Crashoverride Analyse

Activités

Chronologie

Langue

en3

De campagne

ru2

Actors

Industroyer3

Activités

Intérêt

Vulnérabilités

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadresse IPHostnameCampagnesConfiance
15.39.218.152Élevé
293.115.27.57Élevé
3195.16.88.6server10005.defaulthost.netÉlevé

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsConfiance
1T1059.007CWE-80Cross Site ScriptingÉlevé

IOA - Indicator of Attack (5)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorConfiance
1File/cgi-bin/supervisor/PwdGrp.cgiÉlevé
2File/CMD_SELECT_USERSÉlevé
3Fileweb/upload/UploadHandler.phpÉlevé
4ArgumentxxxxxxxxMoyen
5Input Valuexxx_xxx_xxxx_xxxx'"><xxxxxx>xxxxx(/xxxxx.xx/)</xxxxxx>Élevé

Références (1)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!