French Polynesia Unknown Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (30)

Idioma

fr	16
en	10
pl	4

País

pf	22
us	8

Actores

Gabon	1

Interesse

Tipo

Not Defined	6
Operating System	4
Enterprise Resource Planning Software	4
Web Server	4
Network Encryption Software	2

Fabricante

Not Defined	10
Dolibarr	4
Apple	2
Microsoft	2
D-Link	2

Produto

Apple Mac OS X	2
Dolibarr ERP CRM	2
nginx	2
OpenSSL	2
Microsoft Windows	2

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	EPSS	CTI	CVE
1	nginx direitos alargados	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	3.48	CVE-2020-12440
2	Boa Terminal direitos alargados	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02395	0.02	CVE-2009-4496
3	GLPI Admin Dashboard Injecção SQL	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00050	0.00	CVE-2023-37278
4	phpLDAPadmin entry_chooser.php Roteiro Cruzado de Sítios	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00145	0.04	CVE-2017-11107
5	Allegro RomPager Cookie Remote Code Execution	7.3	6.4	$0-$5k	$0-$5k	High	Official Fix	0.97212	0.06	CVE-2014-9222
6	OpenSSL X.400 Address direitos alargados	6.0	5.9	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00212	0.00	CVE-2023-0286
7	Apache HTTP Server mod_proxy_ajp direitos alargados	8.1	8.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02237	0.03	CVE-2022-36760
8	Cisco Unified CallManager Negação de Serviço	5.3	4.8	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.10275	0.00	CVE-2007-1833
9	Rapid7 Metasploit Framework drb_remote_codeexec Exploit direitos alargados	5.0	4.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00394	0.03	CVE-2020-7385
10	Apache HTTP Server mod_reqtimeout Negação de Serviço	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.01696	0.04	CVE-2007-6750
11	Cachet Configuration Edition direitos alargados	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00257	0.00	CVE-2021-39172
12	json8-merge-patch Package Constructor direitos alargados	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00102	0.00	CVE-2020-8268
13	Microsoft Windows Multimedia Library winmm.dll Excesso de tampão	10.0	9.5	$100k e mais	$0-$5k	High	Official Fix	0.97281	0.04	CVE-2012-0003
14	PhastPress Plugin Redirect	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00129	0.00	CVE-2021-24210
15	nginx Error Page direitos alargados	6.3	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00277	0.08	CVE-2019-20372
16	Rapid7 Metasploit Pro Web Interface direitos alargados	3.3	3.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00044	0.02	CVE-2019-5642
17	Foxit Quick PDF Library Tree Structure LoadFromStream Excesso de tampão	6.5	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.11242	0.00	CVE-2018-20247
18	wps-hide-login Plugin direitos alargados	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00697	0.00	CVE-2019-15823
19	WindScribe VPN WindScribeService.exe direitos alargados	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00175	0.00	CVE-2018-11479
20	Apache HTTP Server mod_ssl direitos alargados	7.4	7.4	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00267	0.00	CVE-2019-0215

IOC - Indicator of Compromise (37)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	43.249.176.0		French Polynesia Unknown	09/01/2023	verified	Alto
2	45.12.70.176	wholesomely.alltieinc.com	French Polynesia Unknown	09/01/2023	verified	Alto
3	45.12.71.176		French Polynesia Unknown	09/01/2023	verified	Alto
4	50.21.80.0	0.80.21.50.abo.mana.pf	French Polynesia Unknown	24/05/2023	verified	Alto
5	64.140.144.0	0.144.140.64.dsl.dyn.mana.pf	French Polynesia Unknown	15/03/2023	verified	Alto
6	103.4.72.0		French Polynesia Unknown	09/01/2023	verified	Alto
7	103.46.216.0		French Polynesia Unknown	09/01/2023	verified	Alto
8	103.129.120.0	0.120.129.103.pba.apn.pmt.pf	French Polynesia Unknown	09/01/2023	verified	Alto
9	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
10	XXX.XXX.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
11	XXX.XXX.XXX.X	x.xxx.xxx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
12	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
13	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
14	XXX.XXX.XXX.X	x.xxx.xxx.xxx.xxx.xxx.xxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
15	XXX.XX.XX.X	x.xx.xx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
16	XXX.XX.XX.X	x.xx.xx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
17	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
18	XXX.XX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	24/05/2023	verified	Alto
19	XXX.XXX.XXX.X	xxxx-xxx-xxx-x.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
20	XXX.XXX.XXX.XX		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
21	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
22	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
23	XXX.XXX.XX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
24	XXX.XXX.XXX.X	x.xxx.xxx.xxx.xxx.xxx.xxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
25	XXX.XX.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	24/05/2023	verified	Alto
26	XXX.XX.XXX.XXX		Xxxxxx Xxxxxxxxx Xxxxxxx	24/05/2023	verified	Alto
27	XXX.XX.XX.XXX		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
28	XXX.XX.XXX.XXX		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
29	XXX.XXX.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
30	XXX.XXX.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
31	XXX.XXX.X.X		Xxxxxx Xxxxxxxxx Xxxxxxx	15/03/2023	verified	Alto
32	XXX.X.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
33	XXX.XX.XX.X	x.xx.xx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
34	XXX.XXX.XXX.X	x.xxx.xxx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
35	XXX.XXX.XXX.X	x.xxx.xxx.xxx.xxx.xxx.xxxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
36	XXX.XXX.XXX.X		Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto
37	XXX.XXX.XX.X	x.xx.xxx.xxx.xxx.xxx.xx	Xxxxxx Xxxxxxxxx Xxxxxxx	09/01/2023	verified	Alto

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1059	CWE-94	Argument Injection	predictive	Alto
3	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Alto
4	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
5	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
6	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
7	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
8	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	Access.app/Contents/Resources/kcproxy	predictive	Alto
2	File	accountancy/customer/card.php	predictive	Alto
3	File	xxxxx/xxxxxxxxxxxxxx.xxx	predictive	Alto
4	File	xxxxxx/xxxxx_xxxxxxx.xxx	predictive	Alto
5	File	xxxxxx/xxxx.xxx.xxx	predictive	Alto
6	File	xxxxxxxxxxxxxxxxxxxxxx.xxx	predictive	Alto
7	File	xxxxxxxxxxxxxxxxx.xxx	predictive	Alto
8	Library	xxxxx.xxx	predictive	Médio
9	Argument	xx	predictive	Baixo
10	Argument	xxxx/xxxxxxx/xxx/xxxxxxxxx	predictive	Alto
11	Argument	xx	predictive	Baixo
12	Argument	xxxxxxxxxxxxx	predictive	Alto
13	Network Port	xxx/xxx, xxx/xxx, xxx/xxxx, xxx/xxxx	predictive	Alto

Referências (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!