Careto 解析
IOB - Indicator of Behavior (603)
アクティビティ
関心
脆弱性
IOC - Indicator of Compromise (16)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
ID | IPアドレス | Hostname | アクター | キャンペーン | Identified | タイプ | 信頼度 |
---|---|---|---|---|---|---|---|
1 | 8.28.16.254 | Careto | 2021年01月01日 | verified | 高 | ||
2 | 12.0.0.38 | Careto | 2021年01月01日 | verified | 高 | ||
3 | 23.20.44.92 | ec2-23-20-44-92.compute-1.amazonaws.com | Careto | 2021年01月01日 | verified | 中 | |
4 | 37.235.63.127 | 127-63-235-37.static.edis.at | Careto | 2021年01月01日 | verified | 高 | |
5 | XX.XXX.XXX.X | xxxxx-xxx-xxx-xx.xxxxxxxxxxxxxx.xxxxx.xx | Xxxxxx | 2021年01月01日 | verified | 高 | |
6 | XX.XX.XX.XX | Xxxxxx | 2021年01月01日 | verified | 高 | ||
7 | XX.XXX.XXX.XXX | xx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxx | Xxxxxx | 2021年01月01日 | verified | 高 | |
8 | XX.X.XXX.XX | xxxxxxxx-xx-x-xxx-xxx.xxxxxxxxxx.xx | Xxxxxx | 2021年01月01日 | verified | 高 | |
9 | XXX.XXX.XXX.XX | xx.xx.xxxx.xxxxxx.xxxxxxxxx.xxx | Xxxxxx | 2021年01月01日 | verified | 高 | |
10 | XXX.XXX.XXX.XX | xxxxxxxx.xxxxxx.xxx.xx | Xxxxxx | 2021年01月01日 | verified | 高 | |
11 | XXX.XX.XX.XX | Xxxxxx | 2021年01月01日 | verified | 高 | ||
12 | XXX.XXX.XXX.XX | Xxxxxx | 2021年01月01日 | verified | 高 | ||
13 | XXX.XX.XXX.XXX | xxxxxxxxx.xxx | Xxxxxx | 2021年01月01日 | verified | 高 | |
14 | XXX.XX.XXX.XXX | xxx-xxxx-xxxx.xxxx.xx | Xxxxxx | 2021年01月01日 | verified | 高 | |
15 | XXX.XXX.XX.XXX | xxxx.xxxxxxxxxx.xxx.xx | Xxxxxx | 2021年01月01日 | verified | 高 | |
16 | XXX.XX.XXX.XXX | xxxxxxxxx.xxxxxxxx.xxx | Xxxxxx | 2021年01月01日 | verified | 高 |
TTP - Tactics, Techniques, Procedures (24)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (195)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | クラス | Indicator | タイプ | 信頼度 |
---|---|---|---|---|
1 | File | /api/update_setup | predictive | 高 |
2 | File | /APP_Installation.asp | predictive | 高 |
3 | File | /cgi-bin/live_api.cgi | predictive | 高 |
4 | File | /IISADMPWD | predictive | 中 |
5 | File | /items/view_item.php | predictive | 高 |
6 | File | /pages/class_sched.php | predictive | 高 |
7 | File | /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php | predictive | 高 |
8 | File | /platform.cgi | predictive | 高 |
9 | File | /Status/wan_button_action.asp | predictive | 高 |
10 | File | /tmp/.uci/network | predictive | 高 |
11 | File | /uncpath/ | predictive | 中 |
12 | File | /Users | predictive | 低 |
13 | File | /usr/ | predictive | 低 |
14 | File | Aavmker4.sys | predictive | 中 |
15 | File | add_user.php | predictive | 中 |
16 | File | admin/app/physical/physical.php | predictive | 高 |
17 | File | admin/auto.def | predictive | 高 |
18 | File | api/settings/values | predictive | 高 |
19 | File | app/admin/custom-fields/filter.php | predictive | 高 |
20 | File | appfeed.c | predictive | 中 |
21 | File | ashmem.c | predictive | 中 |
22 | File | auth-gss2.c | predictive | 中 |
23 | File | xxxxxxxx.xxx | predictive | 中 |
24 | File | xxxxxxxxxx/xxxxx.xxx | predictive | 高 |
25 | File | xxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
26 | File | xxxxxxxxxxx.xxx | predictive | 高 |
27 | File | xxxxx/xxxxxxxx/xxxxxxxxxxxxxxx.xxx | predictive | 高 |
28 | File | xxxx | predictive | 低 |
29 | File | xxxx/xxxxxxx.xxx | predictive | 高 |
30 | File | xxxx/xxxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
31 | File | xxxx/xxx/xxxxxx_xxx.xxx | predictive | 高 |
32 | File | xxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
33 | File | xxxxxxx/xxxxxxx/xxxxxxx-xxxx.x | predictive | 高 |
34 | File | xxxxxx.xxx | predictive | 中 |
35 | File | xxxx.xxx | predictive | 中 |
36 | File | xxxxxxxxxx_xxxxxx_xxxxxx.xxx | predictive | 高 |
37 | File | xxxx.x | predictive | 低 |
38 | File | xxxx/xxxxx.xx | predictive | 高 |
39 | File | xxx_xxxxxx.x | predictive | 中 |
40 | File | xxxxxx.xxx | predictive | 中 |
41 | File | xxxxxxx/xxx/xxx/xxx/xxxxxxx/xxxxxx/xxxxxx_xx_xxxxxxxxx.x | predictive | 高 |
42 | File | xxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.x | predictive | 高 |
43 | File | xxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxx.x | predictive | 高 |
44 | File | xxxxxxx/xxxx/xxxxxxx/xxxxxxxx.x | predictive | 高 |
45 | File | xxxxx.xxx | predictive | 中 |
46 | File | xxxx/xxxxxxxxxx/xxxxxx-xxxxx.x | predictive | 高 |
47 | File | xxxxxxx.x | predictive | 中 |
48 | File | xxxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
49 | File | xxxxxxxxxxx.xxx | predictive | 高 |
50 | File | xx/xxxxx/xxxx-xxxxx-xxxxx.x | predictive | 高 |
51 | File | xxxxxxx.x | predictive | 中 |
52 | File | xxx/xxxx_xxxx.x | predictive | 高 |
53 | File | xxxxxx/xxxxx | predictive | 中 |
54 | File | xxxx_xxxxxx.x | predictive | 高 |
55 | File | xxxxxxxxx.x | predictive | 中 |
56 | File | xxxx/xxxx/xxxxxxx/xxxxx.xxxx | predictive | 高 |
57 | File | xx.xx | predictive | 低 |
58 | File | xxxx_xxxx.x | predictive | 中 |
59 | File | xx/xxx/xxxxxx-xxx.x | predictive | 高 |
60 | File | xx/xxx/xxx.x | predictive | 中 |
61 | File | xxxxxxx/xx/xxxxxx/xxxxxx-xxx.x | predictive | 高 |
62 | File | xxxxxxx/xxxxx/xxxxxx/xxxx.x | predictive | 高 |
63 | File | xxxxx.xxx | predictive | 中 |
64 | File | xxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxx | predictive | 高 |
65 | File | xxxxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
66 | File | xxxxxxxxx/xxxxx/xxx_xxx/xxxx.xxx | predictive | 高 |
67 | File | xxx.x | predictive | 低 |
68 | File | xxxxxxxx/xxx_xxxx.x | predictive | 高 |
69 | File | xxxxx.x | predictive | 低 |
70 | File | xxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
71 | File | xxx_xxx.x | predictive | 中 |
72 | File | xxxxxxxx.xxx | predictive | 中 |
73 | File | xxxxxxxxx | predictive | 中 |
74 | File | xxxxx.xxx | predictive | 中 |
75 | File | xxxxxxxx.xxx | predictive | 中 |
76 | File | xxxxxxx/xxxxxx_xxxxxxx/{xx} | predictive | 高 |
77 | File | xxxxxxxxxxx.xx | predictive | 高 |
78 | File | xxxxxxxxx.x | predictive | 中 |
79 | File | xx/xxxxxxx.x | predictive | 中 |
80 | File | xx/xxxxxxxxx.x | predictive | 高 |
81 | File | xxx/xxx_xxx/xxxxxx/xxx_xxxxxx.x | predictive | 高 |
82 | File | xxxxxxx/xxxxx/xxxx.x | predictive | 高 |
83 | File | xxx_xxxxx.x | predictive | 中 |
84 | File | xxx/xxxx/xxx.x | predictive | 高 |
85 | File | xxx/xxxxxxxx/xxxxxxx.x | predictive | 高 |
86 | File | xxxxxxxxxxx.xxx | predictive | 高 |
87 | File | xxxxxx.x | predictive | 中 |
88 | File | xxx_xxxx.x | predictive | 中 |
89 | File | xxxxxx.xxx | predictive | 中 |
90 | File | xxxxxx_xxxxxxxxxx.xx | predictive | 高 |
91 | File | xxxxxx.x | predictive | 中 |
92 | File | xxxxxxx/xxxxxxxxxxxxx/xxxxx-xxxx.xxx | predictive | 高 |
93 | File | xxxxxxx/xxxxxxx/xx_xxxxxxxxx/xxxxxxxx/xxxxxxxx.xxx | predictive | 高 |
94 | File | xxxx.x | predictive | 低 |
95 | File | xxxxx-xxx.x | predictive | 中 |
96 | File | xxxxxxxxxxx.xxxx | predictive | 高 |
97 | File | xxxxxxxxxx.xxx | predictive | 高 |
98 | File | xxx/xxxxx | predictive | 中 |
99 | File | xxx.x | predictive | 低 |
100 | File | xxxxx_xxxxxx_xxx.xxx | predictive | 高 |
101 | File | xxxxxx.xxx | predictive | 中 |
102 | File | xxxxxxxx/xxxxxxxxxxxxxx.xxxx/xxxxxxxxxxxx | predictive | 高 |
103 | File | xxxxx.xxx | predictive | 中 |
104 | File | xxxxx/xxx/xxxxx/xxxxxx.x | predictive | 高 |
105 | File | xxxxxx.xx | predictive | 中 |
106 | File | xxx/xxxxxxxxxx_xxxx | predictive | 高 |
107 | File | xxx_xxxxxxxx.x | predictive | 高 |
108 | File | xxxxxxx/xxxxxxxxxxxx | predictive | 高 |
109 | File | xxxxxxxx.xxx | predictive | 中 |
110 | File | xxxxxxxx.xxxx | predictive | 高 |
111 | File | xxxxxx_xxxxxxx_xxxx_xxxxx.xxx | predictive | 高 |
112 | File | xxxxx/_xxxxxxxx.xxx | predictive | 高 |
113 | File | xxx.xxx | predictive | 低 |
114 | File | xxxxxx.xxx | predictive | 中 |
115 | File | xx/xxxxxxxxx/xx | predictive | 高 |
116 | File | xxxxxxxxx.xxx | predictive | 高 |
117 | File | xxxxxx/xxxxxx.x | predictive | 高 |
118 | File | xxxx/xxxxxxx-xxxx.x | predictive | 高 |
119 | File | xxxxxxxx.xxx | predictive | 中 |
120 | File | xx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx-xxxx&xxxxxxx=xxxx | predictive | 高 |
121 | File | xx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx%xxxxxxxxxxx.xxx | predictive | 高 |
122 | File | xx-xxxxxx.xxx | predictive | 高 |
123 | File | xx-xxxxx.xxx | predictive | 中 |
124 | File | xxxxxxxxx.xxx | predictive | 高 |
125 | File | xxxx.xx | predictive | 低 |
126 | Library | xxxxxxx.xxx | predictive | 中 |
127 | Library | xxx/xxx.x | predictive | 中 |
128 | Library | xxxxxxxx.xxx | predictive | 中 |
129 | Library | xxxxxx.xxx.xxxxxx.xxx | predictive | 高 |
130 | Library | xxxxxxxx.xxx | predictive | 中 |
131 | Library | xxxxxxx.xxx | predictive | 中 |
132 | Library | xxxxxxxx.xxx | predictive | 中 |
133 | Library | xxxxxxxxxxxxx.xxx) | predictive | 高 |
134 | Argument | -x | predictive | 低 |
135 | Argument | xxxxxxxxxxxx | predictive | 中 |
136 | Argument | xxxx_xxxxxx | predictive | 中 |
137 | Argument | xxxxx | predictive | 低 |
138 | Argument | xxxxxxxxxxxx_xxxxxxxxxxxx | predictive | 高 |
139 | Argument | xxxxx | predictive | 低 |
140 | Argument | xxxxxxx | predictive | 低 |
141 | Argument | xxxxxx_xxxxxx_xx | predictive | 高 |
142 | Argument | xxxxxx | predictive | 低 |
143 | Argument | xxxx_xxxx | predictive | 中 |
144 | Argument | xxxxxx xxxx/xxxxxx xxxxxxx/xxxx xxxx/xxxxx/xxxxxxxx/xxx | predictive | 高 |
145 | Argument | xxxxxxxxxxxx_xxxx_xxxx[x] | predictive | 高 |
146 | Argument | xxx | predictive | 低 |
147 | Argument | xxxx | predictive | 低 |
148 | Argument | xxxxxxxx | predictive | 中 |
149 | Argument | xxxxxx | predictive | 低 |
150 | Argument | xxxx | predictive | 低 |
151 | Argument | x_xxxxxxxx | predictive | 中 |
152 | Argument | xxxxxxx | predictive | 低 |
153 | Argument | xxxxxx_xxx/xxxxx_xxx | predictive | 高 |
154 | Argument | xxxx | predictive | 低 |
155 | Argument | xxxx | predictive | 低 |
156 | Argument | xxxx_xxxxx | predictive | 中 |
157 | Argument | xx | predictive | 低 |
158 | Argument | xx | predictive | 低 |
159 | Argument | xxxx | predictive | 低 |
160 | Argument | xxxxxxxx | predictive | 中 |
161 | Argument | xxxxxx | predictive | 低 |
162 | Argument | xxxxxxx | predictive | 低 |
163 | Argument | xxxxx | predictive | 低 |
164 | Argument | xxxxx | predictive | 低 |
165 | Argument | xxxxxxxxx | predictive | 中 |
166 | Argument | xxxxxxxx | predictive | 中 |
167 | Argument | xxxx | predictive | 低 |
168 | Argument | xxx | predictive | 低 |
169 | Argument | xxxxxxx | predictive | 低 |
170 | Argument | xxxxxxxxxxx | predictive | 中 |
171 | Argument | xxxxxx_xxx | predictive | 中 |
172 | Argument | xxxxxxx | predictive | 低 |
173 | Argument | xxxxxx xxxxxxxxx | predictive | 高 |
174 | Argument | xxxxx_xxx/xxxxx_xxxxx | predictive | 高 |
175 | Argument | xx_xxxx | predictive | 低 |
176 | Argument | xxxx | predictive | 低 |
177 | Argument | xxxxxxxxxxxxx | predictive | 高 |
178 | Argument | xxxxx | predictive | 低 |
179 | Argument | xxxxxxxx | predictive | 中 |
180 | Argument | xxxx | predictive | 低 |
181 | Argument | xxxx_xxxx | predictive | 中 |
182 | Argument | {xxxxx | predictive | 低 |
183 | Input Value | '||(xxxxxx xxxxxxxxxx xxxxx xxxx=xxxx xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x))||' | predictive | 高 |
184 | Input Value | **@xxxxxx | predictive | 中 |
185 | Input Value | ../ | predictive | 低 |
186 | Input Value | xxx.x.x.x | predictive | 中 |
187 | Input Value | xxxxx://xxxx.xxxxxxx.xxx@xxxxxx.xxxxxxx.xxx/ | predictive | 高 |
188 | Input Value | xxxxxxxxxx | predictive | 中 |
189 | Input Value | xxxx | predictive | 低 |
190 | Network Port | xxx xxxxx | predictive | 中 |
191 | Network Port | xxx xxxxx | predictive | 中 |
192 | Network Port | xxx/xxx | predictive | 低 |
193 | Network Port | xxx/xxxx | predictive | 中 |
194 | Network Port | xxx/xxx (xxx) | predictive | 高 |
195 | Network Port | xxx xxxxx | predictive | 中 |
参考 (2)
The following list contains external sources which discuss the actor and the associated activities: