Mining Multitool Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

Zeitverlauf

Sprache

en18
es2

Land

us20

Akteure

PowerGhost1

Aktivitäten

Interesse

Zeitverlauf

Typ

Not Defined8
Content Management System2
Automation Software2

Hersteller

Not Defined8
DZCP2
IBM2

Produkt

DZCP deV!L`z Clanportal2
GetSimpleCMS2
TikiWiki2
IBM Robotic Process Automation with Automation Any ...2
Tiki2

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1TikiWiki tiki-register.php erweiterte Rechte7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix5.320.01009CVE-2006-6168
2Tiki Admin Password tiki-login.php schwache Authentisierung8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix2.520.00936CVE-2020-15906
3FLDS redir.php SQL Injection7.37.3$0-$5k$0-$5kHighUnavailable0.350.00203CVE-2008-5928
4DZCP deV!L`z Clanportal config.php erweiterte Rechte7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.290.00943CVE-2010-0966
5Advisto Peel SHOPPING caddie_ajout.php Cross Site Request Forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.130.00118CVE-2018-20848
6IBM Robotic Process Automation with Automation Anywhere Ignite Node Information Disclosure5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.000.00064CVE-2019-4337
7Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php erweiterte Rechte7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.190.00055CVE-2023-5493
8WordPress AdServe adclick.php SQL Injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00073CVE-2008-0507
9Early Impact Productcart custva.asp Cross Site Scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00715CVE-2004-2174
10Phplinkdirectory PHP Link Directory conf_users_edit.php Cross Site Request Forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.130.00526CVE-2011-0643
11GetSimpleCMS index.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.000.00123CVE-2019-9915
12Joomla CMS com_easyblog SQL Injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.260.00000

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-AdresseHostnameAkteurKampagnenIdentifiziertTypAkzeptanz
1185.128.43.62Mining Multitool27.03.2022verifiziertHigh

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1059CWE-94Argument InjectionprädiktivHigh
2T1059.007CWE-80Cross Site ScriptingprädiktivHigh
3TXXXX.XXXCWE-XXXXxxx XxxxxxxxprädiktivHigh
4TXXXXCWE-XXXxx XxxxxxxxxprädiktivHigh
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxprädiktivHigh
6TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/useratte/web.phpprädiktivHigh
2Fileadclick.phpprädiktivMedium
3Fileadmin/conf_users_edit.phpprädiktivHigh
4Filexxxxx/xxxxx.xxxprädiktivHigh
5Filexxxxxx.xxxprädiktivMedium
6Filexx/xxxxx/xxxxxx_xxxxx.xxxprädiktivHigh
7Filexxx/xxxxxx.xxxprädiktivHigh
8Filexxxxx.xxxprädiktivMedium
9Filexxxx-xxxxx.xxxprädiktivHigh
10Filexxxx-xxxxxxxx.xxxprädiktivHigh
11ArgumentxxxxxxxxprädiktivMedium
12Argumentxxxxxxxxx[x]prädiktivMedium
13Argumentxxxx_xxxxxxprädiktivMedium
14ArgumentxxprädiktivLow
15ArgumentxxxxxxxxprädiktivMedium
16ArgumentxxxxxxxxxxxprädiktivMedium

Referenzen (2)

The following list contains external sources which discuss the actor and the associated activities:

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!