OnionDog 分析

IOB - Indicator of Behavior (53)

时间轴

语言

en50
ko4

国家/地区

kr34
us20

演员

活动

利益

时间轴

类型

供应商

产品

Google Chrome4
Google Android4
D-Link DIR-850L4
Microsoft Word2
DeDeCMS2

漏洞

#漏洞BaseTemp0day今天修正CTIEPSSCVE
1Adobe Acrobat Reader Image Conversion 内存损坏7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.03331CVE-2018-4916
2Huawei HG8245H URL 信息公开7.47.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00167CVE-2017-15328
3Google Chrome v8 权限升级7.57.1$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000.23457CVE-2016-9651
4CPU Speculative Execution Meltdown 信息公开6.15.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000.97461CVE-2017-5754
5Mozilla Firefox WebRTC 权限升级5.34.6$25k-$100k$0-$5kUnprovenOfficial Fix0.000.00461CVE-2014-1586
6Tobesoft NEXACRO17 execDefaultBrowser 权限升级7.77.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00360CVE-2021-26607
7JetBrains IntelliJ IDEA Privilege Escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00221CVE-2021-45977
8Oracle Communications Network Charging and Control Common 拒绝服务7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00154CVE-2022-35737
9TeamViewer TVS File Parser 信息公开7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00159CVE-2021-34858
10logback Configuration File 权限升级5.35.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.01555CVE-2021-42550
11Combodo iTop Configuration File 权限升级7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00552CVE-2019-11215
12Artifex MuPDF PDF File pdf-xref.c pdf_read_new_xref 内存损坏5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00269CVE-2018-6192
13VMware ESXi/Workstation/Fusion SVGA 信息公开7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00077CVE-2018-6974
14PHP 404 Error Page phar_object.c Reflected 跨网站脚本5.25.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.03788CVE-2018-10547
15CPUID CPU-Z Kernel-Mode Driver 内存损坏6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00044CVE-2017-15303
16Microsoft Access 内存损坏7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.10346CVE-2018-0903
17Wind River VxWorks TCP Initial Sequence Number 权限升级5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.02370CVE-2015-3963
18Oracle VM VirtualBox 权限升级8.68.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00082CVE-2018-2690
19Adobe Flash Player 信息公开6.96.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00569CVE-2018-4871
20Google Android System 权限升级7.06.3$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.030.00434CVE-2017-13209

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/proc/<pid>/statuspredictive
2File/var/passwdpredictive
3Fileext/phar/phar_object.cpredictive
4Filexxxxxx/xxx/xxxxxxx.xxxpredictive
5Filexxxxxx/xxxxxx/xxxx.xpredictive
6Filexxxx.xxxpredictive
7Filexxxxxxxxx/xxxxx.xxxpredictive
8Filexxx/xxx-xxxx.xpredictive
9Filexxxx.xxxpredictive
10Argumentxxxxxxpredictive
11Argumentxxxxxxx_xpredictive
12Argumentxxpredictive
13Argumentxxxxxxxxpredictive
14Input Valuexxxxxxx_xxxxx.xxxxxxx_xxxxxxxpredictive
15Network Portxxx/xx (xxxxxx)predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!