Rakos تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (396)

التسلسل الزمني

اللغة

en308
ru38
zh12
ja8
es6

البلد

us208
ru84
pl16
cn16
me6

الفاعلين

Rakos9
Locky6
Cobalt Strike6
TrickBot4
RedLine Stealer4

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined152
Content Management System24
Programming Language Software14
Router Operating System10
WordPress Plugin10

المجهز

Not Defined120
Cisco10
Apache10
HP8
Siemens6

منتج

WordPress10
phpMyAdmin8
Devilz Clanportal6
Linux Kernel4
unrar-free4

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash الكشف عن المعلومات5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php تجاوز الصلاحيات7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.630.00943CVE-2010-0966
3Zyxel NAS326/NAS542 Web Server تجاوز الصلاحيات9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00068CVE-2023-4473
4nginx تجاوز الصلاحيات6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.070.00241CVE-2020-12440
5Microsoft IIS سكربتات مشتركة5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
6DZCP deV!L`z Clanportal browser.php الكشف عن المعلومات5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.310.02733CVE-2007-1167
7MikroTik RouterOS Winbox/HTTP Interface تجاوز الصلاحيات7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.050.00055CVE-2023-30799
8Laravel Framework Token Encrypter.php decrypt تجاوز الصلاحيات6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.030.62418CVE-2018-15133
9Linux Kernel fbcon vt.c KD_FONT_OP_COPY الكشف عن المعلومات5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2020-28974
10Devilz Clanportal File Upload ثغرات غير معروفة5.34.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.080.05362CVE-2006-6338
11Devilz Clanportal index.php حقن إس كيو إل7.36.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000.00784CVE-2006-3347
12Microsoft IIS IP/Domain Restriction تجاوز الصلاحيات6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.120.00817CVE-2014-4078
13WordPress WP_Query class-wp-query.php حقن إس كيو إل8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00318CVE-2017-5611
14SourceCodester Petrol Pump Management Software product.php تجاوز الصلاحيات4.74.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00045CVE-2024-2058
15CKFinder File Name تجاوز الصلاحيات7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00155CVE-2019-15862
16Elementor Plugin تجاوز الصلاحيات5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000CVE-2024-24934
17guzzlehttp psr7 Header Parser تجاوز الصلاحيات6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00095CVE-2022-24775
18DrayTek Vigor 2960 Web Management Interface mainfunction.cgi تجاوز الصلاحيات7.47.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00273CVE-2023-1162
19BeCustom Plugin طلب تزوير مشترك6.56.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.00122CVE-2022-3747
20Cisco IOS XE Web UI Remote Code Execution9.99.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.090.89428CVE-2023-20198

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
15.34.180.64vds-merkyl-88517.itldc-customer.netRakos31/05/2021verifiedعالي
25.34.183.231vds-454576.hosted-by-itldc.comRakos31/05/2021verifiedعالي
346.8.44.55Rakos31/05/2021verifiedعالي
4XXX.XX.XX.XXxxx.xxxxxxx.xxxXxxxx31/05/2021verifiedعالي
5XXX.XX.XX.XXxxxxxxx-xxxxxx.xxxxxx-xx.xxxxx.xxxXxxxx31/05/2021verifiedعالي
6XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxx-xxxXxxxx31/05/2021verifiedعالي
7XXX.XX.XXX.XXXxxxxx-xxxxxxxxxxxxxxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxx31/05/2021verifiedعالي
8XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxx-xxxXxxxx31/05/2021verifiedعالي
9XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxx31/05/2021verifiedعالي
10XXX.XX.XXX.XXxxxxxxx.xxxXxxxx31/05/2021verifiedعالي
11XXX.XX.XXX.XXxx.xxxxx-xxxxxxxx.xxxXxxxx31/05/2021verifiedعالي

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23Path Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
4T1059CWE-94Argument Injectionpredictiveعالي
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictiveعالي
8TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
10TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
11TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictiveعالي
12TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx Xxxxpredictiveعالي
16TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
17TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
19TXXXX.XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictiveعالي
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (208)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File//proc/kcorepredictiveمتوسط
2File/addWhiteListDomain.imsspredictiveعالي
3File/admin/app/product.phppredictiveعالي
4File/anony/mjpg.cgipredictiveعالي
5File/cgi-bin/wlogin.cgipredictiveعالي
6File/cobbler-apipredictiveمتوسط
7File/customer_support/index.phppredictiveعالي
8File/forum/away.phppredictiveعالي
9File/inc/parser/xhtml.phppredictiveعالي
10File/include/makecvs.phppredictiveعالي
11File/index.phppredictiveمتوسط
12File/login/index.phppredictiveعالي
13File/preview.phppredictiveمتوسط
14File/protocol/index.phppredictiveعالي
15File/requests.phppredictiveعالي
16File/search-result.phppredictiveعالي
17File/secret_coder.sqlpredictiveعالي
18File/shop.phppredictiveمتوسط
19File/uncpath/predictiveمتوسط
20File/view_order.phppredictiveعالي
21File/wp-admin/admin.php?page=wp_file_manager_propertiespredictiveعالي
22Fileadd.phppredictiveواطئ
23Fileadminer.phppredictiveمتوسط
24Fileadm_config_report.phppredictiveعالي
25Filexxxxx.xxxpredictiveمتوسط
26Filexxx/xx-xxxxx-xxxxxxx/xxx-xx-xxxxx-xxxxxxx.xxxpredictiveعالي
27Filexxxx-xxxx.xpredictiveمتوسط
28Filexxx.xxxpredictiveواطئ
29Filexxxxx.xxxxxxxxx.xxxpredictiveعالي
30Filexxxxxxxxxx.xxxpredictiveعالي
31Filexxxxxxxxx.xxxpredictiveعالي
32Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveعالي
33Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveعالي
34Filexxxxxx/xx/xx_xxxxx.xpredictiveعالي
35Filexxxx:x.x/xx:x/xx:x/xx:x/xx:x/x:x/x:x/x:x/x:xpredictiveعالي
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveعالي
37Filexxxxxxx.xxxpredictiveمتوسط
38Filexxxxxx.xxxpredictiveمتوسط
39Filexxxx_xxxx.xxxpredictiveعالي
40Filexxxxxxx/xxx/xxxxxxxx/xx.xpredictiveعالي
41Filexxxxxxx/xxx/xx/xx.xpredictiveعالي
42Filexxxxxxxxxxxx.xxxpredictiveعالي
43Filexxxx.xxxpredictiveمتوسط
44Filexxxxx.xxxpredictiveمتوسط
45Filexxxxxxxx_xxx_xxx_xxxx.xxxpredictiveعالي
46Filexxxxxx.xxxpredictiveمتوسط
47Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
48Filexxxxxxxxxxxx.xxxpredictiveعالي
49Filexxxxxxxxxx.xxxpredictiveعالي
50Filexxxxxxxxx.xxxpredictiveعالي
51Filexxxx.xxxpredictiveمتوسط
52Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveعالي
53Filexx_xxxxxxx.xpredictiveمتوسط
54Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveعالي
55Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
56Filexxxxxxx/xxxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveعالي
57Filexxxxxxxxxx.xx/xxx-xxxxx.xxxpredictiveعالي
58Filexxx/xxxxxx.xxxpredictiveعالي
59Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveعالي
60Filexxxxx.xxxpredictiveمتوسط
61Filexx.xxxpredictiveواطئ
62Filexxxxxx.xpredictiveمتوسط
63Filexxxx.xxxpredictiveمتوسط
64Filexx.xxxpredictiveواطئ
65Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveعالي
66Filexxxxx_xx.xxxxpredictiveعالي
67Filexxxxxx.xxxpredictiveمتوسط
68Filexxxxxxxxxxxxx.xxxpredictiveعالي
69Filexxxxxxxxxxxx.xxxpredictiveعالي
70Filexxxxxxxx_xxxxxxx.xxxpredictiveعالي
71Filexxxx.xxxpredictiveمتوسط
72Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveعالي
73Filexxxxxx\xxxx_xxx\xxxxx\xxxxxxxxx.xxxpredictiveعالي
74Filexxxxxx\xxxx_xxx\xxxxx\xxxxxxxx.xxxpredictiveعالي
75Filexxxxxxxxxx_xxxxxxx.xxxpredictiveعالي
76Filexxxxxxx-xxxxx.xxpredictiveعالي
77Filexxxxx_xxxxxxxx.xxxpredictiveعالي
78Filexxxx/xxxxxxx/xxxxx.xxxpredictiveعالي
79Filexxxxx.xxxpredictiveمتوسط
80Filexxxxxxx.xxxpredictiveمتوسط
81Filexxxxxx.xxx/xxxx_xxxx_xxxx.xxxpredictiveعالي
82Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveعالي
83Filexxxx.xxxpredictiveمتوسط
84Filexxxxxxx/xxxxxx.xxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveعالي
85Filexxxxx.xxxpredictiveمتوسط
86Filexxxxx-xxxx.xxxpredictiveعالي
87Filexxxxxxx.xxxpredictiveمتوسط
88Filexxxxxxxx.xxxpredictiveمتوسط
89Filexxxxxxx_xxxx.xxxpredictiveعالي
90Filexxxxxxx.xxxpredictiveمتوسط
91Filexxxxx.xxxpredictiveمتوسط
92Filexxxxxxxx.xxxpredictiveمتوسط
93Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveعالي
94Filexxxx.xxpredictiveواطئ
95Filexxxxxxxx.xx?xxxxxxxxxxxx=xxxxxxxx&xxxx=x-xxxx&xxxxxxxx=xxxxxxxxxx&xxpredictiveعالي
96Filexxxxxxxxxxxxxxxx.xxpredictiveعالي
97Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveعالي
98Filexxx/xxxxxx_xxx.xxxpredictiveعالي
99Filexxxxxxxxxxxx.xxxpredictiveعالي
100Filexxxxx.xpredictiveواطئ
101Filexxxxxxxxxxx.xxxpredictiveعالي
102Filexxxxxxxx/xxxxxxxxpredictiveعالي
103Filexxxxxxxx.xxxpredictiveمتوسط
104Filexxxxxxxxxx.xxxpredictiveعالي
105Filexxxxxxx.xxxpredictiveمتوسط
106Filexx_xxxxxxxx.xxxpredictiveعالي
107Filexxxxx.xxxpredictiveمتوسط
108Filexxxxxxxx.xxxpredictiveمتوسط
109Filexx-xxxxx/xxxxxxx.xxxpredictiveعالي
110Filexx-xxxxxx.xxxpredictiveعالي
111Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveعالي
112Filexx-xxxxxxxx/xxxx.xxxpredictiveعالي
113Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveعالي
114Filexx-xxxxxxxx.xxxpredictiveعالي
115File~/xxxxxxxxx/predictiveمتوسط
116Libraryxxxxxxx.xxxpredictiveمتوسط
117Libraryxxxxxxxxxxxx.xxxpredictiveعالي
118Libraryxxxx.xxx.xxxpredictiveمتوسط
119Libraryxxxxxx.xxxpredictiveمتوسط
120Libraryxxxxxxxxxxx.xxxpredictiveعالي
121Libraryxxxxxxxxx/xxxxxx_xxxxxxxxxx.xxx.xxxpredictiveعالي
122Libraryxxxxxxx/xxx/xxxxxxxxx/xxxxx_xxxxxxx.xxxpredictiveعالي
123Libraryxxx/xx_xxx.xpredictiveمتوسط
124Libraryxxxxxxxx.xpredictiveمتوسط
125Argumentxx/xxpredictiveواطئ
126Argumentxx_xxxxx_xxx_xxxxpredictiveعالي
127Argumentxxxxxxpredictiveواطئ
128Argumentxxxxxxxxxxxxxxxxxxxxxpredictiveعالي
129Argumentxxxxxxxxpredictiveمتوسط
130Argumentxxxpredictiveواطئ
131Argumentxxxx/xxxxx/xxxxx_xxxxxxxxxxxpredictiveعالي
132Argumentxxxxxx[xxxx]predictiveمتوسط
133Argumentxxxxxxxxxxx(xxxxxx)predictiveعالي
134Argumentxxxx/xxxxxx/xxxpredictiveعالي
135Argumentxxxxxxpredictiveواطئ
136Argumentxxxxx/xxxxx/xxxxx/xxxxxxxxpredictiveعالي
137Argumentxxxxx xxxxxpredictiveمتوسط
138Argumentxxxxxpredictiveواطئ
139Argumentxxxxpredictiveواطئ
140Argumentxxxxxxxxpredictiveمتوسط
141Argumentxxxxxx_xxxxxx_xxpredictiveعالي
142Argumentxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxx/xxxxxxxpredictiveعالي
143Argumentxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxx/xxxxxxxpredictiveعالي
144Argumentxxxxxxxxxxxxpredictiveمتوسط
145Argumentxxxxxxxxxxxxxx($xxx)predictiveعالي
146Argumentxxxxx_xxpredictiveمتوسط
147Argumentxxx_xxxxpredictiveمتوسط
148Argumentxxxxpredictiveواطئ
149Argumentxxxx xxxxxxxpredictiveمتوسط
150Argumentxxxx_xxxxpredictiveمتوسط
151Argumentxxxxpredictiveواطئ
152Argumentxxxxpredictiveواطئ
153Argumentxxpredictiveواطئ
154Argumentxxpredictiveواطئ
155Argumentxxxxxpredictiveواطئ
156Argumentxxxxxpredictiveواطئ
157Argumentxxxxxxpredictiveواطئ
158Argumentxxxxpredictiveواطئ
159Argumentxxxxxxpredictiveواطئ
160Argumentxxxxpredictiveواطئ
161Argumentxxxxxxpredictiveواطئ
162Argumentxxxxx[xxxxx][xx]predictiveعالي
163Argumentxxxxxpredictiveواطئ
164Argumentxx/xx/xx/xx/xpredictiveعالي
165Argumentxxxxpredictiveواطئ
166Argumentxxxxxxxxpredictiveمتوسط
167Argumentxxxx_xxxxpredictiveمتوسط
168Argumentxxxxxxpredictiveواطئ
169Argumentxxxxpredictiveواطئ
170Argumentxxxx_xxxxpredictiveمتوسط
171Argumentxxxxxxxxpredictiveمتوسط
172Argumentxxxxxxpredictiveواطئ
173Argumentxxxxpredictiveواطئ
174Argumentxxxxxxxxpredictiveمتوسط
175Argumentxxxxxpredictiveواطئ
176Argumentxxxxxxx_xxpredictiveمتوسط
177Argumentxxxxxxx_xxxxxpredictiveعالي
178Argumentxxxpredictiveواطئ
179Argumentxxx=xxxxpredictiveمتوسط
180Argumentxxxxxxxxpredictiveمتوسط
181Argumentxxxxxx_xxxxpredictiveمتوسط
182Argumentxxxxxxxxxxpredictiveمتوسط
183Argumentxxxxxxpredictiveواطئ
184Argumentxxxxxxxx/xxxxxxxxxpredictiveعالي
185Argumentxxxxxxpredictiveواطئ
186Argumentxxxxxxxx_xxxxpredictiveعالي
187Argumentxxxxxxxxxx_xxxxpredictiveعالي
188Argumentxxxpredictiveواطئ
189Argumentxxxpredictiveواطئ
190Argumentxxxx-xxxxxpredictiveمتوسط
191Argumentxxxxxxxxxpredictiveمتوسط
192Argumentxxxxxxxx/xxxxxxxxpredictiveعالي
193Argumentxxxxxxxx:xxxxxxxxpredictiveعالي
194Argumentxxxx_xxxxxpredictiveمتوسط
195Argumentxxxxpredictiveواطئ
196Argumentx-xxxx-xxxxxpredictiveمتوسط
197Argumentxxxxx_xxxxxxxxxx_xxxxxpredictiveعالي
198Input Value../predictiveواطئ
199Input Value>><xxx/xxx/xxxxxxx=xxxxx(x)>predictiveعالي
200Input Valuexxxx.xxx"><xxxxxx>xxxxx(xxxxxxxx.xxxxxx);</xxxxxx>)predictiveعالي
201Input Valuexxxxxxxpredictiveواطئ
202Input Valuexxxxxxxxx:xxxxxxxxpredictiveعالي
203Pattern|xx xx xx|predictiveمتوسط
204Network Portxxxpredictiveواطئ
205Network Portxxx/xx (xxxxxx)predictiveعالي
206Network Portxxx/xxxxxpredictiveمتوسط
207Network Portxxx/xxxxxpredictiveمتوسط
208Network Portxxx xxxxxx xxxxpredictiveعالي

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Do you need the next level of professionalism?

Upgrade your account now!