Sload تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (454)

التسلسل الزمني

اللغة

en450
es2
de2

البلد

us4
de2

الفاعلين

Sload2
Baldr1
Nemty1
GandCrab v51
CoinMiner1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined130
Web Browser42
Forum Software30
Operating System26
Content Management System22

المجهز

Not Defined184
Oracle26
Microsoft24
Google20
Adobe18

منتج

Google Android12
Mozilla Firefox12
Adobe Flash Player10
phpBB10
Linux Kernel8

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1TAP Plugin اجتياز الدليل7.06.8$0-$5kجاري الحسابNot DefinedOfficial Fix0.000.00406CVE-2016-4986
2Moodle Administration Page حقن إس كيو إل7.27.2$5k-$25k$5k-$25kNot DefinedNot Defined0.080.00151CVE-2022-40315
3Oracle BI Publisher BI Publisher Security Local Privilege Escalation7.27.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.94564CVE-2019-2616
4Chamilo LMS File Upload lp_upload.php import_package تجاوز الصلاحيات8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00743CVE-2019-13082
5Phplinkdirectory PHP Link Directory conf_users_edit.php طلب تزوير مشترك6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00526CVE-2011-0643
6Apache Kylin Restful API توثيق ضعيف4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.000.97421CVE-2020-13937
7vBulletin decodeArguments تجاوز الصلاحيات7.37.3$0-$5k$0-$5kHighNot Defined0.000.74237CVE-2015-7808
8vBulletin سكربتات مشتركة4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01206CVE-2004-1824
9Tapatalk Plugin XMLRPC API unsubscribe_forum.php حقن إس كيو إل8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00242CVE-2014-2023
10phpBB Perl ucp_pm_options.php message_options طلب تزوير مشترك6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00335CVE-2015-1432
11vBulletin حقن إس كيو إل7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00214CVE-2014-5102
12PunBB سكربتات مشتركة4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00199CVE-2010-0455
13vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.230.00141CVE-2018-6200
14vBulletin Vbulletin Forum Remote Code Execution9.88.5$0-$5k$0-$5kUnprovenOfficial Fix0.000.00620CVE-2012-4328
15phpBB install.php تجاوز الصلاحيات5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00642CVE-2002-1707
16PunBB register.php حقن إس كيو إل7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00543CVE-2005-0569
17vBulletin moderation.php حقن إس كيو إل7.37.0$0-$5k$0-$5kHighOfficial Fix0.010.00284CVE-2016-6195
18vBulletin XMLRPC API breadcrumbs_create.php حقن إس كيو إل6.36.3$0-$5k$0-$5kHighUnavailable0.020.00102CVE-2014-2022
19vBulletin visitormessage.php تجاوز الصلاحيات7.57.4$0-$5kجاري الحسابHighUnavailable0.020.03157CVE-2014-9463
20PunBB Password Reset moderate.php تجاوز الصلاحيات4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.02283CVE-2008-1484

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
12.59.117.6server4.poyrazhosting.comSload06/05/2022verifiedعالي
251.77.231.185vps-06fdbf53.vps.ovh.netSload06/05/2022verifiedعالي
351.254.205.8484.ip-51-254-205.euSload06/05/2022verifiedعالي
4XX.XXX.XXX.XXXXxxxx12/04/2022verifiedعالي
5XX.XXX.XXX.XXxxx.xxXxxxx06/05/2022verifiedعالي
6XX.XX.XXX.XXXXxxxx12/04/2022verifiedعالي
7XXX.XXX.XXX.XXxxxx.xxxx.xxxXxxxx06/05/2022verifiedعالي
8XXX.XXX.XXX.XXXXxxxx06/05/2022verifiedعالي
9XXX.XXX.XXX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxx06/05/2022verifiedعالي
10XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxx12/04/2022verifiedعالي
11XXX.XXX.XXX.XXxxxxxxxxxxxxxxxx.xxxxxxxx.xxxXxxxx06/05/2022verifiedعالي

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22Path Traversalpredictiveعالي
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3T1059CWE-94Argument Injectionpredictiveعالي
4T1059.007CWE-79, CWE-80Cross Site Scriptingpredictiveعالي
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
8TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
9TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
11TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
12TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
13TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx Xxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
17TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
19TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictiveعالي
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (183)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/adminpredictiveواطئ
2File/admin/launch_message.phppredictiveعالي
3File/admin/send_message.phppredictiveعالي
4File/categoriesServletpredictiveعالي
5File/category.phppredictiveعالي
6File/cgi-bin/login_action.cgipredictiveعالي
7File/dev/datum/predictiveمتوسط
8File/forms/web_runScriptpredictiveعالي
9File/getImagepredictiveمتوسط
10File/html/feed.phppredictiveعالي
11File/includes/rrdtool.inc.phppredictiveعالي
12File/job/(job-name)/apipredictiveعالي
13File/multi-vendor-shopping-script/product-list.phppredictiveعالي
14File/plugin/extended-choice-parameter/js/predictiveعالي
15File/src/basic/fs-util.cpredictiveعالي
16File/wfo/control/emp_selector_pupredictiveعالي
17Fileadmin/conf_users_edit.phppredictiveعالي
18Fileadmin/settings/update/predictiveعالي
19Fileadmin/tags.phppredictiveعالي
20Fileadministrator.cfcpredictiveعالي
21Fileajax/api/hook/decodeArgumentspredictiveعالي
22Filexxxxxxxx/xxxxxxxx/xxxx/xxxx.xxpredictiveعالي
23Filexx_xxxxxxxxxx.xxxpredictiveعالي
24Filexxxxxxx_xxxxxx.xpredictiveعالي
25Filexxxxxx_xx.xpredictiveمتوسط
26Filexxxxxxxxxxx_xxxxxx.xxxpredictiveعالي
27Filexxxx_xxxx.xpredictiveمتوسط
28Filexxxxxx/xxx.xpredictiveمتوسط
29Filexxxxxx/xxxx.xpredictiveعالي
30Filexxxxxxxxxxx/xxxxxx/xxx.xxxpredictiveعالي
31Filexxxxxxx.xpredictiveمتوسط
32Filexxx/xxxx/xxxxxxx/xx/xxxx.xxxpredictiveعالي
33Filexxxxxx/xxxxx.xpredictiveعالي
34Filexxxxxx/xx/xxxxx_xxxx.xpredictiveعالي
35Filexxx_xx_xxx.xpredictiveمتوسط
36Filexxx_xx_xxxxxx.xpredictiveعالي
37Filexxx_xxx.xpredictiveمتوسط
38Filexxxx-xxxxx/xxxxxxx-xxxxx.xpredictiveعالي
39Filexxxxxx.xxxpredictiveمتوسط
40Filexxxxxxxxx.xxxpredictiveعالي
41Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveعالي
42Filexxxxxxx/xxxxxxxxxx/xxx/xxxx/xx_xxxx.xpredictiveعالي
43Filexxxxxxx/xxxxx/xxx/xxx-xxx/xxx-xxx-xxxxxxxx.xpredictiveعالي
44Filexxxxxxx/xxx/xxxxxxxxxx/xxxxx.xpredictiveعالي
45Filexxxxxxx/xxx/xxx/xxxxxxx.xpredictiveعالي
46Filexxxxxxx/xxxxxxxxx/xxxxxxxxx.xpredictiveعالي
47Filexxxxx_xxx_xxxxxx.xpredictiveعالي
48Filexx_xxxxxxx.xpredictiveمتوسط
49Filexxxxx.xxxpredictiveمتوسط
50Filexxx/xxxxxxxx/xxx.xpredictiveعالي
51Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xpredictiveعالي
52Filexxx/xxxx/xxxx.xpredictiveعالي
53Filexxxxx.xpredictiveواطئ
54Filexxxxxxxxxx.xxxpredictiveعالي
55Filexxxx.xpredictiveواطئ
56Filexxxxxxxxxxxxx.xxxpredictiveعالي
57Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
58Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveعالي
59Filexxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveعالي
60Filexxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveعالي
61Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveعالي
62Filexx/xxxxxx/xxxxxx.xpredictiveعالي
63Filexx/xxxx/xxxxx.xpredictiveعالي
64Filexxxxx.xxxpredictiveمتوسط
65Filexxxxxx/xxxxxxxxxxxxxxpredictiveعالي
66Filexxxxxx.xxxpredictiveمتوسط
67Filexxxxx.xxxpredictiveمتوسط
68Filexxx/xxxxxxxxx-xxxpredictiveعالي
69Filexx/xxxx/xx.xpredictiveمتوسط
70Filexx/xxx/xxxxxxxx.xpredictiveعالي
71Filexx/xxx/xxx-xxxx.xpredictiveعالي
72Filexxxxx.xxxx.xxx_xxxxxxpredictiveعالي
73Filexxx/xx/xxxx/xxxxx.xxxxxpredictiveعالي
74Filexxxxxxx/xxxxx/xxxx_xxxx.xpredictiveعالي
75Filexxxxxxxx/xxxxxxx.xxxpredictiveعالي
76Filexxxxxxxx/xxx/xxx_xx_xxxxxxx.xxxpredictiveعالي
77Filexxxxxxx.xxxpredictiveمتوسط
78Filexxxxxxxxx.xxxpredictiveعالي
79Filexxx-xxxx.xpredictiveمتوسط
80Filexxxxxx_xxxx.xpredictiveعالي
81Filexxx.x/xxxxxx.xpredictiveعالي
82Filexxxxxx/xxxxxxxx.xxpredictiveعالي
83Filexxxxx.xxxpredictiveمتوسط
84Filexxxxxxxx.xxxpredictiveمتوسط
85Filexxx_xxxxx_xxxxxx.xxxpredictiveعالي
86Filexx_xxxxxx.xxxpredictiveعالي
87Filexxxxxx/xxxxxx.xpredictiveعالي
88Filexxxxxxxxxx/xx.xpredictiveعالي
89Filexxxx.xxxpredictiveمتوسط
90Filexxxxxx.xxpredictiveمتوسط
91Filexxxxx.xxxpredictiveمتوسط
92Filexxxxxxxx.xxxpredictiveمتوسط
93Filexxxxxxx/xxxxxx.xpredictiveعالي
94Filexxxxxxx.xxxpredictiveمتوسط
95Filexxxxxx_xxx.xpredictiveمتوسط
96Filexxxxxxxxxxx.xxxpredictiveعالي
97Filexxxxxxxx.xxxpredictiveمتوسط
98Filexxx.xpredictiveواطئ
99Filexxxxxxxxx.xxxpredictiveعالي
100Filexxxxxxx.xxxpredictiveمتوسط
101Filexxxxxxxxxx.xxxpredictiveعالي
102Filexxxxxxxx.xxxpredictiveمتوسط
103Filexxxx/xxxx/predictiveمتوسط
104Filexxxxxxx.xpredictiveمتوسط
105Filexxxxxx.xpredictiveمتوسط
106Filexxxxxx.xxxpredictiveمتوسط
107Filexxxxxxxxxx.xxxpredictiveعالي
108Filexxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xxpredictiveعالي
109Filexxxxxxxxxxx_xxxxx.xxxpredictiveعالي
110Filexxxxxx.xxxpredictiveمتوسط
111Filexxxxxxxxxxxxxx.xxxpredictiveعالي
112Filexxxxx_xxxxxxx.xpredictiveعالي
113Filexxxxx_xxxxxxxx.xpredictiveعالي
114Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveعالي
115Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveعالي
116Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveعالي
117Filexx-xxxx.xxxpredictiveمتوسط
118Filexxx/xxxxx/xxxxx.xxxpredictiveعالي
119Filexx_xxxxxxx.xpredictiveمتوسط
120Libraryxxx/xxxxxx.xpredictiveمتوسط
121Libraryxxxxxx.xxxpredictiveمتوسط
122Libraryxxxxxxxx.xxxpredictiveمتوسط
123Libraryxxxxxx.xxxpredictiveمتوسط
124Libraryxxx.xxxpredictiveواطئ
125Argument-xpredictiveواطئ
126Argument/xxx/xxxxxxxxxxx/xxxxxx/xx_xxxxxxxxxx.xxx?xxx=<xxxxx-xxx>/xxxxxxxx=x/xxxxxxxpredictiveعالي
127Argumentxxxxxxxxxpredictiveمتوسط
128Argumentxxxxx_xxpredictiveمتوسط
129Argumentxxxxpredictiveواطئ
130Argumentxxxxxxxxxpredictiveمتوسط
131Argumentxxxxxxxxxxxx$xxxxxxpredictiveعالي
132Argumentxxxx_xxxpredictiveمتوسط
133Argumentxxxxxpredictiveواطئ
134Argumentxxxpredictiveواطئ
135Argumentxxxxxxxxpredictiveمتوسط
136Argumentxxx_xxxxpredictiveمتوسط
137Argumentxxxx_xxxxpredictiveمتوسط
138Argumentxxpredictiveواطئ
139Argumentxx/xxxxpredictiveواطئ
140Argumentxxxxxxxx/xxxpredictiveمتوسط
141Argumentxx_xxxxxxx_xxxxpredictiveعالي
142Argumentxxxxxxpredictiveواطئ
143Argumentxx_xxxxxxxpredictiveمتوسط
144Argumentxxxxxxxxpredictiveمتوسط
145Argumentxxxxxxpredictiveواطئ
146Argumentxxxxpredictiveواطئ
147Argumentx_xxx/xxxxpredictiveمتوسط
148Argumentxxxxxxpredictiveواطئ
149Argumentxxxx_xxxxpredictiveمتوسط
150Argumentxxxxx_xxxx_xxxpredictiveعالي
151Argumentxxxpredictiveواطئ
152Argumentxxpredictiveواطئ
153Argumentxxxxxxxpredictiveواطئ
154Argumentx/xxxxxpredictiveواطئ
155Argumentxxx.xx.xxx_xxxpredictiveعالي
156Argumentxxxxxxxxxpredictiveمتوسط
157Argumentxxxxxxxxxxxxxxxxxxxxpredictiveعالي
158Argumentxxxxxx_xxxxpredictiveمتوسط
159Argumentxxxxxx_xxxxxxpredictiveعالي
160Argumentxxxxxxxxxx/xxxxxx/xxxxxxxx/xxxxxx_xxxxx/xxxxxx_xxxpredictiveعالي
161Argumentxxxxpredictiveواطئ
162Argumentxxpredictiveواطئ
163Argumentxxxxxxxxxxxxxxxxpredictiveعالي
164Argumentxxxxxpredictiveواطئ
165Argumentxxx_xxx_xxxxpredictiveمتوسط
166Argumentxxxxpredictiveواطئ
167Argumentxxpredictiveواطئ
168Argumentxxxxxxxxxxxxpredictiveمتوسط
169Argumentxxxxxpredictiveواطئ
170Argumentxxxxx/xxxxxxxxpredictiveعالي
171Argumentxxxxxxpredictiveواطئ
172Argumentxxxpredictiveواطئ
173Argumentxxxpredictiveواطئ
174Argumentxxxxxxxx/xxxxxxxxpredictiveعالي
175Argumentxxxxxpredictiveواطئ
176Argumentxxxxx/xxxxxxpredictiveمتوسط
177Argumentx/xpredictiveواطئ
178Input Value%x[xx]predictiveواطئ
179Input Value..\predictiveواطئ
180Input Value<xxxxxx>xxxxx("xxx")</xxxxxx>predictiveعالي
181Input Valuexxxxpredictiveواطئ
182Network Portxxx/xx (xxx)predictiveمتوسط
183Network Portxxx/xx (xxxxxx)predictiveعالي

المصادر (4)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Might our Artificial Intelligence support you?

Check our Alexa App!