OnionDog 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (53)

言語

en	54

国・地域

us	30
kr	24

アクター

OnionDog	2

関心

タイプ

Not Defined	12
Smartphone Operating System	6
Router Operating System	4
Chip Software	4
Web Browser	4

ベンダー

Google	6
Not Defined	6
Microsoft	6
D-Link	4
Oracle	4

製品

Google Android	6
D-Link DIR-850L	4
Linux Kernel	2
Oracle Communications Network Charging and Control	2
TeamViewer	2

脆弱性

#	脆弱性	Base	Temp	0day	本日	悪	修復	EPSS	CTI	CVE
1	Adobe Acrobat Reader Image Conversion メモリ破損	7.5	7.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.01971	0.00	CVE-2018-4916
2	Huawei HG8245H URL 情報の漏洩	7.4	7.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00167	0.06	CVE-2017-15328
3	Google Chrome v8 特権昇格	7.5	7.1	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.23564	0.02	CVE-2016-9651
4	CPU Speculative Execution Meltdown 情報の漏洩	6.1	5.8	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.97384	0.03	CVE-2017-5754
5	Mozilla Firefox WebRTC 特権昇格	5.3	4.6	$25k-$100k	$0-$5k	Unproven	Official Fix	0.00461	0.00	CVE-2014-1586
6	Tobesoft NEXACRO17 execDefaultBrowser 特権昇格	7.7	7.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00528	0.03	CVE-2021-26607
7	JetBrains IntelliJ IDEA Privilege Escalation	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00221	0.04	CVE-2021-45977
8	Oracle Communications Network Charging and Control Common サービス拒否	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00254	0.00	CVE-2022-35737
9	TeamViewer TVS File Parser 情報の漏洩	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00184	0.00	CVE-2021-34858
10	logback Configuration File 特権昇格	5.3	5.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01555	0.05	CVE-2021-42550
11	Combodo iTop Configuration File 特権昇格	7.2	7.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00652	0.09	CVE-2019-11215
12	Artifex MuPDF PDF File pdf-xref.c pdf_read_new_xref メモリ破損	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00269	0.00	CVE-2018-6192
13	VMware ESXi/Workstation/Fusion SVGA 情報の漏洩	7.5	7.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00077	0.03	CVE-2018-6974
14	PHP 404 Error Page phar_object.c Reflected クロスサイトスクリプティング	5.2	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03788	0.00	CVE-2018-10547
15	CPUID CPU-Z Kernel-Mode Driver メモリ破損	6.5	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.02	CVE-2017-15303
16	Microsoft Access メモリ破損	7.0	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.29279	0.00	CVE-2018-0903
17	Wind River VxWorks TCP Initial Sequence Number 特権昇格	5.6	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02370	0.00	CVE-2015-3963
18	Oracle VM VirtualBox 特権昇格	8.6	8.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00082	0.00	CVE-2018-2690
19	Adobe Flash Player 情報の漏洩	6.9	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00569	0.05	CVE-2018-4871
20	Google Android System 特権昇格	7.0	6.3	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00306	0.07	CVE-2017-13209

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IPアドレス	アクター	Identified	タイプ	信頼度
1	112.169.154.65	OnionDog	2020年12月23日	verified	高
2	121.133.8.2	OnionDog	2020年12月23日	verified	高
3	XXX.XXX.XXX.X	Xxxxxxxx	2020年12月23日	verified	高
4	XXX.XXX.XXX.XXX	Xxxxxxxx	2020年12月23日	verified	高
5	XXX.XXX.XXX.X	Xxxxxxxx	2020年12月23日	verified	高
6	XXX.XXX.XXX.XX	Xxxxxxxx	2020年12月23日	verified	高
7	XXX.XX.XXX.X	Xxxxxxxx	2020年12月23日	verified	高
8	XXX.XXX.XX.XXX	Xxxxxxxx	2020年12月23日	verified	高
9	XXX.XXX.XXX.X	Xxxxxxxx	2020年12月23日	verified	高
10	XXX.XXX.XXX.XX	Xxxxxxxx	2020年12月23日	verified	高

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	クラス	脆弱性	アクセスベクター	タイプ	信頼度
1	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	高
2	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	高
3	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
4	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	高
5	TXXXX	CAPEC-0	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	高
6	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	高
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高
8	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	クラス	Indicator	タイプ	信頼度
1	File	/proc/<pid>/status	predictive	高
2	File	/var/passwd	predictive	中
3	File	ext/phar/phar_object.c	predictive	高
4	File	xxxxxx/xxx/xxxxxxx.xxx	predictive	高
5	File	xxxxxx/xxxxxx/xxxx.x	predictive	高
6	File	xxxx.xxx	predictive	中
7	File	xxxxxxxxx/xxxxx.xxx	predictive	高
8	File	xxx/xxx-xxxx.x	predictive	高
9	File	xxxx.xxx	predictive	中
10	Argument	xxxxxx	predictive	低
11	Argument	xxxxxxx_x	predictive	中
12	Argument	xx	predictive	低
13	Argument	xxxxxxxx	predictive	中
14	Input Value	xxxxxxx_xxxxx.xxxxxxx_xxxxxxx	predictive	高
15	Network Port	xxx/xx (xxxxxx)	predictive	高

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!