Edwind Analisi

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (5)

Linguaggio

en	6

Nazione

de	4
ru	2

Attori

Edwind	1
JAFF	1

Interesse

Genere

Router Operating System	2
Operating System	2

Fornitore

Mikrotik	2
Not Defined	2

Prodotto

Mikrotik RouterOS	2
FreeBSD	2

Vulnerabilità

#	Vulnerabilità	Base	Temp	0day	Oggi	Sfr	Con	EPSS	CTI	CVE
1	FreeBSD Ping pr_pack buffer overflow	7.3	7.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.03	CVE-2022-23093
2	Fortinet FortiADC HTTP Request escalazione di privilegi	8.8	8.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00106	0.00	CVE-2022-39947
3	Mikrotik RouterOS Hotspot Process rivelazione di un 'informazione	7.6	7.4	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00114	0.00	CVE-2022-45313
4	phpBB++ functions.php escalazione di privilegi	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.16828	0.00	CVE-2007-0762

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	indirizzo IP	Hostname	Attore	Identified	Genere	Fiducia
1	88.99.71.89	static.89.71.99.88.clients.your-server.de	Edwind	30/08/2021	verified	Alto
2	XX.XX.XXX.XXX	xxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	30/08/2021	verified	Alto
3	XX.XX.XXX.XXX	xxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	30/08/2021	verified	Alto

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilità	Accesso al vettore	Genere	Fiducia
1	T1202	CWE-78	Command Shell in Externally Accessible Directory	predictive	Alto

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Genere	Fiducia
1	File	includes/functions.php	predictive	Alto
2	Argument	xxxxx_xxxx_xxxx	predictive	Alto

Referenze (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!