OriginLogger 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (3)

时间轴

语言

en4

国家/地区

us2

演员

OriginLogger2
Ryuk1
Conti1
Azorult1

活动

利益

时间轴

类型

Mail Client Software2
Not Defined2

供应商

GNU2
Not Defined2

产品

GNU Mailman2
Atmail2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1Atmail CSV 跨网站请求伪造6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.00CVE-2017-9517
2GNU Mailman Admin Login Page/Pipermail Index Summary 跨网站脚本6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.014800.03CVE-2002-0388
3Actiontec WCB6200Q Admin Login Cookie 弱身份验证6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.001860.03CVE-2018-10252

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
123.106.223.46OriginLogger2022-09-20verified
2XX.XXX.XXX.XXXxxxxxxxxxxx2022-09-20verified
3XX.XXX.XXX.XXXxxxxxxxxxxx2022-09-20verified
4XX.XXX.XXX.XXXxxxxxxxxxxx2022-09-20verified
5XXX.XX.XXX.XXxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxxxx2022-09-20verified

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique分类漏洞访问向量类型可信度
1CAPEC-111CWE-352, CWE-384, CWE-862, CWE-863Unknown Vulnerabilitypredictive
2TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx Xxxxxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!