Machete تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (127)

التسلسل الزمني

اللغة

en110
ru6
zh4
it2
de2

البلد

us86
ru12
ca10
de2
es2

الفاعلين

Machete7
RagnarLocker1
Bashlite1
Donot1
DPRK1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined44
Content Management System16
Operating System12
Forum Software8
Web Browser6

المجهز

Not Defined38
Microsoft10
Apple6
DUware4
Adobe4

منتج

Microsoft Windows8
Adobe Flash Player4
Google Chrome4
SQuery4
PhotoPost PhotoPost vBGallery2

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1WordPress Access Restriction user-new.php تجاوز الصلاحيات7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00372CVE-2017-17091
2Apple iOS/iPadOS Kernel الكشف عن المعلومات3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00778CVE-2020-27950
3Joe Depasquale Bannermatic Ban File الكشف عن المعلومات5.35.3$0-$5kجاري الحسابNot DefinedNot Defined0.000.00231CVE-2002-2342
4PhotoPost PHP Pro showproduct.php حقن إس كيو إل9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00276CVE-2004-0250
5Skrypty Ppa Gallery functions.inc.php تلف الذاكرة7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.020.02429CVE-2005-2199
6Lighthouse Development Squirrelcart cart_content.php تجاوز الصلاحيات6.55.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.02731CVE-2006-2483
7Oracle GoldenGate الحرمان من الخدمة7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01349CVE-2021-3749
8Microsoft Windows Asynchronous RPC Request تجاوز الصلاحيات9.08.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.010.90541CVE-2013-3175
9vBulletin visitormessage.php تجاوز الصلاحيات7.57.4$0-$5kجاري الحسابHighUnavailable0.020.03157CVE-2014-9463
10phpBB startup.php سكربتات مشتركة4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00287CVE-2015-1431
11PHPizabi index.php اجتياز الدليل6.55.7$0-$5k$0-$5kUnprovenUnavailable0.070.00826CVE-2008-3723
12Pharmacy Sales and Inventory System manage_user.php حقن إس كيو إل6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00172CVE-2022-30407
13Hospital Patient Record Management System تجاوز الصلاحيات5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00075CVE-2022-24232
14Zentrack index.php اجتياز الدليل7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.080.00000
15Zentrack index.php تجاوز الصلاحيات7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00000
16PhotoPost PhotoPost vBGallery File Upload upload.php تجاوز الصلاحيات6.35.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.040.00546CVE-2008-7088
17Gempar Script Toko Online shop_display_products.php حقن إس كيو إل7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00100CVE-2009-0296
18Cutephp CuteNews URL comments.php تجاوز الصلاحيات7.36.6$0-$5kجاري الحسابProof-of-ConceptOfficial Fix0.010.01849CVE-2003-1240
19myWebland myEvent event.php تجاوز الصلاحيات7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.40476CVE-2006-1890
20myEvent event.php تجاوز الصلاحيات7.36.9$0-$5kجاري الحسابProof-of-ConceptNot Defined0.030.00000

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
131.207.44.72Machete31/03/2022verifiedعالي
269.64.43.33falcon207.startdedicated.comMachete17/12/2020verifiedعالي
3XXX.XX.XXX.XXxxx-xx-xxx-xx.xxx.xxxx.xxXxxxxxx17/12/2020verifiedعالي
4XXX.XX.XXX.XXXxxxxx.xx-xxx-xx-xxx.xxxXxxxxxx17/12/2020verifiedعالي
5XXX.XX.XXX.XXXxxxxxx17/12/2020verifiedعالي
6XXX.XX.X.XXXxxxxx.xx-xxx-xx-x.xxxXxxxxxx17/12/2020verifiedعالي
7XXX.X.X.XXXxxxxxx.xxx.x.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxx17/12/2020verifiedعالي
8XXX.XXX.XXX.XXXxxxxxx17/12/2020verifiedعالي
9XXX.XX.XX.XXXxx-xxxxx-xxxx.xxxxxxxxxx.xxxXxxxxxx17/12/2020verifiedعالي
10XXX.XXX.XXX.XXXxxxx.xxxxxxxxxxxxx.xxxxXxxxxxx17/12/2020verifiedعالي

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22Path Traversalpredictiveعالي
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3T1059CWE-94Argument Injectionpredictiveعالي
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictiveعالي
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
7TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictiveعالي
8TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
9TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
10TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
11TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (106)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/admin/config.php?display=backuppredictiveعالي
2File/pharmacy-sales-and-inventory-system/manage_user.phppredictiveعالي
3File/proc/self/cwdpredictiveعالي
4File/Side.phppredictiveمتوسط
5File/textpattern/index.phppredictiveعالي
6Fileaccount.asppredictiveمتوسط
7Fileadmin.phppredictiveمتوسط
8FileadminAttachments.phppredictiveعالي
9FileadminBoards.phppredictiveعالي
10FileadminPolls.phppredictiveعالي
11Fileal_initialize.phppredictiveعالي
12Filease.phppredictiveواطئ
13Filebb_usage_stats.phppredictiveعالي
14Filecart_content.phppredictiveعالي
15Filexxxxx.xxxxx.xxxpredictiveعالي
16Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveعالي
17Filexxxxxxx.xxxpredictiveمتوسط
18Filexxxxxx.xxxpredictiveمتوسط
19Filexxxxxxxx.xxx.xxxpredictiveعالي
20Filexxxxx.xxxpredictiveمتوسط
21Filexxxxxxxxxxx.xxxxx.xxxpredictiveعالي
22Filexxxx_xxxxxxxx.xxxpredictiveعالي
23Filexxxxxxxxx_xxx_xxxx.xxxpredictiveعالي
24Filexxxx.xxxpredictiveمتوسط
25Filexxxxxxxxxx.xxxpredictiveعالي
26Filexxxxxxxxx.xxxpredictiveعالي
27Filexxx/xxxxxxxxx.xxx.xxxpredictiveعالي
28Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveعالي
29Filexxxxxxxx/xxxxxxx.xxxpredictiveعالي
30Filexxxxx.xxxpredictiveمتوسط
31Filexxxxx.xxx?xx=xxxxxxxxxpredictiveعالي
32Filexxxx.xxxpredictiveمتوسط
33Filexxx_xxxxxxxx.xxxpredictiveعالي
34Filexxx.xxxpredictiveواطئ
35Filexxxxxxxx.xxxpredictiveمتوسط
36Filexxxxxxx/xxx/xxxxx.xxxpredictiveعالي
37Filexxxxxx_xx.xxxpredictiveعالي
38Filexxxxxxxxx.xxx.xxxpredictiveعالي
39Filexxxxxxx.xxxpredictiveمتوسط
40Filexxxxxxxxxx.xxxpredictiveعالي
41Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveعالي
42Filexxxxxxxxxx.xxxx.xxxpredictiveعالي
43Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveعالي
44Filexxxxxxx_xxxxxx_xxxxxxxx.xxxpredictiveعالي
45Filexxxxxx.xxxpredictiveمتوسط
46Filexxxx.xxxpredictiveمتوسط
47Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveعالي
48Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveعالي
49Filexxxxxxxxxxx.xxxpredictiveعالي
50Filexxxx_xxxxxxxx.xxx/xxxx_xxxx.xxxpredictiveعالي
51Filexxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveعالي
52Filexxxxxx.xxxpredictiveمتوسط
53Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveعالي
54Filexxxxxxx.xxxpredictiveمتوسط
55Filexxxxxxxxxxxxxx.xxxpredictiveعالي
56Filexx-xxxxx/xxxx-xxx.xxxpredictiveعالي
57Filexxxxxxxxxxxx.xxxpredictiveعالي
58Libraryxxxxxxxx-xx.xxxpredictiveعالي
59Libraryxxx xxxxxxxxxxpredictiveعالي
60Libraryxxxx.xxx.xxxpredictiveمتوسط
61Argumentxxxxxxpredictiveواطئ
62Argumentxxxxpredictiveواطئ
63Argumentxxxxpredictiveواطئ
64Argumentxxxx_xxx_xxxxpredictiveعالي
65Argumentxxxpredictiveواطئ
66Argumentxxx_xxpredictiveواطئ
67Argumentxxxxxxxxxxxxxxxpredictiveعالي
68Argumentxxxxxxxxxxpredictiveمتوسط
69Argumentxxxxxx[xxx_xxxx_xxxx]predictiveعالي
70Argumentxxxxxxxpredictiveواطئ
71Argumentxxxxxxxxpredictiveمتوسط
72Argumentxxxxxxxxpredictiveمتوسط
73Argumentxx_xxxxx_xxpredictiveمتوسط
74Argumentxx_xxxxxxxpredictiveمتوسط
75Argumentxxxxxxxxpredictiveمتوسط
76Argumentxxxx_xxpredictiveواطئ
77Argumentxxxxxxxpredictiveواطئ
78Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveعالي
79Argumentxxxx[xxxxxxx]predictiveعالي
80Argumentxxpredictiveواطئ
81Argumentxxxxxxxxxpredictiveمتوسط
82Argumentxxxxpredictiveواطئ
83Argumentxxxxxxpredictiveواطئ
84Argumentxxxx_xxxxpredictiveمتوسط
85Argumentxxxxxxxpredictiveواطئ
86Argumentxxx_xxxx_xxxxpredictiveعالي
87Argumentxx_xxxxxxxxpredictiveمتوسط
88Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveعالي
89Argumentxxxxxxx_xxxxpredictiveمتوسط
90Argumentxxxxxx_xxxxxx[xxxxxx_xxxx]predictiveعالي
91Argumentxxxxxpredictiveواطئ
92Argumentxxxxpredictiveواطئ
93Argumentxxxx_xx_xx_xxxpredictiveعالي
94Argumentxxxxxxxxxpredictiveمتوسط
95Argumentxxxxx_xxxx_xxxxpredictiveعالي
96Argumentxxxxxpredictiveواطئ
97Argumentxxxxxxxxxx[x]predictiveعالي
98Argumentxx_xxxxpredictiveواطئ
99Argumentxxxxxx_xxxxpredictiveمتوسط
100Argumentxxxxxpredictiveواطئ
101Argumentxxxxxxxxxxpredictiveمتوسط
102Argumentxxxxxxxxpredictiveمتوسط
103Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveعالي
104Input Value\xxx../../../../xxx/xxxxxxpredictiveعالي
105Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveعالي
106Pattern|xx xx xx xx|predictiveعالي

المصادر (4)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Might our Artificial Intelligence support you?

Check our Alexa App!