CoinMiner Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (23)

Idioma

en	20
es	2
ru	2

País

us	4
tr	4

Actores

Kinsing	1
Mirai	1
Coinminer	1
RedLine	1
BumbleBee	1

Interesse

Tipo

Web Browser	10
Not Defined	6
Learning Management Software	2
Auction Software	2

Fabricante

Google	10
Not Defined	4
aEnrich	2
GNU	2
Active	2

Produto

Google Chrome	10
aEnrich eHRD Learning Management	2
Terminal Operating System	2
GNU PSPP	2
Active Auction House	2

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	CTI	EPSS	CVE
1	Joomla CMS LDAP Authentication Password direitos alargados	7.5	7.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.01039	CVE-2017-14596
2	Terminal Operating System Injecção SQL	9.7	9.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00168	CVE-2022-3792
3	Apache HTTP Server HTTP Strict Parsing ap_find_token direitos alargados	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.27310	CVE-2017-7668
4	Basic-cms SweetRice post.php direitos alargados	7.3	6.9	$0-$5k	Calculado	Proof-of-Concept	Not Defined	0.04	0.01478	CVE-2009-4224
5	Apple iOS/iPadOS IOSurfaceAccelerator Excesso de tampão	8.2	8.0	$25k-$100k	$5k-$25k	High	Official Fix	0.02	0.00357	CVE-2023-28206
6	DZCP deV!L`z Clanportal config.php direitos alargados	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.40	0.00943	CVE-2010-0966
7	Active Auction House ItemInfo.asp Injecção SQL	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00685	CVE-2005-1029
8	Google Chrome Network Service Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00808	CVE-2021-30553
9	Google Chrome Extension Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00286	CVE-2021-30552
10	Google Chrome V8 direitos alargados	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.13946	CVE-2021-30551
11	Google Chrome Accessibility Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00286	CVE-2021-30550
12	Google Chrome Spell Check Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00286	CVE-2021-30549
13	Google Chrome Loader Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00808	CVE-2021-30548
14	Google Chrome ANGLE Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00829	CVE-2021-30547
15	Google Chrome Autofill Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00808	CVE-2021-30546
16	Google Chrome Extension Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00808	CVE-2021-30545
17	Google Chrome BFCache Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00	0.00808	CVE-2021-30544
18	Active Intelligent Visualization Vdc Header Injecção SQL	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00158	CVE-2021-44835
19	aEnrich eHRD Learning Management Divulgação de Informação	5.5	5.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00158	CVE-2022-28740

IOC - Indicator of Compromise (125)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	2.58.149.237		CoinMiner	18/03/2024	verified	Alto
2	4.4.0.0		Coinminer	05/04/2020	verified	Alto
3	5.9.157.2	static.2.157.9.5.clients.your-server.de	CoinMiner	18/03/2024	verified	Alto
4	5.196.13.29	29.ip-5-196-13.eu	CoinMiner	22/07/2021	verified	Alto
5	5.196.23.240	240.ip-5-196-23.eu	CoinMiner	22/07/2021	verified	Alto
6	13.107.21.200		CoinMiner	22/07/2021	verified	Alto
7	18.191.246.30	ec2-18-191-246-30.us-east-2.compute.amazonaws.com	Coinminer	06/04/2024	verified	Médio
8	18.210.126.40	ec2-18-210-126-40.compute-1.amazonaws.com	CoinMiner	17/07/2021	verified	Médio
9	23.21.48.44	ec2-23-21-48-44.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
10	23.21.76.253	ec2-23-21-76-253.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
11	23.21.126.66	ec2-23-21-126-66.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
12	23.21.140.41	ec2-23-21-140-41.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
13	23.21.252.4	ec2-23-21-252-4.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
14	23.224.232.68		CoinMiner	18/03/2024	verified	Alto
15	24.199.71.49		Coinminer	06/04/2024	verified	Alto
16	46.23.108.253		Coinminer	06/04/2024	verified	Alto
17	46.41.150.129		CoinMiner	18/03/2024	verified	Alto
18	47.103.63.1		CoinMiner	02/02/2024	verified	Alto
19	49.12.80.38	static.38.80.12.49.clients.your-server.de	CoinMiner	17/07/2021	verified	Alto
20	49.12.80.40	static.40.80.12.49.clients.your-server.de	CoinMiner	17/07/2021	verified	Alto
21	49.12.113.223	static.223.113.12.49.clients.your-server.de	CoinMiner	18/03/2024	verified	Alto
22	50.19.48.59	ec2-50-19-48-59.compute-1.amazonaws.com	CoinMiner	18/01/2024	verified	Médio
23	50.19.96.218	ec2-50-19-96-218.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
24	50.19.252.36	ec2-50-19-252-36.compute-1.amazonaws.com	CoinMiner	23/07/2021	verified	Médio
25	51.15.54.102	102-54-15-51.instances.scw.cloud	CoinMiner	22/07/2021	verified	Alto
26	XX.XX.XX.XXX	xxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxxx	22/07/2021	verified	Alto
27	XX.XX.XX.XXX	xxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxxx	22/07/2021	verified	Alto
28	XX.XX.XX.XX	xx-xx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxxx	22/07/2021	verified	Alto
29	XX.XX.XX.XXX	xxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxxx	22/07/2021	verified	Alto
30	XX.XX.XX.XX	xx-xx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxxx	22/07/2021	verified	Alto
31	XX.XX.XXX.XXX	xxx.xx-xx-xx-xxx.xx	Xxxxxxxxx	30/03/2022	verified	Alto
32	XX.XX.XX.XXX	xxxx.xxxxxxx.xxx	Xxxxxxxxx	22/07/2021	verified	Alto
33	XX.XXX.XX.XX	xxxx.xxxxxxx.xxx	Xxxxxxxxx	22/07/2021	verified	Alto
34	XX.XXX.XX.XXX	xxx.xx-xx-xxx-xx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
35	XX.XX.X.XXX		Xxxxxxxxx	22/07/2021	verified	Alto
36	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
37	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
38	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
39	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
40	XX.XXX.XXX.XX	xxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
41	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
42	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxx	23/07/2021	verified	Médio
43	XX.XX.XX.XX		Xxxxxxxxx	17/07/2021	verified	Alto
44	XX.XXX.XXX.XXX		Xxxxxxxxx	18/03/2024	verified	Alto
45	XX.XX.XXX.XXX		Xxxxxxxxx	06/04/2024	verified	Alto
46	XX.XXX.XXX.XXX		Xxxxxxxxx	18/03/2024	verified	Alto
47	XX.XX.XXX.XXX	xxxxxxxxxxx.xxx	Xxxxxxxxx	30/03/2022	verified	Alto
48	XX.XX.XXX.XX	xxxx.xxxxxxxxxxx.xxx	Xxxxxxxxx	30/03/2022	verified	Alto
49	XX.XX.XXX.XXX	xxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
50	XX.XX.XXX.XXX	xxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	17/07/2021	verified	Alto
51	XX.XXX.XXX.XXX	xxxx.xxxxxxxxxxxx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
52	XX.XXX.XXX.XX	xx.xxxx.xxxxx.xxx	Xxxxxxxxx	16/04/2022	verified	Alto
53	XX.XXX.XXX.XXX		Xxxxxxxxx	06/04/2024	verified	Alto
54	XX.XX.XXX.XX		Xxxxxxxxx	31/03/2022	verified	Alto
55	XX.XXX.XX.XXX	xxxx.xxxxxx-xxxxx.xxx	Xxxxxxxxx	08/04/2022	verified	Alto
56	XX.XXX.XXX.XXX	xxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	17/07/2021	verified	Alto
57	XX.XXX.XXX.XX	xxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	16/04/2022	verified	Alto
58	XX.XXX.XXX.XX	xxxx.xxxxxxx.xxx	Xxxxxxxxx	22/07/2021	verified	Alto
59	XX.XXX.XX.XXX		Xxxxxxxxx	18/03/2024	verified	Alto
60	XX.XXX.XX.XXX		Xxxxxxxxx	16/12/2023	verified	Alto
61	XX.XXX.XXX.XX	xxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
62	XX.XXX.XXX.XX	xxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
63	XX.XXX.XXX.XXX	xxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
64	XX.XXX.XXX.XX		Xxxxxxxxx	06/04/2024	verified	Alto
65	XX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
66	XX.XXX.XX.XX	xxxxxx.xx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
67	XX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
68	XX.XXX.XXX.XX	xxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
69	XXX.XXX.XXX.XXX	xxx-xx.xxxxxxxxxxxxx.xxx	Xxxxxxxxx	18/01/2024	verified	Alto
70	XXX.XX.XX.XXX		Xxxxxxxxx	06/04/2024	verified	Alto
71	XXX.XX.XX.XXX		Xxxxxxxxx	23/07/2021	verified	Alto
72	XXX.XX.XX.XXX		Xxxxxxxxx	17/07/2021	verified	Alto
73	XXX.XX.XX.XXX		Xxxxxxxxx	17/07/2021	verified	Alto
74	XXX.XX.XX.XX		Xxxxxxxxx	17/07/2021	verified	Alto
75	XXX.XX.XX.XX		Xxxxxxxxx	17/07/2021	verified	Alto
76	XXX.XX.XXX.XX		Xxxxxxxxx	02/02/2024	verified	Alto
77	XXX.XX.XX.XXX		Xxxxxxxxx	02/02/2024	verified	Alto
78	XXX.XXX.X.XXX		Xxxxxxxxx	16/04/2022	verified	Alto
79	XXX.XXX.XX.XXX		Xxxxxxxxx	31/03/2022	verified	Alto
80	XXX.XXX.X.XX		Xxxxxxxxx	02/02/2024	verified	Alto
81	XXX.XXX.X.XXX	xxxxxx.xxx.x.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
82	XXX.XX.XXX.XXX		Xxxxxxxxx	02/02/2024	verified	Alto
83	XXX.XXX.XX.XX		Xxxxxxxxx	02/02/2024	verified	Alto
84	XXX.XXX.XX.XX		Xxxxxxxxx	22/07/2021	verified	Alto
85	XXX.XXX.XX.XX	xxxxxx.xx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	23/07/2021	verified	Alto
86	XXX.XXX.XX.XXX	xxxxxxxx	Xxxxxxxxx	23/07/2021	verified	Alto
87	XXX.XXX.XX.XXX	xxxx.xxxxxxx.xxx	Xxxxxxxxx	22/07/2021	verified	Alto
88	XXX.XXX.XXX.XXX	xxxxxxxx.xxxx-xxxxxxx.xx	Xxxxxxxxx	17/07/2021	verified	Alto
89	XXX.XX.XXX.XXX	xxx.xx-xxx-xx-xxx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
90	XXX.XX.XXX.XXX	xxxxxxxx.xx-xxx-xx-xxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
91	XXX.XX.XX.XX	xxx-xxxxxxxx.xxx.xxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
92	XXX.XXX.XXX.XX		Xxxxxxxxx	23/10/2023	verified	Alto
93	XXX.XXX.XXX.XX		Xxxxxxxxx	23/10/2023	verified	Alto
94	XXX.XXX.XXX.XX		Xxxxxxxxx	31/03/2022	verified	Alto
95	XXX.XX.XXX.XXX		Xxxxxxxxx	16/04/2022	verified	Alto
96	XXX.XX.XX.XXX		Xxxxxxxxx	06/04/2024	verified	Alto
97	XXX.XX.XX.XXX	xxx-xxxxxxxx.xx-xxxxxx	Xxxxxxxxx	23/07/2021	verified	Alto
98	XXX.XXX.XXX.XXX	xxxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
99	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	17/07/2021	verified	Alto
100	XXX.XXX.XXX.XXX		Xxxxxxxxx	18/03/2024	verified	Alto
101	XXX.XX.XXX.XXX	xxxxxxx.xxxxxxxxx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
102	XXX.XX.XX.XX	xxxxxx.xx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	17/07/2021	verified	Alto
103	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxx	23/07/2021	verified	Alto
104	XXX.XXX.XXX.XXX		Xxxxxxxxx	18/03/2024	verified	Alto
105	XXX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
106	XXX.XX.XX.XXX		Xxxxxxxxx	17/07/2021	verified	Alto
107	XXX.XX.XXX.XXX		Xxxxxxxxx	23/07/2021	verified	Alto
108	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
109	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
110	XXX.XXX.XXX.XX	xx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxx	Xxxxxxxxx	06/04/2024	verified	Alto
111	XXX.XXX.XX.XXX		Xxxxxxxxx	02/02/2024	verified	Alto
112	XXX.XX.XXX.XXX	xxxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxxxx	18/03/2024	verified	Alto
113	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxxx.xxxxxxxxxx.xx	Xxxxxxxxx	02/02/2024	verified	Alto
114	XXX.XXX.XX.XXX	xxxxxxxx.xxxxxxx.xx	Xxxxxxxxx	10/10/2022	verified	Alto
115	XXX.XXX.XXX.X		Xxxxxxxxx	12/12/2023	verified	Alto
116	XXX.XXX.XXX.X	xxxxxxxx.xx.xxxxxxx	Xxxxxxxxx	10/10/2022	verified	Alto
117	XXX.XXX.XXX.XX	xxxxx.xxxxx	Xxxxxxxxx	17/07/2021	verified	Alto
118	XXX.X.XXX.XX		Xxxxxxxxx	22/07/2021	verified	Alto
119	XXX.XX.XXX.XXX		Xxxxxxxxx	06/04/2024	verified	Alto
120	XXX.XXX.XXX.XXX	xxxxxxx-xxxxx.xx	Xxxxxxxxx	18/03/2024	verified	Alto
121	XXX.XXX.XXX.XXX		Xxxxxxxxx	31/03/2022	verified	Alto
122	XXX.XX.XX.XX	xxxxxx.xxx	Xxxxxxxxx	10/10/2022	verified	Alto
123	XXX.XX.XXX.XX	xxx.xx.xxx.xx.xxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxxxx	06/04/2024	verified	Alto
124	XXX.XXX.XXX.XXX	xxx.xx-xxx-xxx-xxx.xx	Xxxxxxxxx	22/07/2021	verified	Alto
125	XXX.XX.XX.XX		Xxxxxxxxx	02/02/2024	verified	Alto

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1059	CWE-94	Argument Injection	predictive	Alto
2	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
3	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	inc/config.php	predictive	Alto
2	File	ItemInfo.asp	predictive	Médio
3	File	xxxxxx/xxxxxxxxxx/xxx/xxxx.xxx	predictive	Alto
4	File	xxxxxxxxx/xxxx-xxxx-xxx.x	predictive	Alto
5	Library	xx/xxx/xxxx_xxxxxx.xxx	predictive	Alto
6	Argument	xxxxxxxx	predictive	Médio
7	Argument	xxxxxx	predictive	Baixo
8	Argument	xxxx_xxx	predictive	Médio

Referências (26)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

https://tria.ge/240318-xddhfafd78/behavioral1

◂ VoltarVisão GeralPróximo ▸

Do you know our Splunk app?

Download it now for free!