GoldBrute تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (95)

التسلسل الزمني

اللغة

en60
fr10
de8
pl6
es6

البلد

us78
cn18

الفاعلين

GoldBrute2
Cobalt Strike1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined38
Video Surveillance Software12
Forum Software10
Content Management System8
Bug Tracking Software2

المجهز

Not Defined58
F52
GetSimple2
nanopool2
Steve Korbett2

منتج

ZoneMinder12
DeluxeBB6
MaxWebPortal4
F5 FirePass2
MantisBT2

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1MaxWebPortal pm_delete2.asp حقن إس كيو إل6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00000
2Phorum pm.php حقن إس كيو إل7.37.0$0-$5k$0-$5kHighOfficial Fix0.030.01650CVE-2007-2339
3Pmachine lib.inc.php تجاوز الصلاحيات7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.02869CVE-2003-1086
4DeluxeBB pm.php سكربتات مشتركة4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00677CVE-2006-3303
5LokwaBB Message pm.php تجاوز الصلاحيات5.35.3$0-$5kجاري الحسابNot DefinedNot Defined0.040.00242CVE-2002-1880
6Phorum pm.php اجتياز الدليل5.45.1$0-$5kجاري الحسابProof-of-ConceptNot Defined0.030.00991CVE-2006-3611
7PCXP TOPPE CMS pm.php سكربتات مشتركة5.45.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00259CVE-2005-2465
8ZoneMinder index.php Reflected سكربتات مشتركة5.35.1$0-$5k$0-$5kNot DefinedUnavailable0.030.00000
9ZoneMinder HTTP POST Request index.php تجاوز الصلاحيات5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00075CVE-2022-39291
10ZoneMinder index.php حقن إس كيو إل6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.040.00000
11ZoneMinder index.php Reflected سكربتات مشتركة5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.020.00162CVE-2017-5367
12ZoneMinder index.php Reflected سكربتات مشتركة4.34.2$0-$5k$0-$5kNot DefinedUnavailable0.040.00000
13ZoneMinder zm_html_view_*.php سكربتات مشتركة4.34.1$0-$5k$0-$5kHighOfficial Fix0.030.00220CVE-2008-3881
14ZoneMinder index.php حقن إس كيو إل8.28.1$0-$5kجاري الحسابNot DefinedOfficial Fix0.000.00126CVE-2023-26034
15ZoneMinder index.php طلب تزوير مشترك6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00725CVE-2017-5368
16ONEdotOH Simple File Manager fm.php تلف الذاكرة7.37.1$0-$5k$0-$5kHighUnavailable0.030.02159CVE-2006-6376
17Anti-Web write.cgi اجتياز الدليل7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.020.00702CVE-2017-9097
18Jobbr co-profile.php حقن إس كيو إل7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00112CVE-2009-2427
19Juunan06 eCommerce crudTreatment.php طلب تزوير مشترك5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00072CVE-2018-15202
20Bingo News bn_smrep1.php تجاوز الصلاحيات7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01081CVE-2007-0145

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
1104.156.249.231104.156.249.231.vultrusercontent.comGoldBrute28/03/2022verifiedعالي
2XXX.XXX.XXX.XXXXxxxxxxxx28/03/2022verifiedعالي

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22Path Traversalpredictiveعالي
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3T1059CWE-94Argument Injectionpredictiveعالي
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictiveعالي
5TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
8TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
9TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
10TXXXXCWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
11TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (95)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/cgi-bin/login_action.cgipredictiveعالي
2File/drivers/infiniband/core/cm.cpredictiveعالي
3File/zm/index.phppredictiveعالي
4Fileadministrator/components/com_media/helpers/media.phppredictiveعالي
5Fileal_initialize.phppredictiveعالي
6Fileas_archives.phppredictiveعالي
7Filebn_smrep1.phppredictiveعالي
8FileCartView.phppredictiveمتوسط
9Filecgi-bin/mft/wireless_mft.cgipredictiveعالي
10Filecgi-bin/write.cgipredictiveعالي
11Filech_info.phppredictiveمتوسط
12Filecl_catlisting.asppredictiveعالي
13Filecl_minical.phppredictiveعالي
14Filexx/xxxxx/xxxx/xxxxxx.xxxpredictiveعالي
15Filexx-xxxxxxx.xxxpredictiveعالي
16Filexx/xxxxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveعالي
17Filexx.xxxpredictiveواطئ
18Filexx.xxxpredictiveواطئ
19Filexxxxx_xx.xxxxpredictiveعالي
20Filexxxxxxx/xxx.xxxpredictiveعالي
21Filexx_xxxxxx.xxxpredictiveعالي
22Filexx-xxxxxxx.xxxpredictiveعالي
23Filexx-xxxxxxx.xxxpredictiveعالي
24Filexx.xxxxxxxxxx.xxxpredictiveعالي
25Filexx.xxxpredictiveواطئ
26Filexx.xxxpredictiveواطئ
27Filexx_xxxxxxxxxx.xxxpredictiveعالي
28Filexx_xxx.xxxpredictiveمتوسط
29Filexx_xxxxxx.xxxpredictiveعالي
30Filexx_xxxxxxx.xxxpredictiveعالي
31Filexx_xxxxxx.xxxpredictiveعالي
32Filexx_xxxx_xxxx.xxxpredictiveعالي
33Filexx.xxxpredictiveواطئ
34Filexx_xxxxxxx.xxxpredictiveعالي
35Filexx_xxxxx.xxxpredictiveمتوسط
36Filexxxxx-xx.xpredictiveمتوسط
37Filexx-xxxxxxx/xx-xxxxxxx.xxxpredictiveعالي
38Filexxxx.xxxpredictiveمتوسط
39Filexx-xxx.xxxpredictiveمتوسط
40Filexxxxx-xxxx.xxxpredictiveعالي
41Filexxxxxxx.xxxpredictiveمتوسط
42Filexxxxxxx/xxxxxx.xpredictiveعالي
43Filexx_xxxx_xxxx_*.xxxpredictiveعالي
44Filexx_xxxx_xxxx_xxxxx.xxxpredictiveعالي
45Filexx_xxxx_xxxx_xxxxxx.xxxpredictiveعالي
46File~/xx-xxxxx-xxxxxxx.xxxpredictiveعالي
47Libraryxx/xxx/xxxx_xxxxxx.xxxpredictiveعالي
48Libraryxx_xxx.xxx.xxxpredictiveعالي
49Libraryxx/xxx.xxx.xxxpredictiveعالي
50Argument$_xxxxxx["xxx_xxxx"]predictiveعالي
51Argument$_xxxxxx[xxx_xxxx']predictiveعالي
52Argumentxxxxxx=xxxxpredictiveمتوسط
53Argumentxxxxxxpredictiveواطئ
54Argumentxxxxxpredictiveواطئ
55Argumentxxxxxpredictiveواطئ
56Argumentxxx_xxxxpredictiveمتوسط
57Argumentxxxxxxpredictiveواطئ
58Argumentxx_xxx_xxpredictiveمتوسط
59Argumentxxxxxxpredictiveواطئ
60Argumentxxxxpredictiveواطئ
61Argumentxxxxxxxpredictiveواطئ
62Argumentxxxxxxpredictiveواطئ
63Argumentxxxxxx#####predictiveمتوسط
64Argumentxxxxpredictiveواطئ
65Argumentxxx_xxpredictiveواطئ
66Argumentxxxxxxxxpredictiveمتوسط
67Argumentxxxxxx[xxxxx][xxxxx][x][xxxx]predictiveعالي
68Argumentxxxxxxx[xxxxxxxx]predictiveعالي
69Argumentxxxxxxxxpredictiveمتوسط
70Argumentxxpredictiveواطئ
71Argumentxxpredictiveواطئ
72Argumentxxxxxpredictiveواطئ
73Argumentxxxxx_xxxxpredictiveمتوسط
74Argumentxxxpredictiveواطئ
75Argumentxxxxpredictiveواطئ
76Argumentxxxxxxx/xxxxxxxpredictiveعالي
77Argumentxxxxxxxxxxxpredictiveمتوسط
78Argumentxxxxxxxpredictiveواطئ
79Argumentxxxx_xxxpredictiveمتوسط
80Argumentxxxxpredictiveواطئ
81Argumentxx_xxxxpredictiveواطئ
82Argumentxxxxxxpredictiveواطئ
83Argumentxxxxxxx_xxx_xxxxpredictiveعالي
84Argumentxxxx_xxxpredictiveمتوسط
85Argumentxxx_xxxxxpredictiveمتوسط
86Argumentxxxxxxxpredictiveواطئ
87Argumentxx_xxxxxx_xxxxxpredictiveعالي
88Argumentxxxx_xxxxpredictiveمتوسط
89Argumentxxxxxxxxpredictiveمتوسط
90Argumentxxxpredictiveواطئ
91Argumentxxx_xxxxxxpredictiveمتوسط
92Argumentxxxxxpredictiveواطئ
93Argumentxxxxpredictiveواطئ
94Argument_xxxxpredictiveواطئ
95Argument_xxx/_xxxxxpredictiveمتوسط

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Do you know our Splunk app?

Download it now for free!