FlawedAmmyy Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (28)

Tidslinje

Lang

sv12
en6
de6
it4

Land

de28

Skådespelare

FlawedAmmyy1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined12
Operating System2
Forum Software2

Säljare

Not Defined4
Linux2
Lars Ellingsen2
DZCP2
Basti2web2

Produkt

Linux Kernel2
JContentSubscription2
Flat PHP Board2
Lars Ellingsen Guestserver2
DZCP deV!L`z Clanportal2

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1Basti2web Book Panel books.php sql injektion7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.03CVE-2009-4889
2Matt Wright Matt Wright Guestbook guestbook.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.009910.24CVE-2006-1697
3Matt Wright Matt Wright Guestbook cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.002750.04CVE-2006-1698
4SmartISoft phpBazar picturelib.php privilegier eskalering7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.007180.02CVE-2010-2315
5DZCP deV!L`z Clanportal config.php privilegier eskalering7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.29CVE-2010-0966
6Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.24CVE-2005-4222
7SignKorn Guestbook admin.php privilegier eskalering5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03
8LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.16
9Csphere ClanSphere Error Message informationsgivning5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002870.00CVE-2011-3714
10JContentSubscription register.php Local Privilege Escalation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.06
11Flat PHP Board kataloggenomgång3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.01
12Linux Kernel NFS Export nfs3xdr.c no_subtree_check kataloggenomgång6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001970.03CVE-2021-3178
13jdownloads categories.php order sql injektion7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.001240.00CVE-2020-19455
14ProFTPD privilegier eskalering5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.04CVE-2017-7418
15Palo Alto Network Traps ESM Console Agent License privilegier eskalering6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.003100.00CVE-2017-7408

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
1136.243.104.235static.235.104.243.136.clients.your-server.deFlawedAmmyy31/10/2023verifiedHög

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassSårbarheterÅtkomstvektorTypFörtroende
1CAPEC-10CWE-20, CWE-59Unknown VulnerabilitypredictiveHög
2T1006CAPEC-126CWE-22Path TraversalpredictiveHög
3TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxxx XxxxxxxxxpredictiveHög
4TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx XxxxxxxxxpredictiveHög
5TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
6TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHög
7TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxx XxxxxxxxxpredictiveHög
8TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög

IOA - Indicator of Attack (17)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/forum/away.phppredictiveHög
2Fileadmin/admin.phppredictiveHög
3Filebooks.phppredictiveMedium
4Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHög
5Filexx/xxxx/xxxxxxx.xpredictiveHög
6Filexxxxxxxxx.xxxpredictiveHög
7Filexxxxxxxxx.xxpredictiveMedium
8Filexxx/xxxxxx.xxxpredictiveHög
9Filexxxx/xxxxxxxx.xxxpredictiveHög
10Libraryxxxxxxxxxx.xxxpredictiveHög
11ArgumentxxxxxxxxpredictiveMedium
12ArgumentxxxxxxpredictiveLåg
13ArgumentxxxpredictiveLåg
14Argumentxxx_xxxxpredictiveMedium
15Argumentxxxxxx_xxxxxpredictiveMedium
16Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHög
17ArgumentxxxxxxxxpredictiveMedium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Do you know our Splunk app?

Download it now for free!