Key Group Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (5)

Lang

en	6

Land

ru	6

Skådespelare

Unknown	1

Intressera

Typ

Not Defined	2
Document Reader Software	2
Operating System Utility Software	2

Säljare

Not Defined	4
Adobe	2

Produkt

Centreon	2
Adobe Acrobat Reader	2
sudo	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	sudo pwfeedback tgetpass.c getln minneskorruption	8.9	8.4	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00184	0.04	CVE-2019-18634
2	Netwrix Auditor Netwrix.ADA.StorageAuditService privilegier eskalering	6.5	6.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.03	CVE-2019-14969
3	Centreon Monitoring Engine Binary main.get.php privilegier eskalering	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.89243	0.02	CVE-2019-13024
4	Adobe Acrobat Reader förnekande av tjänsten	6.3	5.5	$5k-$25k	$0-$5k	Unproven	Official Fix	0.02080	0.00	CVE-2014-0560
5	XiongMai IP Camera/DVR NetSurveillance Web Interface minneskorruption	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00372	0.09	CVE-2017-16725

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Kampanjer	Identified	Typ	Förtroende
1	77.88.55.60	yandex.ru	Key Group		02/09/2023	verified	Hög

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1		CAPEC-10	CWE-119, CWE-399, CWE-404, CWE-787	Unknown Vulnerability	predictive	Hög
2	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
3	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (3)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	%PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\	predictive	Hög
2	File	xxxx.xxx.xxx	predictive	Medium
3	File	xxxxxxxx.x	predictive	Medium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!