OnionDog تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (53)

اللغة

en	52
ko	2

البلد

kr	28
us	26

الفاعلين

OnionDog	2

الاهتمام

النوع

Not Defined	12
Smartphone Operating System	10
Web Browser	6
Operating System	6
WordPress Plugin	2

المجهز

Google	10
Not Defined	8
Microsoft	6
Huawei	4
Linux	4

منتج

Google Android	8
Linux Kernel	4
Mobile App Native Plugin	2
Mozilla Firefox	2
Microsoft Internet Explorer	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	Adobe Acrobat Reader Image Conversion تلف الذاكرة	7.5	7.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.01971	CVE-2018-4916
2	Huawei HG8245H URL الكشف عن المعلومات	7.4	7.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00167	CVE-2017-15328
3	Google Chrome v8 تجاوز الصلاحيات	7.5	7.1	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.02	0.23564	CVE-2016-9651
4	CPU Speculative Execution Meltdown الكشف عن المعلومات	6.1	5.8	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.03	0.97384	CVE-2017-5754
5	Mozilla Firefox WebRTC تجاوز الصلاحيات	5.3	4.6	$25k-$100k	$0-$5k	Unproven	Official Fix	0.00	0.00461	CVE-2014-1586
6	Tobesoft NEXACRO17 execDefaultBrowser تجاوز الصلاحيات	7.7	7.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00528	CVE-2021-26607
7	JetBrains IntelliJ IDEA Privilege Escalation	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00221	CVE-2021-45977
8	Oracle Communications Network Charging and Control Common الحرمان من الخدمة	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	0.00254	CVE-2022-35737
9	TeamViewer TVS File Parser الكشف عن المعلومات	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00186	CVE-2021-34858
10	logback Configuration File تجاوز الصلاحيات	5.3	5.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.05	0.01555	CVE-2021-42550
11	Combodo iTop Configuration File تجاوز الصلاحيات	7.2	7.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.09	0.00652	CVE-2019-11215
12	Artifex MuPDF PDF File pdf-xref.c pdf_read_new_xref تلف الذاكرة	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00269	CVE-2018-6192
13	VMware ESXi/Workstation/Fusion SVGA الكشف عن المعلومات	7.5	7.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00077	CVE-2018-6974
14	PHP 404 Error Page phar_object.c Reflected سكربتات مشتركة	5.2	5.1	$5k-$25k	جاري الحساب	Not Defined	Official Fix	0.00	0.03788	CVE-2018-10547
15	CPUID CPU-Z Kernel-Mode Driver تلف الذاكرة	6.5	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00044	CVE-2017-15303
16	Microsoft Access تلف الذاكرة	7.0	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.29279	CVE-2018-0903
17	Wind River VxWorks TCP Initial Sequence Number تجاوز الصلاحيات	5.6	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.02370	CVE-2015-3963
18	Oracle VM VirtualBox تجاوز الصلاحيات	8.6	8.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00082	CVE-2018-2690
19	Adobe Flash Player الكشف عن المعلومات	6.9	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	0.00569	CVE-2018-4871
20	Google Android System تجاوز الصلاحيات	7.0	6.3	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.04	0.00306	CVE-2017-13209

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	ممثل	Identified	النوع	الثقة
1	112.169.154.65	OnionDog	23/12/2020	verified	عالي
2	121.133.8.2	OnionDog	23/12/2020	verified	عالي
3	XXX.XXX.XXX.X	Xxxxxxxx	23/12/2020	verified	عالي
4	XXX.XXX.XXX.XXX	Xxxxxxxx	23/12/2020	verified	عالي
5	XXX.XXX.XXX.X	Xxxxxxxx	23/12/2020	verified	عالي
6	XXX.XXX.XXX.XX	Xxxxxxxx	23/12/2020	verified	عالي
7	XXX.XX.XXX.X	Xxxxxxxx	23/12/2020	verified	عالي
8	XXX.XXX.XX.XXX	Xxxxxxxx	23/12/2020	verified	عالي
9	XXX.XXX.XXX.X	Xxxxxxxx	23/12/2020	verified	عالي
10	XXX.XXX.XXX.XX	Xxxxxxxx	23/12/2020	verified	عالي

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1059	CWE-94	Argument Injection	predictive	عالي
2	T1059.007	CWE-79	Cross Site Scripting	predictive	عالي
3	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
4	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	عالي
5	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	عالي
6	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	عالي
7	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
8	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/proc/<pid>/status	predictive	عالي
2	File	/var/passwd	predictive	متوسط
3	File	ext/phar/phar_object.c	predictive	عالي
4	File	xxxxxx/xxx/xxxxxxx.xxx	predictive	عالي
5	File	xxxxxx/xxxxxx/xxxx.x	predictive	عالي
6	File	xxxx.xxx	predictive	متوسط
7	File	xxxxxxxxx/xxxxx.xxx	predictive	عالي
8	File	xxx/xxx-xxxx.x	predictive	عالي
9	File	xxxx.xxx	predictive	متوسط
10	Argument	xxxxxx	predictive	واطئ
11	Argument	xxxxxxx_x	predictive	متوسط
12	Argument	xx	predictive	واطئ
13	Argument	xxxxxxxx	predictive	متوسط
14	Input Value	xxxxxxx_xxxxx.xxxxxxx_xxxxxxx	predictive	عالي
15	Network Port	xxx/xx (xxxxxx)	predictive	عالي

المصادر (3)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!