CrackedCantil 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (254)

タイムライン

言語

en218
ru20
es14
pl2

国・地域

us134
de64
ru4

アクター

CrackedCantil7
Stealc6
RedLine Stealer5
Amadey5
Cobalt Strike4

アクティビティ

関心

タイムライン

タイプ

Not Defined80
Content Management System10
Operating System8
Forum Software8
Programming Language Software6

ベンダー

Not Defined54
IBM12
Microsoft8
Oracle6
Google4

製品

PHPepperShop4
Esoftpro Online Guestbook Pro4
Star Articles4
Cluster Project rgmanager4
Google Android2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Indexu suggest_category.php クロスサイトスクリプティング3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.13
2Joomla CMS com_easyblog SQLインジェクション6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.27
3Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed メモリ破損8.38.2$25k-$100k$0-$5kHighOfficial Fix0.968690.00CVE-2023-4966
4TikiWiki tiki-register.php 特権昇格7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010091.40CVE-2006-6168
5LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.04
6SPIP spip.php クロスサイトスクリプティング3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001320.60CVE-2022-28959
7PHP Link Directory Administration Page index.html クロスサイトスクリプティング4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.33CVE-2007-0529
8SourceCodester Alphaware Simple E-Commerce System admin_index.php SQLインジェクション7.06.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.001710.03CVE-2023-1503
9PHP Scripts Mall Multi Language Olx Clone Script クロスサイトスクリプティング5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.001150.02CVE-2018-6845
10System Dashboard Plugin sd_option_value 特権昇格4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000510.00CVE-2023-5713
11DZCP Witze Addon index.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.002610.02CVE-2012-5000
12TOTOLINK A860R downloadFile.cgi 特権昇格7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.448620.04CVE-2022-40475
13Corel ActiveCGM Browser ActiveX Control acgm.dll メモリ破損10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.049280.00CVE-2007-2921
14IBM Tivoli Directory Server Web Administration Tool 情報の漏洩7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.002770.00CVE-2015-1977
15Storytlr クロスサイトスクリプティング4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001930.06CVE-2014-100038
16Big Webmaster Big Webmaster Guestbook Script addguest.cgi クロスサイトスクリプティング4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.006150.04CVE-2006-2231
17PHPGurukul User Registration & Login and User Management System bwdates-report-result.php SQLインジェクション6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000430.06CVE-2024-28323
18Dreaxteam Xt-News show_news.php SQLインジェクション7.37.1$0-$5k$0-$5kHighUnavailable0.002020.02CVE-2006-6747
19D-Link DNS-320 system_mgr.cgi 特権昇格8.08.0$5k-$25k$0-$5kHighNot Defined0.973940.00CVE-2020-25506
20Bitrix24 tools.php 情報の漏洩7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.027540.03CVE-2023-1719

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
15.42.64.41CrackedCantil2024年02月01日verified
213.32.121.85server-13-32-121-85.fra60.r.cloudfront.netCrackedCantil2024年02月01日verified
318.66.142.79server-18-66-142-79.fra60.r.cloudfront.netCrackedCantil2024年02月01日verified
4XX.XX.XXX.XXXXxxxxxxxxxxxx2024年02月01日verified
5XXX.XX.XX.XXXXxxxxxxxxxxxx2024年02月01日verified
6XXX.XX.XXX.XXXxxxxxxxxxxxx2024年02月01日verified
7XXX.X.XX.XXXxxxxxx.xxx.xx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxxx2024年02月01日verified
8XXX.XXX.XXX.XXXxxxxxxxxxxxx2024年02月01日verified
9XXX.XXX.X.XXXxxxxxxxxxxxx2024年02月01日verified
10XXX.XXX.XX.XXXXxxxxxxxxxxxx2024年02月01日verified
11XXX.XXX.XX.XXxxxxxxxxxxxx2024年02月01日verified
12XXX.XXX.XXX.XXXxxxxxxxxxxxx2024年02月01日verified
13XXX.XX.XX.XXXxxxxxxxxxxxx2024年02月01日verified

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1059CAPEC-242CWE-94Argument Injectionpredictive
3T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
4TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
5TXXXXCAPEC-136CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
7TXXXXCAPEC-0CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
8TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
9TXXXXCAPEC-0CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
10TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
11TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (141)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/+CSCOE+/logon.htmlpredictive
2File/advanced-tools/nova/bin/netwatchpredictive
3File/cgi-bin/downloadFile.cgipredictive
4File/cgi-bin/system_mgr.cgipredictive
5File/client/campaign_track.phppredictive
6File/forum/away.phppredictive
7File/oauth/idp/.well-known/openid-configurationpredictive
8File/spip.phppredictive
9File/userLogin.asppredictive
10Filead.cgipredictive
11Fileaddguest.cgipredictive
12Fileadmin/addProxyConnector_commit.actionpredictive
13Fileadmin/admin_index.phppredictive
14Fileaff_news.phppredictive
15Fileallmanageup.plpredictive
16Fileamadmin.plpredictive
17Filexxx-xx-xxx/xxx_xxx/xxx_xxxx.xpredictive
18Filexxxxxxx.xxxxxxxx.xxxpredictive
19Filexxxxxxx.xxxxxxxx.xxxpredictive
20Filexxxxxxx.xxxxx.xxxpredictive
21Filexxxxxxx.xxxxxxxxx.xxxpredictive
22Filexxxxxxxxxxxxx.xxpredictive
23Filexxxxxxx.xxxpredictive
24Filexxx_xxxxx.xxxpredictive
25Filexxxxxx/xxxxxxx/xxxx/xxxxxxx/xxxxxxx/xxxx_xxxxxxx.xxxpredictive
26Filexxxxxx/xxxxxxx/xxxx/xxxxx.xxxpredictive
27Filexxx_xxxxxxxxx.xxxpredictive
28Filexxxxxxx-xxxxxx-xxxxxx.xxxpredictive
29Filexxxxxx_xxxx.xxxpredictive
30Filexxxx_xxxx.xxxpredictive
31Filexxxxxxxxxxx.xxxpredictive
32Filexxxxxxxxx.xxxpredictive
33Filexxxx.xxxpredictive
34Filexxxxxxx_xxxxx.xxxpredictive
35Filexxxxxxx.xxxpredictive
36Filexxxxxx.xxxpredictive
37Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxx.xpredictive
38Filexxxxxxx/xxxxx/xxxxx/xxxxxx-xxx.xpredictive
39Filexxxxxxx.xxpredictive
40Filexxxxxxxx-xxxxx-xxx-xxxxxxx.xxpredictive
41Filexxxxxxx-xxxxxxx.xxxxpredictive
42Filexxxxx.xxxpredictive
43Filexxxxxxxx.xxxpredictive
44Filexxxxxxx/xxxx.xxxpredictive
45Filexxxxxxx.xxx_predictive
46Filexxxxxxxxxxxxxxx.xxxpredictive
47Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictive
48Filexxxxx.xxxxpredictive
49Filexxxxx.xxxpredictive
50Filexxxxxxxx.xxxpredictive
51Filexxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxx.xxxxpredictive
52Filexxxxx/xxxxx.xxxpredictive
53Filexxxxxxx.xxxpredictive
54Filexxxxxxxx.xxxpredictive
55Filexxxxxxx.xxxpredictive
56Filexxx/xxxxxxxxxxx.xxpredictive
57Filexxxxxxxx.xxpredictive
58Filexxxxxx.xxxpredictive
59Filexxxxxxxxxx.xxxpredictive
60Filexxxxxx/xxxxxx:xxxxxxxxxxxxxxxxxpredictive
61Filexxx-xxxxxxxx.xxpredictive
62Filexxx_xxxx.xxxpredictive
63Filexxxxxx_xxxxxx/xxxxxxx/xxx.xxx.xxxx.xxxxxx.xxxxxxx.xxxxxxxxxxx.xxxpredictive
64Filexxxxxxxx.xxxpredictive
65Filexxxxx.xxxpredictive
66Filexxxxxxx.xxxpredictive
67Filexxxxxxxxxx.xxxpredictive
68Filexxxxxxxx.xxxpredictive
69Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictive
70Filexxxx_xxxxxxxx.xxxpredictive
71Filexxxx_xxxxxx.xxxpredictive
72Filexxxx/xxxxx/xxxx_xxxxxxxxxxxxx.xxxpredictive
73Filexxxx/xxxxx/xxxx_xxxxxx_xxxx.xxxpredictive
74Filexxxx/xxxxxxx.xxxpredictive
75Filexxxx_xxxxxxxx.xxx/xxxx_xxxx.xxxpredictive
76Filexxxx_xxxx.xxxpredictive
77Filexxxxx.xxxpredictive
78Filexxxxxxxx.xxxpredictive
79Filexxxxxxx-xxxxxxx.xxxpredictive
80Filexxxxxxx_xxxxxxxx.xxxpredictive
81Filexxxxxxxxx.xxxpredictive
82Filexxxx-xxxxxxxx.xxxpredictive
83Filexxxxxxxxxx.xxxpredictive
84Filexxx-xxxxx.xxxpredictive
85Filexxxxxx_xxxxxxxx.xxxpredictive
86Filexx-xxxxx/xxxx.xxxpredictive
87Filexxxxx_xxx/xxxxxxx/xxxxxxxxx/xxxx.xxxpredictive
88Library/_xxx_xxx/xxxxx.xxxpredictive
89Libraryxxxx.xxxpredictive
90Libraryxxx-xx-xxx/xxx_xxx/xxx_xxxx.xpredictive
91Libraryxxxxxxx.xxxpredictive
92Argumentxxx_xxxxpredictive
93Argumentxxxxxxxxxpredictive
94Argumentxxxxxpredictive
95Argumentxxxxxxxpredictive
96Argumentxxxpredictive
97Argumentxxxx_xxxxpredictive
98Argumentxxxxxxxx/xxxxxxpredictive
99Argumentxxxxxxxpredictive
100Argumentxxxxxxxxxxpredictive
101Argumentxxxxxxxxxxxxxxxxxxxxxpredictive
102Argumentxxxxxpredictive
103Argumentxxxpredictive
104Argumentxxxxxxxxpredictive
105Argumentxxpredictive
106Argumentxxxxxxxpredictive
107Argumentxxxxxpredictive
108Argumentxxxxxxxxpredictive
109Argumentxxxxxpredictive
110Argumentxxxxx_xxxpredictive
111Argumentxxxxpredictive
112Argumentxxxxxpredictive
113Argumentxxxxxxxxx_xxxxxxxxxxxxxxpredictive
114Argumentxxpredictive
115Argumentxx_xxxxpredictive
116Argumentxxxxxxxxxxxxpredictive
117Argumentxxxxxxxxxxxxpredictive
118Argumentxxxxpredictive
119Argumentxxxxxxxpredictive
120Argumentxxxxpredictive
121Argumentxxxxpredictive
122Argumentxxxxxpredictive
123Argumentxxxxxxpredictive
124Argumentxxxxxxpredictive
125Argumentxxxx_xxxxpredictive
126Argumentxxxxxxpredictive
127Argumentxxxxxxxxxpredictive
128Argumentxxxxxpredictive
129Argumentxxxpredictive
130Argumentxxxxxpredictive
131Argumentxxxxpredictive
132Argumentxxxx/xxxx/xxxpredictive
133Argumentxxxxxxxxpredictive
134Argumentxxxxxxxx/xxxxxxxxpredictive
135Argumentxxxxxxxxxxx[xxxxxxxx]predictive
136Argumentxx-xxxxxx_xxxxpredictive
137Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxx+xxxxxx+x,x,xxxx,xxx,x,x+xxxx+xxx_xxxxx+xxxxx+xx=x--+predictive
138Input Value<xxxxxxxx>\xpredictive
139Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictive
140Network Portxxxx xxxxpredictive
141Network Portxxx/xxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Might our Artificial Intelligence support you?

Check our Alexa App!