Matiex Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (30)

Curso de tempo

Idioma

en22
de6
fr2

País

us30

Actores

Matiex1
RedLine Stealer1

Actividades

Interesse

Curso de tempo

Tipo

Content Management System4
Not Defined4
Smartphone Operating System2
Forum Software2

Fabricante

Not Defined6
Thomas R. Pasawicz2
JoomlaTune2
Google2

Produto

Bitweaver2
Thomas R. Pasawicz HyperBook Guestbook2
Devilz Clanportal2
JoomlaTune Com Jcomments2
Google Android2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
2DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.97CVE-2010-0966
3Article Dashboard signup.php Roteiro Cruzado de Sítios4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.002400.00CVE-2007-4333
4Google Android WiFi Divulgação de Informação3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2018-9581
5YourFreeWorld Short Url And Url Tracker Script Login login.php Injecção SQL7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.001840.00CVE-2006-2509
6JoomlaTune Com Jcomments admin.jcomments.php Roteiro Cruzado de Sítios4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.004890.04CVE-2010-5048
7Bitweaver register.php Roteiro Cruzado de Sítios4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.006490.03CVE-2007-6374
8Wheatblog add_comment.php Roteiro Cruzado de Sítios4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2006-7002
9vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001220.07CVE-2018-6200
10V-EVA Press Release Script page.php Injecção SQL7.37.1$0-$5k$0-$5kHighUnavailable0.001870.09CVE-2010-5047
11Apple Mac OS X Server direitos alargados6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2010-1821
12Devilz Clanportal File Upload vulnerabilidade desconhecida5.34.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.053620.07CVE-2006-6338

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1192.3.110.170192-3-110-170-host.colocrossing.comMatiex12/06/2022verifiedAlto

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
2TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
3TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
4TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
5TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1Fileadd_comment.phppredictiveAlto
2Fileadmin.jcomments.phppredictiveAlto
3Filedata/gbconfiguration.datpredictiveAlto
4Filexxx/xxxxxx.xxxpredictiveAlto
5Filexxxxx.xxxpredictiveMédio
6Filexxxx.xxxpredictiveMédio
7Filexxxxxxxxxx.xxxpredictiveAlto
8Filexxxxxx.xxxpredictiveMédio
9Filexxxxx/xxxxxxxx.xxxpredictiveAlto
10ArgumentxxxxxxxxpredictiveMédio
11ArgumentxxxxxpredictiveBaixo
12ArgumentxxpredictiveBaixo
13ArgumentxxxxpredictiveBaixo
14ArgumentxxxpredictiveBaixo

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!