Satellite Service Providers Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (205)

Idioma

en	148
zh	52
es	6

País

la	198
my	2
es	2
il	2
us	2

Actores

Cobalt Strike	10
Ave Maria	7
RedLine Stealer	4
AsyncRAT	4
Lazarus	4

Interesse

Tipo

Not Defined	78
Content Management System	14
Operating System	12
WordPress Plugin	10
Groupware Software	8

Fabricante

Not Defined	82
Microsoft	20
Google	6
Apache	6
Alt-N	4

Produto

Microsoft Windows	10
CodeIgniter	6
Moodle	6
Google Android	4
Apache Tomcat	4

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	CTI	EPSS	CVE
1	Tiki Admin Password tiki-login.php Fraca autenticação	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	6.52	0.00936	CVE-2020-15906
2	TikiWiki tiki-register.php direitos alargados	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	10.00	0.01009	CVE-2006-6168
3	Drupal Sanitization API Roteiro Cruzado de Sítios	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00056	CVE-2020-13672
4	LogicBoard CMS away.php Redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	7.78	0.00000
5	LiteSpeed Cache Plugin Shortcode Roteiro Cruzado de Sítios	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00051	CVE-2023-4372
6	WebTitan Appliance Extensions Persistent Roteiro Cruzado de Sítios	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00000
7	ipTIME NAS-I Bulletin Manage direitos alargados	7.1	7.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00988	CVE-2020-7847
8	request-baskets API Request {name} direitos alargados	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.05974	CVE-2023-27163
9	DZCP deV!L`z Clanportal config.php direitos alargados	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	1.89	0.00943	CVE-2010-0966
10	PHP phpinfo Roteiro Cruzado de Sítios	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.26	0.02101	CVE-2007-1287
11	nginx direitos alargados	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.26	0.00241	CVE-2020-12440
12	Microsoft Windows Scripting Engine Remote Code Execution	5.9	5.1	$25k-$100k	$5k-$25k	Unproven	Official Fix	0.00	0.28182	CVE-2021-34480
13	DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd direitos alargados	4.3	4.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.07	0.00183	CVE-2022-41479
14	Basilix Webmail login.php3 direitos alargados	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00000
15	JoomlaTune Com Jcomments admin.jcomments.php Roteiro Cruzado de Sítios	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.16	0.00489	CVE-2010-5048
16	Microsoft Office Remote Code Execution	7.0	6.1	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00	0.00169	CVE-2023-21735
17	Alt-N MDaemon Worldclient direitos alargados	4.9	4.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	0.00090	CVE-2021-27182
18	CouchCMS mysql2i.func.php Path Divulgação de Informação	3.3	3.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00241	CVE-2019-1010042
19	SunHater KCFinder upload.php Roteiro Cruzado de Sítios	5.7	5.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	0.00131	CVE-2019-14315
20	Esri ArcGIS Server Injecção SQL	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00123	CVE-2021-29114

IOC - Indicator of Compromise (45)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	5.145.149.142	ip-5-145-149-142.hosts.businesscomnetworks.com	Satellite Service Providers	17/01/2023	verified	Alto
2	57.72.6.0		Satellite Service Providers	17/01/2023	verified	Alto
3	62.56.206.0		Satellite Service Providers	17/01/2023	verified	Alto
4	62.128.160.0		Satellite Service Providers	17/01/2023	verified	Alto
5	62.128.167.0		Satellite Service Providers	17/01/2023	verified	Alto
6	62.145.35.0		Satellite Service Providers	17/01/2023	verified	Alto
7	77.220.0.0		Satellite Service Providers	17/01/2023	verified	Alto
8	78.41.29.0		Satellite Service Providers	17/01/2023	verified	Alto
9	78.41.227.0	static-0.227.41.78.in-addr.arpa	Satellite Service Providers	17/01/2023	verified	Alto
10	XX.XX.XX.XXX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
11	XX.XX.XX.XXX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
12	XX.XX.XX.XXX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
13	XX.XX.XX.XX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
14	XX.XX.XX.XXX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
15	XX.XX.XX.XXX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
16	XX.XXX.X.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
17	XX.XXX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
18	XX.XXX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
19	XX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
20	XX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
21	XX.XXX.XXX.X	xx-xxx-xxx-x.xxxxxxxx.xxx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
22	XX.XX.XXX.XX		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
23	XX.XX.XXX.XX	xxx-xxx.xxxxxxx.xxx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
24	XXX.XX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
25	XXX.XX.XXX.X	xxxxxxx.xxxxx.xx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
26	XXX.XX.XXX.XX	xxxxxxx.xxxxx.xx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
27	XXX.XX.XXX.XX	xxxxxxx.xxxxx.xx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
28	XXX.XX.XXX.XX	xxxxxxx.xxxxx.xx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
29	XXX.XX.XXX.XX	xxxxxxxxx.xxx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
30	XXX.XX.XXX.XX	xxxxxxx.xxxxx.xx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
31	XXX.XX.XXX.XXX	xxxx.xxxxxxxx.xxx	Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
32	XXX.XX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
33	XXX.XX.X.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
34	XXX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
35	XXX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
36	XXX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
37	XXX.XXX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
38	XXX.XXX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
39	XXX.XXX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
40	XXX.XXX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
41	XXX.XXX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
42	XXX.XXX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
43	XXX.XXX.XXX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
44	XXX.XX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto
45	XXX.XXX.XX.X		Xxxxxxxxx Xxxxxxx Xxxxxxxxx	17/01/2023	verified	Alto

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1006	CWE-21, CWE-22	Path Traversal	predictive	Alto
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
3	T1059	CWE-88, CWE-94	Argument Injection	predictive	Alto
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
6	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Alto
7	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
8	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
9	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
10	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
11	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
12	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
13	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
14	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
15	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto
16	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Alto
17	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (104)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	/admin/dl_sendmail.php	predictive	Alto
2	File	/api/baskets/{name}	predictive	Alto
3	File	/api/v2/cli/commands	predictive	Alto
4	File	/DXR.axd	predictive	Médio
5	File	/forum/away.php	predictive	Alto
6	File	/novel/bookSetting/list	predictive	Alto
7	File	/novel/userFeedback/list	predictive	Alto
8	File	/owa/auth/logon.aspx	predictive	Alto
9	File	/spip.php	predictive	Médio
10	File	/zm/index.php	predictive	Alto
11	File	adclick.php	predictive	Médio
12	File	admin.jcomments.php	predictive	Alto
13	File	xxxxx/xxxx-xxxxxxx/xxxxxxxxxxx	predictive	Alto
14	File	xxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxx	predictive	Alto
15	File	xxxx/xxxxxxxxxxxx.xxx	predictive	Alto
16	File	xxxx.xxx	predictive	Médio
17	File	xx_xxxx_xx_xxxx_xxxx.xxx	predictive	Alto
18	File	xxxx_xxxxxxx.xxx	predictive	Alto
19	File	xxxxx.xxx	predictive	Médio
20	File	xxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxx	predictive	Alto
21	File	xxxxx-xxxxxxx.xxx	predictive	Alto
22	File	xxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxx	predictive	Alto
23	File	xxxxxxxxxx\xxxx.xxx	predictive	Alto
24	File	xxxxxxxxxxx.xxx	predictive	Alto
25	File	xxxx-xxxxxx.xxx	predictive	Alto
26	File	xxxxxxxxxxx.xxxxx.xxx	predictive	Alto
27	File	xxxx.xxx	predictive	Médio
28	File	xxxxx_xxxx.xxx	predictive	Alto
29	File	xxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxx	predictive	Alto
30	File	xxx/xxxxxx.xxx	predictive	Alto
31	File	xxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxx	predictive	Alto
32	File	xxxxx.xxxx	predictive	Médio
33	File	xxxxx.xxx	predictive	Médio
34	File	xxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxx	predictive	Alto
35	File	xxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxx	predictive	Alto
36	File	xxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxx	predictive	Alto
37	File	xxxx_xxxxxxx.xxx	predictive	Alto
38	File	xxxxx.xxxx	predictive	Médio
39	File	xxxxx.xxx	predictive	Médio
40	File	xx_xxxx.x	predictive	Médio
41	File	xxx/xxxx/xxxx_xxxxxxxxx.x	predictive	Alto
42	File	xxxxxxx_xxxx.xxx	predictive	Alto
43	File	xxxxxxxxxxxxxxxxx.xxx	predictive	Alto
44	File	xxxxxxx.xxx	predictive	Médio
45	File	xxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxx	predictive	Alto
46	File	xxxx_xxxx_xxxxxx.xxx	predictive	Alto
47	File	xxxx_xxxxx.xxxx	predictive	Alto
48	File	xxx/xxxx/xxxx	predictive	Alto
49	File	xxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxx	predictive	Alto
50	File	xxxxxxx.xxx.xx.xxxxxxxxxxx.xxx	predictive	Alto
51	File	xxxxxxxxx/xxxxxxxx.xxx	predictive	Alto
52	File	xxxx-xxxxx.xxx	predictive	Alto
53	File	xxxx-xxxxxxxx.xxx	predictive	Alto
54	File	xxxxxx.xxx	predictive	Médio
55	File	xxxxxxx-xxxxx.xxx	predictive	Alto
56	File	xxxx_xxxxx.xxx	predictive	Alto
57	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	Alto
58	File	xxxx.xxx	predictive	Médio
59	File	xx-xxxxx-xxxxxx.xxx	predictive	Alto
60	File	xxx/xxxxxxxx/xxxxxxxx.xxx	predictive	Alto
61	File	xxxx.xxx	predictive	Médio
62	File	~/xxx/xxxx-xxxxxxxxx.xxx	predictive	Alto
63	File	~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxx	predictive	Alto
64	Library	xxxxxxx/xxx.xxx.xxx.xxx	predictive	Alto
65	Argument	xxx_xxx	predictive	Baixo
66	Argument	xxxxxxxxx	predictive	Médio
67	Argument	xxxxxxxx	predictive	Médio
68	Argument	xxx_xxx_xx_xxx_xxxxxxxxxx_x	predictive	Alto
69	Argument	xxxxx_xxxx	predictive	Médio
70	Argument	xxxx_xxx_xxxx	predictive	Alto
71	Argument	xxxxxxxxxx	predictive	Médio
72	Argument	xxx	predictive	Baixo
73	Argument	xxxxxxxxxxxxxxx	predictive	Alto
74	Argument	xxxx	predictive	Baixo
75	Argument	xxxxxxxxx_xxxxxx	predictive	Alto
76	Argument	xxxxxxxxx	predictive	Médio
77	Argument	xx_xxxxxxx	predictive	Médio
78	Argument	xxxx	predictive	Baixo
79	Argument	xxxxxxxx	predictive	Médio
80	Argument	xxxxxx_xxxxx	predictive	Médio
81	Argument	xx_xx	predictive	Baixo
82	Argument	xxxxxxx[xxxxxxx]	predictive	Alto
83	Argument	xxxxx	predictive	Baixo
84	Argument	xx	predictive	Baixo
85	Argument	xxxx	predictive	Baixo
86	Argument	xxxx	predictive	Baixo
87	Argument	xxxxxx/xxxxx/xxxx	predictive	Alto
88	Argument	xxxxxxx	predictive	Baixo
89	Argument	xxxx	predictive	Baixo
90	Argument	xxxxxx_xxxxxx	predictive	Alto
91	Argument	xxxxxxxx_xx	predictive	Médio
92	Argument	xxxxxx_xxxxx	predictive	Médio
93	Argument	xxxx_xxxx	predictive	Médio
94	Argument	xxxx	predictive	Baixo
95	Argument	xxxxxxxx/xxxxxx	predictive	Alto
96	Argument	xxxxxxx	predictive	Baixo
97	Argument	xxx	predictive	Baixo
98	Argument	xxxxx	predictive	Baixo
99	Argument	xxx	predictive	Baixo
100	Argument	xxxxxxxx	predictive	Médio
101	Argument	_xxx_xxxxxxxxxxx_	predictive	Alto
102	Input Value	xxxxxxxxx' xxx 'x'='x	predictive	Alto
103	Pattern	\|xx xx xx xx\|	predictive	Alto
104	Network Port	xxx/xxxx (xxx)	predictive	Alto

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Do you know our Splunk app?

Download it now for free!