Crashoverride Analyse

IOB - Indicator of Behavior (3)

Zeitverlauf

Sprache

en4

Land

Akteure

Aktivitäten

Interesse

Zeitverlauf

Typ

Hersteller

Produkt

Vesta Control Panel2
Vesta myVesta2
Directadmin Controlpanel2

Schwachstellen

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-AdresseHostnameAkteurKampagnenIdentifiziertTypAkzeptanz
15.39.218.152Crashoverride23.12.2020verifiziertHigh
2XX.XXX.XX.XXXxxxxxxxxxxxx23.12.2020verifiziertHigh
3XXX.XX.XX.Xxxxxxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxxx23.12.2020verifiziertHigh

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1059.007CWE-80Cross Site ScriptingprädiktivHigh
2TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
3TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (5)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/cgi-bin/supervisor/PwdGrp.cgiprädiktivHigh
2File/CMD_SELECT_USERSprädiktivHigh
3Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxprädiktivHigh
4ArgumentxxxxxxxxprädiktivMedium
5Input Valuexxx_xxx_xxxx_xxxx'"><xxxxxx>xxxxx(/xxxxx.xx/)</xxxxxx>prädiktivHigh

Referenzen (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!