Chafer 解析

IOB - Indicator of Behavior (327)

タイムライン

言語

en290
es14
it6
ru6
de6

国・地域

us184
ru32
es22
gb16
ir12

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Apache Tomcat10
Microsoft Windows8
Linux Kernel6
nginx6
WordPress6

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2nginx 特権昇格6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.090.00241CVE-2020-12440
3Microsoft IIS クロスサイトスクリプティング5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
4VMware vRealize Orchestrator Path Redirect3.02.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00119CVE-2021-22036
5vm2 特権昇格9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00464CVE-2023-32314
6OpenSSH Authentication Username 情報の漏洩5.34.8$5k-$25k$0-$5kHighOfficial Fix0.000.10737CVE-2016-6210
7PHPMailer Phar Deserialization addAttachment 特権昇格5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00748CVE-2020-36326
8jQuery Property extend Pollution クロスサイトスクリプティング6.66.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.03625CVE-2019-11358
9Rust Programming Language Standard Library type_id メモリ破損7.77.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00301CVE-2019-12083
10WordPress SQLインジェクション6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00467CVE-2022-21664
11Apple iOS WebKit メモリ破損6.36.0$100k 以上$5k-$25kHighOfficial Fix0.000.00349CVE-2021-30666
12WordPress ディレクトリトラバーサル5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00326CVE-2023-2745
13Canon IJ Network Tool Wi-Fi Connection Setup 情報の漏洩5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00052CVE-2023-1763
14ciubotaru share-on-diaspora new_window.php クロスサイトスクリプティング4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.090.00063CVE-2017-20176
15Postfix Admin functions.inc.php SQLインジェクション7.37.0$5k-$25k$0-$5kHighOfficial Fix0.030.00263CVE-2014-2655
16D-Link DCS-2530L/DCS-2670L ddns_enc.cgi 特権昇格7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00135CVE-2020-25079
17Microsoft IIS IP/Domain Restriction 特権昇格6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.120.00817CVE-2014-4078
18SourceCodester Library Management System bookdetails.php SQLインジェクション7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00322CVE-2022-2214
19Phplinkdirectory PHP Link Directory conf_users_edit.php 未知の脆弱性6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00526CVE-2011-0643
20Lotus Domino Request 情報の漏洩5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00877CVE-2002-0245

キャンペーン (2)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (136)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File//etc/RT2870STA.datpredictive
2File/admin/index.php?id=themes&action=edit_template&filename=blogpredictive
3File/api/loginpredictive
4File/appConfig/userDB.jsonpredictive
5File/bin/boapredictive
6File/cgi-bin/wapopenpredictive
7File/CPEpredictive
8File/cwp_{SESSION_HASH}/admin/loader_ajax.phppredictive
9File/jquery_file_upload/server/php/index.phppredictive
10File/librarian/bookdetails.phppredictive
11File/magnoliaPublic/travel/members/login.htmlpredictive
12File/Main_AdmStatus_Content.asppredictive
13File/public/login.htmpredictive
14File/requests.phppredictive
15File/self.keypredictive
16File/xxxxxxx/predictive
17File/xxx/xxx/xxxxxpredictive
18File/xxxxxxxx/xxxx_xxxxx.xxxpredictive
19Filexxxxxxx.xxxpredictive
20Filexxxxx.xxxpredictive
21Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictive
22Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictive
23Filexxxxxxxxxx.xxxpredictive
24Filexxxxxxxxxxx.xxxpredictive
25Filexx_xxxxxxxxxx.xxxpredictive
26Filexxx:.xxxpredictive
27Filexxxxxxx.xxxpredictive
28Filexxxxxx_xxxxxx.xxxpredictive
29Filexxxxxxxx.xxxpredictive
30Filexxx-xxx/xxxx_xxx.xxxpredictive
31Filexxxxxx.xxxpredictive
32Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
33Filexxxxxx.xxxpredictive
34Filexxx.xxxpredictive
35Filexxxxx.xxxpredictive
36Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xxpredictive
37Filexxxxxxxxx.xxx.xxxpredictive
38Filexxxxxxxxxxxx_xxxx.xxxpredictive
39Filexxx_xxxxxx.xxxpredictive
40Filexxxx_xxxxxxx.xxx.xxxpredictive
41Filexxxx_xxxx.xpredictive
42Filexxxxxxxxx.xxxpredictive
43Filexxxxxxxx/xxxxx.xxxx-xxx.xxxpredictive
44Filexxxxx.xxxpredictive
45Filexxxxxx.xpredictive
46Filexxxx/xxx_xxx.xpredictive
47Filexxxxxxxx.xxxpredictive
48Filexxxxxxx/xxxxxxx/xxx_xxxxxxx.xpredictive
49Filexxx_xxxxxx.xxpredictive
50Filexxxx/xxxx/xxxxx.xxxpredictive
51Filexxx_xxxxxx.xxxpredictive
52Filexxxxxx.xxxpredictive
53Filexxxxxxxxxxxxxx.xxxpredictive
54Filexxxxxxx.xxxpredictive
55Filexxxxx.xxxxx.xxxpredictive
56Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictive
57Filexxxx/xxxxxpredictive
58Filexxxxx.xxxpredictive
59Filexxxxxxxx.xxxpredictive
60Filexxxxxxxxxx.xxxpredictive
61Filexxxxxxxx_xxxx.xxxpredictive
62Filexxxxxxxx.xxx?x=xxxxxx&x=xxxxxxxxxxpredictive
63Filexxxxxxx.xpredictive
64Filexxxxxx.xxxpredictive
65Filexxxx.xxxpredictive
66Filexxxxx/xxx/xxxx.xpredictive
67Filexxxxxx_xxx_xxxxx_xxx.xxxpredictive
68Filexxx_xxx_xxxxx.xxxpredictive
69Filexxxx/xxxxxxxxxxxxxxx.xxxxxxpredictive
70Filexxxxxxx_xxxxx.xxxpredictive
71Filexxxxxxx_xxxxxxxxxx.xxxpredictive
72Filexxx.xxxpredictive
73Filexxxxxx.xxxpredictive
74Filexxxxxx.xxxpredictive
75Filexxxxxxxxxxxxxx.xxxpredictive
76Filexxxxxxx.xxxpredictive
77Filexx-xxxxx/xxxx-xxx.xxxpredictive
78Filexx-xxxxxxx/xxxxxxx/xxxx-xx-xxxx/predictive
79Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictive
80Filexx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxxpredictive
81Filexx-xxxxxxxxxxx.xxxpredictive
82Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictive
83Libraryxxxxxx.xxxpredictive
84Argument$xxxxx_xxxxxxxxxxpredictive
85Argumentxxxxxxxpredictive
86Argumentxxxxxpredictive
87Argumentxxxxxxpredictive
88Argumentxxxpredictive
89Argumentxxxxxpredictive
90Argumentxxxxxxxxxxxxxxxpredictive
91Argumentxxxx/xxxxpredictive
92Argumentxxxxxxxxpredictive
93Argumentxxxxpredictive
94Argumentxxxxxxxxxxpredictive
95Argumentxxxxpredictive
96Argumentxxxxxxxxxxpredictive
97Argumentxxxx_xxxxxxxxpredictive
98Argumentxxxx[xxx]predictive
99Argumentxxxxxxxxpredictive
100Argumentxxxxpredictive
101Argumentxxxxxpredictive
102Argumentxxxxx_xxpredictive
103Argumentxxxx_xxxxxxxpredictive
104Argumentxxpredictive
105Argumentxxxxpredictive
106Argumentxxxxxxxxxxxxx/xxxxxxxxxxxxxxpredictive
107Argumentx/xx/xxxpredictive
108Argumentxxxx_xxxxpredictive
109Argumentxx_xxxxxxxpredictive
110Argumentxxxpredictive
111Argumentxxxxxxxxx/xxxxxx/xxxxxxxxxpredictive
112Argumentxxxxxxxxxxpredictive
113Argumentxxxxxxxxxxxxxpredictive
114Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictive
115Argumentxxxxxxpredictive
116Argumentxxxxx_xxxxpredictive
117Argumentxxxxxxxxpredictive
118Argumentxxxxxxxxpredictive
119Argumentxxxxxxxpredictive
120Argumentxxxx xxxxxpredictive
121Argumentxxxx_xxxxxpredictive
122Argumentxxxxpredictive
123Argumentxxxxxxpredictive
124Argumentxxxxxxxxxxpredictive
125Argumentx/xxxxxxxxxxxxpredictive
126Argumentxxxxpredictive
127Argumentxxxxxxxxpredictive
128Argumentxxxxx/xxxpredictive
129Argumentxxxpredictive
130Argumentxxxxxxpredictive
131Argumentxxxxxxxxpredictive
132Argumentxxxxxxxxx_xxxxxx_xx_[xxxx]predictive
133Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictive
134Input Value../..predictive
135Network Portxxx/xxxxpredictive
136Network Portxxx/xxx (xxx)predictive

参考 (5)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!