxxxx_xxpredictive
277Argumentxxxxxxpredictive
278Argumentxx_xxxxx_xxxx_xxxxpredictive
279Argumentxxpredictive
280Argumentxxxxxxxxxpredictive
281Argumentxxxxxxxpredictive
282Argumentxxxxxxxxxxpredictive
283Argumentx_xxpredictive
284Argumentxxxxxxxxxpredictive
285Argumentxxxxxxxxxx_xxpredictive
286Argumentxxxxxxxx-xxxxxxxxpredictive
287Argumentxxxxpredictive
288Argumentxxxx_xxpredictive
289Argumentxxxpredictive
290Argumentxxxpredictive
291Argumentxxxx.xxxxxpredictive
292Argumentxxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxxpredictive
293Argumentxxxxxxpredictive
294Argumentxxxxxxxxpredictive
295Argumentxxxx_xxpredictive
296Argumentxx_xxxxpredictive
297Argument_xxxxxxxpredictive
298Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictive
299Input Value..predictive
300Input Valuex%xxxxxxx%xxxxxxxx%xxx,xxxxxx_xx%xxxxxx,xx_xxxxxxx,xxxxxxxx%xx,x,x,x,x,x,x,x,xx,xx,xx,xx,xx,xx,xx,xx,xx%xxxxxx%xxxxxxxxxx%xxxxxxx%xxxx%xxxpredictive
301Input Value<xxx%xxxxx='xxxx://xxx.xxxx.xx/xxxx.xxx'%xxxxxxx='xxxxxx:%xxxxx%xxxxxxx%xxxxxxx;'>predictive
302Input Value\xxx../../../../xxx/xxxxxxpredictive
303Patternxxxxxxx-xxxx|xx| xxxx/xxxxpredictive
304Patternxxxx /xpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you need the next level of professionalism?

Upgrade your account now!