Coronavirus scams 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (93)

タイムライン

言語

en70
fr24

国・地域

fr48
us34
bd2
cn2
gb2

アクター

Coronavirus scams1

アクティビティ

関心

タイムライン

タイプ

Not Defined38
Content Management System6
Web Server6
WordPress Plugin4
Ticket Tracking Software2

ベンダー

Not Defined32
HCL8
GPAC4
Microsoft4
SunHater2

製品

HCL Domino6
GPAC MP4Box4
WordPress4
SunHater KCFinder2
Grafana2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Collabora Online クロスサイトスクリプティング4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000520.00CVE-2023-31145
2Insyde InsydeH2O UEFI DXE Driver メモリ破損6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000620.00CVE-2021-42059
3nginx 特権昇格6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002413.23CVE-2020-12440
4OpenSSH Authentication Username 情報の漏洩5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.27CVE-2016-6210
5Voltronic Power ViewPower Pro getMacAddressByIp 特権昇格9.89.5$0-$5k$0-$5kNot DefinedNot Defined0.000700.06CVE-2023-51572
6Microsoft Outlook Remote Code Execution8.07.3$5k-$25k$0-$5kUnprovenOfficial Fix0.229820.03CVE-2023-33131
7Microsoft Excel Local Privilege Escalation7.06.4$0-$5k$0-$5kUnprovenOfficial Fix0.002980.05CVE-2023-33137
8LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.00
9SourceCodester Life Insurance Management System POST Parameter insertNominee.php クロスサイトスクリプティング4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.07CVE-2023-3165
10Apple iOS/iPadOS IOMobileFrameBuffer メモリ破損7.87.2$25k-$100k$5k-$25kFunctionalOfficial Fix0.002360.03CVE-2021-30883
11GNU wget FTP ディレクトリトラバーサル5.14.9$0-$5k$0-$5kHighOfficial Fix0.078150.02CVE-2014-4877
12Fortinet FortiOS/FortiProxy FortiGate SSL-VPN メモリ破損9.89.6$25k-$100k$25k-$100kNot DefinedOfficial Fix0.154070.03CVE-2023-27997
13SunHater KCFinder upload.php クロスサイトスクリプティング5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.001310.00CVE-2019-14315
14Grafana Email Invite 特権昇格6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001560.05CVE-2022-39306
15Linux Kernel IGB Driver igb_main.c igb_set_rx_buffer_len メモリ破損7.67.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.04CVE-2023-45871
16Kubernetes ingress-nginx API 特権昇格7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002370.03CVE-2023-5043
17Microsoft Exchange Server Privilege Escalation8.37.6$25k-$100k$5k-$25kUnprovenOfficial Fix0.000800.03CVE-2023-36745
18Web Based Quiz System welcome.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000880.00CVE-2022-32991
19Harbor 弱い認証6.96.8$0-$5k$0-$5kNot DefinedNot Defined0.014730.03CVE-2022-46463
20Exim AUTH メモリ破損9.89.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.04CVE-2023-42115

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
16.43.51.17Coronavirus scams2020年04月05日verified
2XX.XXX.XXX.XXXxxxxxxxxxx Xxxxx2020年03月07日verified
3XXX.XX.XX.XXXxxxxxx.xxx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxx Xxxxx2020年04月05日verified
4XXX.XXX.X.XXXXxxxxxxxxxx Xxxxx2020年03月07日verified

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-21, CWE-22Path Traversalpredictive
2T1059CAPEC-242CWE-94Argument Injectionpredictive
3T1059.007CAPEC-209CWE-79Cross Site Scriptingpredictive
4TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
5TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
8TXXXXCAPEC-108CWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
10TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
11TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File.htaccesspredictive
2File/adminlogin.asppredictive
3File/api/baskets/{name}predictive
4File/calendar/minimizer/index.phppredictive
5File/forum/away.phppredictive
6File/uncpath/predictive
7File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictive
8Filexxxxxxx.xxxpredictive
9Filexxx_xxxxx.xxxpredictive
10Filexxx.xxx?xxx=xxxxx_xxxxpredictive
11Filexxxxxxx/xxx/xxxxxxxx/xxxxx/xxx/xxx_xxxx.xpredictive
12Filexxxx_xxxx.xxxpredictive
13Filexx/xx_xxxxx.xpredictive
14Filexxxx.xxxpredictive
15Filexxx/xxxxxx.xxxpredictive
16Filexxxxxxxxxxxxx.xxxpredictive
17Filexxxxxxxxxxx/xxx.xpredictive
18Filexxxxx_xxxxxx.xxxpredictive
19Filexxxxxxxxxx_xxxxx.xxxxxxpredictive
20Filexxx/xxx_xxxpredictive
21Filexxxxxx.xxxpredictive
22Filexxx/xxxxxxxx/xxx_xxx.xpredictive
23Filexxx/xxxxx_xxxxx/xx_xxxxxxx.xpredictive
24Filexxxxxx.xxxpredictive
25Filexxxxxxx.xxxpredictive
26Filexx-xxxxx-xxxxxx.xxxpredictive
27Filexx-xxxxxxxx/xxxx.xxxpredictive
28Argumentxxxxxxxpredictive
29Argumentxxxxxx_xxxxpredictive
30Argumentxxxxxxxxpredictive
31Argumentxxxxx_xxxxpredictive
32Argumentxxxxxxxxxxxxxxxpredictive
33Argumentxxxxxxxxxxxpredictive
34Argumentxxxx/xxxxpredictive
35Argumentxxxxpredictive
36Argumentxxxpredictive
37Argumentxxpredictive
38Argumentxxxxxxx_xxpredictive
39Argumentxxxxxxxxpredictive
40Argumentxxxxxxxxpredictive
41Argumentxxxxxx_xxpredictive
42Argumentxxxpredictive
43Argumentxxxxxxxx/xxxxxxxxpredictive
44Argument_xxxxxxx_xxxxpredictive
45Input Value'xx''='predictive
46Input Value..predictive
47Pattern|xx xx|predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

概要

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!