jSpy Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (2)

Langue

en	2

De campagne

us	2

Acteurs

Mirai	1
Loki Password Stealer (PWS)	1
Ave Maria	1
Sliver	1
Cobalt Strike	1

Intérêt

Taper

Operating System	2

Fournisseur

Linux	2

Produit

Linux Kernel	2

Vulnérabilités

#	Vulnérabilité	Base	Temp	0day	Aujourd'hui	Exp	Con	EPSS	CTI	CVE
1	Linux Kernel nfnetlink_queue.c nfqnl_mangle dénie de service	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00897	0.05	CVE-2022-36946
2	REST List Parameter Plugin cross site scripting	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00077	0.00	CVE-2022-34196

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adresse IP	Hostname	Acteur	Campagnes	Identified	Taper	Confiance
1	171.22.30.117		jSpy		25/05/2023	verified	Élevé

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Classe	Vulnérabilités	Vecteur d'accès	Taper	Confiance
1	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	Élevé

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Taper	Confiance
1	File	net/netfilter/nfnetlink_queue.c	predictive	Élevé
2	Argument	xxxx/xxxxxxxxxxx	predictive	Élevé

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!