Mining Multitool Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (20)

Временная шкала

Язык

en18
ru2

Страна

us20

Акторы

PowerGhost1

Деятельность

Интерес

Временная шкала

Тип

Not Defined8
Content Management System4

Поставщик

Not Defined6
Joomla2
Early Impact2
Advisto2

Продукт

FLDS2
Joomla CMS2
Early Impact Productcart2
Tiki2
TikiWiki2

Уязвимости

#УязвимостиBaseTemp0dayСегодняЭ�RemCTIEPSSCVE
1TikiWiki tiki-register.php эскалация привилегий7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix7.960.01009CVE-2006-6168
2Tiki Admin Password tiki-login.php слабая аутентификация8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix3.320.00936CVE-2020-15906
3FLDS redir.php sql-инъекция7.37.3$0-$5k$0-$5kHighUnavailable0.090.00203CVE-2008-5928
4DZCP deV!L`z Clanportal config.php эскалация привилегий7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.550.00943CVE-2010-0966
5Advisto Peel SHOPPING caddie_ajout.php неизвестная уязвимость6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.170.00118CVE-2018-20848
6IBM Robotic Process Automation with Automation Anywhere Ignite Node раскрытие информации5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.000.00064CVE-2019-4337
7Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform web.php эскалация привилегий7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00061CVE-2023-5493
8WordPress AdServe adclick.php sql-инъекция7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00073CVE-2008-0507
9Early Impact Productcart custva.asp межсайтовый скриптинг4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00715CVE-2004-2174
10Phplinkdirectory PHP Link Directory conf_users_edit.php неизвестная уязвимость6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00526CVE-2011-0643
11GetSimpleCMS index.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.050.00123CVE-2019-9915
12Joomla CMS com_easyblog sql-инъекция6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.350.00000

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-адресHostnameАкторКампанииIdentifiedТипУверенность
1185.128.43.62Mining Multitool27.03.2022verifiedВысокий

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueУязвимостиВектор доступаТипУверенность
1T1059CWE-94Argument InjectionpredictiveВысокий
2T1059.007CWE-80Cross Site ScriptingpredictiveВысокий
3TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveВысокий
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveВысокий
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveВысокий
6TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveВысокий

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDКлассIndicatorТипУверенность
1File/useratte/web.phppredictiveВысокий
2Fileadclick.phppredictiveСредний
3Fileadmin/conf_users_edit.phppredictiveВысокий
4Filexxxxx/xxxxx.xxxpredictiveВысокий
5Filexxxxxx.xxxpredictiveСредний
6Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveВысокий
7Filexxx/xxxxxx.xxxpredictiveВысокий
8Filexxxxx.xxxpredictiveСредний
9Filexxxx-xxxxx.xxxpredictiveВысокий
10Filexxxx-xxxxxxxx.xxxpredictiveВысокий
11ArgumentxxxxxxxxpredictiveСредний
12Argumentxxxxxxxxx[x]predictiveСредний
13Argumentxxxx_xxxxxxpredictiveСредний
14ArgumentxxpredictiveНизкий
15ArgumentxxxxxxxxpredictiveСредний
16ArgumentxxxxxxxxxxxpredictiveСредний

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

ПредыдущийОбзорДалее

Do you need the next level of professionalism?

Upgrade your account now!