T9000 Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (12)

Język

en	6
es	4
zh	2

Kraj

us	10
cn	2

Aktorzy

T9000	1

Wysiłek

Rodzaj

Photo Gallery Software	2
Web Browser	2
Not Defined	2

Sprzedawca

Magic	2
Trango	2
DZCP	2

Produkt

Magic Photo Storage Website	2
Trango ApexLynx	2
Trango ApexOrion	2
Trango GigaLynx	2
Trango GigaOrion	2

Luki w zabezpieczeniach

#	Słaby punkt	Base	Temp	0day	Dzisiaj	Wyk	Prz	CTI	EPSS	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02	0.02016	CVE-2007-1192
2	MinIO directory traversal	6.8	6.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.06	0.00246	CVE-2022-35919
3	Magic Photo Storage Website register.php privilege escalation	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00000
4	Public Warehouse Light Blog add_comment.php cross site scripting	4.3	4.1	$0-$5k	Obliczenie	High	Official Fix	0.00	0.01001	CVE-2007-3131
5	DZCP deV!L`z Clanportal config.php privilege escalation	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.79	0.00943	CVE-2010-0966
6	Trango ApexLynx/ApexOrion/GigaLynx/GigaOrion/StrataLink SSH/Telnet weak authentication	9.8	9.6	$0-$5k	$0-$5k	Not Defined	Workaround	0.00	0.01245	CVE-2016-10307

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adres IP	Hostname	Aktor	Kampanie	Identified	Rodzaj	Pewność siebie
1	198.55.120.143	198.55.120.143.static.quadranet.com	T9000		2020-12-23	verified	Wysoki

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Luki w zabezpieczeniach	Wektor dostępu	Rodzaj	Pewność siebie
1	T1006	CWE-22	Path Traversal	predictive	Wysoki
2	T1059	CWE-94	Argument Injection	predictive	Wysoki
3	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Wysoki
4	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
5	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Wysoki
6	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Wysoki

IOA - Indicator of Attack (7)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasa	Indicator	Rodzaj	Pewność siebie
1	File	add_comment.php	predictive	Wysoki
2	File	data/gbconfiguration.dat	predictive	Wysoki
3	File	xxx/xxxxxx.xxx	predictive	Wysoki
4	File	xxxx/xxxxxxxx.xxx	predictive	Wysoki
5	Argument	xxxxxxxx	predictive	Medium
6	Argument	xx	predictive	Niski
7	Argument	_xxxxxx[xxxx_xxxx]	predictive	Wysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PoprzedniPrzeglądKolejny ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!