Tortilla 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (3)

タイムライン

言語

en	2
it	2

国・地域

it	2

アクター

Tortilla	1
Meterpreter	1

アクティビティ

関心

タイムライン

タイプ

Automation Software	2
Operating System	2

ベンダー

Delta Electronics	2
Linux	2

製品

Delta Electronics Delta Industrial Automation PMSo ...	2
Linux Kernel	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CVE
1	Pablo Software Solutions Baby ASP Web Server 特権昇格	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01352	CVE-2006-1391
2	Delta Electronics Delta Industrial Automation PMSoft 情報の漏洩	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00547	CVE-2018-14824
3	Linux Kernel Kernel Memory Subsystem Dirty COW 競合状態	7.8	7.6	$5k-$25k	$0-$5k	High	Official Fix	0.87936	CVE-2016-5195

キャンペーン (1)

These are the campaigns that can be associated with the actor:

Microsoft Exchange

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	キャンペーン	Identified	タイプ	信頼度
1	54.221.65.242	ec2-54-221-65-242.compute-1.amazonaws.com	Tortilla	Microsoft Exchange	2021年11月04日	verified	中
2	XXX.XXX.XX.XXX	xxxx.xx	Xxxxxxxx	Xxxxxxxxx Xxxxxxxx	2021年11月04日	verified	高
3	XXX.XXX.XX.XXX		Xxxxxxxx	Xxxxxxxxx Xxxxxxxx	2021年11月04日	verified	高

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1068	CAPEC-122	CWE-269	Execution with Unnecessary Privileges	predictive	高

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Do you know our Splunk app?

Download it now for free!