Gabon Unknown Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

Idioma

fr	16
en	4

País

fr	18
gb	2

Actores

Gabon	5

Interesse

Tipo

Operating System	4
Not Defined	4
WordPress Plugin	2
Enterprise Resource Planning Software	2
Content Management System	2

Fabricante

Not Defined	6
Icegram	2
Ubuntu	2
Green Packet	2
Blueimp	2

Produto

Icegram Email Subscribers	2
Icegram Newsletters Plugin	2
Ubuntu Linux	2
Green Packet DX-350	2
Dolibarr	2

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	EPSS	CTI	CVE
1	Green Packet DX-350 Fraca autenticação	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00659	0.00	CVE-2017-9932
2	BlueMind Contact Application vulnerabilidade desconhecida	7.5	7.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00172	0.02	CVE-2019-9563
3	Green Packet DX-350 Web Interface direitos alargados	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05001	0.00	CVE-2017-9980
4	Open5GS Service Port 3000 Fraca autenticação	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00107	0.00	CVE-2021-25863
5	Sage X3 AdxDSrv.exe Fraca autenticação	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.19597	0.05	CVE-2020-7388
6	Icegram Email Subscribers / Newsletters Plugin Fraca autenticação	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00289	0.00	CVE-2020-5780
7	Ubuntu vulnerabilidade desconhecida	4.0	3.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.02	CVE-2009-1295
8	Ubuntu Linux overlayfs direitos alargados	7.8	7.6	$5k-$25k	$0-$5k	High	Official Fix	0.00062	0.02	CVE-2015-1328
9	Dolibarr User Note note.php Stored Roteiro Cruzado de Sítios	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00058	0.00	CVE-2019-16686
10	IBM AIX LVM lquerylv direitos alargados	7.8	7.0	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00091	0.02	CVE-2016-6079
11	Blueimp jQuery-File-Upload File Upload direitos alargados	8.5	8.2	$0-$5k	$0-$5k	High	Official Fix	0.96689	0.00	CVE-2018-9206
12	Netgate pfSense direitos alargados	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.16210	0.00	CVE-2018-4020
13	WordPress REST API class-wp-rest-users-controller.php Divulgação de Informação	5.3	5.1	$5k-$25k	$0-$5k	Functional	Official Fix	0.87410	0.03	CVE-2017-5487
14	Microsoft Windows Kernel direitos alargados	7.3	7.0	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00404	0.06	CVE-2017-11847
15	Green Packet DX-350 UPnP ajax.cgi Falsificação de Pedido Cross Site	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00112	0.03	CVE-2017-9930
16	TeamPass Injecção SQL	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00486	0.00	CVE-2014-3773

IOC - Indicator of Compromise (49)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	41.72.224.0		Gabon Unknown	21/02/2023	verified	Alto
2	41.76.120.0		Gabon Unknown	03/05/2023	verified	Alto
3	41.77.120.0		Gabon Unknown	03/05/2023	verified	Alto
4	41.78.96.0		Gabon Unknown	03/05/2023	verified	Alto
5	41.78.240.0		Gabon Unknown	21/02/2023	verified	Alto
6	41.158.0.0		Gabon Unknown	21/02/2023	verified	Alto
7	41.211.128.0		Gabon Unknown	21/02/2023	verified	Alto
8	41.223.168.0		Gabon Unknown	21/02/2023	verified	Alto
9	57.82.62.0		Gabon Unknown	21/02/2023	verified	Alto
10	66.102.36.64		Gabon Unknown	03/05/2023	verified	Alto
11	XX.XXX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
12	XX.XXX.XX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
13	XX.XXX.XXX.X	xx-xxx-xxx-x.xx.xxxxxxxxxxx.xxx	Xxxxx Xxxxxxx	21/02/2023	verified	Alto
14	XX.XXX.XX.X	xx-xxx-xx-x.xx.xxxxxxxxxxx.xxx	Xxxxx Xxxxxxx	21/02/2023	verified	Alto
15	XXX.XXX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
16	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
17	XXX.XXX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
18	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
19	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
20	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
21	XXX.X.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
22	XXX.X.XXX.X	x-xxx-x-xxx.x.xxxxxx.xx	Xxxxx Xxxxxxx	21/02/2023	verified	Alto
23	XXX.XX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
24	XXX.XX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
25	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
26	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
27	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
28	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
29	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
30	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
31	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
32	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
33	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
34	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
35	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
36	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
37	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
38	XXX.XX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
39	XXX.XX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
40	XXX.XX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
41	XXX.XXX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
42	XXX.XXX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
43	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
44	XXX.XXX.X.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
45	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	03/05/2023	verified	Alto
46	XXX.XXX.XXX.XX	xxxxxx.xxxxxx.xxx.xxxxxxxx.xxx	Xxxxx Xxxxxxx	03/05/2023	verified	Alto
47	XXX.XXX.XXX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
48	XXX.XX.XX.X		Xxxxx Xxxxxxx	21/02/2023	verified	Alto
49	XXX.XXX.XX.X	xxx-xxx-xx-x.xxxxxx.xxxxxxxxxx.xxx	Xxxxx Xxxxxxx	21/02/2023	verified	Alto

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Classificação	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	Alto
2	T1068		CWE-264	Execution with Unnecessary Privileges	predictive	Alto
3	TXXXX.XXX	CAPEC-0	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	Alto
4	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Alto
5	TXXXX	CAPEC-136	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
6	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
7	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
8	TXXXX.XXX	CAPEC-0	CWE-XX	Xxxxxxxxxxxxx	predictive	Alto
9	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	AdxDSrv.exe	predictive	Médio
2	File	ajax.cgi	predictive	Médio
3	File	xxxxxxxx	predictive	Médio
4	File	xxxx.xxx	predictive	Médio
5	File	xx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxx	predictive	Alto
6	Argument	xxx	predictive	Baixo
7	Argument	xxxxxx_xx_xxxx	predictive	Alto
8	Argument	xxxxxxxx_	predictive	Médio

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!