Careto Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (603)

Idioma

en	572
de	20
zh	2
ru	2
es	2

País

de	192
us	84
es	10
nl	2
cn	2

Actores

Careto	3
Mirai	1
Grizzly Steppe	1
Generickdz	1

Interesse

Tipo

Not Defined	240
Operating System	58
Router Operating System	26
Web Browser	22
WordPress Plugin	18

Fabricante

Not Defined	186
Cisco	30
Microsoft	26
Google	22
IBM	18

Produto

Microsoft Windows	18
Google Chrome	12
Google Android	10
Adobe Magento Commerce	10
Cisco IOS XE	8

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	EPSS	CTI	CVE
1	Atlassian Confluence Server/Data Center direitos alargados	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00059	0.05	CVE-2021-43940
2	Apple macOS Login Window direitos alargados	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00056	0.05	CVE-2021-30702
3	Microsoft Windows Active Directory integrated DNS direitos alargados	8.8	8.4	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.01180	0.00	CVE-2020-0761
4	lighttpd mod_alias_physical_handler mod_alias.c Directório Traversal	7.4	7.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00493	0.02	CVE-2018-19052
5	nginx ngx_http_mp4_module Divulgação de Informação	5.9	5.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00198	0.05	CVE-2018-16845
6	Click Studios Passwordstate PIN Generator Divulgação de Informação	4.9	4.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00230	0.00	CVE-2020-27747
7	Microsoft IIS Roteiro Cruzado de Sítios	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00548	0.07	CVE-2017-0055
8	WordPress Password Reset wp-login.php mail direitos alargados	6.1	5.8	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02827	0.02	CVE-2017-8295
9	Rarlab WinRar Recovery Volume Excesso de tampão	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.02	CVE-2023-40477
10	Ingredients Stock Management System view_item.php Injecção SQL	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00088	0.00	CVE-2022-36701
11	HPE OfficeConnect 1820 Fraca autenticação	9.1	9.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00182	0.03	CVE-2022-37932
12	Apache Flume JMS Source direitos alargados	8.0	7.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00264	0.00	CVE-2022-34916
13	SourceCodester Online Class and Exam Scheduling System class_sched.php Injecção SQL	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00170	0.06	CVE-2022-2706
14	TCL LinkHub Mesh Wi-Fi MS1G Configuration logserver GetValue Excesso de tampão	9.4	9.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00216	0.00	CVE-2022-24014
15	Download Monitor Plugin wp-config.php direitos alargados	4.7	4.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00109	0.00	CVE-2021-31567
16	Questions For Confluence App Fraca autenticação	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.97269	0.06	CVE-2022-26138
17	Wavlink WL-WN575A3 POST Request obtw direitos alargados	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00373	0.00	CVE-2022-34592
18	Google Chrome Chrome OS Shell Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00541	0.02	CVE-2022-2296
19	Dice File direitos alargados	7.6	7.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00298	0.00	CVE-2022-32413
20	HMA VPN direitos alargados	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.00	CVE-2022-26634

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	8.28.16.254		Careto	01/01/2021	verified	Alto
2	12.0.0.38		Careto	01/01/2021	verified	Alto
3	23.20.44.92	ec2-23-20-44-92.compute-1.amazonaws.com	Careto	01/01/2021	verified	Médio
4	37.235.63.127	127-63-235-37.static.edis.at	Careto	01/01/2021	verified	Alto
5	XX.XXX.XXX.X	xxxxx-xxx-xxx-xx.xxxxxxxxxxxxxx.xxxxx.xx	Xxxxxx	01/01/2021	verified	Alto
6	XX.XX.XX.XX		Xxxxxx	01/01/2021	verified	Alto
7	XX.XXX.XXX.XXX	xx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxx	Xxxxxx	01/01/2021	verified	Alto
8	XX.X.XXX.XX	xxxxxxxx-xx-x-xxx-xxx.xxxxxxxxxx.xx	Xxxxxx	01/01/2021	verified	Alto
9	XXX.XXX.XXX.XX	xx.xx.xxxx.xxxxxx.xxxxxxxxx.xxx	Xxxxxx	01/01/2021	verified	Alto
10	XXX.XXX.XXX.XX	xxxxxxxx.xxxxxx.xxx.xx	Xxxxxx	01/01/2021	verified	Alto
11	XXX.XX.XX.XX		Xxxxxx	01/01/2021	verified	Alto
12	XXX.XXX.XXX.XX		Xxxxxx	01/01/2021	verified	Alto
13	XXX.XX.XXX.XXX	xxxxxxxxx.xxx	Xxxxxx	01/01/2021	verified	Alto
14	XXX.XX.XXX.XXX	xxx-xxxx-xxxx.xxxx.xx	Xxxxxx	01/01/2021	verified	Alto
15	XXX.XXX.XX.XXX	xxxx.xxxxxxxxxx.xxx.xx	Xxxxxx	01/01/2021	verified	Alto
16	XXX.XX.XXX.XXX	xxxxxxxxx.xxxxxxxx.xxx	Xxxxxx	01/01/2021	verified	Alto

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1040	CWE-294, CWE-319	Authentication Bypass by Capture-replay	predictive	Alto
3	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
4	T1059	CWE-94	Argument Injection	predictive	Alto
5	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
6	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
7	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Alto
8	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
9	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
10	TXXXX	CWE-XXX, CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
11	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
12	TXXXX	CWE-XXX	Xxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx Xxxxx	predictive	Alto
13	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
14	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
15	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
16	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
17	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Alto
18	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxx Xxxx	predictive	Alto
19	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	Alto
20	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
21	TXXXX.XXX	CWE-XX	Xxxxxxxxxxxxx	predictive	Alto
22	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto
23	TXXXX.XXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Alto
24	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (195)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	/api/update_setup	predictive	Alto
2	File	/APP_Installation.asp	predictive	Alto
3	File	/cgi-bin/live_api.cgi	predictive	Alto
4	File	/IISADMPWD	predictive	Médio
5	File	/items/view_item.php	predictive	Alto
6	File	/pages/class_sched.php	predictive	Alto
7	File	/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php	predictive	Alto
8	File	/platform.cgi	predictive	Alto
9	File	/Status/wan_button_action.asp	predictive	Alto
10	File	/tmp/.uci/network	predictive	Alto
11	File	/uncpath/	predictive	Médio
12	File	/Users	predictive	Baixo
13	File	/usr/	predictive	Baixo
14	File	Aavmker4.sys	predictive	Médio
15	File	add_user.php	predictive	Médio
16	File	admin/app/physical/physical.php	predictive	Alto
17	File	admin/auto.def	predictive	Alto
18	File	api/settings/values	predictive	Alto
19	File	app/admin/custom-fields/filter.php	predictive	Alto
20	File	appfeed.c	predictive	Médio
21	File	ashmem.c	predictive	Médio
22	File	auth-gss2.c	predictive	Médio
23	File	xxxxxxxx.xxx	predictive	Médio
24	File	xxxxxxxxxx/xxxxx.xxx	predictive	Alto
25	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	Alto
26	File	xxxxxxxxxxx.xxx	predictive	Alto
27	File	xxxxx/xxxxxxxx/xxxxxxxxxxxxxxx.xxx	predictive	Alto
28	File	xxxx	predictive	Baixo
29	File	xxxx/xxxxxxx.xxx	predictive	Alto
30	File	xxxx/xxxxxxxxxxxxxxxxxxx.xxx	predictive	Alto
31	File	xxxx/xxx/xxxxxx_xxx.xxx	predictive	Alto
32	File	xxxxxxxxxxxxxxxxx.xxx	predictive	Alto
33	File	xxxxxxx/xxxxxxx/xxxxxxx-xxxx.x	predictive	Alto
34	File	xxxxxx.xxx	predictive	Médio
35	File	xxxx.xxx	predictive	Médio
36	File	xxxxxxxxxx_xxxxxx_xxxxxx.xxx	predictive	Alto
37	File	xxxx.x	predictive	Baixo
38	File	xxxx/xxxxx.xx	predictive	Alto
39	File	xxx_xxxxxx.x	predictive	Médio
40	File	xxxxxx.xxx	predictive	Médio
41	File	xxxxxxx/xxx/xxx/xxx/xxxxxxx/xxxxxx/xxxxxx_xx_xxxxxxxxx.x	predictive	Alto
42	File	xxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.x	predictive	Alto
43	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxx.x	predictive	Alto
44	File	xxxxxxx/xxxx/xxxxxxx/xxxxxxxx.x	predictive	Alto
45	File	xxxxx.xxx	predictive	Médio
46	File	xxxx/xxxxxxxxxx/xxxxxx-xxxxx.x	predictive	Alto
47	File	xxxxxxx.x	predictive	Médio
48	File	xxxxxxxxxxxxxxxxxxx.xxx	predictive	Alto
49	File	xxxxxxxxxxx.xxx	predictive	Alto
50	File	xx/xxxxx/xxxx-xxxxx-xxxxx.x	predictive	Alto
51	File	xxxxxxx.x	predictive	Médio
52	File	xxx/xxxx_xxxx.x	predictive	Alto
53	File	xxxxxx/xxxxx	predictive	Médio
54	File	xxxx_xxxxxx.x	predictive	Alto
55	File	xxxxxxxxx.x	predictive	Médio
56	File	xxxx/xxxx/xxxxxxx/xxxxx.xxxx	predictive	Alto
57	File	xx.xx	predictive	Baixo
58	File	xxxx_xxxx.x	predictive	Médio
59	File	xx/xxx/xxxxxx-xxx.x	predictive	Alto
60	File	xx/xxx/xxx.x	predictive	Médio
61	File	xxxxxxx/xx/xxxxxx/xxxxxx-xxx.x	predictive	Alto
62	File	xxxxxxx/xxxxx/xxxxxx/xxxx.x	predictive	Alto
63	File	xxxxx.xxx	predictive	Médio
64	File	xxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxx	predictive	Alto
65	File	xxxxxxxxxxxxxxxxxxxx.xxx	predictive	Alto
66	File	xxxxxxxxx/xxxxx/xxx_xxx/xxxx.xxx	predictive	Alto
67	File	xxx.x	predictive	Baixo
68	File	xxxxxxxx/xxx_xxxx.x	predictive	Alto
69	File	xxxxx.x	predictive	Baixo
70	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	Alto
71	File	xxx_xxx.x	predictive	Médio
72	File	xxxxxxxx.xxx	predictive	Médio
73	File	xxxxxxxxx	predictive	Médio
74	File	xxxxx.xxx	predictive	Médio
75	File	xxxxxxxx.xxx	predictive	Médio
76	File	xxxxxxx/xxxxxx_xxxxxxx/{xx}	predictive	Alto
77	File	xxxxxxxxxxx.xx	predictive	Alto
78	File	xxxxxxxxx.x	predictive	Médio
79	File	xx/xxxxxxx.x	predictive	Médio
80	File	xx/xxxxxxxxx.x	predictive	Alto
81	File	xxx/xxx_xxx/xxxxxx/xxx_xxxxxx.x	predictive	Alto
82	File	xxxxxxx/xxxxx/xxxx.x	predictive	Alto
83	File	xxx_xxxxx.x	predictive	Médio
84	File	xxx/xxxx/xxx.x	predictive	Alto
85	File	xxx/xxxxxxxx/xxxxxxx.x	predictive	Alto
86	File	xxxxxxxxxxx.xxx	predictive	Alto
87	File	xxxxxx.x	predictive	Médio
88	File	xxx_xxxx.x	predictive	Médio
89	File	xxxxxx.xxx	predictive	Médio
90	File	xxxxxx_xxxxxxxxxx.xx	predictive	Alto
91	File	xxxxxx.x	predictive	Médio
92	File	xxxxxxx/xxxxxxxxxxxxx/xxxxx-xxxx.xxx	predictive	Alto
93	File	xxxxxxx/xxxxxxx/xx_xxxxxxxxx/xxxxxxxx/xxxxxxxx.xxx	predictive	Alto
94	File	xxxx.x	predictive	Baixo
95	File	xxxxx-xxx.x	predictive	Médio
96	File	xxxxxxxxxxx.xxxx	predictive	Alto
97	File	xxxxxxxxxx.xxx	predictive	Alto
98	File	xxx/xxxxx	predictive	Médio
99	File	xxx.x	predictive	Baixo
100	File	xxxxx_xxxxxx_xxx.xxx	predictive	Alto
101	File	xxxxxx.xxx	predictive	Médio
102	File	xxxxxxxx/xxxxxxxxxxxxxx.xxxx/xxxxxxxxxxxx	predictive	Alto
103	File	xxxxx.xxx	predictive	Médio
104	File	xxxxx/xxx/xxxxx/xxxxxx.x	predictive	Alto
105	File	xxxxxx.xx	predictive	Médio
106	File	xxx/xxxxxxxxxx_xxxx	predictive	Alto
107	File	xxx_xxxxxxxx.x	predictive	Alto
108	File	xxxxxxx/xxxxxxxxxxxx	predictive	Alto
109	File	xxxxxxxx.xxx	predictive	Médio
110	File	xxxxxxxx.xxxx	predictive	Alto
111	File	xxxxxx_xxxxxxx_xxxx_xxxxx.xxx	predictive	Alto
112	File	xxxxx/_xxxxxxxx.xxx	predictive	Alto
113	File	xxx.xxx	predictive	Baixo
114	File	xxxxxx.xxx	predictive	Médio
115	File	xx/xxxxxxxxx/xx	predictive	Alto
116	File	xxxxxxxxx.xxx	predictive	Alto
117	File	xxxxxx/xxxxxx.x	predictive	Alto
118	File	xxxx/xxxxxxx-xxxx.x	predictive	Alto
119	File	xxxxxxxx.xxx	predictive	Médio
120	File	xx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx-xxxx&xxxxxxx=xxxx	predictive	Alto
121	File	xx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx%xxxxxxxxxxx.xxx	predictive	Alto
122	File	xx-xxxxxx.xxx	predictive	Alto
123	File	xx-xxxxx.xxx	predictive	Médio
124	File	xxxxxxxxx.xxx	predictive	Alto
125	File	xxxx.xx	predictive	Baixo
126	Library	xxxxxxx.xxx	predictive	Médio
127	Library	xxx/xxx.x	predictive	Médio
128	Library	xxxxxxxx.xxx	predictive	Médio
129	Library	xxxxxx.xxx.xxxxxx.xxx	predictive	Alto
130	Library	xxxxxxxx.xxx	predictive	Médio
131	Library	xxxxxxx.xxx	predictive	Médio
132	Library	xxxxxxxx.xxx	predictive	Médio
133	Library	xxxxxxxxxxxxx.xxx)	predictive	Alto
134	Argument	-x	predictive	Baixo
135	Argument	xxxxxxxxxxxx	predictive	Médio
136	Argument	xxxx_xxxxxx	predictive	Médio
137	Argument	xxxxx	predictive	Baixo
138	Argument	xxxxxxxxxxxx_xxxxxxxxxxxx	predictive	Alto
139	Argument	xxxxx	predictive	Baixo
140	Argument	xxxxxxx	predictive	Baixo
141	Argument	xxxxxx_xxxxxx_xx	predictive	Alto
142	Argument	xxxxxx	predictive	Baixo
143	Argument	xxxx_xxxx	predictive	Médio
144	Argument	xxxxxx xxxx/xxxxxx xxxxxxx/xxxx xxxx/xxxxx/xxxxxxxx/xxx	predictive	Alto
145	Argument	xxxxxxxxxxxx_xxxx_xxxx[x]	predictive	Alto
146	Argument	xxx	predictive	Baixo
147	Argument	xxxx	predictive	Baixo
148	Argument	xxxxxxxx	predictive	Médio
149	Argument	xxxxxx	predictive	Baixo
150	Argument	xxxx	predictive	Baixo
151	Argument	x_xxxxxxxx	predictive	Médio
152	Argument	xxxxxxx	predictive	Baixo
153	Argument	xxxxxx_xxx/xxxxx_xxx	predictive	Alto
154	Argument	xxxx	predictive	Baixo
155	Argument	xxxx	predictive	Baixo
156	Argument	xxxx_xxxxx	predictive	Médio
157	Argument	xx	predictive	Baixo
158	Argument	xx	predictive	Baixo
159	Argument	xxxx	predictive	Baixo
160	Argument	xxxxxxxx	predictive	Médio
161	Argument	xxxxxx	predictive	Baixo
162	Argument	xxxxxxx	predictive	Baixo
163	Argument	xxxxx	predictive	Baixo
164	Argument	xxxxx	predictive	Baixo
165	Argument	xxxxxxxxx	predictive	Médio
166	Argument	xxxxxxxx	predictive	Médio
167	Argument	xxxx	predictive	Baixo
168	Argument	xxx	predictive	Baixo
169	Argument	xxxxxxx	predictive	Baixo
170	Argument	xxxxxxxxxxx	predictive	Médio
171	Argument	xxxxxx_xxx	predictive	Médio
172	Argument	xxxxxxx	predictive	Baixo
173	Argument	xxxxxx xxxxxxxxx	predictive	Alto
174	Argument	xxxxx_xxx/xxxxx_xxxxx	predictive	Alto
175	Argument	xx_xxxx	predictive	Baixo
176	Argument	xxxx	predictive	Baixo
177	Argument	xxxxxxxxxxxxx	predictive	Alto
178	Argument	xxxxx	predictive	Baixo
179	Argument	xxxxxxxx	predictive	Médio
180	Argument	xxxx	predictive	Baixo
181	Argument	xxxx_xxxx	predictive	Médio
182	Argument	{xxxxx	predictive	Baixo
183	Input Value	'\|\|(xxxxxx xxxxxxxxxx xxxxx xxxx=xxxx xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x))\|\|'	predictive	Alto
184	Input Value	**@xxxxxx	predictive	Médio
185	Input Value	../	predictive	Baixo
186	Input Value	xxx.x.x.x	predictive	Médio
187	Input Value	xxxxx://xxxx.xxxxxxx.xxx@xxxxxx.xxxxxxx.xxx/	predictive	Alto
188	Input Value	xxxxxxxxxx	predictive	Médio
189	Input Value	xxxx	predictive	Baixo
190	Network Port	xxx xxxxx	predictive	Médio
191	Network Port	xxx xxxxx	predictive	Médio
192	Network Port	xxx/xxx	predictive	Baixo
193	Network Port	xxx/xxxx	predictive	Médio
194	Network Port	xxx/xxx (xxx)	predictive	Alto
195	Network Port	xxx xxxxx	predictive	Médio

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!