Shadowbrokers 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (8)

タイムライン

言語

en8

国・地域

us8

アクター

Glupteba1
Ramnit1
Darkkomet1
Shadowbrokers1

アクティビティ

関心

タイムライン

タイプ

Not Defined4
Project Management Software2
Vehicle Software2

ベンダー

Sourcecodehero2
Daimler2
Totolink2
Byzoro2

製品

Sourcecodehero ERP System Project2
Daimler Mercedes Comand2
Totolink LR1200GB2
Byzoro Smart S85F Management Platform2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Totolink LR1200GB Web Interface cstecgi.cgi loginAuth メモリ破損9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.11CVE-2024-1783
2Byzoro Smart S85F Management Platform 特権昇格7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002070.07CVE-2023-4121
3Byzoro Smart S85F Management Platform importhtml.php 特権昇格7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.006170.07CVE-2023-4120
4Campcodes Online Thesis Archiving System view_department.php SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.09CVE-2023-2144
5centreon Contact Groups Form formContactGroup.php SQLインジェクション6.35.8$0-$5k$0-$5kNot DefinedOfficial Fix0.002120.11CVE-2022-3827
6Sourcecodehero ERP System Project processlogin.php SQLインジェクション8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001700.07CVE-2022-3118
7Daimler Mercedes Comand Navigation Route Calculation サービス拒否6.26.2$0-$5k$0-$5kFunctionalUnavailable0.000610.04CVE-2018-18070
8Daimler Mercedes Me App Certificate Pinning 情報の漏洩6.05.9$0-$5k$0-$5kHighOfficial Fix0.002380.05CVE-2018-18071

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
169.55.1.30Shadowbrokers2022年04月13日verified
269.55.1.36Shadowbrokers2022年04月13日verified
369.55.1.37Shadowbrokers2022年04月13日verified
469.55.1.100Shadowbrokers2022年04月13日verified
569.55.1.146Shadowbrokers2022年04月13日verified
6XX.XX.X.XXXXxxxxxxxxxxxx2022年04月13日verified
7XX.XX.X.XXXXxxxxxxxxxxxx2022年04月13日verified
8XX.XX.X.XXXXxxxxxxxxxxxx2022年04月13日verified
9XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
10XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
11XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
12XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
13XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
14XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
15XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
16XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
17XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
18XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
19XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
20XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx2022年04月13日verified
21XX.XX.X.XXXxxxxxxxxxxxx2022年04月13日verified
22XX.XX.X.XXXxxxxxxxxxxxx2022年04月13日verified
23XX.XX.X.XXXxxxxxxxxxxxx2022年04月13日verified
24XX.XX.X.XXXxxxxxxxxxxxx2022年04月13日verified
25XX.XX.X.XXXxxxxxxxxxxxx2022年04月13日verified

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1202CAPEC-136CWE-77Command Shell in Externally Accessible Directorypredictive
2TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
3TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
4TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin/departments/view_department.phppredictive
2File/cgi-bin/cstecgi.cgipredictive
3File/xxxxx/xxxxxxxxxxxx.xxxpredictive
4Filexxxxxxxxxxxxxxxx.xxxpredictive
5Filexxxxxxxxxx.xxxpredictive
6Argumentxx_xxpredictive
7Argumentxxxx_xxxxxxpredictive
8Argumentxxxx_xxxxpredictive
9Argumentxxpredictive
10Argumentxxxpredictive
11Argumentxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you need the next level of professionalism?

Upgrade your account now!