Plurox 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (23)

言語

en	20
ru	4

国・地域

ru	22
us	2

アクター

Plurox	2
DCRat	1
Hook	1
Exploit Kit	1
Gamaredon	1

関心

タイプ

Not Defined	14
Database Administration Software	2
Operating System	2
Digital Media Player	2
Programming Tool Software	2

ベンダー

Dell Alienware	4
Oracle	4
INplc	2
Not Defined	2
ABB	2

製品

Dell Alienware Digital Delivery	4
Oracle Agile Engineering Data Management	4
INplc SD Card Manager	2
phpMyAdmin	2
ABB System 800xA Information Manager	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩	5.3	5.2	$5k-$25k	計算中	High	Workaround	0.02016	0.00	CVE-2007-1192
2	BigBlueButton クロスサイトスクリプティング	6.2	6.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00068	0.00	CVE-2021-4143
3	Grafana Proxy 弱い認証	5.8	5.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00283	0.00	CVE-2022-35957
4	phpMyAdmin SearchController SQLインジェクション	8.0	7.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00745	0.00	CVE-2020-26935
5	AWStats awstats.pl ディレクトリトラバーサル	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00499	0.04	CVE-2020-35176
6	OpenEMR Create New User クロスサイトスクリプティング	3.6	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02086	0.00	CVE-2021-25919
7	Mozilla Firefox/Firefox ESR/Thunderbird Content Security Policy 特権昇格	5.3	5.1	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.01080	0.00	CVE-2021-23968
8	Cisco Unified Communications Manager Web-based Management Interface 未知の脆弱性	5.9	5.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00113	0.00	CVE-2020-3135
9	INplc SD Card Manager 特権昇格	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00070	0.00	CVE-2018-0667
10	Affiliate Tracking Script adminlogin.asp SQLインジェクション	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.00
11	Apple tvOS FontParser Memory メモリ破損	6.5	6.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00712	0.00	CVE-2016-4718
12	Google Android libziparchive 特権昇格	6.3	6.3	$25k-$100k	$5k-$25k	Not Defined	Not Defined	0.00071	0.00	CVE-2016-6762
13	IBM AIX FTP Server 特権昇格	5.3	4.6	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00156	0.00	CVE-2012-4845
14	GeniXCMS Media Rename Privilege Escalation	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00135	0.00	CVE-2017-5520
15	Rockwell FactoryTalk EnergyMetrix Logout 特権昇格	6.8	6.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00181	0.00	CVE-2016-4531
16	Apache Struts Restriction 特権昇格	7.5	7.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00914	0.00	CVE-2016-4431
17	Adobe Flash Player TCP Connection 特権昇格	6.8	6.6	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00261	0.02	CVE-2017-2938
18	Dell Alienware Digital Delivery Universal Windows Platform 特権昇格	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.00	CVE-2019-3744
19	Dell Alienware Digital Delivery Named Pipe 特権昇格	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00046	0.06	CVE-2019-3742
20	Oracle Agile Engineering Data Management Install (Apache Tomcat) 特権昇格	6.5	6.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00110	0.02	CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	Identified	タイプ	信頼度
1	37.140.199.65	37-140-199-65.xen.vps.regruhosting.ru	Plurox	2022年12月30日	verified	高
2	XXX.XX.XX.XX	xxx-xx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xx	Xxxxxx	2022年12月30日	verified	高
3	XXX.XXX.XXX.XXX	xxxx.xxxxxx.xxx	Xxxxxx	2022年12月30日	verified	高

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1006		CWE-21	Path Traversal	predictive	高
2	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	高
3	TXXXX	CAPEC-19	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
4	TXXXX	CAPEC-	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	高
5	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高
6	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	高
7	TXXXX	CAPEC-38	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	高
8	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	/adminlogin.asp	predictive	高
2	File	cgi-bin/awstats.pl	predictive	高
3	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	高
4	Argument	xxxxxx	predictive	低
5	Argument	xxxxxxxx/xxxxxxxx	predictive	高
6	Input Value	'xx''='	predictive	低

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!