Gorgon Group Analisi

IOB - Indicator of Behavior (13)

Sequenza temporale

Linguaggio

en14

Nazione

pk14

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

ROCBOSS2
MailCleaner Community Edition2
Microsoft IIS2
portable SDK for UPnP2
Microsoft Azure IoT Edge2

Vulnerabilità

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDindirizzo IPHostnameAttoreCampagneIdentifiedGenereFiducia
1115.186.136.237115-186-136-237.nayatel.pkGorgon Group17/12/2020verifiedAlto

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitàAccesso al vettoreGenereFiducia
1T1059.007CWE-79Cross Site ScriptingpredictiveAlto
2TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveAlto
3TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveAlto
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
5TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (7)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/uncpath/predictiveMedia
2Fileapp/controllers/frontend/PostController.phppredictiveAlto
3Filexxx/xxxx/xxxxxxxxxxx/xxxxxx/xxxx.xxxpredictiveAlto
4ArgumentxxxxxpredictiveBasso
5Input Value%xxpredictiveBasso
6Input Value::$xxxxx_xxxxxxxxxxpredictiveAlto
7Network Portxxx xxxxxx xxxxpredictiveAlto

Referenze (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!