French Polynesia Unknown Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (30)

Временная шкала

Язык

en16
fr14

Страна

pf24
us4
au2

Акторы

Gabon1

Деятельность

Интерес

Временная шкала

Тип

Not Defined12
Web Server4
Network Encryption Software2
Asset Management Software2
Router Operating System2

Поставщик

Not Defined12
Apache4
Rapid72
D-Link2
Cisco2

Продукт

Apache HTTP Server4
Boa2
OpenSSL2
GLPI2
phpLDAPadmin2

Уязвимости

#УязвимостиBaseTemp0dayСегодняЭ�RemEPSSCTICVE
1nginx эскалация привилегий6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002413.62CVE-2020-12440
2Boa Terminal эскалация привилегий5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.023950.02CVE-2009-4496
3GLPI Admin Dashboard sql-инъекция6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.00CVE-2023-37278
4phpLDAPadmin entry_chooser.php межсайтовый скриптинг5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001450.04CVE-2017-11107
5Allegro RomPager Cookie Remote Code Execution7.36.4$0-$5k$0-$5kHighOfficial Fix0.972120.06CVE-2014-9222
6OpenSSL X.400 Address эскалация привилегий6.05.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.002120.00CVE-2023-0286
7Apache HTTP Server mod_proxy_ajp эскалация привилегий8.18.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.022370.03CVE-2022-36760
8Cisco Unified CallManager отказ в обслуживании5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.102750.00CVE-2007-1833
9Rapid7 Metasploit Framework drb_remote_codeexec Exploit эскалация привилегий5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.003940.03CVE-2020-7385
10Apache HTTP Server mod_reqtimeout отказ в обслуживании5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.016960.04CVE-2007-6750
11Cachet Configuration Edition эскалация привилегий6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002570.00CVE-2021-39172
12json8-merge-patch Package Constructor эскалация привилегий6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.001020.00CVE-2020-8268
13Microsoft Windows Multimedia Library winmm.dll повреждение памяти10.09.5$100k и многое другое$0-$5kHighOfficial Fix0.972810.04CVE-2012-0003
14PhastPress Plugin Redirect5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001290.00CVE-2021-24210
15nginx Error Page эскалация привилегий6.36.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002770.08CVE-2019-20372
16Rapid7 Metasploit Pro Web Interface эскалация привилегий3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000440.02CVE-2019-5642
17Foxit Quick PDF Library Tree Structure LoadFromStream повреждение памяти6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.112420.00CVE-2018-20247
18wps-hide-login Plugin эскалация привилегий8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.006970.00CVE-2019-15823
19WindScribe VPN WindScribeService.exe эскалация привилегий7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.001750.00CVE-2018-11479
20Apache HTTP Server mod_ssl эскалация привилегий7.47.4$5k-$25k$5k-$25kNot DefinedNot Defined0.002670.00CVE-2019-0215

IOC - Indicator of Compromise (37)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-адресHostnameАкторКампанииIdentifiedТипУверенность
143.249.176.0French Polynesia Unknown09.01.2023verifiedВысокий
245.12.70.176wholesomely.alltieinc.comFrench Polynesia Unknown09.01.2023verifiedВысокий
345.12.71.176French Polynesia Unknown09.01.2023verifiedВысокий
450.21.80.00.80.21.50.abo.mana.pfFrench Polynesia Unknown24.05.2023verifiedВысокий
564.140.144.00.144.140.64.dsl.dyn.mana.pfFrench Polynesia Unknown15.03.2023verifiedВысокий
6103.4.72.0French Polynesia Unknown09.01.2023verifiedВысокий
7103.46.216.0French Polynesia Unknown09.01.2023verifiedВысокий
8103.129.120.00.120.129.103.pba.apn.pmt.pfFrench Polynesia Unknown09.01.2023verifiedВысокий
9XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
10XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
11XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
12XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
13XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
14XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
15XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
16XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
17XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
18XXX.XX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx24.05.2023verifiedВысокий
19XXX.XXX.XXX.Xxxxx-xxx-xxx-x.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
20XXX.XXX.XXX.XXXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
21XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
22XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
23XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
24XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
25XXX.XX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx24.05.2023verifiedВысокий
26XXX.XX.XXX.XXXXxxxxx Xxxxxxxxx Xxxxxxx24.05.2023verifiedВысокий
27XXX.XX.XX.XXXXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
28XXX.XX.XXX.XXXXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
29XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
30XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
31XXX.XXX.X.XXxxxxx Xxxxxxxxx Xxxxxxx15.03.2023verifiedВысокий
32XXX.X.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
33XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
34XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
35XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
36XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий
37XXX.XXX.XX.Xx.xx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx09.01.2023verifiedВысокий

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueУязвимостиВектор доступаТипУверенность
1T1006CWE-22Path TraversalpredictiveВысокий
2T1059CWE-94Argument InjectionpredictiveВысокий
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveВысокий
4TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveВысокий
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveВысокий
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveВысокий
7TXXXXCWE-XXXxx XxxxxxxxxpredictiveВысокий
8TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveВысокий

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDКлассIndicatorТипУверенность
1FileAccess.app/Contents/Resources/kcproxypredictiveВысокий
2Fileaccountancy/customer/card.phppredictiveВысокий
3Filexxxxx/xxxxxxxxxxxxxx.xxxpredictiveВысокий
4Filexxxxxx/xxxxx_xxxxxxx.xxxpredictiveВысокий
5Filexxxxxx/xxxx.xxx.xxxpredictiveВысокий
6Filexxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveВысокий
7Filexxxxxxxxxxxxxxxxx.xxxpredictiveВысокий
8Libraryxxxxx.xxxpredictiveСредний
9ArgumentxxpredictiveНизкий
10Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxpredictiveВысокий
11ArgumentxxpredictiveНизкий
12ArgumentxxxxxxxxxxxxxpredictiveВысокий
13Network Portxxx/xxx, xxx/xxx, xxx/xxxx, xxx/xxxxpredictiveВысокий

Ссылки (4)

The following list contains external sources which discuss the actor and the associated activities:

ПредыдущийОбзорДалее

Want to stay up to date on a daily basis?

Enable the mail alert feature now!