DNSLock 解析
IOB - Indicator of Behavior (11)
アクティビティ
関心
脆弱性
IOC - Indicator of Compromise (6)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
ID | IPアドレス | Hostname | アクター | キャンペーン | Identified | タイプ | 信頼度 |
---|---|---|---|---|---|---|---|
1 | 18.220.249.233 | ec2-18-220-249-233.us-east-2.compute.amazonaws.com | DNSLock | 2022年04月08日 | verified | 中 | |
2 | 52.77.199.193 | ec2-52-77-199-193.ap-southeast-1.compute.amazonaws.com | DNSLock | 2022年04月08日 | verified | 中 | |
3 | XX.XXX.XXX.XX | xxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx | Xxxxxxx | 2022年04月08日 | verified | 中 | |
4 | XX.XXX.XXX.XXX | xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx | Xxxxxxx | 2022年04月08日 | verified | 中 | |
5 | XX.XXX.XX.XX | Xxxxxxx | 2022年04月08日 | verified | 高 | ||
6 | XX.XXX.XXX.XXX | Xxxxxxx | 2022年04月08日 | verified | 高 |
TTP - Tactics, Techniques, Procedures (3)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
ID | Technique | クラス | 脆弱性 | アクセスベクター | タイプ | 信頼度 |
---|---|---|---|---|---|---|
1 | T1059.007 | CAPEC-209 | CWE-79 | Cross Site Scripting | predictive | 高 |
2 | TXXXX | CAPEC- | CWE-XXX | Xxxxxxxxxxx Xxxxxxxxxx | predictive | 高 |
3 | TXXXX | CAPEC-116 | CWE-XXX | Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx | predictive | 高 |
参考 (2)
The following list contains external sources which discuss the actor and the associated activities: