Manjusaka Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (60)

Curso de tempo

Idioma

en36
zh24

País

cn46
us10
ru4

Actores

Manjusaka3
Cobalt Strike1
Mirai1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined24
Web Server4
Operating System4
Content Management System2
Bug Tracking Software2

Fabricante

Not Defined20
Apache6
Microsoft4
Huawei2
Genetechsolutions2

Produto

Apache HTTP Server4
Microsoft Windows4
Emlog2
Huawei S127002
Huawei S17002

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1vsftpd deny_file vulnerabilidade desconhecida3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.003120.21CVE-2015-1419
2Oracle Storage Cloud Software Appliance Management Console Remote Code Execution10.09.5$100k e mais$5k-$25kNot DefinedOfficial Fix0.005760.00CVE-2021-2256
3VMware Spring Framework direitos alargados4.54.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000790.00CVE-2021-22096
4nginx ngx_http_mp4_module Divulgação de Informação5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.001980.05CVE-2018-16845
5Python libraries direitos alargados6.56.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00
6GilaCMS GET Parameter cm.php Injecção SQL6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.002230.00CVE-2020-20692
7SourceCodester Simple Subscription Website manage_plan.php Injecção SQL6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-3015
8Chengdu VEC40G Network Detection direitos alargados5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.001940.04CVE-2023-2522
9code-projects Bus Dispatch and Information System view_admin.php Injecção SQL6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000700.00CVE-2023-2773
10frioux ptome Injecção SQL6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001480.15CVE-2010-10009
11Totolink X2000R HTTP POST Request boa formTmultiAP Excesso de tampão8.17.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000600.04CVE-2023-7222
12SAP GUI Connector for Microsoft Edge Divulgação de Informação6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000870.04CVE-2024-22125
13Cool Plugins Events Shortcodes for the Events Calendar Plugin Injecção SQL7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.000500.05CVE-2023-52142
14Acumos Design Studio Roteiro Cruzado de Sítios4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000520.05CVE-2018-25097
15Google Android ion.c ion_ioctl Excesso de tampão5.35.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.000420.04CVE-2022-20118
16Qualcomm Snapdragon Compute XPU Re-Configuration direitos alargados8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.04CVE-2021-30276
17Epic Games Psyonix Rocket League UPK Object Excesso de tampão5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.003000.00CVE-2021-32238
18Microsoft Windows IIS Excesso de tampão7.97.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001820.03CVE-2019-1365
19MailEnable Enterprise Premium Directório Traversal7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000610.02CVE-2019-12925
20Microsoft ISA Server H.323/H.225.0/Q.931 Excesso de tampão7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.311880.04CVE-2003-0819

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
139.104.90.45Manjusaka02/08/2022verifiedAlto
245.137.117.219Manjusaka19/03/2024verifiedAlto
3XX.XXX.XXX.XXXxxxx-xx-xxx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxx19/03/2024verifiedAlto
4XX.XXX.XXX.XXxxxxxx.xxxxxxx.xxxxXxxxxxxxx19/03/2024verifiedAlto
5XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxx.xxxXxxxxxxxx19/03/2024verifiedAlto
6XXX.XX.XXX.XXXXxxxxxxxx19/03/2024verifiedAlto

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-22Path TraversalpredictiveAlto
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3TXXXXCAPEC-242CWE-XXXxxxxxxx XxxxxxxxxpredictiveAlto
4TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
8TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
9TXXXXCAPEC-50CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
10TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (22)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/bin/boapredictiveMédio
2File/send_order.cgi?parameter=access_detectpredictiveAlto
3File/src/core/controllers/cm.phppredictiveAlto
4File/xxx/xxx/xxxxxxpredictiveAlto
5File/xxxxxxpredictiveBaixo
6Filexxxxx.xxxpredictiveMédio
7Filexxx.xpredictiveBaixo
8Filexxxxxx_xxxx.xxxpredictiveAlto
9Filexxxx_xxxxx.xxxpredictiveAlto
10Filexx-xxxxx.xxxpredictiveMédio
11Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveAlto
12LibraryxxxxxxxxxpredictiveMédio
13ArgumentxxxxxxxpredictiveBaixo
14ArgumentxxxxxpredictiveBaixo
15ArgumentxxpredictiveBaixo
16ArgumentxxpredictiveBaixo
17ArgumentxxxxxpredictiveBaixo
18Argumentxxxxxx-xxxpredictiveMédio
19ArgumentxxxxxpredictiveBaixo
20Input Valuex | xxxxxxx -xxpredictiveAlto
21Input Value===predictiveBaixo
22Network Portxxx/xxxpredictiveBaixo

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!