Dotdo Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (4)

Langue

en	4

De campagne

us	2

Acteurs

Dotdo	2

Intérêt

Taper

Document Reader Software	2
Library Management System Software	2

Fournisseur

Adobe	2
Not Defined	2

Produit

Adobe Acrobat Reader	2
PMB Services	2

Vulnérabilités

#	Vulnérabilité	Base	Temp	0day	Aujourd'hui	Exp	Con	EPSS	CTI	CVE
1	Proofpoint Enterprise Protection elévation de privilèges	7.2	7.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2022-46334
2	PMB Services iimport_expl.php elévation de privilèges	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.29704	0.00	CVE-2007-1415
3	Adobe Acrobat Reader buffer overflow	7.3	7.0	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.05079	0.03	CVE-2010-2203
4	Moodle cross site scripting	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00369	0.00	CVE-2010-2228

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adresse IP	Hostname	Acteur	Identified	Taper	Confiance
1	34.202.10.177	ec2-34-202-10-177.compute-1.amazonaws.com	Dotdo	08/04/2022	verified	Moyen
2	XX.XXX.XXX.XX	xxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxx	08/04/2022	verified	Moyen
3	XXX.XX.XXX.XXX		Xxxxx	08/04/2022	verified	Élevé

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnérabilités	Vecteur d'accès	Taper	Confiance
1	T1059	CWE-94	Argument Injection	predictive	Élevé
2	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Élevé
3	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Élevé

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Taper	Confiance
1	File	admin/import/iimport_expl.php	predictive	Élevé
2	Argument	xxxxxxx_xxxx	predictive	Moyen

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrécédentAperçuSuivant ▸

Do you know our Splunk app?

Download it now for free!