Shamoon 2 解析

IOB - Indicator of Behavior (2)

言語

en	2

国・地域

cn	2

アクター

Shamoon	1
Shamoon 2	1

関心

タイプ

Not Defined	2

ベンダー

Mole	2

製品

Mole Adult Portal Script	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	CTI	EPSS	CVE
1	Mole Adult Portal Script profile.php SQLインジェクション	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.01	0.01136	CVE-2009-4673
2	FileZilla Server PORT 特権昇格	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00885	CVE-2015-10003

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	Hostname	アクター	キャンペーン	タイプ	信頼度
1	45.76.128.71	45.76.128.71.vultr.com	Shamoon 2		verified	中
2	XX.XX.XXX.XXX	xx.xx.xxx.xxx.xxxxx.xxx	Xxxxxxx X		verified	中

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	脆弱性	アクセスベクター	タイプ	信頼度
1	T1505	CWE-89	SQL Injection	predictive	高
2	TXXXX	CWE-XXX	Xxxxxxxxxxxxx	predictive	高

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	profile.php	predictive	中
2	Argument	xxxx_xx	predictive	低

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!