Generickdz 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (152)

时间轴

语言

en116
de18
pl6
ru6
fr2

国家/地区

us88
ca22
de12
fr4
ru2

演员

Generickdz8
Glupteba4
GandCrab3
Tofsee2
Cobalt Strike2

活动

利益

时间轴

类型

Not Defined46
WordPress Plugin10
Web Server8
Forum Software8
Connectivity Software6

供应商

Not Defined46
Microsoft8
VMware4
IBM4
D-Link4

产品

OpenSSH6
VMware Spring Framework4
Popup Maker Plugin4
Microsoft IIS4
Byzoro Smart S85F Management Platform4

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1All Enthusiast Inc Reviewpost Php Pro showproduct.php SQL注入7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005010.00CVE-2004-2175
2Phplinkdirectory PHP Link Directory conf_users_edit.php 跨网站请求伪造6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.03CVE-2011-0643
3OpenSSH Authentication Username 信息公开5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.18CVE-2016-6210
4212cafe 212cafeboard view.php SQL注入7.37.1$0-$5k$0-$5kHighUnavailable0.000640.06CVE-2008-4713
5Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog 权限升级9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.068870.04CVE-2019-17364
6Petwant PF-103/Petalk AI libcommon.so processCommandSetMac 权限升级9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.068870.00CVE-2019-16737
7Apple macOS Login Window 权限升级4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000560.05CVE-2021-30702
8Microsoft IIS 跨网站脚本5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.33CVE-2017-0055
9PhotoPost PHP Pro showproduct.php SQL注入9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002760.04CVE-2004-0250
10Floosietek FTGate 内存损坏10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.238390.02CVE-2005-3640
11Aboleo.net Portmon 权限升级5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000420.03CVE-2003-0448
12Sun MySQL MS DOS Device Name 拒绝服务7.57.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.070500.03CVE-2005-0799
13PHP Link Directory Administration Page index.html 跨网站脚本4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.55CVE-2007-0529
14BitTorrent uTorrent Bencoding Parser 权限升级6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.008670.04CVE-2020-8437
15MDaemon Webmail 跨网站脚本5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000700.02CVE-2019-8983
16Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 信息公开5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
17Synology DiskStation Manager Change Password 权限升级7.17.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.03CVE-2018-8916
18Webmin Package Updates Module update.cgi 权限升级8.88.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.123310.06CVE-2019-12840
19Totolink LR1200GB Web Interface cstecgi.cgi loginAuth 内存损坏9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.07CVE-2024-1783
20PHP unserialize 内存损坏8.58.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.197570.03CVE-2015-6834

IOC - Indicator of Compromise (70)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
15.9.72.48cpanelbk.pcready.meGenerickdz2022-05-05verified
212.167.151.118Generickdz2022-05-05verified
323.12.144.134a23-12-144-134.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
423.12.144.141a23-12-144-141.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
523.207.202.8a23-207-202-8.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
623.207.202.25a23-207-202-25.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
723.207.202.50a23-207-202-50.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
823.207.202.61a23-207-202-61.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
923.221.227.169a23-221-227-169.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
1023.221.227.172a23-221-227-172.deploy.static.akamaitechnologies.comGenerickdz2023-10-02verified
1137.1.193.431.1.1.1Generickdz2022-05-05verified
1240.112.72.205Generickdz2022-05-05verified
1343.230.143.219Generickdz2022-04-08verified
1443.231.4.7Generickdz2022-05-05verified
15XX.XX.XX.XXXxxxxxxxxx2022-05-05verified
16XX.XXX.XX.XXxxxxxxxx.xx-xx-xxx-xx.xxXxxxxxxxxx2022-05-04verified
17XX.X.XXX.XXxxx-xx-x-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxx2022-04-08verified
18XX.XX.X.XXXXxxxxxxxxx2022-05-05verified
19XX.XX.XX.XXXxxxxxxxxx2022-04-12verified
20XX.XXX.XXX.XXxx-xx-xxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx2022-04-08verified
21XX.XXX.XXX.XXXXxxxxxxxxx2022-05-04verified
22XX.XX.XXX.XXxxxxx.xxxxxxx.xxXxxxxxxxxx2022-04-08verified
23XX.XXX.XXX.XXXxxxxxxxxx2022-05-05verified
24XX.XXX.XX.XXXXxxxxxxxxx2022-04-12verified
25XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx2022-04-08verified
26XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx2022-04-08verified
27XX.XXX.XX.XXXxxx.xxxx.xxxxx.xxxXxxxxxxxxx2022-04-08verified
28XX.XXX.XX.XXxx.xxxxx.xxxxx.xxxXxxxxxxxxx2022-04-08verified
29XX.XX.XX.XXxxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx2022-05-05verified
30XX.XXX.XXX.XXxxxxxxxx.xxxxx.xxx.xxXxxxxxxxxx2022-04-08verified
31XX.XXX.XX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxxxx2022-04-08verified
32XX.XXX.XXX.XXXxxxxxxx.xxxxxxxxx.xxXxxxxxxxxx2022-04-08verified
33XX.XXX.XXX.XXXXxxxxxxxxx2022-04-08verified
34XXX.XX.XX.XXXxxxxxxxxx2022-05-05verified
35XXX.XX.XX.XXXXxxxxxxxxx2022-05-05verified
36XXX.XX.XXX.XXXxxxxxxxxx2022-05-05verified
37XXX.XX.XXX.XXXxxxxxxxxx2022-05-05verified
38XXX.XX.XX.XXXxxxxxxxxx2022-05-05verified
39XXX.XX.XX.XXXxxxxxxxxx2022-05-05verified
40XXX.XXX.XX.XXXxxxxxxxxx2022-05-05verified
41XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx2023-10-02verified
42XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx2023-10-02verified
43XXX.XX.XXX.XXXXxxxxxxxxx2022-04-08verified
44XXX.X.XXX.XXXXxxxxxxxxx2022-05-05verified
45XXX.X.XXX.XXXxxxxxxxxx2022-04-08verified
46XXX.XXX.XX.XXXxxxxxxxxx2022-05-05verified
47XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
48XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx2022-05-05verified
49XXX.XXX.XX.XXxxxxxxxxx-xx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
50XXX.XXX.XX.XXXxxxxxxxxx-xxx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
51XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
52XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
53XXX.XXX.XXX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
54XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
55XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
56XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
57XXX.XX.XXX.XXxxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxx2022-05-05verified
58XXX.XX.XX.XXXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxxxx2022-05-05verified
59XXX.XXX.XXX.XXXxxxxxxxxx2022-05-05verified
60XXX.XX.XX.XXXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxx2022-04-08verified
61XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx2023-10-02verified
62XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx2023-10-02verified
63XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxxxx2022-05-05verified
64XXX.XX.XXX.XXXXxxxxxxxxx2022-05-05verified
65XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxx2022-05-05verified
66XXX.XX.XXX.Xxx-xxx.xxxXxxxxxxxxx2022-05-04verified
67XXX.XXX.XX.XXXxxxxxxxxx2022-05-04verified
68XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx2022-05-05verified
69XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxx2022-05-05verified
70XXX.XXX.XXX.XXXXxxxxxxxxx2022-05-05verified

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique分类漏洞访问向量类型可信度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94Argument Injectionpredictive
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
8TXXXXCAPEC-0CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
9TXXXXCAPEC-0CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
10TXXXXCAPEC-108CWE-XX, CWE-XXXxx Xxxxxxxxxpredictive
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
12TXXXXCAPEC-50CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
13TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
14TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
15TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/admin/departments/view_department.phppredictive
2File/auxpredictive
3File/cgi-bin/cstecgi.cgipredictive
4File/etc/sudoerspredictive
5File/items/view_item.phppredictive
6File/pages/processlogin.phppredictive
7File/uncpath/predictive
8File/way4acs/enrollpredictive
9Fileadmin/conf_users_edit.phppredictive
10Filexxxxxxxxxxxx.xxxpredictive
11Filexxx.xxxpredictive
12Filexxxxxxxx.xxxpredictive
13Filexxxxxxxxxxxx.xxxpredictive
14Filexxxxxxxx/xxxxxxxxxx.xxxxpredictive
15Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
16Filexxxxxx.xxxpredictive
17Filexxxx.xxxpredictive
18Filexxxxxxxxxxx/xxxxx.xxxpredictive
19Filexxxxxxxxxxxxxxxx.xxxpredictive
20Filexxxxxxx.xxxpredictive
21Filexxxxxxxxxx.xxxpredictive
22Filexxxxx.xxxxpredictive
23Filexxxxx.xxxpredictive
24Filexxxxx.xxx?x=/xxxx/xxxxxxxxpredictive
25Filexxxxx/xxxxxxxx.xpredictive
26Filexxxxxxxxx.xxpredictive
27Filexxxxx.xxxpredictive
28Filexxxx.xxxpredictive
29Filexxxx_xxxx.xxxpredictive
30Filexxx.xxpredictive
31Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictive
32Filexxxx_xxxxxxxxx.xxxpredictive
33Filexxxx-xxxxxx.xpredictive
34Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictive
35Filexxxxxxxxxxx.xxxpredictive
36Filexxxxxx.xxxpredictive
37Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxpredictive
38Filexxxx.xxxpredictive
39Filexxxxxxxx.xxxpredictive
40Filexx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxxpredictive
41Filexxxxxx.xxxpredictive
42File~/xxx/xxxx-xxxxxxxxx.xxxpredictive
43Argument-x/-xpredictive
44Argumentxxxpredictive
45Argumentxxxxxxxxpredictive
46Argumentxxxxxpredictive
47Argumentxxx_xxpredictive
48Argumentxx_xxpredictive
49Argumentxxxxpredictive
50Argumentxxxx_xxxxxxpredictive
51Argumentxxxxxpredictive
52Argumentxxxxxxxxpredictive
53Argumentxxxx_xxxxxxxx_xxxxpredictive
54Argumentxxxx_xxxxpredictive
55Argumentxxpredictive
56Argumentxxxxxxx_xxxpredictive
57Argumentxxxx_xxpredictive
58Argumentxxxxpredictive
59Argumentxxxxxpredictive
60Argumentxxxxxpredictive
61Argumentxxxxxxxxpredictive
62Argumentxxxpredictive
63Argumentxxxpredictive
64Argumentxxxxxxxxxxxxxxxxpredictive
65Argumentxxxpredictive
66Argumentxxxxpredictive
67Input Value.%xx.../.%xx.../predictive
68Input Valuexxxx://xxx.xxxxxxx.xxx/xxxxxxxx.xxx?xxxxxxxxxxx=xxxpredictive

参考 (8)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Might our Artificial Intelligence support you?

Check our Alexa App!