Qrypter 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (123)

タイムライン

言語

en124

国・地域

us82
cn2

アクター

Adwind1
Qrypter1
Remcos1

アクティビティ

関心

タイムライン

タイプ

Not Defined64
Firewall Software10
Document Reader Software8
Content Management System8
Web Server4

ベンダー

Not Defined38
Trevor Mckay10
Cisco10
Adobe8
Apache6

製品

Trevor Mckay Cumin10
Cisco ASA 558010
Adobe Acrobat Reader8
cPanel4
Google Chrome4

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1auth0.js Password 情報の漏洩3.83.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000630.00CVE-2020-5263
2LearnDash Plugin SQLインジェクション8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.001380.02CVE-2020-6009
3cPanel Script 特権昇格5.34.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.03
4WordPress Multisite API ms-functions.php 弱い暗号化7.47.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.006570.00CVE-2017-5493
5D-Link DWR-932B Telnet/SSH Service 弱い認証9.89.6$5k-$25k$0-$5kNot DefinedWorkaround0.510040.01CVE-2016-10177
6JetBrains Space Password Authentication 弱い認証8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.003090.00CVE-2020-11796
7PrestaShop AdminFeatures Page Reflected クロスサイトスクリプティング4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2020-5269
8PrestaShop Product Attributes Page 特権昇格4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.00CVE-2020-5288
9IBM Maximo Asset Management Web UI クロスサイトスクリプティング4.74.7$5k-$25k$0-$5kNot DefinedNot Defined0.000500.00CVE-2019-4749
10OpenMRS login.htm 特権昇格5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001050.00CVE-2020-5728
11IBM MQ 情報の漏洩3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.000420.03CVE-2020-4338
12Schneider Electric TriStation 1131 情報の漏洩6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001710.00CVE-2020-7483
13Google Android rw_t2t_ndef.cc rw_t2t_extract_default_locks_info メモリ破損8.58.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001020.00CVE-2020-0071
14IBM UrbanCode Deploy Permission 情報の漏洩3.13.1$5k-$25k$0-$5kNot DefinedNot Defined0.000500.04CVE-2020-4260
15ClearPass Stored クロスサイトスクリプティング3.63.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.04CVE-2020-7110
16LG Mobile Device GPS 未知の脆弱性5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000440.00CVE-2019-20784
17IBM MQ Error サービス拒否4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.000840.00CVE-2019-4762
18Netgear WAC510 Stored クロスサイトスクリプティング4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2019-20742
19iCatch DVR 特権昇格7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001040.03CVE-2020-10514
20Cisco UCS Director/UCS Director Express for Big Data REST API 特権昇格8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.967560.00CVE-2020-3250

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
1178.175.138.211178-175-138-211.static.as43289.netQrypter2021年05月31日verified

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94Argument Injectionpredictive
4TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
7TXXXXCAPEC-136CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
8TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
9TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
10TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
11TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (40)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/ajax/GetInheritedPropertiespredictive
2File/MicroStrategyWS/happyaxis.jsppredictive
3File/web/google_analytics.phppredictive
4Filecustomize.phppredictive
5Filecustomprofile.phppredictive
6FileeditAccount.htmlpredictive
7Filexxxxxxxxxxxxx.xxxpredictive
8Filexxxxxxxxxxxx.xxxpredictive
9Filexxx/xxxxxx.xxxpredictive
10Filexxxxx.xxxpredictive
11Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictive
12Filexxxx_xxxx.xxxpredictive
13Filexxxxxx.xpredictive
14Filexxxxx.xxxpredictive
15Filexxxxx.xxxpredictive
16Filexxxxxx.xxxpredictive
17Filexxxxxxx.xxxpredictive
18Filexx_xxx_xxxx.xxpredictive
19Filexxxx-xxxxxx-xxx.xxxpredictive
20Filexxxxxxxx.xxxpredictive
21Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictive
22Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictive
23Argumentxxxpredictive
24Argumentxxxxxxxxpredictive
25Argumentxxxx_xxpredictive
26Argumentxxxxxxxxxxxpredictive
27Argumentxxxxxpredictive
28Argumentxxpredictive
29Argumentxx_xxxxxxxpredictive
30Argumentxxxxxxxxpredictive
31Argumentxxxxxpredictive
32Argumentxxxxxxxxpredictive
33Argumentxxxxxxxxpredictive
34Argumentxxxxxxxxxxxpredictive
35Argumentxxxpredictive
36Argumentxxxxxpredictive
37Argumentxxxxxxxxxxpredictive
38Argumentxxxxxxxxpredictive
39Argumentxxxxpredictive
40Input Valuexxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Interested in the pricing of exploits?

See the underground prices here!