UNC5274 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (244)

言語

en	178
de	36
zh	10
pl	6
it	6

国・地域

us	232
cn	10

アクター

UNC5274	3

関心

タイプ

Not Defined	36
Forum Software	10
Content Management System	6
Smartphone Operating System	4
Photo Gallery Software	4

ベンダー

Not Defined	38
Apple	6
Edgewall Software	4
Google	2
Mikrobi	2

製品

Phorum	4
Edgewall Software Trac	4
Google Android	2
Serendipity	2
FLDS	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CTI	CVE
1	jforum User 特権昇格	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00289	0.04	CVE-2019-7550
2	DZCP deV!L`z Clanportal config.php 特権昇格	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.48	CVE-2010-0966
3	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩	5.3	5.2	$5k-$25k	計算中	High	Workaround	0.02016	0.00	CVE-2007-1192
4	TikiWiki tiki-register.php 特権昇格	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01075	7.93	CVE-2006-6168
5	PHP phpinfo クロスサイトスクリプティング	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.01960	0.05	CVE-2007-1287
6	Pligg cloud.php SQLインジェクション	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.57
7	Tiki Admin Password tiki-login.php 弱い認証	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00936	2.33	CVE-2020-15906
8	Apple Mac OS X Server Wiki Server SQLインジェクション	5.3	4.6	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00339	1.23	CVE-2015-5911
9	Serendipity exit.php 特権昇格	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.27
10	PHP Link Directory Administration Page index.html クロスサイトスクリプティング	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00374	0.21	CVE-2007-0529
11	WoltLab Burning Book addentry.php SQLインジェクション	7.3	6.8	$0-$5k	$0-$5k	Functional	Unavailable	0.00804	0.00	CVE-2006-5509
12	EFS Easy Chat Server HTML Source Code register.php Password 情報の漏洩	6.4	5.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00641	0.00	CVE-2017-9557
13	Phorum register.php SQLインジェクション	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00509	0.00	CVE-2004-0035
14	Rocket.Chat Server NoSQL SQLインジェクション	8.5	8.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00369	0.04	CVE-2017-1000493
15	phpMyAdmin phpinfo.php 情報の漏洩	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00142	0.05	CVE-2016-9848
16	YaBB yabb.pl クロスサイトスクリプティング	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01240	0.04	CVE-2004-2402
17	baserCMS Management System 特権昇格	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01414	0.05	CVE-2023-25654
18	Sitecore Experience Manager Privilege Escalation	8.0	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.89227	0.03	CVE-2023-35813
19	Themefic Ultimate Addons for Contact Form 7 Plugin SQLインジェクション	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00076	0.00	CVE-2022-47586
20	Redirection for Contact Form 7 Plugin 特権昇格	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.05	CVE-2023-39920

キャンペーン (1)

These are the campaigns that can be associated with the actor:

CVE-2024-1709 / CVE-2023-46747

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	キャンペーン	Identified	タイプ	信頼度
1	61.239.68.73	061239068073.ctinets.com	UNC5274	CVE-2024-1709 / CVE-2023-46747	2024年04月02日	verified	高
2	XXX.XXX.XXX.XXX		Xxxxxxx	Xxx-xxxx-xxxx / Xxx-xxxx-xxxxx	2024年04月02日	verified	高
3	XXX.XXX.XX.XXX	xxxx.xxxxxx.xx	Xxxxxxx	Xxx-xxxx-xxxx / Xxx-xxxx-xxxxx	2024年04月02日	verified	高

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	高
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	高
3	TXXXX.XXX	CAPEC-209	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	高
4	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
5	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	高
6	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高
7	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高
8	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	高

IOA - Indicator of Attack (71)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	/portal/user-register.php	predictive	高
2	File	add.php/del.php	predictive	高
3	File	addentry.php	predictive	中
4	File	admin/conf_users_edit.php	predictive	高
5	File	admin/page-login.php	predictive	高
6	File	base_maintenance.php	predictive	高
7	File	classified_right.php	predictive	高
8	File	cloud.php	predictive	中
9	File	data/gbconfiguration.dat	predictive	高
10	File	email.php	predictive	中
11	File	xx/xxxxx/xxxxxx_xxxxx.xxx	predictive	高
12	File	xxxx.xxx	predictive	中
13	File	xxxx.xxx	predictive	中
14	File	xxxxxxxxx.xxx	predictive	高
15	File	xxx/xxxxxx.xxx	predictive	高
16	File	xxxxx.xxxx	predictive	中
17	File	xxxx.xxx.xxx	predictive	中
18	File	xxxxxxxxx/xxxxxxx.x	predictive	高
19	File	xxxxxxx.xxx	predictive	中
20	File	xxxx.xxx	predictive	中
21	File	xxxxx.xxx	predictive	中
22	File	xxxxxxxx.xx	predictive	中
23	File	xxxxxxxx.xxx	predictive	中
24	File	xxxxxxxx.xxx	predictive	中
25	File	xxxxxxxx.xxx	predictive	中
26	File	xxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxx	predictive	高
27	File	xxxxxxxx_xxxx.xxx	predictive	高
28	File	xxxxxx_xxxxxx.xxx	predictive	高
29	File	xxxxxx.xxx	predictive	中
30	File	xxxxxxxxx.xxx/xxxxxxx.xxx	predictive	高
31	File	xxxxxxxx.xxxxx.xxx	predictive	高
32	File	xxxx-xxxxx.xxx	predictive	高
33	File	xxxx-xxxxxxxx.xxx	predictive	高
34	File	xxxx/xxxxxxxx.xxx	predictive	高
35	File	xxxx.xxx	predictive	中
36	File	xxxx/xxxxxxxx.xxx	predictive	高
37	File	xxxxx.xxx	predictive	中
38	File	xx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxx	predictive	高
39	File	xx-xxxxxxxx.xxx	predictive	高
40	File	xxxx.xx	predictive	低
41	Argument	xx_xxxxx_xxx_xxxx	predictive	高
42	Argument	x_xxxxxx	predictive	中
43	Argument	xxxxxxxx	predictive	中
44	Argument	xxxxx	predictive	低
45	Argument	xxxxxxxxxx	predictive	中
46	Argument	xxxxxxxxx[x]	predictive	中
47	Argument	xxxxxxx	predictive	低
48	Argument	xxx_x_xxx	predictive	中
49	Argument	x_xxxxxxx_xxx	predictive	高
50	Argument	xxxxx	predictive	低
51	Argument	xxxxx	predictive	低
52	Argument	xxxx_xxxxx	predictive	中
53	Argument	xx	predictive	低
54	Argument	xxxxxxxxx-xxxxxxx/xxxxxxxxx/xxxxxxxxxx	predictive	高
55	Argument	xxxxxxxx_xxx	predictive	中
56	Argument	xxxx	predictive	低
57	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	高
58	Argument	xxxxxx	predictive	低
59	Argument	xx	predictive	低
60	Argument	xxxx	predictive	低
61	Argument	xxxxxxxxxx	predictive	中
62	Argument	xxx	predictive	低
63	Argument	xxxxxxxxxx	predictive	中
64	Argument	xxx	predictive	低
65	Argument	xxxxxxxxx	predictive	中
66	Argument	xxxxx	predictive	低
67	Argument	xxx	predictive	低
68	Argument	xxxxxxxx/xxxxxxxx	predictive	高
69	Argument	xxxx_xxxxx	predictive	中
70	Argument	xxxx_xx	predictive	低
71	Argument	_xxxxxx[xxxx_xxxx]	predictive	高

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!