Western Sahara Unknown 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (15)

タイムライン

言語

en12
fr4

国・地域

us8
fr4

アクター

Rancor1
FTP Info Stealer1
Gabon1

アクティビティ

関心

タイムライン

タイプ

Not Defined6
Content Management System6
Anti-Malware Software2
Operating System2

ベンダー

Not Defined6
Softbiz2
SonicWALL2
Joomla2
Microsoft2

製品

Softbiz FAQ Script2
Wordpress2
Keycloak2
SonicWALL AntiSpam 2
SonicWALL EMail Security Appliance2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Keycloak クロスサイトスクリプティング3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000880.04CVE-2022-1438
2Microsoft Windows Multimedia Library winmm.dll メモリ破損10.09.5$100k 以上$0-$5kHighOfficial Fix0.972810.00CVE-2012-0003
3ZTE ZXHN H108N 情報の漏洩6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001200.03CVE-2019-3420
4Django defaulttags.py ディレクトリトラバーサル7.36.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005390.05CVE-2013-4315
5SquirrelMail PHP Interface webmail.php 弱い認証6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005000.03CVE-2009-0030
6Softbiz FAQ Script add_comment.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.013020.00CVE-2005-3938
7SonicWALL AntiSpam / EMail Security Appliance MTA Queue Report Module reports_mta_queue_status.html クロスサイトスクリプティング8.07.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.00
8Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k計算中HighWorkaround0.020160.00CVE-2007-1192
9Wordpress wp-trackback.php SQLインジェクション7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.002960.04CVE-2005-1687
10Joomla CMS SQLインジェクション7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.002640.05CVE-2013-1453
11Joomla CMS File Upload media.php 特権昇格6.36.0$5k-$25k$0-$5kHighOfficial Fix0.798640.08CVE-2013-5576
12Joomla CMS HTTP Header 特権昇格7.37.0$5k-$25k$0-$5kHighOfficial Fix0.973110.03CVE-2015-8562
13WordPress Widget Title 未知の脆弱性4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.008740.00CVE-2015-5731
14SoftMaker FlexiPDF Installer Library 特権昇格5.35.1$0-$5k$0-$5kNot DefinedUnavailable0.000000.02
15XenForo 特権昇格8.67.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.04

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
145.12.70.66executioner.get-eye.comWestern Sahara Unknown2022年11月16日verified
245.12.71.66Western Sahara Unknown2022年11月16日verified
3XX.XX.XXX.XXxx.xxx.xx.xx.xx-xxxx.xxxxXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified
4XXX.XXX.X.XXxxxxxx Xxxxxx Xxxxxxx2023年02月21日verified
5XXX.XXX.X.XXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified
6XXX.XXX.XX.XXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified
7XXX.XXX.XXX.XXXXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified
8XXX.XX.XX.XXXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified
9XXX.XX.XXX.XXXxxxxxx Xxxxxx Xxxxxxx2022年11月16日verified

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
3TXXXXCAPEC-122CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
4TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
5TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1Fileadd_comment.phppredictive
2Fileadministrator/components/com_media/helpers/media.phppredictive
3Filedata/gbconfiguration.datpredictive
4Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictive
5Filexxxxxxxx/xxxxxxxxxxx.xxpredictive
6Filexxxxxxx.xxxpredictive
7Filexx-xxxxxxxxx.xxxpredictive
8Libraryxxxxx.xxxpredictive
9Argumentxxxxxxx_xxxxxxx_xxxxxpredictive
10Argumentxxxxxxxxxpredictive
11Argumentxxxxxxxxpredictive
12Argumentxxpredictive
13Argumentxx_xxpredictive
14Argumentxxxx-xxxxxpredictive
15Input Value../predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

概要

Want to stay up to date on a daily basis?

Enable the mail alert feature now!