Monokle تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

اللغة

en	946
ru	26
fr	16
de	6
zh	4

البلد

tt	546
us	42
ru	28
gb	2

الفاعلين

Monokle	4
FIN7	1

الاهتمام

النوع

Not Defined	68
Router Operating System	26
Operating System	18
Smartphone Operating System	12
Chip Software	12

المجهز

Not Defined	36
Juniper	24
Oracle	24
SourceCodester	14
Google	14

منتج

Juniper Junos OS	20
Juniper Junos OS Evolved	16
Google Android	12
Qualcomm Snapdragon Auto	12
Qualcomm Snapdragon Compute	12

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	Linux Kernel API io_uring Privilege Escalation	8.8	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	0.00046	CVE-2022-2602
2	Linux Kernel kcm kcmsock.c kcm_tx_work حالة السباق	2.6	2.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.12	0.00045	CVE-2022-3521
3	Linux Kernel Socket Buffer sch_sfb تلف الذاكرة	6.0	5.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00046	CVE-2022-3586
4	Google Android HTBLogKM تلف الذاكرة	7.8	7.5	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00042	CVE-2021-0699
5	Linux Kernel Driver memory.c تلف الذاكرة	5.3	5.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00073	CVE-2022-3523
6	Linux Kernel IPv6 ipv6_renew_options الحرمان من الخدمة	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.06	0.00042	CVE-2022-3524
7	Linux Kernel BPF spl2sw_driver.c spl2sw_nvmem_get_mac_address تلف الذاكرة	6.3	6.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	0.00042	CVE-2022-3541
8	Linux Kernel nftables nft_osf_eval الكشف عن المعلومات	4.7	4.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	0.00045	CVE-2022-42432
9	Linux Kernel BPF usdt.c parse_usdt_arg الحرمان من الخدمة	4.2	4.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00043	CVE-2022-3533
10	Linux Kernel libbpf btf_dump.c btf_dump_name_dups تلف الذاكرة	6.3	6.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.12	0.00043	CVE-2022-3534
11	Linux Kernel Bluetooth l2cap_core.c l2cap_conn_del تلف الذاكرة	6.6	6.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.06	0.00120	CVE-2022-3640
12	Linux Kernel BlueZ jlink.c jlink_init الحرمان من الخدمة	3.6	3.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.07	0.00043	CVE-2022-3637
13	Linux Kernel skb macvlan.c macvlan_handle_frame الحرمان من الخدمة	6.0	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	0.00097	CVE-2022-3526

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	37.252.121.133	ooracing-centos8.tilaa.cloud	Monokle	28/03/2022	verified	عالي
2	46.4.180.48	static.48.180.4.46.clients.your-server.de	Monokle	28/03/2022	verified	عالي
3	77.37.200.61	broadband-77-37-200-61.ip.moscow.rt.ru	Monokle	28/03/2022	verified	عالي
4	88.99.111.46	static.46.111.99.88.clients.your-server.de	Monokle	28/03/2022	verified	عالي
5	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxxxxxx.xxx	Xxxxxxx	28/03/2022	verified	عالي
6	XXX.XXX.XXX.XXX	xxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxx	28/03/2022	verified	عالي
7	XXX.XXX.XX.XX	xxx.xxx	Xxxxxxx	28/03/2022	verified	عالي
8	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxx	28/03/2022	verified	عالي
9	XXX.XX.XX.X	xxxxxx-xx.xxxxxxxx.xxx	Xxxxxxx	28/03/2022	verified	عالي
10	XXX.XX.XX.XX	xxxxxx-xx.xxxxxxxx.xxx	Xxxxxxx	28/03/2022	verified	عالي
11	XXX.XX.XX.XX		Xxxxxxx	28/03/2022	verified	عالي
12	XXX.XXX.XX.XXX	xxxxxxxx.xxxxxxx.xx.xx	Xxxxxxx	28/03/2022	verified	عالي
13	XXX.XXX.XXX.XX	xxxxxxxxxxxxx.xxx	Xxxxxxx	28/03/2022	verified	عالي
14	XXX.XXX.XX.XX	xxxx.xx-xxx-xxx-xx.xx	Xxxxxxx	28/03/2022	verified	عالي
15	XXX.XXX.XXX.XXX	xxxxx.xx-xxx-xxx-xxx.xx	Xxxxxxx	28/03/2022	verified	عالي
16	XXX.XXX.XX.XX		Xxxxxxx	28/03/2022	verified	عالي
17	XXX.XXX.XXX.XXX		Xxxxxxx	28/03/2022	verified	عالي
18	XXX.XXX.XX.XX	xxxx-xxx-xxx-xx-xx.xxxxxxx.xx	Xxxxxxx	28/03/2022	verified	عالي

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1006	CWE-21, CWE-22, CWE-23	Path Traversal	predictive	عالي
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	عالي
3	T1059	CWE-88	Argument Injection	predictive	عالي
4	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	عالي
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
6	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	عالي
7	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	عالي
8	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
9	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
10	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
11	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
12	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	عالي
13	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	عالي
14	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (97)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/admin/access	predictive	عالي
2	File	/admin/students/manage.php	predictive	عالي
3	File	/goform/SetFirewallCfg	predictive	عالي
4	File	/goform/SetPptpServerCfg	predictive	عالي
5	File	/goform/SetSysTimeCfg	predictive	عالي
6	File	/goform/SetVirtualServerCfg	predictive	عالي
7	File	/htmlcode/html/reboot.cgi	predictive	عالي
8	File	/php-sms/classes/Master.php	predictive	عالي
9	File	/php-sms/classes/SystemSettings.php	predictive	عالي
10	File	/queuing/login.php	predictive	عالي
11	File	/sacco_shield/manage_payment.php	predictive	عالي
12	File	xxx-xxxxxxx.xxx	predictive	عالي
13	File	xxxxx/xxxxxxxx/xxxxxxxxx/xxxx.xxxx	predictive	عالي
14	File	xxxxxxxxxxxx.xxx	predictive	عالي
15	File	xxxxxxxxxxxxx.xxx	predictive	عالي
16	File	xxxxxxxxxxxxxxx.xxx	predictive	عالي
17	File	xxxxxxxxx.x	predictive	متوسط
18	File	xxxxxxxxxxx.xxx	predictive	عالي
19	File	xxxxx-xxx.x	predictive	متوسط
20	File	xxxxxxx.xxx	predictive	متوسط
21	File	xxxxxx.x	predictive	متوسط
22	File	xxxxxxxxx.xxx	predictive	عالي
23	File	xxxxxx/xxx.x	predictive	متوسط
24	File	xxxxx.xxx	predictive	متوسط
25	File	xxxxxxxxxxxxxxxx.xxx	predictive	عالي
26	File	xxx_xxxx_xxxxx_xx.xxx	predictive	عالي
27	File	xxxxxx/xxxx-xxxxxxx.xxx	predictive	عالي
28	File	xxxxxxx/xxx/xxxxxxxx.x	predictive	عالي
29	File	xxxxxxx/xxxx/xxxxx/xxxxx_xxxx.x	predictive	عالي
30	File	xxxxxxx/xxx/xxxxxxx/xxxx_xxx.x	predictive	عالي
31	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxx/xxxxx_xxxxxxx.x	predictive	عالي
32	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxx_xxx.x	predictive	عالي
33	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxx_xxxxxx.x	predictive	عالي
34	File	xxxxxxx/xxx/xxxxxxx.x	predictive	عالي
35	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx_xxxxx.x	predictive	عالي
36	File	xxxxxxxx.xxx	predictive	متوسط
37	File	xx/xxxxxxx/xxxxxx.x	predictive	عالي
38	File	xx/xxxxxxxxx.x	predictive	عالي
39	File	xx/xxxxxxx.x	predictive	متوسط
40	File	xx/xxxxxxx.x	predictive	متوسط
41	File	xx/xxxx/xxxxx/xxxxxxxxxx/xxxxxx_xxxxxxxx.xxx	predictive	عالي
42	File	xxxxxx/xxxxxx.x	predictive	عالي
43	File	xxxxx.xxx	predictive	متوسط
44	File	xx/xxxxxxx.x	predictive	متوسط
45	File	xx/xxxxxx.x	predictive	متوسط
46	File	xxxxxxx/xxxxx.x	predictive	عالي
47	File	xxx/xxxxxxxxx/xxxxx_xxxx.x	predictive	عالي
48	File	xxx/xxx/xxxxx/xxxxxxxxx.x	predictive	عالي
49	File	xxx/xxxx/xxxxxxx.x	predictive	عالي
50	File	xxx/xxx/xxxxxxx.x	predictive	عالي
51	File	xxx/xxxx/xx_xxxx.x	predictive	عالي
52	File	xxx_xxxxxxxx.x	predictive	عالي
53	File	xxx.xxx	predictive	واطئ
54	File	xxx-xxxxxxxx.xxx	predictive	عالي
55	File	xxxxx-xxxx.x	predictive	متوسط
56	File	xxxxxxxxxxxxxx.xxx	predictive	عالي
57	File	xxxxxx_xxxxx.xxx	predictive	عالي
58	File	xxxxxxxxxxxxxxx.xxxx	predictive	عالي
59	File	xx_xxxx.xx	predictive	متوسط
60	File	xx_xxx.xx	predictive	متوسط
61	File	xxxxxx/xxxxxxxxx.xx	predictive	عالي
62	File	xxxx.xx	predictive	واطئ
63	File	xxxxx/xxx/xxx/xxx_xxxx.x	predictive	عالي
64	File	xxxxx/xxx/xxx/xxxx.x	predictive	عالي
65	File	xxxxx/xxxx-xxxxxx.x	predictive	عالي
66	File	xxxxx/xxxxxxx/xxxxxxxxx/xxx/xxxx_xxxxx/xxxxxx_xxxxx_xxxx.x	predictive	عالي
67	File	xxx_xxxxxx.x	predictive	متوسط
68	File	xxxx/xxxx_xxxxxx.x	predictive	عالي
69	Argument	xxxxxxxx	predictive	متوسط
70	Argument	xxx_xxx	predictive	واطئ
71	Argument	xxxxxxxxxxxxxx	predictive	عالي
72	Argument	xxxxxxxxxx	predictive	متوسط
73	Argument	xx	predictive	واطئ
74	Argument	xxxxx	predictive	واطئ
75	Argument	xxxxxxxxxxxxxx	predictive	عالي
76	Argument	xxxxxxxxxx	predictive	متوسط
77	Argument	xxxxx xxxx/xxxxxx xxxx/xxxx xxxx	predictive	عالي
78	Argument	xx_xxxx_xx/xx_xxxx_xx	predictive	عالي
79	Argument	xx	predictive	واطئ
80	Argument	xxxxxxxx	predictive	متوسط
81	Argument	xxxxxxxxxxxxxx	predictive	عالي
82	Argument	xxxx	predictive	واطئ
83	Argument	xxxxxx	predictive	واطئ
84	Argument	xxxxxxx	predictive	واطئ
85	Argument	xxxx	predictive	واطئ
86	Argument	xxxx/xxxxxxxxx	predictive	عالي
87	Argument	xxxxxxxxx	predictive	متوسط
88	Argument	xxxxxxxx	predictive	متوسط
89	Argument	xxx_xxxx_xxxxxx_xxxx_xxxxxxx_xxxxx_xxxxxxx_xxxxxx_xxxx_xx_xxxxxx_xxxx	predictive	عالي
90	Argument	xxxxxx	predictive	واطئ
91	Argument	xxx_xxxx	predictive	متوسط
92	Argument	xxxxxxxxxxx	predictive	متوسط
93	Argument	xxxxxxx	predictive	واطئ
94	Argument	xxx_xx	predictive	واطئ
95	Argument	xxxx	predictive	واطئ
96	Argument	xxxxxxxx	predictive	متوسط
97	Argument	xxxxxxxx/xxxxxxxx	predictive	عالي

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Do you need the next level of professionalism?

Upgrade your account now!