French Southern Territories Unknown Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (71)

Язык

en	62
de	4
fr	2
zh	2
es	2

Страна

us	52
fr	4
cn	4
de	2

Акторы

DarkComet	1
Cobalt Strike	1
Rancor	1
FTP Info Stealer	1
Bashlite	1

Интерес

Тип

Not Defined	24
Content Management System	4
Web Server	2
Continuous Integration Software	2
Forum Software	2

Поставщик

Not Defined	18
Check Point	4
Apache	4
Microsoft	2
Allegro	2

Продукт

Microsoft IIS	2
SugarCRM	2
Jenkins	2
Check Point Gaia Portal	2
Allegro RomPager	2

Уязвимости

#	Уязвимости	Base	Temp	0day	Сегодня	Э�	Rem	EPSS	CTI	CVE
1	Check Point Security Management CA Web Management эскалация привилегий	4.4	4.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.03	CVE-2020-6020
2	Apple Safari BMP/GIF Image повреждение памяти	7.3	6.4	$100k и многое другое	$0-$5k	Proof-of-Concept	Official Fix	0.00721	0.00	CVE-2008-1573
3	Microsoft Windows PowerShell Integrated Scripting Environment эскалация привилегий	5.3	5.0	$25k-$100k	$0-$5k	Proof-of-Concept	Unavailable	0.00000	0.05
4	AnyDesk Tunneling Feature эскалация привилегий	6.0	5.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00073	0.00	CVE-2021-44425
5	AnyDesk эскалация привилегий	7.5	7.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00210	0.02	CVE-2021-44426
6	Check Point Gaia Portal Security Management GUI Client эскалация привилегий	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.03	CVE-2021-30361
7	Linux Foundation Xen EFLAGS Register SYSENTER эскалация привилегий	6.2	5.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00062	0.02	CVE-2013-1917
8	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash раскрытие информации	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
9	CarSpot Theme Phone Number Stored межсайтовый скриптинг	4.7	4.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00058	0.02	CVE-2019-15870
10	Apache Tapestry HMAC Verification эскалация привилегий	9.8	9.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07771	0.00	CVE-2019-10071
11	Gempar Script Toko Online shop_display_products.php sql-инъекция	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00100	0.02	CVE-2009-0296
12	Inventory Management editProduct.php межсайтовый скриптинг	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00049	0.00	CVE-2023-46580
13	D-Link DIR-850L category_view.php слабая аутентификация	8.5	8.1	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.92578	0.03	CVE-2018-9032
14	Comersus Open Technologies Comersus Cart comersus_optreviewreadexec.asp sql-инъекция	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00308	0.04	CVE-2007-3323
15	MIT Kerberos kadmin повреждение памяти	7.3	6.4	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.07742	0.03	CVE-2006-6144
16	IdeaBox generformlib_date.php эскалация привилегий	7.3	6.1	$0-$5k	$0-$5k	Unproven	Official Fix	0.00000	0.02
17	OpenSSL DTLS CBC Encryption слабое шифрование	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00485	0.02	CVE-2011-4108
18	Cisco SD-WAN vManage REST API эскалация привилегий	9.8	9.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00102	0.03	CVE-2023-20214
19	Sudo Environment Variable эскалация привилегий	8.3	7.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00050	0.03	CVE-2023-22809

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-адрес	Hostname	Актор	Identified	Тип	Уверенность
1	45.12.70.217	topical.globalhilive.com	French Southern Territories Unknown	13.01.2023	verified	Высокий
2	45.12.71.217		French Southern Territories Unknown	13.01.2023	verified	Высокий
3	45.32.150.252	45.32.150.252.vultrusercontent.com	French Southern Territories Unknown	13.01.2023	verified	Высокий
4	XX.XX.XXX.X		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
5	XX.XX.XX.XXX	xx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
6	XX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
7	XX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
8	XX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
9	XX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
10	XX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
11	XX.XX.XXX.XXX	xxx.xxx.xx.xx.xxxxxxxxx.xxxx.xxx	Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
12	XXX.XXX.XX.X		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
13	XXX.XX.XXX.XXX	xxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
14	XXX.XX.XX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий
15	XXX.XX.XXX.XXX		Xxxxxx Xxxxxxxx Xxxxxxxxxxx Xxxxxxx	13.01.2023	verified	Высокий

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Уязвимости	Вектор доступа	Тип	Уверенность
1	T1006	CWE-22	Path Traversal	predictive	Высокий
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Высокий
3	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Высокий
4	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
5	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Высокий
6	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Высокий
7	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Высокий
8	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Высокий
9	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Высокий

IOA - Indicator of Attack (52)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Класс	Indicator	Тип	Уверенность
1	File	/category_view.php	predictive	Высокий
2	File	/my_photo_gallery/image.php	predictive	Высокий
3	File	/uncpath/	predictive	Средний
4	File	add_comment.php	predictive	Высокий
5	File	admin/conf_users_edit.php	predictive	Высокий
6	File	administrator/components/com_media/helpers/media.php	predictive	Высокий
7	File	xxxxxxx/xxxxxxxxxxx.x	predictive	Высокий
8	File	xxx.xxx	predictive	Низкий
9	File	xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx	predictive	Высокий
10	File	xxxxxxxxx-xxxxxx-xxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx/xxxxxxxx_xxxx.xxx	predictive	Высокий
11	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Высокий
12	File	xxxxxxxxxxx.xxx	predictive	Высокий
13	File	xxxxx.xxx	predictive	Средний
14	File	xxxxxxxxxxxx_xxxx.xxx	predictive	Высокий
15	File	xxxxxxx/xxxxxxx/xxxxxxxx_xxxxxxxx.xxx.xxx	predictive	Высокий
16	File	xxxxx.xxx	predictive	Средний
17	File	xxxxxxx\xxxxxxxxx\xxxxxxx.xxx	predictive	Высокий
18	File	xxx_xxxxx_xxxx.x	predictive	Высокий
19	File	xxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxx	predictive	Высокий
20	File	xxxxxxx_xxx_xxxxx_xxxxxx.xxxx	predictive	Высокий
21	File	xxxxxxxxxx.xxx	predictive	Высокий
22	File	xxxxxx_xxxxxxxxx_xxxxxxxx.xxx	predictive	Высокий
23	File	xxxxxxxxx.xxx	predictive	Высокий
24	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	Высокий
25	File	xxxxxxx.xxx	predictive	Средний
26	File	xx-xxxxxxxxx.xxx	predictive	Высокий
27	File	~/xxxxxxxxx/	predictive	Средний
28	Library	xxxxxxx/xxxx/xxxxxx/xxx_xxxxxxxx.x	predictive	Высокий
29	Library	xxxxxxxx.xxx	predictive	Средний
30	Library	xxxxx.xxx	predictive	Средний
31	Argument	xxx_xx	predictive	Низкий
32	Argument	xxxxxxxx	predictive	Средний
33	Argument	xxxxxxxxx	predictive	Средний
34	Argument	xxxxxxxx	predictive	Средний
35	Argument	xx	predictive	Низкий
36	Argument	xxxxxxxxx	predictive	Средний
37	Argument	xxxxx	predictive	Низкий
38	Argument	xxxxxxx_xxxx	predictive	Средний
39	Argument	xxxx_xxxxxx_xx	predictive	Высокий
40	Argument	xxxxxxxx	predictive	Средний
41	Argument	xx	predictive	Низкий
42	Argument	xxxxx	predictive	Низкий
43	Argument	xxxxx	predictive	Низкий
44	Argument	xxxxxxxxxx	predictive	Средний
45	Argument	xxxxxx_xx	predictive	Средний
46	Argument	xxxx_xxxxxx/xxxxxx/xxxxxx	predictive	Высокий
47	Argument	xx_xx	predictive	Низкий
48	Argument	xxxxxxxx/xxxxxxxx	predictive	Высокий
49	Input Value	x xxxxx xxx xxxxxx xxxx,xxxx,xxxx,xxxx,xxxxxx(xxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxx)--	predictive	Высокий
50	Input Value	::$xxxxx_xxxxxxxxxx	predictive	Высокий
51	Network Port	xxx	predictive	Низкий
52	Network Port	xxx xxxxxx xxxx	predictive	Высокий

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ ПредыдущийОбзорДалее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!