Coronavirus scams Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (93)

Curso de tempo

Idioma

en60
fr26
zh4
de2
ru2

País

us38
fr36
cn4
gb4
de2

Actores

Coronavirus scams2
ArcaneDoor1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined38
Web Server8
Operating System8
Content Management System6
Programming Tool Software2

Fabricante

Not Defined28
Microsoft10
Apache6
SourceCodester4
Voltronic Power2

Produto

Microsoft Windows6
Apache HTTP Server4
WordPress4
Apache Struts2
PY-Membres2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Collabora Online Roteiro Cruzado de Sítios4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000520.00CVE-2023-31145
2Insyde InsydeH2O UEFI DXE Driver Excesso de tampão6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000620.00CVE-2021-42059
3nginx direitos alargados6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.55CVE-2020-12440
4OpenSSH Authentication Username Divulgação de Informação5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.20CVE-2016-6210
5Voltronic Power ViewPower Pro getMacAddressByIp direitos alargados9.89.5$0-$5k$0-$5kNot DefinedNot Defined0.000700.05CVE-2023-51572
6Microsoft Outlook Remote Code Execution8.07.3$5k-$25k$0-$5kUnprovenOfficial Fix0.133590.05CVE-2023-33131
7Microsoft Excel Local Privilege Escalation7.06.4$0-$5k$0-$5kUnprovenOfficial Fix0.002980.05CVE-2023-33137
8LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000004.06
9SourceCodester Life Insurance Management System POST Parameter insertNominee.php Roteiro Cruzado de Sítios4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000620.08CVE-2023-3165
10Apple iOS/iPadOS IOMobileFrameBuffer Excesso de tampão7.87.5$25k-$100k$5k-$25kHighOfficial Fix0.002360.00CVE-2021-30883
11GNU wget FTP Directório Traversal5.14.9$0-$5k$0-$5kHighOfficial Fix0.078150.04CVE-2014-4877
12Fortinet FortiOS/FortiProxy FortiGate SSL-VPN Excesso de tampão9.89.6$25k-$100k$25k-$100kHighOfficial Fix0.154070.05CVE-2023-27997
13SunHater KCFinder upload.php Roteiro Cruzado de Sítios5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.001310.04CVE-2019-14315
14Grafana Email Invite direitos alargados6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001560.00CVE-2022-39306
15Linux Kernel IGB Driver igb_main.c igb_set_rx_buffer_len Excesso de tampão7.67.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.04CVE-2023-45871
16Kubernetes ingress-nginx API direitos alargados7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002370.04CVE-2023-5043
17Microsoft Exchange Server Privilege Escalation8.37.6$25k-$100k$5k-$25kUnprovenOfficial Fix0.000800.04CVE-2023-36745
18Web Based Quiz System welcome.php Injecção SQL6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000880.00CVE-2022-32991
19Harbor Fraca autenticação6.96.8$0-$5k$0-$5kNot DefinedNot Defined0.020740.04CVE-2022-46463
20Exim AUTH Excesso de tampão9.89.5$0-$5k$0-$5kNot DefinedNot Defined0.000750.04CVE-2023-42115

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
16.43.51.17Coronavirus scams05/04/2020verifiedAlto
2XX.XXX.XXX.XXXxxxxxxxxxx Xxxxx07/03/2020verifiedAlto
3XXX.XX.XX.XXXxxxxxx.xxx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxx Xxxxx05/04/2020verifiedAlto
4XXX.XXX.X.XXXXxxxxxxxxxx Xxxxx07/03/2020verifiedAlto

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveAlto
2T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
3T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveAlto
4TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCAPEC-108CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
10TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
11TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File.htaccesspredictiveMédio
2File/adminlogin.asppredictiveAlto
3File/api/baskets/{name}predictiveAlto
4File/calendar/minimizer/index.phppredictiveAlto
5File/forum/away.phppredictiveAlto
6File/uncpath/predictiveMédio
7File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictiveAlto
8Filexxxxxxx.xxxpredictiveMédio
9Filexxx_xxxxx.xxxpredictiveAlto
10Filexxx.xxx?xxx=xxxxx_xxxxpredictiveAlto
11Filexxxxxxx/xxx/xxxxxxxx/xxxxx/xxx/xxx_xxxx.xpredictiveAlto
12Filexxxx_xxxx.xxxpredictiveAlto
13Filexx/xx_xxxxx.xpredictiveAlto
14Filexxxx.xxxpredictiveMédio
15Filexxx/xxxxxx.xxxpredictiveAlto
16Filexxxxxxxxxxxxx.xxxpredictiveAlto
17Filexxxxxxxxxxx/xxx.xpredictiveAlto
18Filexxxxx_xxxxxx.xxxpredictiveAlto
19Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveAlto
20Filexxx/xxx_xxxpredictiveMédio
21Filexxxxxx.xxxpredictiveMédio
22Filexxx/xxxxxxxx/xxx_xxx.xpredictiveAlto
23Filexxx/xxxxx_xxxxx/xx_xxxxxxx.xpredictiveAlto
24Filexxxxxx.xxxpredictiveMédio
25Filexxxxxxx.xxxpredictiveMédio
26Filexx-xxxxx-xxxxxx.xxxpredictiveAlto
27Filexx-xxxxxxxx/xxxx.xxxpredictiveAlto
28ArgumentxxxxxxxpredictiveBaixo
29Argumentxxxxxx_xxxxpredictiveMédio
30ArgumentxxxxxxxxpredictiveMédio
31Argumentxxxxx_xxxxpredictiveMédio
32ArgumentxxxxxxxxxxxxxxxpredictiveAlto
33ArgumentxxxxxxxxxxxpredictiveMédio
34Argumentxxxx/xxxxpredictiveMédio
35ArgumentxxxxpredictiveBaixo
36ArgumentxxxpredictiveBaixo
37ArgumentxxpredictiveBaixo
38Argumentxxxxxxx_xxpredictiveMédio
39ArgumentxxxxxxxxpredictiveMédio
40ArgumentxxxxxxxxpredictiveMédio
41Argumentxxxxxx_xxpredictiveMédio
42ArgumentxxxpredictiveBaixo
43Argumentxxxxxxxx/xxxxxxxxpredictiveAlto
44Argument_xxxxxxx_xxxxpredictiveAlto
45Input Value'xx''='predictiveBaixo
46Input Value..predictiveBaixo
47Pattern|xx xx|predictiveBaixo

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!