Mining Multitool Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

Cronología

Idioma

en16
ru4

País

us20

Actores

PowerGhost1

Ocupaciones

Interesar

Cronología

Escribe

Content Management System6
Not Defined6

Proveedor

Not Defined6
Joomla2
WordPress2
Early Impact2

Producto

Joomla CMS2
WordPress AdServe2
FLDS2
TikiWiki2
GetSimpleCMS2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1TikiWiki tiki-register.php escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010090.77CVE-2006-6168
2Tiki Admin Password tiki-login.php autenticación débil8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009361.91CVE-2020-15906
3FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.06CVE-2008-5928
4DZCP deV!L`z Clanportal config.php escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.55CVE-2010-0966
5Advisto Peel SHOPPING caddie_ajout.php cross site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001180.03CVE-2018-20848
6IBM Robotic Process Automation with Automation Anywhere Ignite Node divulgación de información5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.000640.00CVE-2019-4337
7Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php escalada de privilegios7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000550.12CVE-2023-5493
8WordPress AdServe adclick.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000730.03CVE-2008-0507
9Early Impact Productcart custva.asp cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.007150.06CVE-2004-2174
10Phplinkdirectory PHP Link Directory conf_users_edit.php cross site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.03CVE-2011-0643
11GetSimpleCMS index.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001230.00CVE-2019-9915
12Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.18

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDdirección IPHostnameActorCampañasIdentifiedEscribeConfianza
1185.128.43.62Mining Multitool2022-03-27verifiedAlto

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1059CWE-94Argument InjectionpredictiveAlto
2T1059.007CWE-80Cross Site ScriptingpredictiveAlto
3TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
6TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/useratte/web.phppredictiveAlto
2Fileadclick.phppredictiveMedio
3Fileadmin/conf_users_edit.phppredictiveAlto
4Filexxxxx/xxxxx.xxxpredictiveAlto
5Filexxxxxx.xxxpredictiveMedio
6Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveAlto
7Filexxx/xxxxxx.xxxpredictiveAlto
8Filexxxxx.xxxpredictiveMedio
9Filexxxx-xxxxx.xxxpredictiveAlto
10Filexxxx-xxxxxxxx.xxxpredictiveAlto
11ArgumentxxxxxxxxpredictiveMedio
12Argumentxxxxxxxxx[x]predictiveMedio
13Argumentxxxx_xxxxxxpredictiveMedio
14ArgumentxxpredictiveBajo
15ArgumentxxxxxxxxpredictiveMedio
16ArgumentxxxxxxxxxxxpredictiveMedio

Referencias (2)

The following list contains external sources which discuss the actor and the associated activities:

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!