Shamoon Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (3)

Idioma

en	4

País

us	2
cn	2

Actores

Meterpreter	1
Shamoon 2	1

Interesar

Escribe

File Transfer Software	2
Not Defined	2

Proveedor

FileZilla	2
Mole	2

Producto

FileZilla Server	2
Mole Adult Portal Script	2

Vulnerabilidad

#	Vulnerabilidad	Base	Temp	0day	Hoy	Exp	Con	EPSS	CTI	CVE
1	Fortinet FortiWeb HTTP Request desbordamiento de búfer	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00160	0.00	CVE-2021-42756
2	Mole Adult Portal Script profile.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00129	0.02	CVE-2009-4673
3	FileZilla Server PORT escalada de privilegios	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00052	0.09	CVE-2015-10003

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	dirección IP	Hostname	Actor	Campañas	Identified	Escribe	Confianza
1	45.76.128.165	45.76.128.165.vultr.com	Shamoon		2020-12-23	verified	Medio
2	XXX.XX.XX.XXX		Xxxxxxx		2020-12-23	verified	Alto

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidad	Vector de acceso	Escribe	Confianza
1	T1505	CWE-89	SQL Injection	predictive	Alto
2	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Clase	Indicator	Escribe	Confianza
1	File	profile.php	predictive	Medio
2	Argument	xxxx_xx	predictive	Bajo

Referencias (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!