Pony 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (514)

语言

en	506
jp	2
es	2
zh	2
ru	2

国家/地区

us	16
ru	6
it	2

演员

Pony	3
Agrius	1
Kuluoz	1
TA505	1
RedLine Stealer	1

利益

类型

Not Defined	136
Smartphone Operating System	50
Operating System	38
Web Browser	30
Content Management System	16

供应商

Not Defined	146
Apple	54
Oracle	32
Google	30
Microsoft	30

产品

Google Android	24
Apple iOS	22
Microsoft Windows	16
Apple macOS	12
Mozilla Firefox	12

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	DZCP deV!L`z Clanportal config.php 权限升级	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.17	CVE-2010-0966
2	PHP Outburst Easynews admin.php 内存损坏	7.3	6.7	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.05921	0.02	CVE-2006-5412
3	Devilz Clanportal SQL注入	7.3	7.0	$0-$5k	$0-$5k	High	Official Fix	0.00684	0.08	CVE-2006-6339
4	Adobe Flash Player Display Object 内存损坏	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.01346	0.00	CVE-2017-3071
5	XmlMapper in the Data format Extension DTD XML External Entity	8.4	8.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00189	0.00	CVE-2016-7051
6	IBM Platform LSF Local Privilege Escalation	8.3	8.3	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00042	0.00	CVE-2017-1205
7	Faveo rolechangeadmin 跨网站请求伪造	6.1	5.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00401	0.00	CVE-2017-7571
8	Jasper jpc_tsfb.c jpc_tsfb_synthesize 拒绝服务	6.4	5.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00306	0.00	CVE-2016-10248
9	Rapid7 Metasploit Framework Installer 权限升级	6.5	6.3	$0-$5k	计算	Not Defined	Official Fix	0.00063	0.00	CVE-2017-5235
10	Aruba AirWave XML External Entity	7.5	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00683	0.00	CVE-2016-8526
11	JustSystems Ichitaro Office Excel File 内存损坏	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00470	0.00	CVE-2017-2790
12	Facebook HHVM compact 拒绝服务	7.5	7.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00283	0.00	CVE-2016-6873
13	HPE Smart Storage Administrator 权限升级	8.8	7.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.17790	0.04	CVE-2016-8523
14	Intelliants Subrion CMS ia.core.users.php 权限升级	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00314	0.02	CVE-2017-5543
15	Apple tvOS WebKit 信息公开	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00375	0.04	CVE-2016-7598
16	Netgear R6250/R6400/R6700/R7000/R7100LG/R7300/R7900/R8000 URL 跨网站请求伪造	8.0	7.9	$5k-$25k	$0-$5k	High	Official Fix	0.97464	0.10	CVE-2016-6277
17	Tatsuya Kinoshita w3m 内存损坏	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00448	0.00	CVE-2016-9627
18	SPIP plonger.php 跨网站脚本	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00127	0.02	CVE-2016-9152
19	BlueZ Dump File packet.c l2cap_packet 内存损坏	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00310	0.02	CVE-2016-9802
20	dotCMS JSONTags Servlet SQL注入	8.8	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00446	0.02	CVE-2016-8905

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	Hostname	参与者	Identified	类型	可信度
1	46.161.1.172	free.gbnhost.com	Pony	2022-04-05	verified	高
2	66.175.212.25	66-175-212-25.ip.linodeusercontent.com	Pony	2023-12-18	verified	高
3	81.177.22.179	cl.hostlix.ru	Pony	2022-04-05	verified	高
4	XX.XX.XXX.XXX	xxxx-xx-xx-xxx-xxx.xxxxxx.xxxxxxxxxxxxx.xx	Xxxx	2022-04-05	verified	高
5	XX.XXX.XX.XXX	xxxx-xx-xxx.xxx.xxxxxxx.xx	Xxxx	2022-04-05	verified	高
6	XX.XX.XX.XX	xx.xxx-xx-xx-xx.xxxxxxxxx.xxxx-xxx.xxx	Xxxx	2022-04-05	verified	高
7	XX.XXX.XX.XX		Xxxx	2022-04-05	verified	高
8	XX.XXX.XXX.XX	xxxxxxxxx.xx	Xxxx	2022-04-05	verified	高
9	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxx.xxxxxxx.xxx	Xxxx	2022-04-05	verified	高
10	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxx.xxxxxxxx.xx	Xxxx	2022-04-05	verified	高
11	XXX.XX.XXX.XX		Xxxx	2023-05-31	verified	高
12	XXX.XXX.XXX.XX	xxxx-xxx-xx.xxx.xxxxxxx.xx	Xxxx	2022-04-05	verified	高

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	分类	漏洞	访问向量	类型	可信度
1		CAPEC-10	CWE-19, CWE-20, CWE-99, CWE-119, CWE-125, CWE-134, CWE-189, CWE-190, CWE-287, CWE-345, CWE-346, CWE-352, CWE-361, CWE-369, CWE-384, CWE-388, CWE-399, CWE-400, CWE-404, CWE-416, CWE-417, CWE-441, CWE-476, CWE-502, CWE-610, CWE-611, CWE-674, CWE-787, CWE-843, CWE-862, CWE-863, CWE-918	Unknown Vulnerability	predictive	高
2	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	高
3	T1059	CAPEC-10	CWE-74, CWE-94, CWE-707	Argument Injection	predictive	高
4	T1059.007	CAPEC-10	CWE-74, CWE-79, CWE-80, CWE-707	Cross Site Scripting	predictive	高
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
6	TXXXX.XXX	CAPEC-0	CWE-XXX, CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	高
7	TXXXX.XXX	CAPEC-191	CWE-XXX, CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	高
8	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XX, CWE-XXX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	高
9	TXXXX	CAPEC-0	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	高
10	TXXXX	CAPEC-0	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	高
11	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxx Xxxxxxxxx	predictive	高
12	TXXXX	CAPEC-112	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
13	TXXXX	CAPEC-37	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	高
14	TXXXX	CAPEC-38	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	高
15	TXXXX.XXX	CAPEC-114	CWE-XXX, CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
16	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高
17	TXXXX	CAPEC-112	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	高
18	TXXXX.XXX	CAPEC-0	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	高

IOA - Indicator of Attack (187)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	分类	Indicator	类型	可信度
1	File	/admin/	predictive	低
2	File	/admin/featured.php	predictive	高
3	File	/admin/slider.php	predictive	高
4	File	/admin/users.php	predictive	高
5	File	/apiclient/ember/index.jsp	predictive	高
6	File	/category.php	predictive	高
7	File	/cgi/ansi	predictive	中
8	File	/dev/datum/	predictive	中
9	File	/getImage	predictive	中
10	File	/goform/	predictive	中
11	File	/holiday.php	predictive	中
12	File	/home/dna/spool/.pfile	predictive	高
13	File	/html/feed.php	predictive	高
14	File	/inc/campaign/view-campaign-list.php	predictive	高
15	File	/index.php	predictive	中
16	File	/install/index.php	predictive	高
17	File	/lists/index.php	predictive	高
18	File	/myAccount	predictive	中
19	File	/real-estate-script/search_property.php	predictive	高
20	File	/SAAS/WEB-INF	predictive	高
21	File	/searchpin.php	predictive	高
22	File	/xxxxxxx/xxxxxxxxx/%xxxxx%/xxxxx	predictive	高
23	File	/xxxxxxxxxxxx/xxxx_xxx_x.xxx	predictive	高
24	File	xxxxxxx/xxxxxx.xxx	predictive	高
25	File	xxxxx.xxx	predictive	中
26	File	xxxxx/xxxxx_xxxxxxx.xxx	predictive	高
27	File	xxxxx/xxxxxx.xxx	predictive	高
28	File	xxxxx_xxx_xxxx.xxx	predictive	高
29	File	xxxxxxxxxxx/xxxxxxx/xxxxxxxxxxx.xxx	predictive	高
30	File	xxxx\xxxxx\xxxxxxxxxx\xxxxxxx\xxxxxxxxxxxxxxxxx.xxx	predictive	高
31	File	xxx/xxxx/xxxx/xxxx_xxxxx_xxxx_xxxxx.x	predictive	高
32	File	xxxx/xxxxxx.x	predictive	高
33	File	xxxx/xxxxxxxxx.xxx	predictive	高
34	File	xxxxxx.x	predictive	中
35	File	xxxxxx_xx.x	predictive	中
36	File	xxx.xx	predictive	低
37	File	xxxxxxxx_xxxxxxxxx.xxx	predictive	高
38	File	xxxxxxxxxxxxxxxxx	predictive	高
39	File	xxx.xxx	predictive	低
40	File	xxxxxx/xxx.x	predictive	中
41	File	xxxxxx/xxx_xxxxxxx.x	predictive	高
42	File	xxxxxxxxx-xxxxxx-xxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx/xxxxxxxx_xxxx.xxx	predictive	高
43	File	xx-xxxxxxxx.x	predictive	高
44	File	xxx_xx_xxx.x	predictive	中
45	File	xxx_xx_xxxxxx.x	predictive	高
46	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	高
47	File	xxxxxxx/xxxx/xxxxxx_xxxxxxx.x	predictive	高
48	File	xxxxxxx/xxx/xxx/xxx/xxx_xxx.x	predictive	高
49	File	xxxxxxx/xxx/xxxxxxxxxx/xxxxx.x	predictive	高
50	File	xxxxx_xxxx.x	predictive	中
51	File	xxxxxx/xxxx/xxxxxxx.xxx	predictive	高
52	File	xxxxxxx.xxx	predictive	中
53	File	xxxxxxx.x	predictive	中
54	File	xxxxxxxxxxxxx.xxx	predictive	高
55	File	xxxxx.x	predictive	低
56	File	xxx/xxxx/xxxx.x	predictive	高
57	File	xxxxxxx.x	predictive	中
58	File	xxxx/xxxxxx/xxxxxxxx/xxxx_x.xxx	predictive	高
59	File	xxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxx.xxx	predictive	高
60	File	xxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxxxxxx/xxxxxxxx_xxxxxxxxx.xxx	predictive	高
61	File	xxxxxxxxxxxxx.x	predictive	高
62	File	xxx-xxxxxx-xxx.x	predictive	高
63	File	xxx-xxxx/xxx/xxxx/xxxx-xxxxx.x	predictive	高
64	File	xxxxxxxxx.xxx	predictive	高
65	File	xx/xxxxxxx/xxxxxx_xxx.x	predictive	高
66	File	xxx.xxx	predictive	低
67	File	xxxxxx-xxx.x	predictive	中
68	File	xxxxxx-xxxx.x	predictive	高
69	File	xxx/xxxxxx.xxx	predictive	高
70	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	高
71	File	xxxxxxxx/xxxxxxx/xx.xxxx.xxxxx.xxx	predictive	高
72	File	xxxxx.xxx	predictive	中
73	File	xxxxxxx/xxxxx.xxx	predictive	高
74	File	xxxx/x_xxxxxxxxxxxx.x	predictive	高
75	File	xxxxx_xxxxxxx.x	predictive	高
76	File	xxx_xxxx.x	predictive	中
77	File	xxxxxx/xxxxxx/xxxx.x	predictive	高
78	File	xxxx/xxxxxx.xxx	predictive	高
79	File	xxxxxx/xxxxxxxx.xx	predictive	高
80	File	xxxxx/xxxxxxx.x	predictive	高
81	File	xxxxxxxxx/xxx/xxx_xxx.x	predictive	高
82	File	xxxxxxxx.xx	predictive	中
83	File	xxxx/xxx/x/xxx_xxxxxx.x	predictive	高
84	File	xxxx/xxx/x/xxx_xxxx.x	predictive	高
85	File	xxxxxxx/xxx_xxxxx.x	predictive	高
86	File	xxxxxxxxxxxxxxxxxx.xxx	predictive	高
87	File	xxx_xxxxx_xxx.xxx	predictive	高
88	File	xxxxxx/xxxxxx.x	predictive	高
89	File	xxxxxx/xxx-xxxx.x	predictive	高
90	File	xxxxxx.xx	predictive	中
91	File	xxxxxxx.x	predictive	中
92	File	xxxxxxx/xxxxxx.x	predictive	高
93	File	xxx/xxx_xxxxxx/xxx_xxxxxx_xxxxxx.x	predictive	高
94	File	xxx/xxxx/xxxx.x	predictive	高
95	File	xxx/xxxxxx/xx_xxxxxx.x	predictive	高
96	File	xxxxxxxxx.x	predictive	中
97	File	xxxxxxxx.xxx	predictive	中
98	File	xxxxxx.x	predictive	中
99	File	xxxxxxx.xxx	predictive	中
100	File	xxxxx-xxxxx.x	predictive	高
101	File	xxxxx-xxx.x	predictive	中
102	File	xxxxxx/xxxxxxxxxxxxxxx	predictive	高
103	File	xxxxxxx/xxxxxx:xx.x.x	predictive	高
104	File	xxxxxxxx.xxx	predictive	中
105	File	xxxxxxxx_xxxx.xxx	predictive	高
106	File	xxxx-xxx/xxxxxxxx.xxx	predictive	高
107	File	xxxxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	高
108	File	xxxxx/xxxxxxx/xxxxx/xxxxxx.xxx	predictive	高
109	File	xxxxxx_xxxxxxx-xxxxxx/xxxxxxxx/xxxxxxx/xxxxxx_xxxxxxxx.xxx	predictive	高
110	File	xxx_xxx.x	predictive	中
111	File	xxx_xxxxxxxx.x	predictive	高
112	File	xxxx-xxxxxxxx.xxx	predictive	高
113	File	xxxxx/xxxxxx/xxx.x	predictive	高
114	File	xxxxx/xxxxxx/xxxxx.x	predictive	高
115	File	xxxxx/xxxxxxxx.x	predictive	高
116	File	xxxxxx.xxx	predictive	中
117	File	xxxxxxxxxxx-xxxxxx/xxx/xxxxx/xxxx.xxx	predictive	高
118	File	xx-xxxxx.xxx	predictive	中
119	File	xxxx/xxxxx	predictive	中
120	File	xxxx.xx	predictive	低
121	File	xxxxxxxxxx-xxxxxx/xxx/xxxxx/xxxxxxx/xxxxx/xx/xxxxxxxxx.xx.xxx	predictive	高
122	Library	/xxx/xxx/xxxx/	predictive	高
123	Library	xxxxx.xxx	predictive	中
124	Library	xxx/xxx/xxxxxxx/xxxxxxx/xxxxx.xxxxxxx.xxx	predictive	高
125	Library	xxxxxxxx.xxx	predictive	中
126	Library	xxxxxx.xxx	predictive	中
127	Argument	$xxxx['xxx']	predictive	中
128	Argument	--xx xxx	predictive	中
129	Argument	xxxxxx	predictive	低
130	Argument	xxxxxxxxx	predictive	中
131	Argument	xxxxxxxxxxxx	predictive	中
132	Argument	xxxxxxxx	predictive	中
133	Argument	xxxxxxx	predictive	低
134	Argument	xxxxx	predictive	低
135	Argument	xxxxx_xx	predictive	中
136	Argument	xxxx	predictive	低
137	Argument	xxxxxxxx/xxxx/xxx/xxxxxxxxxxx/xxxxx	predictive	高
138	Argument	xxxxxx_xxx	predictive	中
139	Argument	xxxxxx.xxxx[]/xxxxxx.xxxxx[]	predictive	高
140	Argument	xxxxxxxxxxx	predictive	中
141	Argument	xx_xxxxx_xx	predictive	中
142	Argument	xxxx	predictive	低
143	Argument	xxxxxxxx	predictive	中
144	Argument	xxxxxxxx	predictive	中
145	Argument	xxxxxx[xxxxx][xxxxx][x][xxx]	predictive	高
146	Argument	xxx->xxx	predictive	中
147	Argument	xxx	predictive	低
148	Argument	xxxx	predictive	低
149	Argument	xx	predictive	低
150	Argument	xxxxxxxxxx	predictive	中
151	Argument	xxxxx_xxx	predictive	中
152	Argument	xxxx	predictive	低
153	Argument	xxx_xxx:xxxxxx	predictive	高
154	Argument	xxxxx_xx	predictive	中
155	Argument	xxxxx	predictive	低
156	Argument	xxxxxxxx	predictive	中
157	Argument	xxxxxxxxxxxxxx	predictive	高
158	Argument	xxxxxxxx_xxx	predictive	中
159	Argument	xxx	predictive	低
160	Argument	xxxxxxx	predictive	低
161	Argument	xxxxxxx	predictive	低
162	Argument	xxxxxxxxxxx	predictive	中
163	Argument	xx	predictive	低
164	Argument	xxxxxxx	predictive	低
165	Argument	xxxx	predictive	低
166	Argument	xxxxx_xxxx/xxxxx_xxxxxx/xxx_xxxx/xxx_xxxxxx/xxxxxxxx	predictive	高
167	Argument	xxxxxxxxxxxx	predictive	中
168	Argument	xxxxxxxx	predictive	中
169	Argument	xxxxxxxx	predictive	中
170	Argument	xxxxxxxx/xxxx	predictive	高
171	Argument	xxxxxxxx	predictive	中
172	Argument	xxxxxxxx/xxxxxxx_xxxx	predictive	高
173	Argument	xxxxxxxx/xxxxxxxx	predictive	高
174	Input Value	"><xxx xxx=x xxxxxxx=xxxxxx(x)>	predictive	高
175	Input Value	'xx''='	predictive	低
176	Input Value	-x+xxxxx+xxxxxx+x,x,xxxxxxx()	predictive	高
177	Input Value	..\/	predictive	低
178	Input Value	/xxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxx/x&xxxx;)"%xxxxxxxxx=xxxxx('xxx');%xxxxxxxxxxx%xxx='/xxxxxxxxx/xxxxxxxxxx/xxxxxxxxxx	predictive	高
179	Input Value	xxxx	predictive	低
180	Input Value	;[xxxxxxx]	predictive	中
181	Input Value	xxxx	predictive	低
182	Input Value	xxxxx!	predictive	低
183	Input Value	[\x]*	predictive	低
184	Network Port	xx	predictive	低
185	Network Port	xxxx	predictive	低
186	Network Port	xxx/xxxx	predictive	中
187	Network Port	xxx/xxxxx	predictive	中

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Do you know our Splunk app?

Download it now for free!