Cryptbot Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (15)

Sprache

en	16

Land

de	12
jp	2
us	2

Akteure

Vidar	1
RecordBreaker	1
XMRIG	1
Cryptbot	1

Interesse

Typ

Not Defined	14
Virtualization Software	2

Hersteller

Not Defined	8
Huawei	2
SourceCodester	2
TOTOLINK	2
La-souris-verte	2

Produkt

Huawei ACXXXX	2
Huawei SXXXX	2
Snipe-IT	2
SourceCodester Simple Parking Management System	2
OpenX	2

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	CTI	EPSS	CVE
1	perfSONAR file URL Privilege Escalation	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00075	CVE-2022-45213
2	La-souris-verte Com Svmap index.php Directory Traversal	5.3	5.0	$0-$5k	Wird berechnet	Proof-of-Concept	Not Defined	0.00	0.01334	CVE-2010-1308
3	OpenX adclick.php Redirect	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.34	0.00440	CVE-2014-2230
4	Goahead Software Webserver HTTP Request aux Denial of Service	5.3	4.9	$0-$5k	$0-$5k	Proof-of-Concept	Workaround	0.00	0.06949	CVE-2001-0385
5	Facebook WhatsApp Video Call Pufferüberlauf	8.0	7.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00393	CVE-2022-36934
6	SourceCodester Simple Parking Management System Cross Site Scripting	3.9	3.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00054	CVE-2022-2363
7	Snipe-IT Update Branding Settings erweiterte Rechte	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00054	CVE-2022-32060
8	TOTOLINK EX300 MQTT Data Packet setLanguageCfg erweiterte Rechte	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.17797	CVE-2022-32449
9	IBM Security Access Manager Appliance schwache Verschlüsselung	5.7	5.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00106	CVE-2022-22464
10	Apache Commons Configuration Variable Interpolation Privilege Escalation	8.0	7.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.34543	CVE-2022-33980
11	TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R erweiterte Rechte	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00706	CVE-2022-28935
12	Huawei ACXXXX/SXXXX SSH Packet erweiterte Rechte	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00246	CVE-2014-8572
13	libvirt libxl Driver Denial of Service	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00044	CVE-2021-4147
14	Zabbix SAML schwache Authentisierung	8.2	8.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.97186	CVE-2022-23131
15	VMware Spring Framework erweiterte Rechte	4.5	4.5	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00	0.00079	CVE-2021-22096

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Identifiziert	Typ	Akzeptanz
1	8.248.153.254		Cryptbot	16.10.2021	verifiziert	High
2	8.248.163.254		Cryptbot	16.10.2021	verifiziert	High
3	8.248.167.254		Cryptbot	16.10.2021	verifiziert	High
4	8.249.223.254		Cryptbot	16.10.2021	verifiziert	High
5	X.XXX.XXX.XXX		Xxxxxxxx	16.10.2021	verifiziert	High
6	X.XXX.XX.XXX		Xxxxxxxx	16.10.2021	verifiziert	High
7	X.XXX.XXX.XXX		Xxxxxxxx	16.10.2021	verifiziert	High
8	X.XXX.XXX.XXX		Xxxxxxxx	16.10.2021	verifiziert	High
9	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	16.10.2021	verifiziert	Medium
10	XX.XXX.XX.XXX	xx-xx.xxx	Xxxxxxxx	16.10.2021	verifiziert	High
11	XX.XXX.X.X	xxxxx-xx-xxx-x-x.xxx.xxxx.xxx	Xxxxxxxx	16.10.2021	verifiziert	High
12	XX.XXX.X.XXX	xxxxx-xx-xxx-x-xxx.xxx.xxxx.xxx	Xxxxxxxx	16.10.2021	verifiziert	High
13	XX.XXX.XXX.XX		Xxxxxxxx	31.01.2023	verifiziert	High
14	XX.XX.XX.XX	xxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	16.10.2021	verifiziert	High
15	XXX.XXX.XXX.X		Xxxxxxxx	16.10.2021	verifiziert	High
16	XXX.X.XXX.XX	xx-xx-xxxx.xxx-xxxxxxx.xxx	Xxxxxxxx	16.10.2021	verifiziert	High
17	XXX.XX.XXX.X	xx-xxx.xxx	Xxxxxxxx	16.10.2021	verifiziert	High

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1006	CWE-22	Path Traversal	prädiktiv	High
2	T1059.007	CWE-79	Cross Site Scripting	prädiktiv	High
3	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	prädiktiv	High
4	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	prädiktiv	High
5	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	prädiktiv	High
6	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	prädiktiv	High

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	/aux	prädiktiv	Low
2	File	/ci_spms/admin/search/searching/	prädiktiv	High
3	File	xxxxxxx.xxx	prädiktiv	Medium
4	File	xxxxx.xxx	prädiktiv	Medium
5	Argument	xxxxxxxxxx	prädiktiv	Medium
6	Argument	xxxx	prädiktiv	Low
7	Argument	xxxxxxxx	prädiktiv	Medium
8	Argument	xxxxxx	prädiktiv	Low
9	Input Value	"><xxxxxx>xxxxx("xxx")</xxxxxx>	prädiktiv	High

Referenzen (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!