Mushtik 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (13)

语言

en	14

国家/地区

tt	8
cn	2

演员

Mushtik	1

利益

类型

Smartphone Operating System	6
Virtualization Software	4
Router Operating System	2
Social Network Software	2

供应商

Apple	6
Not Defined	4
Cisco	2
Facebook	2

产品

Apple iOS	6
Apple iPadOS	4
Kubernetes	2
Cisco IOS	2
Cisco IOS XE	2

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	Cisco IOS/IOS XE QoS 内存损坏	8.5	8.3	$25k-$100k	$5k-$25k	Not Defined	Workaround	0.03537	0.03	CVE-2018-0151
2	BEA WebLogic Domain Directory 未知漏洞	8.2	7.4	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00505	0.00	CVE-2006-2546
3	Facebook react-dev-utils getProcessForPort 权限升级	5.5	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00241	0.02	CVE-2021-24033
4	Apple Safari Address 权限升级	5.3	5.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00084	0.02	CVE-2019-8670
5	Docker Docker Image Manifest 拒绝服务	4.3	4.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00553	0.00	CVE-2021-21285
6	Apple iOS/iPadOS WebKit Remote Code Execution	6.3	6.0	$25k-$100k	$5k-$25k	High	Official Fix	0.00980	0.04	CVE-2021-1870
7	CSI snapshot-controller Volume Snapshot 拒绝服务	5.4	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00066	0.00	CVE-2020-8569
8	Kubernetes API Server 权限升级	4.0	4.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00238	0.00	CVE-2020-8554
9	Apple iOS/iPadOS XPC Service launchd 权限升级	7.8	7.0	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00077	0.07	CVE-2020-9971
10	Apple iOS/iPadOS WebRTC 内存损坏	7.5	7.2	$100k 以及更多	$5k-$25k	Not Defined	Official Fix	0.00833	0.00	CVE-2020-15969
11	Apple iOS/iPadOS Address Bar 权限升级	4.3	4.1	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00101	0.00	CVE-2020-9993
12	WordPress admin-ajax.php SQL注入	7.3	7.3	$25k-$100k	$0-$5k	High	Official Fix	0.05147	0.02	CVE-2007-2821
13	Apple iOS Disk Images 内存损坏	6.5	6.4	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00237	0.00	CVE-2016-7616

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	Hostname	参与者	活动	Identified	类型	可信度
1	18.228.7.109	ec2-18-228-7-109.sa-east-1.compute.amazonaws.com	Mushtik		2022-07-13	verified	中
2	XXX.XXX.XXX.XXX		Xxxxxxx		2022-07-13	verified	高

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	漏洞	访问向量	类型	可信度
1	T1068	CWE-264	Execution with Unnecessary Privileges	predictive	高
2	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	高
3	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	高
4	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	高
5	TXXXX.XXX	CWE-XXX	Xxxxxxxxxxxx	predictive	高

IOA - Indicator of Attack (4)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	分类	Indicator	类型	可信度
1	File	admin-ajax.php	predictive	高
2	File	xxxxxxx	predictive	低
3	Argument	xxxxxx	predictive	低
4	Network Port	xxx/xxxxx	predictive	中

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Do you need the next level of professionalism?

Upgrade your account now!