PowerGhost Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

Curso de tempo

Idioma

en16
es2
ru2

País

us20

Actores

PowerGhost1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined8
Content Management System4

Fabricante

Not Defined4
DZCP2
Joomla2
WordPress2
Early Impact2

Produto

DZCP deV!L`z Clanportal2
Joomla CMS2
WordPress AdServe2
FLDS2
GetSimpleCMS2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1TikiWiki tiki-register.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010751.35CVE-2006-6168
2Tiki Admin Password tiki-login.php Fraca autenticação8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009364.19CVE-2020-15906
3FLDS redir.php Injecção SQL7.37.3$0-$5k$0-$5kHighUnavailable0.002030.22CVE-2008-5928
4DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.70CVE-2010-0966
5Advisto Peel SHOPPING caddie_ajout.php Falsificação de Pedido Cross Site6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001180.03CVE-2018-20848
6IBM Robotic Process Automation with Automation Anywhere Ignite Node Divulgação de Informação5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.000640.00CVE-2019-4337
7Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php direitos alargados7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000550.04CVE-2023-5493
8WordPress AdServe adclick.php Injecção SQL7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000730.08CVE-2008-0507
9Early Impact Productcart custva.asp Roteiro Cruzado de Sítios4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.007150.09CVE-2004-2174
10Phplinkdirectory PHP Link Directory conf_users_edit.php Falsificação de Pedido Cross Site6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.04CVE-2011-0643
11GetSimpleCMS index.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001230.00CVE-2019-9915
12Joomla CMS com_easyblog Injecção SQL6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.48

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1185.128.43.62PowerGhost31/07/2018verifiedAlto

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
2T1059.007CAPEC-18CWE-80Cross Site ScriptingpredictiveAlto
3TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
4TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
5TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
6TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/useratte/web.phppredictiveAlto
2Fileadclick.phppredictiveMédio
3Fileadmin/conf_users_edit.phppredictiveAlto
4Filexxxxx/xxxxx.xxxpredictiveAlto
5Filexxxxxx.xxxpredictiveMédio
6Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveAlto
7Filexxx/xxxxxx.xxxpredictiveAlto
8Filexxxxx.xxxpredictiveMédio
9Filexxxx-xxxxx.xxxpredictiveAlto
10Filexxxx-xxxxxxxx.xxxpredictiveAlto
11ArgumentxxxxxxxxpredictiveMédio
12Argumentxxxxxxxxx[x]predictiveMédio
13Argumentxxxx_xxxxxxpredictiveMédio
14ArgumentxxpredictiveBaixo
15ArgumentxxxxxxxxpredictiveMédio
16ArgumentxxxxxxxxxxxpredictiveMédio

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!