Gabon Unknown 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

时间轴

语言

fr16
en4

国家/地区

fr16
us2
gb2

演员

Gabon6

活动

利益

时间轴

类型

Not Defined12
Firewall Software2
Content Management System2

供应商

Not Defined8
Green Packet4
Netgate2
Sage2

产品

Green Packet DX-3504
Ubuntu2
TeamPass2
BlueMind2
Netgate pfSense2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1Green Packet DX-350 弱身份验证8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.006590.00CVE-2017-9932
2BlueMind Contact Application 未知漏洞7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001720.02CVE-2019-9563
3Green Packet DX-350 Web Interface 权限升级8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.050010.00CVE-2017-9980
4Open5GS Service Port 3000 弱身份验证8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.001070.00CVE-2021-25863
5Sage X3 AdxDSrv.exe 弱身份验证7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.195970.05CVE-2020-7388
6Icegram Email Subscribers / Newsletters Plugin 弱身份验证6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002890.00CVE-2020-5780
7Ubuntu 未知漏洞4.03.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.02CVE-2009-1295
8Ubuntu Linux overlayfs 权限升级7.87.6$5k-$25k$0-$5kHighOfficial Fix0.000620.02CVE-2015-1328
9Dolibarr User Note note.php Stored 跨网站脚本4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2019-16686
10IBM AIX LVM lquerylv 权限升级7.87.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000910.02CVE-2016-6079
11Blueimp jQuery-File-Upload File Upload 权限升级8.58.2$0-$5k$0-$5kHighOfficial Fix0.966890.00CVE-2018-9206
12Netgate pfSense 权限升级6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.162100.00CVE-2018-4020
13WordPress REST API class-wp-rest-users-controller.php 信息公开5.35.1$5k-$25k$0-$5kFunctionalOfficial Fix0.874100.03CVE-2017-5487
14Microsoft Windows Kernel 权限升级7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.004040.06CVE-2017-11847
15Green Packet DX-350 UPnP ajax.cgi 跨网站请求伪造6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001120.03CVE-2017-9930
16TeamPass SQL注入7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.004860.00CVE-2014-3773

IOC - Indicator of Compromise (49)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
141.72.224.0Gabon Unknown2023-02-21verified
241.76.120.0Gabon Unknown2023-05-03verified
341.77.120.0Gabon Unknown2023-05-03verified
441.78.96.0Gabon Unknown2023-05-03verified
541.78.240.0Gabon Unknown2023-02-21verified
641.158.0.0Gabon Unknown2023-02-21verified
741.211.128.0Gabon Unknown2023-02-21verified
841.223.168.0Gabon Unknown2023-02-21verified
957.82.62.0Gabon Unknown2023-02-21verified
1066.102.36.64Gabon Unknown2023-05-03verified
11XX.XXX.XXX.XXxxxx Xxxxxxx2023-05-03verified
12XX.XXX.XX.XXxxxx Xxxxxxx2023-05-03verified
13XX.XXX.XXX.Xxx-xxx-xxx-x.xx.xxxxxxxxxxx.xxxXxxxx Xxxxxxx2023-02-21verified
14XX.XXX.XX.Xxx-xxx-xx-x.xx.xxxxxxxxxxx.xxxXxxxx Xxxxxxx2023-02-21verified
15XXX.XXX.XX.XXxxxx Xxxxxxx2023-02-21verified
16XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
17XXX.XXX.XX.XXxxxx Xxxxxxx2023-02-21verified
18XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
19XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
20XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
21XXX.X.XX.XXxxxx Xxxxxxx2023-02-21verified
22XXX.X.XXX.Xx-xxx-x-xxx.x.xxxxxx.xxXxxxx Xxxxxxx2023-02-21verified
23XXX.XX.XXX.XXxxxx Xxxxxxx2023-05-03verified
24XXX.XX.XXX.XXxxxx Xxxxxxx2023-02-21verified
25XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
26XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
27XXX.XXX.XXX.XXxxxx Xxxxxxx2023-05-03verified
28XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
29XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
30XXX.XXX.XXX.XXxxxx Xxxxxxx2023-05-03verified
31XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
32XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
33XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
34XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
35XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
36XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
37XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
38XXX.XX.XXX.XXxxxx Xxxxxxx2023-05-03verified
39XXX.XX.XX.XXxxxx Xxxxxxx2023-02-21verified
40XXX.XX.XX.XXxxxx Xxxxxxx2023-02-21verified
41XXX.XXX.XX.XXxxxx Xxxxxxx2023-02-21verified
42XXX.XXX.XX.XXxxxx Xxxxxxx2023-02-21verified
43XXX.XXX.XXX.XXxxxx Xxxxxxx2023-05-03verified
44XXX.XXX.X.XXxxxx Xxxxxxx2023-02-21verified
45XXX.XXX.XXX.XXxxxx Xxxxxxx2023-05-03verified
46XXX.XXX.XXX.XXxxxxxx.xxxxxx.xxx.xxxxxxxx.xxxXxxxx Xxxxxxx2023-05-03verified
47XXX.XXX.XXX.XXxxxx Xxxxxxx2023-02-21verified
48XXX.XX.XX.XXxxxx Xxxxxxx2023-02-21verified
49XXX.XXX.XX.Xxxx-xxx-xx-x.xxxxxx.xxxxxxxxxx.xxxXxxxx Xxxxxxx2023-02-21verified

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1059.007CWE-79Cross Site Scriptingpredictive
2T1068CWE-264Execution with Unnecessary Privilegespredictive
3TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
4TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
5TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXXCWE-XXXxx Xxxxxxxxxpredictive
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
8TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictive
9TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1FileAdxDSrv.exepredictive
2Fileajax.cgipredictive
3Filexxxxxxxxpredictive
4Filexxxx.xxxpredictive
5Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictive
6Argumentxxxpredictive
7Argumentxxxxxx_xx_xxxxpredictive
8Argumentxxxxxxxx_predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Interested in the pricing of exploits?

See the underground prices here!