Mispadu تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

اللغة

de	14
en	4
ar	2

البلد

us	18
ir	2

الفاعلين

Mispadu	2

الاهتمام

النوع

Not Defined	8
Content Management System	6
Operating System	2
File Transfer Software	2

المجهز

Not Defined	8
Huawei	2
Nicholas Marriott	2
Tribe29	2
Green Hills	2

منتج

Huawei SXXX	2
Nicholas Marriott tmux	2
Mahara	2
Tribe29 Checkmk	2
Drupal	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	Huawei ACXXXX/SXXXX SSH Packet تجاوز الصلاحيات	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00246	CVE-2014-8572
2	Huawei SXXX VRP MPLS LSP Ping الكشف عن المعلومات	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00096	CVE-2014-8570
3	Tribe29 Checkmk Livestatus Query Language تجاوز الصلاحيات	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00043	CVE-2022-47909
4	Tribe29 Checkmk Agent Updater Log File الكشف عن المعلومات	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	0.00043	CVE-2022-48319
5	Microsoft Windows ISATAP تجاوز الصلاحيات	6.5	6.2	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.02	0.06396	CVE-2010-0812
6	IBM DB2 تجاوز الصلاحيات	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00343	CVE-2011-1846
7	Nicholas Marriott tmux تجاوز الصلاحيات	5.9	5.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00051	CVE-2011-1496
8	WordPress اجتياز الدليل	5.7	5.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00326	CVE-2023-2745
9	netcf Path Expression find_ifcfg_path تجاوز الصلاحيات	5.9	5.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00662	CVE-2014-8119
10	Xerox Workcentre 5655 Authorization الكشف عن المعلومات	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00251	CVE-2010-0548
11	Xerox Workcentre 6400 Net Controller الكشف عن المعلومات	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02	0.00204	CVE-2010-0549
12	SilverStripe الكشف عن المعلومات	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.01045	CVE-2010-5188
13	ubuntu Linux توثيق ضعيف	10.0	9.5	$5k-$25k	جاري الحساب	Not Defined	Official Fix	0.03	0.00272	CVE-2010-0834
14	Red Hat Enterprise Linux تجاوز الصلاحيات	5.3	5.3	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	0.00342	CVE-2010-2598
15	Drupal Form API تجاوز الصلاحيات	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06	0.00093	CVE-2022-25271
16	Mahara Single Sign-On توثيق ضعيف	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00450	CVE-2010-1670
17	Green Hills INTEGRITY RTOS Interpeak IPCOMShell TELNET Server تلف الذاكرة	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00308	CVE-2019-7713
18	Samba receive_smb_raw تلف الذاكرة	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.03	0.97018	CVE-2008-1105

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	2.59.255.65		Mispadu	29/07/2023	verified	عالي
2	X.XX.XXX.XXX	xxx-x-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	31/05/2021	verified	متوسط
3	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	31/05/2021	verified	متوسط
4	XX.XXX.XX.XXX		Xxxxxxx	16/02/2024	verified	عالي
5	XX.XX.XX.XXX		Xxxxxxx	31/05/2021	verified	عالي

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1006	CWE-22	Path Traversal	predictive	عالي
2	TXXXX	CWE-XX	Xxxxxxxx Xxxxxxxxxxxxxx Xx Xxxx Xxxxxx Xxxxx Xxxxxxxxxxx	predictive	عالي
3	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
4	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (1)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	Argument	debug_profile	predictive	عالي

المصادر (4)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Do you know our Splunk app?

Download it now for free!