Shamoon 解析

IOB - Indicator of Behavior (3)

タイムライン

言語

en2
zh2

国・地域

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

FileZilla Server2
Mole Adult Portal Script2

脆弱性

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
145.76.128.16545.76.128.165.vultr.comShamoon2020年12月23日verified
2XXX.XX.XX.XXXXxxxxxx2020年12月23日verified

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1505CWE-89SQL Injectionpredictive
2TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1Fileprofile.phppredictive
2Argumentxxxx_xxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!