ShadowHammer 解析
IOB - Indicator of Behavior (1)
アクティビティ
キャンペーン (1)
These are the campaigns that can be associated with the actor:
- ShadowHammer
IOC - Indicator of Compromise (6)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
| ID | IPアドレス | Hostname | アクター | キャンペーン | Identified | タイプ | 信頼度 |
|---|---|---|---|---|---|---|---|
| 1 | 23.236.77.175 | ShadowHammer | ShadowHammer | 2020年12月22日 | verified | 高 | |
| 2 | 23.236.77.177 | ShadowHammer | ShadowHammer | 2020年12月22日 | verified | 高 | |
| 3 | XX.XXX.XX.XXX | Xxxxxxxxxxxx | Xxxxxxxxxxxx | 2020年12月22日 | verified | 高 | |
| 4 | XX.XXX.XX.XXX | xxx-xx-xxx-xx-xxx.xx-xxxxx-x.xxxxxxx.xxxxxxxxx.xxx | Xxxxxxxxxxxx | 2022年03月27日 | verified | 中 | |
| 5 | XXX.XX.XXX.X | Xxxxxxxxxxxx | Xxxxxxxxxxxx | 2020年12月22日 | verified | 高 | |
| 6 | XXX.XXX.XX.XXX | Xxxxxxxxxxxx | 2022年03月27日 | verified | 高 |
TTP - Tactics, Techniques, Procedures (1)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
| ID | Technique | クラス | 脆弱性 | アクセスベクター | タイプ | 信頼度 |
|---|---|---|---|---|---|---|
| 1 | T1202 | CAPEC-136 | CWE-77 | Command Shell in Externally Accessible Directory | predictive | 高 |
参考 (3)
The following list contains external sources which discuss the actor and the associated activities:
- https://github.com/vuldb/cyber_threat_intelligence/tree/main/actors/ShadowHammer
- xxxxx://xxxxxx.xxx/xxxxxxxx/xxxxxxxx/xxxx/xx/xx/xxxxxxx-xxxxxx-xxxxx-xxxxxx-xxxx-xxxxxxxx-xxxxxxx-xxx-xxxxxx.xxxx
- xxxxx://xxx.xxxxxxxxxxx.xxx/_xxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxx.xxx#xxxxxx.xxxxxx=xxxxxxxx