APT30 Analiza

IOB - Indicator of Behavior (7)

Oś czasu

Język

en6
zh2

Kraj

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Combodo iTop2
Linux Kernel2
Softnext SPAM SQR2

Luki w zabezpieczeniach

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
15.1.0.295-1-0-29.datagroup.uaAPT302020-12-26verifiedWysoki
2XXX.XXX.XX.XXXXxxxx2024-02-19verifiedWysoki
3XXX.XXX.X.XXXXxxxx2020-12-24verifiedWysoki
4XXX.XXX.XXX.XXXXxxxx2024-02-19verifiedWysoki

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1059CWE-94Argument InjectionpredictiveWysoki
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
4TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1Fileweb/env-production/itop-config/config.phppredictiveWysoki
2Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xpredictiveWysoki

Referencje (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!