Amnesia تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (16)

التسلسل الزمني

اللغة

en16

البلد

us6
in4
nl4
gb2

الفاعلين

Amnesia1
GoGoogle1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined4
Network Attached Storage Software2
Asset Management Software2
WordPress Plugin2
Connectivity Software2

المجهز

Not Defined12
QNAP2
Crocoblock2

منتج

QNAP NAS2
GLPI2
QNAP2
Elementor Website Builder Plugin2
OpenSSH2

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةEPSSCTICVE
1WordPress Post press-this.php تجاوز الصلاحيات5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000540.03CVE-2011-1762
2Elementor Website Builder Plugin AJAX Action module.php تجاوز الصلاحيات7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.961970.02CVE-2022-1329
3Crocoblock JetEngine Form Data Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002010.00CVE-2021-41844
4Crocoblock JetEngine Custom Forms سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2021-38607
5WPBakery XSS Protection Mechanism kses_remove_filters تجاوز الصلاحيات5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000580.02CVE-2020-28650
6Yoast SEO Plugin Term Description تجاوز الصلاحيات9.08.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002440.02CVE-2019-13478
7Rocket.Chat Server NoSQL حقن إس كيو إل8.58.3$0-$5k$0-$5kNot DefinedOfficial Fix0.003690.04CVE-2017-1000493
8vBulletin moderation.php حقن إس كيو إل7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.01CVE-2016-6195
9PRTG Network Monitor addusers تجاوز الصلاحيات7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000930.00CVE-2018-19411
10PRTG Network Monitor login.htm تجاوز الصلاحيات8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002880.04CVE-2018-19410
11Samba smbd _netr_ServerPasswordSet ثغرات غير معروفة6.55.7$0-$5k$0-$5kHighOfficial Fix0.974000.00CVE-2015-0240
12OpenSSH Authentication Username الكشف عن المعلومات5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.19CVE-2016-6210
13QNAP Music Station تجاوز الصلاحيات8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002740.00CVE-2017-13069
14QNAP NAS cgi.cgi تلف الذاكرة5.95.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.00
15Download Manager Redirect6.25.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002330.00CVE-2017-2217
16GLPI الكشف عن المعلومات5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.007030.00CVE-2011-2720

حملات (1)

These are the campaigns that can be associated with the actor:

  • TVT Digital DVR Devices

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
193.174.95.38AmnesiaTVT Digital DVR Devices30/08/2021verifiedعالي

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1059.007CWE-79Cross Site Scriptingpredictiveعالي
2T1068CWE-264, CWE-284Execution with Unnecessary Privilegespredictiveعالي
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
4TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
5TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
6TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/api/adduserspredictiveعالي
2File/home/httpd/cgi-bin/cgi.cgipredictiveعالي
3File/xxxxxx/xxxxx.xxxpredictiveعالي
4Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveعالي
5Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveعالي
6File~/xxxx/xxx/xxxxxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveعالي
7Argumentxxxxxxxxpredictiveمتوسط
8Argumentxxxxxxxpredictiveواطئ

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!