DNSLock 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (11)

タイムライン

言語

fr10
en2

国・地域

us12

アクター

DNSLock2

アクティビティ

関心

タイムライン

タイプ

Not Defined8
Service Management Software2
Application Server Software2

ベンダー

SAP6
Foxit4
Not Defined2

製品

SAP 3D Visual Enterprise Viewer4
Foxit PhantomPDF4
foreman-debug2
SAP NetWeaver Application Server ABAP2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1foreman-debug Log File Password 特権昇格5.95.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002260.06CVE-2016-9593
2Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service 弱い認証5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.002070.00CVE-2020-17409
3Foxit PhantomPDF U3D Object 情報の漏洩3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.001190.00CVE-2020-17411
4Foxit PhantomPDF U3D Object 情報の漏洩6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.003040.00CVE-2020-17412
5SAP Business Planning and Consolidation クロスサイトスクリプティング4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000540.00CVE-2020-6368
6SAP NetWeaver Application Server ABAP 情報の漏洩4.34.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000540.00CVE-2020-6371
7SAP 3D Visual Enterprise Viewer PDF File サービス拒否6.06.0$5k-$25k$0-$5kNot DefinedNot Defined0.000810.00CVE-2020-6372
8SAP 3D Visual Enterprise Viewer PDF File サービス拒否6.06.0$5k-$25k$0-$5kNot DefinedNot Defined0.000810.00CVE-2020-6373
9SAP 3D Visual Enterprise Viewer JT File サービス拒否6.06.0$5k-$25k$5k-$25kNot DefinedNot Defined0.000810.00CVE-2020-6374
10SAP 3D Visual Enterprise Viewer CGM File サービス拒否4.94.9$5k-$25k$0-$5kNot DefinedNot Defined0.000610.00CVE-2020-6375
11SAP 3D Visual Enterprise Viewer RH File サービス拒否4.54.5$0-$5k$0-$5kNot DefinedNot Defined0.000610.00CVE-2020-6376

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
118.220.249.233ec2-18-220-249-233.us-east-2.compute.amazonaws.comDNSLock2022年04月08日verified
252.77.199.193ec2-52-77-199-193.ap-southeast-1.compute.amazonaws.comDNSLock2022年04月08日verified
3XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx2022年04月08日verified
4XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx2022年04月08日verified
5XX.XXX.XX.XXXxxxxxx2022年04月08日verified
6XX.XXX.XXX.XXXXxxxxxx2022年04月08日verified

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1059.007CAPEC-209CWE-79Cross Site Scriptingpredictive
2TXXXXCAPEC-CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
3TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you need the next level of professionalism?

Upgrade your account now!