Shamoon 2 Analyse

IOB - Indicator of Behavior (2)

Sprache

en	2

Land

us	2

Akteure

Shamoon	1
Shamoon 2	1

Interesse

Typ

File Transfer Software	2

Hersteller

FileZilla	2

Produkt

FileZilla Server	2

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	CTI	EPSS	CVE
1	Mole Adult Portal Script profile.php SQL Injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.01	0.01136	CVE-2009-4673
2	FileZilla Server PORT erweiterte Rechte	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00885	CVE-2015-10003

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Kampagnen	Typ	Akzeptanz
1	45.76.128.71	45.76.128.71.vultr.com	Shamoon 2		verifiziert	Medium
2	XX.XX.XXX.XXX	xx.xx.xxx.xxx.xxxxx.xxx	Xxxxxxx X		verifiziert	Medium

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1505	CWE-89	SQL Injection	prädiktiv	High
2	TXXXX	CWE-XXX	Xxxxxxxxxxxxx	prädiktiv	High

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	profile.php	prädiktiv	Medium
2	Argument	xxxx_xx	prädiktiv	Low

Referenzen (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!