RogueRaticate Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Curso de tempo

Idioma

en582
de150
zh148
sv34
fr18

País

us724
de144
sv18
it12
pt8

Actores

ElectrumDosMiner1
SocGholish1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined56
Content Management System22
Forum Software12
WordPress Plugin12
Programming Language Software6

Fabricante

Not Defined68
Google6
Esoftpro4
SourceCodester4
Icewarp2

Produto

Esoftpro Online Guestbook Pro4
TikiWiki4
Google Android4
Grafana2
Icewarp Webclient2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
2MGB OpenSource Guestbook email.php Injecção SQL7.37.3$0-$5k$0-$5kHighUnavailable0.013021.22CVE-2007-0354
3Microsoft Exchange Server ChainedSerializationBinder direitos alargados7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.06
4Squid Web Proxy Gopher Gateway Negação de Serviço6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.003740.02CVE-2023-46728
5Fortinet FortiOS prof-admin Profile direitos alargados7.77.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.03CVE-2023-41841
6Oracle Java SE Windows DLL direitos alargados8.38.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.002570.02CVE-2018-2942
7WordPress wp-trackback.php Injecção SQL7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.046510.07CVE-2007-0233
8OpenSSL DH Key dh_check.c DH_check Negação de Serviço5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.001300.02CVE-2023-3817
9WordPress wp-trackback.php mb_convert_encoding Encriptação fraca5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.033580.04CVE-2009-3622
10Microsoft Office/Office LTSC/OneNote vulnerabilidade desconhecida4.54.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000510.00CVE-2023-36769
11DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.74CVE-2010-0966
12Basti2web Book Panel books.php Injecção SQL7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.03CVE-2009-4889
13JD-WordPress wp-trackback.php direitos alargados5.35.0$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000000.02
14Icewarp Webclient HTTP POST Request Persistent Roteiro Cruzado de Sítios5.24.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000660.02CVE-2010-5338
15Lars Ellingsen Guestserver guestbook.cgi Roteiro Cruzado de Sítios4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.04CVE-2005-4222
16Matt Wright Matt Wright Guestbook guestbook.pl Roteiro Cruzado de Sítios4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.009910.09CVE-2006-1697
17esoftpro Online Guestbook Pro ogp_show.php Injecção SQL7.37.1$0-$5k$0-$5kHighUnavailable0.001350.00CVE-2010-4996
18SignKorn Guestbook admin.php direitos alargados5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03
19PC Keyboard Server Fraca autenticação9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.003610.00CVE-2022-45479
20Flat PHP Board Directório Traversal3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.01

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1178.159.37.25free.uaunit.comRogueRaticate29/10/2023verifiedAlto
2XXX.XXX.XX.XXxxxx.xxxxxx.xxxXxxxxxxxxxxxx29/10/2023verifiedAlto

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-22, CWE-23Path TraversalpredictiveAlto
2T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
3T1059.007CAPEC-209CWE-79, CWE-80, CWE-84Cross Site ScriptingpredictiveAlto
4TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
10TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
11TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveAlto
12TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (136)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/admin/edit_member.phppredictiveAlto
2File/backend/register.phppredictiveAlto
3File/cgi-binpredictiveMédio
4File/cgi-bin/ExportAllSettings.shpredictiveAlto
5File/forum/away.phppredictiveAlto
6File/include/comm_post.inc.phppredictiveAlto
7File/magnoliaPublic/travel/members/login.htmlpredictiveAlto
8File/register.dopredictiveMédio
9File/secure/EditSubscription.jspapredictiveAlto
10File/spip.phppredictiveMédio
11Fileaddentry.phppredictiveMédio
12Fileadmin.phppredictiveMédio
13Fileadmin/admin.guestbook.phppredictiveAlto
14Fileadmin/admin.phppredictiveAlto
15Fileadmin/conf_users_edit.phppredictiveAlto
16Fileadmin/index.phppredictiveAlto
17FileAppCompatCache.exepredictiveAlto
18Filexxxxxxxx.xxxpredictiveMédio
19Filexxxxxxx.xxpredictiveMédio
20Filexxx/xxx.xxxpredictiveMédio
21Filexxxxx.xxxpredictiveMédio
22Filexxxxxxxxx.xpredictiveMédio
23Filexx-xxxxxxxxx.xxxpredictiveAlto
24Filexxxx_xx.xxpredictiveMédio
25Filexxxxxxxxxx_xxxxx.xxxpredictiveAlto
26Filexxxxx-xxxxxx-xxxxx-xx.xxpredictiveAlto
27Filexxxxx.xxxpredictiveMédio
28Filexxxxxx.xxxpredictiveMédio
29Filexxxxxx/xx/xx_xxxxx.xpredictiveAlto
30Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
31Filexxxxx.xxxpredictiveMédio
32Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveAlto
33Filexxxxxx.xxxpredictiveMédio
34Filexxxxxxxx.xxxpredictiveMédio
35Filexxxx.xxxpredictiveMédio
36Filexxxxxxxxx.xxxpredictiveAlto
37Filexxxxxxxxx.xxpredictiveMédio
38Filexxx/xxxxxx.xxxpredictiveAlto
39Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveAlto
40Filexxxxx.xxxxpredictiveMédio
41Filexxxxx.xxxpredictiveMédio
42Filexxxx_xx.xxxpredictiveMédio
43Filexxxx.xxxpredictiveMédio
44Filexxxxxx_xxxxxxxxx.xxpredictiveAlto
45Filexxx_xxx_xxxx.xxxpredictiveAlto
46Filexx/xxxxxx.xpredictiveMédio
47Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveAlto
48Filexxx_xxxxx.xxxpredictiveAlto
49Filexxxxxxxxx.xxxpredictiveAlto
50Filexxx_xxxx.xxxpredictiveMédio
51Filexxxxxxx.xxxpredictiveMédio
52Filexxx_xxxx_xx_xxxxxx.xxxpredictiveAlto
53Filexxxxxxxx.xxxpredictiveMédio
54Filexxxxxxxxxxxx.xxxpredictiveAlto
55Filexxxxxxxxxxx.xxxpredictiveAlto
56Filexxx_xxxxxxxx.xxxpredictiveAlto
57Filexxx_xxx_xxxx_xxx.xxxpredictiveAlto
58Filexxxx.xxxpredictiveMédio
59Filexxxxxxxxxx.xxxpredictiveAlto
60Filexxxxxxxx.xxxpredictiveMédio
61Filexxxxxxxx_xxxxxx.xxxpredictiveAlto
62Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveAlto
63Filexxxxxxxx.xxxpredictiveMédio
64Filexxxxxxxxxxxxx.xxxpredictiveAlto
65Filexxxxxxxxxxx.xxxpredictiveAlto
66Filexxxxxxx/xxxxxx.xxxpredictiveAlto
67Filexxxxxxx-xxxxxxxx.xxxpredictiveAlto
68Filexxxxxxx-xxxxxxx.xxxpredictiveAlto
69Filexxxxxxx_xxxxxxxx.xxxpredictiveAlto
70Filexxxxxxxx.xxxxx.xxxpredictiveAlto
71Filexxxx-xxxxx.xxxpredictiveAlto
72Filexxxx-xxxxx.xxxpredictiveAlto
73Filexxxx-xxxxxxxx.xxxpredictiveAlto
74Filexxxxxxxxx.xxxpredictiveAlto
75Filexxxxxxx/xxxxx/predictiveAlto
76Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
77Filexx-xxxxx-xxxxx-xxxxxxxxxxxxx.xxxpredictiveAlto
78Filexx-xxxxxxxxx.xxxpredictiveAlto
79Filexxxx.xxpredictiveBaixo
80Libraryxxxx/xxx/xxxxxx.xxxpredictiveAlto
81Libraryxxxxxxxxxx.xxxpredictiveAlto
82ArgumentxxxxxxxxpredictiveMédio
83ArgumentxxxxxpredictiveBaixo
84ArgumentxxxxxxpredictiveBaixo
85ArgumentxxxpredictiveBaixo
86ArgumentxxxxxxxxxxpredictiveMédio
87ArgumentxxxxxxxpredictiveBaixo
88Argumentxxxxxx[xxxx]predictiveMédio
89Argumentxxxxxxxxx[x]predictiveMédio
90ArgumentxxxxxxxxpredictiveMédio
91ArgumentxxxxpredictiveBaixo
92Argumentxxx/xxxxxxxpredictiveMédio
93Argumentxxx_xxxxpredictiveMédio
94ArgumentxxxxxxxpredictiveBaixo
95ArgumentxxxxxpredictiveBaixo
96Argumentxx_xxxxx_xxpredictiveMédio
97Argumentxxxxx_xxxpredictiveMédio
98Argumentxxxxx_xx/xxxx_xxxx/xxxxx/xxxxxx/xxxxxxx/xxxxxxpredictiveAlto
99ArgumentxxxxxxxxxpredictiveMédio
100ArgumentxxxxpredictiveBaixo
101Argumentxx_xxpredictiveBaixo
102ArgumentxxxxpredictiveBaixo
103Argumentxxxxx_xxpredictiveMédio
104Argumentxxxxxxxxx/xxxxxxpredictiveAlto
105ArgumentxxxxxxxpredictiveBaixo
106Argumentxxxxxxx[xxxxx_xxxx]predictiveAlto
107ArgumentxxpredictiveBaixo
108Argumentxxx_xxxxxxxxpredictiveMédio
109ArgumentxxxxxxxpredictiveBaixo
110Argumentxxxxxxxx_xxxpredictiveMédio
111Argumentxxx_xxxx_xxxxxxxpredictiveAlto
112ArgumentxxxxpredictiveBaixo
113ArgumentxxxxxxxxxxpredictiveMédio
114Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveAlto
115ArgumentxxxxpredictiveBaixo
116ArgumentxxxxxxxpredictiveBaixo
117ArgumentxxxxpredictiveBaixo
118ArgumentxxxxxxpredictiveBaixo
119ArgumentxxxxpredictiveBaixo
120Argumentxxxxxxx_xxxxx_xxxxpredictiveAlto
121ArgumentxxxxxxpredictiveBaixo
122ArgumentxxxxxpredictiveBaixo
123ArgumentxxxpredictiveBaixo
124ArgumentxxxxxpredictiveBaixo
125ArgumentxxxxxxpredictiveBaixo
126ArgumentxxxpredictiveBaixo
127Argumentxx_xxpredictiveBaixo
128ArgumentxxxpredictiveBaixo
129ArgumentxxxxxpredictiveBaixo
130ArgumentxxxxxxxxxpredictiveMédio
131ArgumentxxxpredictiveBaixo
132ArgumentxxxxpredictiveBaixo
133ArgumentxxxxxxxxpredictiveMédio
134Argumentx-xxxxxxxxx-xxxpredictiveAlto
135Argument_xxx[xxxxxxx][xxxxxx]predictiveAlto
136Network Portxxx/xxxpredictiveBaixo

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!