Monero 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (54)

时间轴

语言

zh34
en16
ja2
sv2

国家/地区

cn48
us6

演员

Monero3
Cobalt Strike2
Tofsee1
pupy1

活动

利益

时间轴

类型

Not Defined22
Content Management System8
Network Attached Storage Software4
JavaScript Library2
Application Server Software2

供应商

Not Defined24
Microsoft4
QNAP4
Thomas R. Pasawicz2
Apache2

产品

QNAP QTS4
jQuery2
Thomas R. Pasawicz HyperBook Guestbook2
Apache Tomcat2
Drupal2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1CakePHP offset SQL注入8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001600.05CVE-2023-22727
2PHPMailer Phar Deserialization addAttachment 权限升级5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.007480.00CVE-2020-36326
3WordPress Editor 信息公开4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.004630.04CVE-2021-29450
4PostgreSQL 权限升级6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000620.03CVE-2017-12172
5PbootCMS function.php parserIfLabel 权限升级8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.525510.05CVE-2022-32417
6PHP PHAR phar_dir_read 内存损坏8.28.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.001260.09CVE-2023-3824
7GNUBOARD5 install_db.php SQL注入6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.001550.03CVE-2020-18662
8Axios Package Redirect 权限升级5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.002740.04CVE-2020-28168
9Workerman-ThinkPHP-Redis Controller.class.php 跨网站脚本4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000780.03CVE-2021-43697
10Aladdin Knowledge Systems eSafe Gateway Filter 权限升级7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.016220.00CVE-2001-0521
11Adminer 权限升级8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.006790.03CVE-2018-7667
12QuiXplorer index.php 目录遍历7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.085210.00CVE-2013-1641
13Softnext SPAM SQR 权限升级7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.001430.04CVE-2023-24835
14Cakefoundation CakePHP Error Message 信息公开5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002870.00CVE-2011-3712
15rap2hpoutre Laravel Log Viewer Base64 Encoding 权限升级7.47.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.063600.08CVE-2018-8947
16UniSharp laravel-filemanager download 目录遍历5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.090990.00CVE-2022-40734
17exceedone Exment/laravel-admin SQL注入7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001290.04CVE-2022-37333
18laravel-admin 权限升级5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001560.03CVE-2023-24249
19Laravel destruct 权限升级7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.001100.02CVE-2021-28254
20laravel-jqgrid EloquentRepositoryAbstract.php getRows SQL注入6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001480.05CVE-2021-4262

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
137.187.154.37ns320368.ip-37-187-154.euMonero2019-12-15verified
2XX.XX.XXX.XXXXxxxxx2019-12-15verified
3XX.XX.XX.XXXxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxx2019-06-10verified
4XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxx2019-06-10verified

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique分类漏洞访问向量类型可信度
1CAPEC-10CWE-20, CWE-59, CWE-61, CWE-119, CWE-120, CWE-125, CWE-287, CWE-288, CWE-352, CWE-404, CWE-502, CWE-672, CWE-862, CWE-863, CWE-918Unknown Vulnerabilitypredictive
2T1006CAPEC-126CWE-21, CWE-22Path Traversalpredictive
3T1059CAPEC-10CWE-74, CWE-94, CWE-707Argument Injectionpredictive
4TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx Xxxxxxxxxpredictive
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXXCAPEC-0CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
8TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxx Xxxxxxxxxpredictive
9TXXXXCAPEC-50CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
10TXXXX.XXXCAPEC-114CWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
11TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
12TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
13TXXXX.XXXCAPEC-19CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (22)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1FileController.class.phppredictive
2Filedata/gbconfiguration.datpredictive
3Filedede\co_do.phppredictive
4Filexxxxxxxxpredictive
5Filexxxxxxxx.xxxpredictive
6Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictive
7Filexxxxx.xxxpredictive
8Filexxxxxxx_xx.xxxpredictive
9Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxxpredictive
10Filexxxxxx.xxpredictive
11Filexxxx-xxxxxx.xpredictive
12Filexxx/xxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictive
13Filexxxx-xxxxxxxx.xxxpredictive
14Argumentxxxxxxpredictive
15Argumentxxxpredictive
16Argumentx/xx/xxxpredictive
17Argumentxxxxxxpredictive
18Argumentxxxxxxxx[]predictive
19Argumentxxxxxxpredictive
20Argumentxxxxx_xxxxxxpredictive
21Argumentxxxxxxxxpredictive
22Argumentxxxxxxx_xxxpredictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Do you want to use VulDB in your project?

Use the official API to access entries easily!