FakeAlert تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (51)

اللغة

en	46
ru	4
fr	2

البلد

us	26
pt	6
tr	6
ru	6
fr	2

الفاعلين

FakeAlert	6
Cobalt Strike	2
Quasar RAT	1
Wannacry	1
Dridex	1

الاهتمام

النوع

Not Defined	10
Web Server	6
WordPress Plugin	4
Router Operating System	2
Image Processing Software	2

المجهز

Not Defined	26
Microsoft	6
TP-LINK	2
Nagios	2
Paramiko	2

منتج

Microsoft IIS	4
TP-LINK TL-WR740N	2
TP-LINK TL-WR741N	2
ImageMagick	2
Microsoft Windows	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	Netgear ProSAFE Network Management System getNodesByTopologyMapSearch حقن إس كيو إل	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	0.00000	CVE-2023-38099
2	Samsung UWB Stack تلف الذاكرة	6.0	5.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00170	CVE-2022-25818
3	Cisco Linksys EA2700 URL الكشف عن المعلومات	4.3	4.1	$5k-$25k	$0-$5k	Proof-of-Concept	Unavailable	0.08	0.00000
4	Basti2web Book Panel books.php حقن إس كيو إل	7.3	7.0	$0-$5k	$0-$5k	High	Official Fix	0.04	0.00064	CVE-2009-4889
5	HotScripts Clone Script software-description.php حقن إس كيو إل	7.3	6.9	$0-$5k	جاري الحساب	Proof-of-Concept	Not Defined	0.03	0.00100	CVE-2007-6084
6	Linux Kernel Spectre Mitigation bugs.c spectre_v2_user_select_mitigation الكشف عن المعلومات	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00045	CVE-2023-1998
7	WordPress اجتياز الدليل	5.7	5.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00326	CVE-2023-2745
8	nginx تجاوز الصلاحيات	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.07	0.00241	CVE-2020-12440
9	Nagios XI command_test.php Privilege Escalation	8.0	7.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.28543	CVE-2023-48085
10	Moment.js اجتياز الدليل	6.9	6.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00330	CVE-2022-24785
11	Moodle LTI Module سكربتات مشتركة	4.8	4.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00921	CVE-2022-35653
12	ZoneMinder Language Privilege Escalation	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.38401	CVE-2022-29806
13	ZoneMinder Snapshot Action shell_exec تجاوز الصلاحيات	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.96928	CVE-2023-26035
14	Microsoft IIS سكربتات مشتركة	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00548	CVE-2017-0055
15	Redis Lua Script تلف الذاكرة	7.4	7.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.08	0.00329	CVE-2022-24834
16	Apple iOS/iPadOS Kernel Coldtro تلف الذاكرة	7.8	7.6	$25k-$100k	$5k-$25k	High	Official Fix	0.00	0.00149	CVE-2022-32894
17	Asana Desktop الكشف عن المعلومات	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00218	CVE-2022-26877
18	Google Android App Pinning LockTaskController.java shouldLockKeyguard توثيق ضعيف	6.0	5.8	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00042	CVE-2021-0472
19	XAMPP xampp-contol.ini تجاوز الصلاحيات	7.0	6.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.07	0.00561	CVE-2020-11107
20	McAfee Network Security Management Command Line Interface الكشف عن المعلومات	5.9	5.7	$0-$5k	جاري الحساب	Not Defined	Official Fix	0.00	0.00042	CVE-2020-7284

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	3.8.23.195	ec2-3-8-23-195.eu-west-2.compute.amazonaws.com	FakeAlert	31/05/2021	verified	متوسط
2	3.8.191.167	ec2-3-8-191-167.eu-west-2.compute.amazonaws.com	FakeAlert	31/05/2021	verified	متوسط
3	18.130.240.77	ec2-18-130-240-77.eu-west-2.compute.amazonaws.com	FakeAlert	31/05/2021	verified	متوسط
4	XX.XXX.XX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxx	Xxxxxxxxx	31/05/2021	verified	عالي
5	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xxxxx.xxx	Xxxxxxxxx	31/05/2021	verified	متوسط
6	XX.XXX.XX.XXX	xx-xxx-xx-xxx.xx-xxxx.xxxxxxx.xxxx	Xxxxxxxxx	31/05/2021	verified	عالي
7	XX.XXX.XX.XXX	xx-xxx-xx-xxx.xx-xxxx.xxxxxxx.xxxx	Xxxxxxxxx	31/05/2021	verified	عالي
8	XXX.XX.XXX.XXX	xxx.xx.xxx.xxx.xxxxx.xxx	Xxxxxxxxx	31/05/2021	verified	متوسط
9	XXX.XXX.XXX.XX	xxxxxx.xx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	31/05/2021	verified	عالي
10	XXX.XXX.XXX.XXX		Xxxxxxxxx	31/05/2021	verified	عالي
11	XXX.XX.XX.XX	xxxxx.xxxxxxxxxxxxxxx	Xxxxxxxxx	31/05/2021	verified	عالي
12	XXX.XXX.XXX.XXX		Xxxxxxxxx	31/05/2021	verified	عالي
13	XXX.XX.XX.XXX		Xxxxxxxxx	31/05/2021	verified	عالي

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1006	CWE-22	Path Traversal	predictive	عالي
2	T1059	CWE-94	Argument Injection	predictive	عالي
3	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	عالي
4	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
5	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	عالي
6	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
7	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (32)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/getcfg.php	predictive	متوسط
2	File	/uncpath/	predictive	متوسط
3	File	arch/x86/kernel/cpu/bugs.c	predictive	عالي
4	File	books.php	predictive	متوسط
5	File	coders/tiff.c	predictive	عالي
6	File	xxxxxxx_xxxx.xxx	predictive	عالي
7	File	xxxxxxx.xxx	predictive	متوسط
8	File	xxxxxx.xxx	predictive	متوسط
9	File	xxxxxxx.xxx	predictive	متوسط
10	File	xxxxxxxxxx.xxx	predictive	عالي
11	File	xxxxx.xxxxxxx.xxx	predictive	عالي
12	File	xxxx_xxxx.xxx	predictive	عالي
13	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	عالي
14	File	xxxx.xxx	predictive	متوسط
15	File	xxxxxxxx.xxx	predictive	متوسط
16	File	xxxxxxxxxx.xxx	predictive	عالي
17	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	عالي
18	File	xxxxxxxx-xxxxxxxxxxx.xxx	predictive	عالي
19	File	xxxxxxxxx.xx	predictive	متوسط
20	File	xxxxx-xxxxxx.xxx	predictive	عالي
21	Library	xxxxxx.xxx	predictive	متوسط
22	Argument	xxxxxx	predictive	واطئ
23	Argument	xxx	predictive	واطئ
24	Argument	xxx_xx	predictive	واطئ
25	Argument	xxx	predictive	واطئ
26	Argument	xxxx_xx	predictive	واطئ
27	Argument	xx	predictive	واطئ
28	Argument	xxxx_xx	predictive	واطئ
29	Argument	xxxxxxxx	predictive	متوسط
30	Input Value	xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx	predictive	عالي
31	Pattern	\|xx\|xx\|xx\|	predictive	متوسط
32	Network Port	xxx xxxxxx xxxx	predictive	عالي

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!