Cpuminer 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (221)

时间轴

语言

en204
ru16
de2

国家/地区

cn24
us18
ru8
nl2
es2

演员

RedLine Stealer2
Cobalt Strike2
Responder2
CredStealer1
TeamTNT1

活动

利益

时间轴

类型

Not Defined102
WordPress Plugin22
Operating System12
Content Management System12
Web Browser10

供应商

Not Defined80
Google8
Netgear6
Sun4
VMware4

产品

Google Chrome6
QEMU4
Netgear D78004
Netgear R61004
Netgear R75004

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1ZyXEL P660HN-T v1 ViewLog.asp 权限升级7.36.4$5k-$25k$0-$5kProof-of-ConceptWorkaround0.000000.05
2Dahua DHI-HCVR7216A-S3 SmartPSS Auto Login Hash 权限升级6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.003310.04CVE-2017-6342
3Cyr to Lat Plugin SQL注入6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.03CVE-2022-4290
4HPE Onboard Administrator Reflected 跨网站脚本4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000500.02CVE-2020-7132
5xwikisas macro-pdfviewer PDF Viewer Macro 信息公开6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-30263
6Moises Heberle WooCommerce Bookings Calendar Plugin 跨网站脚本5.04.9$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-31117
7Foxit PDF Reader AcroForm 内存损坏6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.03CVE-2024-30354
8Tenda AC10 SetStaticRouteCfg fromSetRouteStatic 内存损坏8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-2581
9MediaTek MT8798 Lk 内存损坏6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.02CVE-2024-20022
10Kofax Power PDF PNG File Parser 信息公开4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2024-27336
11Linux Kernel ASPM pci_set_power_state_locked 拒绝服务4.84.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-26605
12Elementor Plugin 权限升级5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03CVE-2024-24934
13IBM Security Access Manager Container DSC Server 拒绝服务6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.02CVE-2023-31006
14WP Recipe Maker Plugin 跨网站脚本5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000450.02CVE-2024-0382
15Dahua IPC/SD/NVR/XVR Packet 未知漏洞4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000630.03CVE-2022-30564
16PrestaShop blockwishlist SQL注入7.77.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.007410.02CVE-2022-31101
17ThemePunch OHG Slider Revolution Plugin 权限升级7.27.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.05CVE-2023-47784
18OpenZeppelin openzeppelin-contracts Subcall 权限升级5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000480.06CVE-2023-49798
19Brocade Fabric OS 弱加密6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000910.00CVE-2021-27795
20WPFactory Products, Order & Customers Export for WooCommerce Plugin 跨网站脚本5.85.8$0-$5k$0-$5kNot DefinedNot Defined0.000460.00CVE-2023-47547

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
145.9.148.117Cpuminer2022-07-16verified
2XXX.XXX.XX.XXXXxxxxxxx2023-10-06verified

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22, CWE-425Path Traversalpredictive
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CWE-94Argument Injectionpredictive
4T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
8TXXXXCWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
10TXXXXCWE-XXXxx Xxxxxxxxxpredictive
11TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
12TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
13TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
14TXXXXCWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
16TXXXX.XXXCWE-XXXXxxxxxxxpredictive
17TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
19TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (84)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/ajax.php?action=read_msgpredictive
2File/debug/pprofpredictive
3File/desktop_app/file.ajax.php?action=uploadfilepredictive
4File/envpredictive
5File/goform/SetNetControlListpredictive
6File/goform/SetStaticRouteCfgpredictive
7File/src/chatbotapp/chatWindow.javapredictive
8Fileadmin/categories_industry.phppredictive
9Fileadmin/class-woo-popup-admin.phppredictive
10Fileadmin/content/postcategorypredictive
11Filexxxxxxxxxxxx/xxxxx/xxxx/predictive
12Filexxxxx.xxxpredictive
13Filexxx_xx_xxx_xxx.xxxpredictive
14Filexxx.xpredictive
15Filexxxpredictive
16Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictive
17Filexxxxxx.xxxpredictive
18Filexxxxxxx/xxx/xxx-xx.xpredictive
19Filexxx_xxxx.xpredictive
20Filexxx/xxxxx.xxxxxpredictive
21Filexxxx/xxxxxxxx/xxx&xx=xxxxxxxpredictive
22Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictive
23Filexxxxxx.xxxpredictive
24Filexxxxxxx/xxxxx.xxx.xxxpredictive
25Filexx_xxxxx.xpredictive
26Filexxxxx_xxxxx.xpredictive
27Filexxxxxx/xxx/xxxxxxxx.xpredictive
28Filexxxx.xxxpredictive
29Filexxxxx.xxxpredictive
30Filexxxxxxxx.xxxpredictive
31Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictive
32Filexxxxxxxxxxx-xxxx.xxpredictive
33Filexxxxx.xxxpredictive
34Filexxxxxxxxx/xxxxx.xxxxxpredictive
35Filexxxxx/xxxxx.xxxxxpredictive
36Filexxxxxxx.xpredictive
37Filexxxxxxxxxxxxx.xxxpredictive
38Filexxxxxx-xxxxxx.xxxpredictive
39Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictive
40Filexxx.xpredictive
41Filexxxxxxxxxxxxxxxxpredictive
42Filexxx-xxxxxxx-xxx.xxpredictive
43Filexxxxxxx.xpredictive
44Filexxxxxxx.xxxpredictive
45Filexxx.xxxpredictive
46Filexx-xxxxx-xxxxxx.xxxpredictive
47File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictive
48Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictive
49Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictive
50Libraryxxxxxxx.xxxpredictive
51Libraryxxxxx.xxxpredictive
52Libraryxxxxxxxxxxxxx.xxx)predictive
53Argumentxxxxxxpredictive
54Argumentxxxpredictive
55Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictive
56Argumentxxxxxxpredictive
57Argumentx:\xxxxxxx\xpredictive
58Argumentxxxxx_xxxxpredictive
59Argumentxxxxx_xxpredictive
60Argumentxxxxxxxxpredictive
61Argumentxxxxxxxxxxxxxxxxxpredictive
62Argumentxxx_xxxpredictive
63Argumentxxxxpredictive
64Argumentxxxxpredictive
65Argumentxxxx_xxxxxpredictive
66Argumentxxxxxx_xxxpredictive
67Argumentxxxxpredictive
68Argumentxxpredictive
69Argumentxxxxxxxpredictive
70Argumentxxxxpredictive
71Argumentxxxxpredictive
72Argumentxxxxpredictive
73Argumentxxxxxxxpredictive
74Argumentx_xxxxpredictive
75Argumentxxxxxx_xxxxpredictive
76Argumentxxxxxx/xxxxxx_xxxxxxpredictive
77Argumentxxxpredictive
78Argumentxxxxxpredictive
79Argumentxxxxxxxxxxxpredictive
80Argumentxxpredictive
81Argumentxxxxxxpredictive
82Argumentx-xxxxxxxxx-xxxxpredictive
83Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictive
84Input Value//xxx//xxxxxxx.xxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Might our Artificial Intelligence support you?

Check our Alexa App!