FlawedAmmyy Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (28)

Curso de tempo

Idioma

de10
it6
sv6
en4
pl2

País

de28

Actores

FlawedAmmyy1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined12
File Transfer Software2
Joomla Component2

Fabricante

Not Defined6
SmartISoft2
Basti2web2
DZCP2
Csphere2

Produto

SmartISoft phpBazar2
Basti2web Book Panel2
DZCP deV!L`z Clanportal2
JContentSubscription2
Csphere ClanSphere2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Basti2web Book Panel books.php Injecção SQL7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.03CVE-2009-4889
2Matt Wright Matt Wright Guestbook guestbook.pl Roteiro Cruzado de Sítios4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.009910.20CVE-2006-1697
3Matt Wright Matt Wright Guestbook Roteiro Cruzado de Sítios4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.002750.00CVE-2006-1698
4SmartISoft phpBazar picturelib.php direitos alargados7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.007180.02CVE-2010-2315
5DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.87CVE-2010-0966
6Lars Ellingsen Guestserver guestbook.cgi Roteiro Cruzado de Sítios4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.44CVE-2005-4222
7SignKorn Guestbook admin.php direitos alargados5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.04
8LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.70
9Csphere ClanSphere Error Message Divulgação de Informação5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002870.00CVE-2011-3714
10JContentSubscription register.php Local Privilege Escalation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.06
11Flat PHP Board Directório Traversal3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.01
12Linux Kernel NFS Export nfs3xdr.c no_subtree_check Directório Traversal6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001970.03CVE-2021-3178
13jdownloads categories.php order Injecção SQL7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.001240.00CVE-2020-19455
14ProFTPD direitos alargados5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.03CVE-2017-7418
15Palo Alto Network Traps ESM Console Agent License direitos alargados6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.003100.00CVE-2017-7408

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1136.243.104.235static.235.104.243.136.clients.your-server.deFlawedAmmyy31/10/2023verifiedAlto

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1006CWE-22Path TraversalpredictiveAlto
2T1059CWE-94Argument InjectionpredictiveAlto
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (17)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/forum/away.phppredictiveAlto
2Fileadmin/admin.phppredictiveAlto
3Filebooks.phppredictiveMédio
4Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveAlto
5Filexx/xxxx/xxxxxxx.xpredictiveAlto
6Filexxxxxxxxx.xxxpredictiveAlto
7Filexxxxxxxxx.xxpredictiveMédio
8Filexxx/xxxxxx.xxxpredictiveAlto
9Filexxxx/xxxxxxxx.xxxpredictiveAlto
10Libraryxxxxxxxxxx.xxxpredictiveAlto
11ArgumentxxxxxxxxpredictiveMédio
12ArgumentxxxxxxpredictiveBaixo
13ArgumentxxxpredictiveBaixo
14Argumentxxx_xxxxpredictiveMédio
15Argumentxxxxxx_xxxxxpredictiveMédio
16Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveAlto
17ArgumentxxxxxxxxpredictiveMédio

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!