Mushtik Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (15)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

TT: Trinidad and Tobago8
CN: China2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Mushtik2
Bashlite1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined4
Smartphone Operating System2
Web Browser2
Social Network Software2
Application Server Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Apple4
Not Defined2
Facebook2
BEA2
Cisco2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple iOS2
Apple iPadOS2
Apple Safari2
CSI snapshot-controller2
Facebook react-dev-utils2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1ruifang-tech Rebuild Admin Verification Page admin-verify redirect4.34.1$0-$5k$0-$5kProof-of-ConceptNot defined 0.000440.00CVE-2024-12990
2code-projects Client Details System update-clients.php sql injection6.16.0$0-$5k$0-$5kProof-of-ConceptNot defined 0.001030.03CVE-2023-7141
3Cisco IOS/IOS XE QoS memory corruption8.58.4$5k-$25k$5k-$25kAttackedWorkaroundverified0.098120.05CVE-2018-0151
4BEA WebLogic Domain Directory8.27.4$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.003710.00CVE-2006-2546
5Facebook react-dev-utils getProcessForPort os command injection5.55.3$5k-$25k$0-$5kNot definedOfficial fix 0.014390.00CVE-2021-24033
6Apple Safari Address input validation5.35.2$5k-$25k$0-$5kNot definedOfficial fix 0.003780.00CVE-2019-8670
7Docker Docker Image Manifest resource consumption4.34.1$5k-$25k$0-$5kNot definedOfficial fix 0.001590.03CVE-2021-21285
8Apple iOS/iPadOS WebKit Remote Code Execution8.68.5$25k-$100k$5k-$25kAttackedOfficial fixverified0.005760.00CVE-2021-1870
9CSI snapshot-controller Volume Snapshot null pointer dereference5.45.1$0-$5k$0-$5kNot definedOfficial fix 0.003490.03CVE-2020-8569
10Kubernetes API Server permission4.04.0$0-$5k$0-$5kNot definedNot defined 0.304120.00CVE-2020-8554
11Apple iOS/iPadOS XPC Service launchd access control7.87.0$25k-$100k$0-$5kProof-of-ConceptOfficial fix 0.005730.00CVE-2020-9971
12Apple iOS/iPadOS WebRTC use after free7.57.4$100k and more$5k-$25kNot definedOfficial fix 0.031550.09CVE-2020-15969
13Apple iOS/iPadOS Address Bar clickjacking4.34.1$25k-$100k$5k-$25kNot definedOfficial fix 0.002470.00CVE-2020-9993
14WordPress admin-ajax.php sql injection7.37.0$25k-$100k$0-$5kHighOfficial fixpossible0.051470.02CVE-2007-2821
15Apple iOS Disk Images memory corruption6.56.4$25k-$100k$0-$5kNot definedOfficial fix 0.001730.05CVE-2016-7616

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
118.228.7.109ec2-18-228-7-109.sa-east-1.compute.amazonaws.comMushtik07/13/2022verifiedVery Low
2XXX.XXX.XXX.XXXXxxxxxx07/13/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1068CWE-264Execution with Unnecessary PrivilegespredictiveHigh
2T1202CAPEC-108CWE-78Command Shell in Externally Accessible DirectorypredictiveHigh
3TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
5TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/update-clients.phppredictiveHigh
2File/user/admin-verifypredictiveHigh
3Filexxxxx-xxxx.xxxpredictiveHigh
4FilexxxxxxxpredictiveLow
5ArgumentxxxxxxpredictiveLow
6ArgumentxxxxxxxpredictiveLow
7ArgumentxxxpredictiveLow
8Input Valuexxxx://xxxxxxxxx/xxxx.xxxxpredictiveHigh
9Network Portxxx/xxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!