DragonSpark 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (25)

タイムライン

言語

zh18
en6
ja2

国・地域

cn24
us2

アクター

Indexsinas1
Calypso1
DragonSpark1
Cobalt Strike1
Meterpreter1

アクティビティ

関心

タイムライン

タイプ

Not Defined8
Content Management System4
Operating System2
Network Encryption Software2
File Transfer Software2

ベンダー

Not Defined12
Asus2
Linux2
OpenVPN2
Pureftpd2

製品

Asus RT-AC68U2
Asus RT-AC53002
Linux Kernel2
Laravel2
OpenVPN Access Server2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Redis Lua 特権昇格6.36.3$0-$5k$0-$5kHighNot Defined0.971140.03CVE-2022-0543
2OpenVPN Access Server LDAP 弱い認証8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.004300.04CVE-2020-8953
3EmbedThis HTTP Library/Appweb httpLib.c authCondition 弱い認証7.77.5$0-$5k$0-$5kHighOfficial Fix0.009270.05CVE-2018-8715
4Zendesk Support Plugin 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000000.03CVE-2023-23716
5Netty 未知の脆弱性6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001670.04CVE-2022-41915
6Pureftpd pure-FTPd ディレクトリトラバーサル5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000420.04CVE-2011-3171
7DJI Drone AeroScope Protocol 情報の漏洩3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.001150.04CVE-2022-29945
8Oracle MySQL Server Privileges サービス拒否7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.005640.04CVE-2018-2696
9Linksys Router 弱い認証9.89.6$0-$5k$0-$5kHighWorkaround0.000420.02CVE-1999-0508
10Cisco Linksys Router 特権昇格8.57.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.323330.04CVE-2013-5122
11Asus RT-AC68U/RT-AC5300 blocking_request.cgi メモリ破損5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.003850.02CVE-2021-45756
12Laravel FileCookieJar.php 特権昇格6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000490.00CVE-2022-30779
13Watchguard Firebox/XTM Remote Code Execution6.36.0$0-$5k$0-$5kHighOfficial Fix0.841700.06CVE-2022-26318
14Joomla CMS Login SQLインジェクション9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.002010.00CVE-2006-1047
15Joomla 弱い認証6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.002010.00CVE-2022-23795
16Grafana Labs Permission 弱い認証9.89.6$0-$5k$0-$5kHighOfficial Fix0.972090.04CVE-2021-39226
17Grafana ディレクトリトラバーサル6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.974600.04CVE-2021-43798
18WordPress SQLインジェクション6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.004670.03CVE-2022-21664
19WordPress WP_Query SQLインジェクション6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.938470.03CVE-2022-21661
20Filter Portfolio Gallery Plugin Gallery Delete 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000620.00CVE-2021-24795

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
143.129.227.159DragonSpark2023年01月31日verified
2XXX.XX.XX.XXXXxxxxxxxxxx2023年01月31日verified
3XXX.XXX.XXX.XXXXxxxxxxxxxx2023年01月31日verified
4XXX.XXX.XXX.XXXXxxxxxxxxxx2023年01月31日verified

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1068CWE-264Execution with Unnecessary Privilegespredictive
3TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
4TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
5TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictive
6TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
7TXXXXCAPEC-CWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (5)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/public/plugins/predictive
2Fileblocking_request.cgipredictive
3Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictive
4Libraryxxxx/xxxxxxx.xpredictive
5Network Portxxx/xxxx (xx-xxx)predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Might our Artificial Intelligence support you?

Check our Alexa App!