Shamoon 2 Análise

IOB - Indicator of Behavior (2)

Idioma

en	2

País

us	2

Actores

Shamoon	1
Shamoon 2	1

Interesse

Tipo

Not Defined	2

Fabricante

Mole	2

Produto

Mole Adult Portal Script	2

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	CTI	EPSS	CVE
1	Mole Adult Portal Script profile.php Injecção SQL	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.01	0.00129	CVE-2009-4673
2	FileZilla Server PORT direitos alargados	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00044	CVE-2015-10003

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Campanhas	Tipo	Aceitação
1	45.76.128.71	45.76.128.71.vultr.com	Shamoon 2		verified	Médio
2	XX.XX.XXX.XXX	xx.xx.xxx.xxx.xxxxx.xxx	Xxxxxxx X		verified	Médio

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1505	CWE-89	SQL Injection	predictive	Alto
2	TXXXX	CWE-XXX	Xxxxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	profile.php	predictive	Médio
2	Argument	xxxx_xx	predictive	Baixo

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Do you know our Splunk app?

Download it now for free!