Metasploit 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (6)

言語

en	6

国・地域

us	4
ru	2

アクター

Metasploit	2
MedusaLocker	1
IcedID	1
IcedID Downloader	1
SystemBC	1

関心

タイプ

Not Defined	4
Web Server	2

ベンダー

Apache	2
Emote Interactive	2
Humayun Shabbir Bhutta	2

製品

Apache HTTP Server	2
Emote Interactive Remote Mouse	2
Humayun Shabbir Bhutta ASP Product Catalog	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CTI	CVE
1	ActionApps tv_email.php3 特権昇格	6.5	6.2	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.21956	0.05	CVE-2006-2686
2	Apache HTTP Server Incomplete Fix CVE-2021-41773 ディレクトリトラバーサル	7.3	7.0	$5k-$25k	$0-$5k	High	Official Fix	0.97429	0.00	CVE-2021-42013
3	Emote Interactive Remote Mouse Image Transfer Local Privilege Escalation	4.5	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00149	0.00	CVE-2021-35448
4	Microsoft Windows Privilege Escalation	8.8	7.7	$100k 以上	$5k-$25k	Unproven	Official Fix	0.01258	0.00	CVE-2021-28455
5	Humayun Shabbir Bhutta ASP Product Catalog default.asp SQLインジェクション	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00154	0.04	CVE-2008-6875

キャンペーン (1)

These are the campaigns that can be associated with the actor:

Metasploit

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	キャンペーン	Identified	タイプ	信頼度
1	34.124.148.215	215.148.124.34.bc.googleusercontent.com	Metasploit		2024年04月15日	verified	中
2	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx		2024年04月15日	verified	中
3	XX.XXX.XX.XXX		Xxxxxxxxxx		2023年10月26日	verified	高
4	XXX.XXX.XXX.XX		Xxxxxxxx	Xxxxxxxxxx	2023年11月27日	verified	高

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	高
2	TXXXX	CAPEC-242	CWE-XX	Xxxxxxxx Xxxxxxxxx	predictive	高
3	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高

IOA - Indicator of Attack (4)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	default.asp	predictive	中
2	File	xx_xxxxx.xxxx	predictive	高
3	Argument	xxx	predictive	低
4	Argument	xxxxxxx[xx_xxx_xxxx]	predictive	高

参考 (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!