Brunei Darussalam Unknown 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (651)

タイムライン

言語

en434
ja134
zh64
jp12
de4

国・地域

us304
cn116
jp108
gb56
in18

アクター

Conficker1

アクティビティ

関心

タイムライン

タイプ

Not Defined190
Router Operating System30
Operating System28
Web Browser24
Content Management System22

ベンダー

Not Defined190
Microsoft50
Apache28
Oracle24
Cisco22

製品

Google Chrome16
Microsoft Windows16
Juniper Junos OS14
Jenkins10
SMA Solar Technology Solar System8

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Juniper Junos OS Routing Engine サービス拒否7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000780.00CVE-2023-22396
2libxml2 buf.c メモリ破損6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001500.00CVE-2022-29824
3libexpat storeRawNames メモリ破損5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.014220.02CVE-2022-25315
4CGI Script printenv 情報の漏洩5.35.2$0-$5k$0-$5kNot DefinedWorkaround0.000000.02
5Apache Log4j Lookup サービス拒否6.46.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.966250.04CVE-2021-45105
6myStickymenu Plugin Bar Text Setting クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000580.00CVE-2021-24425
7Microsoft IIS クロスサイトスクリプティング5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.13CVE-2017-0055
8Foxit PDF Reader exportXFAData Local Privilege Escalation5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.07CVE-2023-27363
9Juniper Junos OS/Junos OS Evolved BGP Update Message サービス拒否7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000460.02CVE-2023-0026
10ModSecurity Web Application Firewall 特権昇格5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001750.00CVE-2023-24021
11JSON5 Strings parse Privilege Escalation6.86.8$0-$5k$0-$5kNot DefinedOfficial Fix0.005710.09CVE-2022-46175
12GNU glibc getcwd メモリ破損8.38.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2021-3999
13GNU C Library sunrpc Module svcunix_create メモリ破損5.65.6$0-$5k$0-$5kNot DefinedNot Defined0.009130.00CVE-2022-23218
14zlib Header inflate.c inflateGetHeader メモリ破損7.77.6$0-$5k$0-$5kNot DefinedOfficial Fix0.003410.07CVE-2022-37434
15Google Chrome V8 特権昇格7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.005200.00CVE-2022-4262
16Adobe Acrobat Reader 特権昇格7.06.9$25k-$100k$0-$5kNot DefinedOfficial Fix0.001460.00CVE-2022-34221
17Apache Shiro Spring Dynamic Controller 弱い認証8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.007340.00CVE-2020-11989
18OpenSSL c_rehash 特権昇格5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.106490.00CVE-2022-1292
19Oracle WebLogic Server Web Container 情報の漏洩7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.962870.02CVE-2022-21371
20IBM DB2 特権昇格6.76.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000760.00CVE-2021-29678

IOC - Indicator of Compromise (43)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
15.182.197.0Brunei Darussalam Unknown2023年02月06日verified
243.225.40.0Brunei Darussalam Unknown2023年02月06日verified
343.225.136.0Brunei Darussalam Unknown2023年02月06日verified
443.251.128.0Brunei Darussalam Unknown2023年02月06日verified
545.126.140.0Brunei Darussalam Unknown2023年02月06日verified
645.127.140.0Brunei Darussalam Unknown2023年02月06日verified
757.73.152.0Brunei Darussalam Unknown2023年02月06日verified
857.92.48.0Brunei Darussalam Unknown2023年02月06日verified
958.97.144.0Brunei Darussalam Unknown2023年02月06日verified
10XX.X.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
11XXX.X.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
12XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
13XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
14XXX.XX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
15XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
16XXX.XX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
17XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
18XXX.XXX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
19XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
20XXX.XXX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
21XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
22XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
23XXX.XXX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
24XXX.XXX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
25XXX.X.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
26XXX.XX.X.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
27XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
28XXX.XXX.X.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
29XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
30XXX.X.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
31XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
32XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
33XXX.XXX.X.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
34XXX.XX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
35XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
36XXX.XX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
37XXX.XX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
38XXX.XX.XXX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
39XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
40XXX.XXX.X.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
41XXX.XXX.XX.XXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
42XXX.XXX.XXX.Xxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified
43XXX.XXX.XXX.Xxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx Xxxxxxx2023年02月06日verified

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22, CWE-23Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94, CWE-1321Argument Injectionpredictive
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary Privilegespredictive
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
8TXXXXCAPEC-0CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
9TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
10TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
11TXXXXCAPEC-102CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
12TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
13TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
14TXXXX.XXXCAPEC-0CWE-XXXXxxxxxxx Xxxxxx Xxxxpredictive
15TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
16TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
17TXXXX.XXXCAPEC-0CWE-XXXxxxxxxxxxxxxpredictive
18TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
19TXXXX.XXXCAPEC-0CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
20TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
21TXXXXCAPEC-0CWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (176)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File.htaccesspredictive
2File/admin.php?p=/Area/index#tab=t2predictive
3File/api/v1/terminal/sessions/?limit=1predictive
4File/apiclient/ember/index.jsppredictive
5File/Application/Admin/Controller/ConfigController.class.phppredictive
6File/bin/boapredictive
7File/cimompredictive
8File/etc/sysconfig/tomcatpredictive
9File/forum/away.phppredictive
10File/getcfg.phppredictive
11File/goformpredictive
12File/login/index.phppredictive
13File/mgmt/tm/util/bashpredictive
14File/printerspredictive
15File/SASWebReportStudio/logonAndRender.dopredictive
16File/src/dede/makehtml_js_action.phppredictive
17File/sysmanage/edit_manageadmin.phppredictive
18File/uncpath/predictive
19File/viewer/krpano.htmlpredictive
20File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictive
21File/_xxx_xxx/xxxxxx.xxxpredictive
22Filexxxxxxxxxxxxx.xxxxpredictive
23Filexxxxxxx.xxxpredictive
24Filexxxxxxxxx.xxxpredictive
25Filexxxxx.xxxpredictive
26Filexxxxx/xxxxxx/xxxx.xxxxpredictive
27Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictive
28Filexxx/xxxxx/xxxxxxxxxx/xxxx.xxxpredictive
29Filexxxxxxxx.xxxpredictive
30Filexxxxxxx_xxxx_xxxxxxx_xxxxxx_xxx.xpredictive
31Filexxxxxxx_xxxxxxxxx_xxxx.xxxpredictive
32Filexxxxxx.xpredictive
33Filexxxxxxxx/xxxxx.xpredictive
34Filexxx.xpredictive
35Filexxxxx.xxxxxxxxxxx.xxxx[x]=xxxpredictive
36Filexxxxxx/xxx.xpredictive
37Filexxxx/xxxxxx/xxxx.xxxpredictive
38Filexxxx/xxxxxx/xxxxxxxxxxxxxx.xxxpredictive
39Filex_xxxxxxpredictive
40Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
41Filexxx\xxxxxx\xxxxxxxxxxx\xxxxx\xxxxxxxxxxxxx.xxxpredictive
42Filexxxxxxx/xxxx/xxxx/xxxx_xxxxxxxxxx.xpredictive
43Filexxxxxxx/xxx/xxx-xxxxxxxx.xpredictive
44Filexxxxxxx/xxx/xxxxxxxx/xxxxx.xpredictive
45Filexxxxxxx/xxx/xxxxxx/xxxxxxxx/xxxxx.xpredictive
46Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xpredictive
47Filexxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.xpredictive
48Filexxxxxxxx.xxxpredictive
49Filexxxxxxxxxxxx.xxxpredictive
50Filexxxxxxxxxxxxxxxxx.xxxxpredictive
51Filexx/xxxxx/xxxxx.xpredictive
52Filexxxxxxxxx/xxxx-xxxxxxx-xxx.xxxpredictive
53Filexxxx.xxxpredictive
54Filexxxxxxxxxxxxxxxxxxx.xxxxpredictive
55Filexxxx_xxxx.xpredictive
56Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictive
57Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictive
58Filexxxxx.xxxpredictive
59Filexxxxxxx.xpredictive
60Filex_xxxxxxxx_xxxxxpredictive
61Filexxxx\xxxxxxx\xxxxxxxxxx.xxxxx.xxxpredictive
62Filexxx_xxxxx_xxxx.xpredictive
63Filexxxxxxxx.xxxpredictive
64Filexxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxpredictive
65Filexxxxpredictive
66Filexxx/xxxx/xxxx_xxxxxx.xpredictive
67Filexx.xxpredictive
68Filexxx/xxxxx.xxxxpredictive
69Filexxxx_xxxx.xpredictive
70Filexxx_xxx.xpredictive
71Filexxxx/xxxxxxxxx.xxxpredictive
72Filexxxxxxx.xxxpredictive
73Filexxxxxxxxxxxxxxxxxxxxxxxxxxx!xxxxxxx.xxxxpredictive
74Filexxxxxxxx.xpredictive
75Filexxxxx.xxxpredictive
76Filexxxxxxxx.xxxpredictive
77Filexxxxxxx.xxpredictive
78Filexxxx/xxx/xxx_xxxx.xpredictive
79Filexxxxxx.xxpredictive
80Filexxxxx/xxxxxxxxxxxx/xxxxxxx/xxx.xxxxpredictive
81Filexxxxxx\xxxxxx\xxxxxx\xxx\xxxxxx\xxx.xxxpredictive
82Filexxxxxxxxxxxxxxxx.xxpredictive
83Filexxxxxxxxxxxxxxx/xxxxxxxxxxxx.xxxpredictive
84Filexxxxxx.xxxpredictive
85Filexxxxxxxxxxxxxxx.xxxpredictive
86Filexxxx.xpredictive
87Filexxxxxxxx.xxxpredictive
88Filexxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxxpredictive
89Filexxxx-xxxxx.xxxpredictive
90Filexxxxxxxxxx.xxxpredictive
91Filexxxxx/xxxxxxxx.xpredictive
92Filexxxxxxxxxxxxxx.xxx/xxxxxxxxxxxxxxxx.xxxpredictive
93Filexxxxxxxx/xxxxxxxxpredictive
94Filexxxx/xxx/xxxx-xxxxx.xxxpredictive
95Filexxxxx.xpredictive
96Filexxxxxx.xxxpredictive
97Filexxxxxx.xpredictive
98Filexxxxxxxx.xpredictive
99Filexxxxxx.xxxpredictive
100Libraryxxxxx.xxxpredictive
101Libraryxxxxx.xxxpredictive
102Libraryxxx/xxxxxxxx.xxpredictive
103Libraryxxxxpredictive
104Libraryxxxxxxxx.xxxpredictive
105Libraryxxxxxxxxx.x.x.xxx.xxxpredictive
106Libraryxxxxxxx.xxxpredictive
107Argument$xxxx['xxxx']predictive
108Argument$_xxxxxpredictive
109Argument$_xxxxxx['xxxxx_xxxxxx']predictive
110Argumentx@xxxxpredictive
111Argumentxxx_xxxxxx_xxxxxpredictive
112Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictive
113Argumentxxxxxx_xxxxpredictive
114Argumentxxxpredictive
115Argumentxxxxx.xxxxxxxxxxx.xxxx[x]=xxxpredictive
116Argumentxxxpredictive
117Argumentxxxxxxxpredictive
118Argumentxxxxpredictive
119Argumentxxpredictive
120Argumentxxxx/xxxx/xxxxxxxxxpredictive
121Argumentxxxxxxxxpredictive
122Argumentxxxxxxxxpredictive
123Argumentxxxxpredictive
124Argumentxxxxpredictive
125Argumentxxpredictive
126Argumentxx/xxxxxpredictive
127Argumentxxxxxxxxxxxxxxxxpredictive
128Argumentxxxpredictive
129Argumentxxxxxxxpredictive
130Argumentxxxxxxxxxxpredictive
131Argumentx_xxxxxxxxpredictive
132Argumentxxxxpredictive
133Argumentxxxxxxpredictive
134Argumentxxxxxxxxxx/xxxxxxxxxxxxpredictive
135Argumentxxxxpredictive
136Argumentxxx_xxx_xxxpredictive
137Argumentxxxpredictive
138Argumentxxxxpredictive
139Argumentxxxx[]predictive
140Argumentxxxxxxxxpredictive
141Argumentxxxxxxxxpredictive
142Argumentxxxxpredictive
143Argumentxxxxx_xxxxxxpredictive
144Argumentxxxxxxxxxpredictive
145Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictive
146Argumentxxxxxxpredictive
147Argumentxxxxxx/xxxxxx_xxxxxxpredictive
148Argumentxxxxxxxxxxxxxxxxxxxpredictive
149Argumentxxxxxxxxpredictive
150Argumentxxxxxxxxxpredictive
151Argumentxxxxxxxxpredictive
152Argumentxxxxxxpredictive
153Argumentxxxxxpredictive
154Argumentxxxxxxpredictive
155Argumentxxxpredictive
156Argumentxxxpredictive
157Argumentxxxxxxxxpredictive
158Argumentxxxxxxxxxxpredictive
159Argumentxxxx->xxxxxxxpredictive
160Argumentx-xxxx-xxxxxpredictive
161Argumentxxxpredictive
162Input Value-xpredictive
163Input Value/../../../../../../../../../../../../xxx/xxxxxxpredictive
164Input Value/<xxxxxxxx>predictive
165Input Value/xxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxx/x&xxxx;);%xxxxxxx('xxx');xxx('/xxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxpredictive
166Input Value::$xxxxx_xxxxxxxxxxpredictive
167Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictive
168Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictive
169Input Valuexxx?xxx#xxxpredictive
170Input Value\xpredictive
171Patternxxxxxxxxxxxpredictive
172Pattern|xx|predictive
173Network Portxxxxx xxx-xxx, xxxpredictive
174Network Portxxx/xx (xxx xxxxxxxx)predictive
175Network Portxxx/xxxxpredictive
176Network Portxxx xxxxxx xxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!