Carrotbat 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (57)

タイムライン

言語

en38
zh20

国・地域

cn40
us18

アクター

Carrotbat1

アクティビティ

関心

タイムライン

タイプ

Not Defined14
Application Server Software6
Content Management System6
Programming Language Software4
Learning Management Software4

ベンダー

Not Defined26
SAP4
Muhammad A. Muquit2
Fortinet2
FileZilla2

製品

MediaWiki6
Moodle4
Zope2
python-docutils2
CS-Cart2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k計算中HighWorkaround0.020160.00CVE-2007-1192
2Cisco Secure Access Control System EAP-FAST Authentication Module 弱い認証9.89.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.005030.00CVE-2013-3466
3Dell SonicWALL GMS/ViewPoint/UMA Authentication 弱い認証9.89.4$5k-$25k$0-$5kHighOfficial Fix0.972090.00CVE-2013-1359
4adminlte 特権昇格5.55.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001590.04CVE-2021-3706
5PRTG Network Monitor login.htm 情報の漏洩5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001100.05CVE-2020-11547
6SAP NetWeaver Application Server for ABAP SICF Service abap サービス拒否3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000890.00CVE-2021-40495
7SAP NetWeaver Application Server Java JMS Connector Service 特権昇格8.68.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.002260.00CVE-2021-37535
8SAP NetWeaver Application Server ABAP SAP GUI for HTML HTML injection3.53.5$0-$5k$5k-$25kNot DefinedNot Defined0.000540.00CVE-2021-33665
9SAP GUI 情報の漏洩3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2021-40503
10F5 BIG-IP iControl REST Authentication bash 弱い認証9.89.6$5k-$25k$0-$5kHighOfficial Fix0.974790.05CVE-2022-1388
11SalesAgility SuiteCRM Scheduled Reports 特権昇格6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002910.02CVE-2022-23940
12ArcGIS Server SQLインジェクション7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000730.00CVE-2021-29099
13MediaWiki CentralAuth Extension 弱い認証7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.004040.00CVE-2021-36128
14MediaWiki 特権昇格4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.05CVE-2021-44857
15MediaWiki Private Wiki 情報の漏洩3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000890.03CVE-2021-45038
16MediaWiki Testwiki SecurePoll 情報の漏洩3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.00CVE-2021-46148
17MediaWiki EntitySchema Item 特権昇格5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000830.00CVE-2021-45471
18Com User 特権昇格7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.098810.02CVE-2008-3681
19Parallels Plesk Request php 特権昇格6.56.2$0-$5k$0-$5kHighOfficial Fix0.973630.04CVE-2012-1823
20Ivanti Pulse Connect Secure Administrator Web Interface 特権昇格4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001080.00CVE-2021-22937

キャンペーン (1)

These are the campaigns that can be associated with the actor:

  • Fractured Block

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
161.14.210.72former-enews-out.businessinsider.org.ukCarrotbatFractured Block2020年12月22日verified

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1059CAPEC-242CWE-94Argument Injectionpredictive
2T1059.007CAPEC-209CWE-79Cross Site Scriptingpredictive
3TXXXXCAPEC-19CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
4TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
5TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
7TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
8TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx Xxxxpredictive
9TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
10TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (20)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/mgmt/tm/util/bashpredictive
2File/phppath/phppredictive
3File/sap/public/bc/abappredictive
4Filexxxxxxxxx/xxxxxxxxxxxxxpredictive
5Filexxxx-xxxx.xpredictive
6Filexxxxx.xxxpredictive
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
8Filexxxx\xx_xx.xxxpredictive
9Filexxxxx.xxxpredictive
10Filexxxxx.xxxpredictive
11Filexxxxx.xxxpredictive
12Filexxx_xxxxx_xxxxx.xpredictive
13Argumentxxxxx_xxxxxxxxxxpredictive
14Argumentxxpredictive
15Argumentxxxpredictive
16Argumentxxxxxxxxxxxxxxxxpredictive
17Argumentxxxx_xxpredictive
18Argumentxxxxpredictive
19Input Valuexxxxxxpredictive
20Input Valuexxx.xxx[xxxxx]predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Might our Artificial Intelligence support you?

Check our Alexa App!