Quantum تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (86)

اللغة

en	76
ru	6
fr	2
de	2

البلد

us	70
ru	6
cn	6
gb	2

الفاعلين

Cobalt Strike	3
Mirai	3
Havoc	2
IcedID Downloader	2
BitRAT	2

الاهتمام

النوع

Not Defined	18
Programming Tool Software	10
Web Server	8
Software Library	6
WordPress Plugin	6

المجهز

Not Defined	24
GNU	16
Apache	6
Moxa	6
Adobe	4

منتج

GNU binutils	10
Apache HTTP Server	6
GNU C Library	6
Moxa EDR-810	6
Adobe PhoneGap Push Plugin	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	libxslt EXSLT Math.random Prediction تشفير ضعيف	5.5	5.3	$0-$5k	جاري الحساب	Not Defined	Official Fix	0.00	0.00086	CVE-2015-9019
2	GNU C Library fnmatch_loop.c fnmatch الكشف عن المعلومات	5.6	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00546	CVE-2015-8984
3	GNU C Library strxfrm تلف الذاكرة	9.1	8.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00670	CVE-2015-8982
4	TablePress XML External Entity	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00049	CVE-2017-10889
5	Salutation Responsive WordPress + BuddyPress Theme Stored سكربتات مشتركة	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00057	CVE-2017-1000227
6	libxml2 Recover Mode الحرمان من الخدمة	4.0	3.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00378	CVE-2017-5969
7	elfutils elf_getdata.c _libelf_set_rawdata_wrlock تلف الذاكرة	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.01258	CVE-2016-10255
8	elfutils ELF File common.h allocate_elf تلف الذاكرة	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00986	CVE-2016-10254
9	GNU C Library wstrops.c IO_wstr_overflow تلف الذاكرة	7.7	7.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.06	0.00508	CVE-2015-8983
10	FluentForm Plugin حقن إس كيو إل	4.7	4.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00076	CVE-2023-24410
11	Network Manager VPNC Plugin تجاوز الصلاحيات	7.3	7.2	$0-$5k	$0-$5k	High	Official Fix	0.00	0.00364	CVE-2018-10900
12	Microsoft SharePoint Server Privilege Escalation	8.8	8.1	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00	0.00762	CVE-2022-38053
13	Progress MOVEit Transfer حقن إس كيو إل	7.3	7.0	$0-$5k	جاري الحساب	Not Defined	Official Fix	0.00	0.00136	CVE-2021-38159
14	akismet Plugin سكربتات مشتركة	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00078	CVE-2015-9357
15	Snazzy Maps Plugin سكربتات مشتركة	5.2	4.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00078	CVE-2018-17947
16	WordPress Password Reset wp-login.php mail تجاوز الصلاحيات	6.1	5.8	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.02827	CVE-2017-8295
17	BSD FTP Client HTTP Redirect تجاوز الصلاحيات	6.5	6.2	$0-$5k	$0-$5k	High	Official Fix	0.04	0.95879	CVE-2014-8517
18	ProfilePress Plugin Image Uploader ImageUploader.php تجاوز الصلاحيات	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00334	CVE-2021-34623
19	Iomega/LenovoEMC NAS API تجاوز الصلاحيات	7.9	7.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00168	CVE-2019-6160
20	Alienvault OSSIM/USM gauge.php حقن إس كيو إل	9.8	9.4	$0-$5k	$0-$5k	High	Official Fix	0.02	0.96284	CVE-2016-8582

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	138.68.42.130	prod-sfo2-1.qencode-master-cf283c7cc10911ecb9daa269211215a9	Quantum	26/04/2022	verified	عالي
2	XXX.XXX.XXX.XX		Xxxxxxx	26/04/2022	verified	عالي
3	XXX.XX.XXX.XXX	xxxxxxxxxxxxx.xxxxxxx	Xxxxxxx	28/06/2023	verified	عالي
4	XXX.XXX.XXX.XXX		Xxxxxxx	26/04/2022	verified	عالي
5	XXX.XXX.XXX.XXX	xxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxx	26/04/2022	verified	عالي

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1059	CWE-94	Argument Injection	predictive	عالي
2	T1059.007	CWE-79	Cross Site Scripting	predictive	عالي
3	T1068	CWE-264, CWE-269, CWE-284	Execution with Unnecessary Privileges	predictive	عالي
4	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	عالي
5	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	عالي
6	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	عالي
7	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
8	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
9	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
10	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
11	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
12	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	عالي
13	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (42)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/etc/shadow	predictive	متوسط
2	File	/goform/net\_Web\_get_value	predictive	عالي
3	File	/goform/net_WebCSRGen	predictive	عالي
4	File	/goform/WebRSAKEYGen	predictive	عالي
5	File	/uncpath/	predictive	متوسط
6	File	/wp-content/plugins/updraftplus/admin.php	predictive	عالي
7	File	xxxxx/xxxxxx_xxxxxx_xxxxxxx/xxxxx-xxx-xxxxx.xxx	predictive	عالي
8	File	xxx/xxxxxxx.x	predictive	عالي
9	File	xxxxxx.x	predictive	متوسط
10	File	xxxxx.x	predictive	واطئ
11	File	xxxxxx.x	predictive	متوسط
12	File	xxx.x	predictive	واطئ
13	File	xxx_xxxxxxx.x	predictive	عالي
14	File	xxx/xxxxx/xxxxx.x	predictive	عالي
15	File	xxxxxx-xxxxxxx-xxxxxxxx.xxx	predictive	عالي
16	File	xxxxxxx_xxxx.x	predictive	عالي
17	File	xxxxxxxxx.xxx	predictive	عالي
18	File	xxxxx.xxx	predictive	متوسط
19	File	xxxx.x	predictive	واطئ
20	File	xxxx.x	predictive	واطئ
21	File	xxx/xxxxx/xxxxx_xxxx_xxxxxxxxx.xxx	predictive	عالي
22	File	xxxx_xxxx.xxx	predictive	عالي
23	File	xxxxxx/xxxxxx/xxxx.x	predictive	عالي
24	File	xxxxx/xxxxxxx.x	predictive	عالي
25	File	xxxxxxxxxxx.xxx	predictive	عالي
26	File	xxxxxxx.xxx	predictive	متوسط
27	File	xxxxxxxx.xxx	predictive	متوسط
28	File	xxxx-xxxxxx.x	predictive	عالي
29	File	xx-xxxxx.xxx	predictive	متوسط
30	File	~/xxx/xxxxxxx/xxxxxxxxxxxxx.xxx	predictive	عالي
31	Argument	xx	predictive	واطئ
32	Argument	xxxx_xx	predictive	واطئ
33	Argument	xxxx	predictive	واطئ
34	Argument	xx_xxxxxxx_xxxx	predictive	عالي
35	Argument	xxxx	predictive	واطئ
36	Argument	xxx	predictive	واطئ
37	Argument	xxxxxxxxxxxxxx_xxx	predictive	عالي
38	Argument	xxxxxx_xxxx/xxxxxx_xxxxx	predictive	عالي
39	Argument	xxxxxxxxxxxxxx	predictive	عالي
40	Argument	xxxxxxxxxxxxxx	predictive	عالي
41	Argument	xxxxxx\_xxxx	predictive	متوسط
42	Argument	xxxx/xxx	predictive	متوسط

المصادر (3)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!