Sagent 分析
IOB - Indicator of Behavior (437)
活动
利益
漏洞
IOC - Indicator of Compromise (64)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (20)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (164)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | 分类 | Indicator | 类型 | 可信度 |
---|---|---|---|---|
1 | File | .htaccess | predictive | 中 |
2 | File | /dev/dri/card1 | predictive | 高 |
3 | File | /forum/away.php | predictive | 高 |
4 | File | /integrations.json | predictive | 高 |
5 | File | /login/bin/set_param | predictive | 高 |
6 | File | /mims/app/addcustomerHandler.php | predictive | 高 |
7 | File | /nidp/app/login | predictive | 高 |
8 | File | /scripts/unlock_tasks.php | predictive | 高 |
9 | File | /uncpath/ | predictive | 中 |
10 | File | /webconsole/APIController | predictive | 高 |
11 | File | 1.user.php | predictive | 中 |
12 | File | adclick.php | predictive | 中 |
13 | File | admin.jcomments.php | predictive | 高 |
14 | File | admin/batch_manager_unit.php | predictive | 高 |
15 | File | admin/index.php | predictive | 高 |
16 | File | admin/user.php?form=update_f&user_name | predictive | 高 |
17 | File | admincp.php | predictive | 中 |
18 | File | ajaxServerSettingsChk.php | predictive | 高 |
19 | File | app/system/language/admin/language_general.class.php | predictive | 高 |
20 | File | xxx/xxxxxx/xxxxxxx/xxxxx/xxxxxxx_xxxxx.xxxxx.xxx | predictive | 高 |
21 | File | xxxxxx/xx/xxxxxx.xxxxxxxxxx.xxxxxxx.xx | predictive | 高 |
22 | File | xx-xxxxxx/xxxxxxxx.xxxxx.xxx | predictive | 高 |
23 | File | xxxxxxxxx.xxx | predictive | 高 |
24 | File | xxxxxxxxxxxxxx.xxx | predictive | 高 |
25 | File | xxxxxxxxxx.x | predictive | 中 |
26 | File | xxxxxxxxxx.xxx | predictive | 高 |
27 | File | xxxxxx.xxx | predictive | 中 |
28 | File | xxxxxxxxxxxxx.xxxx | predictive | 高 |
29 | File | xxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/ | predictive | 高 |
30 | File | xxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/ | predictive | 高 |
31 | File | xxxxxxx/xxxxx-xxxx-xxx/xxxxx-xxxx-xxx.x | predictive | 高 |
32 | File | xxxxxx/xxxxxxx | predictive | 高 |
33 | File | xxxxxx/xxxxxx/xxx_xxxx.x | predictive | 高 |
34 | File | xxxxxxxxxxxx.xxx | predictive | 高 |
35 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | 高 |
36 | File | xxxxxxx.xxx | predictive | 中 |
37 | File | xxxxxx_xxxxxxx.xxx | predictive | 高 |
38 | File | xxx_xxxxxx_xxxx_xxxxxx.x | predictive | 高 |
39 | File | xxxxxx.xxx | predictive | 中 |
40 | File | xxxxxxxx.xxx | predictive | 中 |
41 | File | xxxxxxxxxx.xxx | predictive | 高 |
42 | File | xxxxxxxxx_xxxxxx.xxx | predictive | 高 |
43 | File | xxxxxxxxx_xxxx.xxx | predictive | 高 |
44 | File | xxxx.xxx | predictive | 中 |
45 | File | xxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
46 | File | xxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
47 | File | xxxxxx.xxx | predictive | 中 |
48 | File | xxx_xxxx.x | predictive | 中 |
49 | File | xxxxxxxxxx/xxxxxxx.xxxx | predictive | 高 |
50 | File | xxxx.xxx | predictive | 中 |
51 | File | xxx/xxxxxxxxx-xxxxx.xxx | predictive | 高 |
52 | File | xxx/xxxxxx.xxx | predictive | 高 |
53 | File | xxxxxxxx/xxx/xxx_xxxxxxx.xxx | predictive | 高 |
54 | File | xxxxx.xxx | predictive | 中 |
55 | File | xxxx.xxx | predictive | 中 |
56 | File | xxxx.xxxxxx | predictive | 中 |
57 | File | xxxxx.xxxxx.xxxx.xxxxx.xxxxxxxxxxxx.xxxxxxxxxxx | predictive | 高 |
58 | File | xxx/xxx | predictive | 低 |
59 | File | xxxxx_xxxxx_xxxx.x | predictive | 高 |
60 | File | xx.xxx | predictive | 低 |
61 | File | xxxxxxxx.xxx | predictive | 中 |
62 | File | xxxxxxx.xxx | predictive | 中 |
63 | File | xxxxxxxxxx/xxx.x | predictive | 高 |
64 | File | xxxxxxx_xxxxxxxxx_xxxxx.x | predictive | 高 |
65 | File | xxxxxx_xxxxxxxx_xxxxxxxxxxx.x | predictive | 高 |
66 | File | xxxxxxx/xxxxxxxx_xxxxx.xxx | predictive | 高 |
67 | File | xxxxxxx/xxxxx/xx/xxxxxx.xxxxx.xxx | predictive | 高 |
68 | File | xxxxx.xxx | predictive | 中 |
69 | File | xxxxxxxxxx.xxx | predictive | 高 |
70 | File | xxxxx_x.xx | predictive | 中 |
71 | File | xxxxxx.xxx | predictive | 中 |
72 | File | xxxxxxx/xxx.xxx | predictive | 高 |
73 | File | xxx/xxx/xxx_xxxxxx.x | predictive | 高 |
74 | File | xxx/xxxx/xxx.x | predictive | 高 |
75 | File | xxx_xxx_xxx.xx | predictive | 高 |
76 | File | xxx/xxxx/xxxxx/xxxxxxx.xx | predictive | 高 |
77 | File | xxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
78 | File | xxxxx/xxxxxxx/ | predictive | 高 |
79 | File | xxxxxxxxx.xxx | predictive | 高 |
80 | File | xxxxxxxxxxxxxxxx.xxx | predictive | 高 |
81 | File | xxxxxxx.xxx | predictive | 中 |
82 | File | xxxxx_xxxxxxxx_xx.xx | predictive | 高 |
83 | File | xxxxxxxxxx.x | predictive | 中 |
84 | File | xxxxx.xxx | predictive | 中 |
85 | File | xxxxxxxx.xxx | predictive | 中 |
86 | File | xxx_xxxx.x | predictive | 中 |
87 | File | xx.xxx | predictive | 低 |
88 | File | xx_xxx.xx | predictive | 中 |
89 | File | xxxxxx.xxxx.xxx | predictive | 高 |
90 | File | xxxxxxxxxxx_xxxxx.xxx | predictive | 高 |
91 | File | xxxxxxxx_xxxxxxxxxxxxx_xxxxx.xxx | predictive | 高 |
92 | File | xxxx-xxxx-xxxx.x | predictive | 高 |
93 | File | xxxx/xxxx | predictive | 中 |
94 | File | xxxxx/ | predictive | 低 |
95 | File | xxxxxx.xxx | predictive | 中 |
96 | File | xxxx.x | predictive | 低 |
97 | File | xxx_xxxxxxxx.xxx | predictive | 高 |
98 | File | xxxxxxxxx | predictive | 中 |
99 | File | xxxxxx.xxx | predictive | 中 |
100 | File | ~/xxxxxxxx-xxxxxxxx.xxx | predictive | 高 |
101 | Library | xxxxxx.xxx | predictive | 中 |
102 | Library | xxxxxx.xxxxxxxxx.xxxxxxx.xxxxx_xxxxx.xxx | predictive | 高 |
103 | Library | xxxxxxxxx.xxxxx.xxxxx.xxxxxx.xxxxxx.xxxxxxxx.xxx | predictive | 高 |
104 | Library | xxx/xxxxxxx.xx | predictive | 高 |
105 | Library | xxxxxx.xxx | predictive | 中 |
106 | Library | xxxxxxx.xxx | predictive | 中 |
107 | Library | xxx/xx_xxx.x | predictive | 中 |
108 | Library | xxxx.xxx | predictive | 中 |
109 | Argument | xxxxxx-xxxxxxxx | predictive | 高 |
110 | Argument | xxxxx | predictive | 低 |
111 | Argument | xxxxxxxxx | predictive | 中 |
112 | Argument | xxxxx | predictive | 低 |
113 | Argument | xxxxxxxx | predictive | 中 |
114 | Argument | xxxx/xxxxxx/xxxxxx/xxxx/xxxxxxx/xxxxxxxxx | predictive | 高 |
115 | Argument | xxxxxxxxxx | predictive | 中 |
116 | Argument | xxxxxxx | predictive | 低 |
117 | Argument | xxxxxx | predictive | 低 |
118 | Argument | xxx | predictive | 低 |
119 | Argument | xxxxxxxxxx | predictive | 中 |
120 | Argument | xxxxx | predictive | 低 |
121 | Argument | xx_xxxx | predictive | 低 |
122 | Argument | xxxx | predictive | 低 |
123 | Argument | xxxx_xxxx_xx | predictive | 中 |
124 | Argument | xxxxxxx_xxx | predictive | 中 |
125 | Argument | xxxxxxxxx | predictive | 中 |
126 | Argument | xxxxxxxxxx_xxxx | predictive | 高 |
127 | Argument | xxxx | predictive | 低 |
128 | Argument | xxxxx_xxxx | predictive | 中 |
129 | Argument | xxxxx_xxxx/xxxxxx_xxxx/xxxxxxx | predictive | 高 |
130 | Argument | xx | predictive | 低 |
131 | Argument | xxxx | predictive | 低 |
132 | Argument | xx | predictive | 低 |
133 | Argument | xxxxx[xxxxx][xx] | predictive | 高 |
134 | Argument | xxxx_xx | predictive | 低 |
135 | Argument | xxx | predictive | 低 |
136 | Argument | xxxx | predictive | 低 |
137 | Argument | xxxx xxxx | predictive | 中 |
138 | Argument | xxxx | predictive | 低 |
139 | Argument | xxxxx | predictive | 低 |
140 | Argument | xxxxx | predictive | 低 |
141 | Argument | xxxx | predictive | 低 |
142 | Argument | xxxxx | predictive | 低 |
143 | Argument | xxxxxxxxx | predictive | 中 |
144 | Argument | xxxxxxxx | predictive | 中 |
145 | Argument | xxxxxxxx | predictive | 中 |
146 | Argument | xxxxxxxxx | predictive | 中 |
147 | Argument | xxxxxx | predictive | 低 |
148 | Argument | xxxxxxxxx | predictive | 中 |
149 | Argument | xxxx | predictive | 低 |
150 | Argument | xxxx | predictive | 低 |
151 | Argument | xxxxx | predictive | 低 |
152 | Argument | xxxxxxxxxxxxxxxxx | predictive | 高 |
153 | Argument | xxx | predictive | 低 |
154 | Argument | xxxxxxxx | predictive | 中 |
155 | Argument | xxxxxxxx/xxxx xxxx/xxxxx | predictive | 高 |
156 | Argument | xxxxxxxxxxxxxxxxxx=xxxx:/xxxxxxxxx:xxxx/xxxxxxxxxxxxx/ | predictive | 高 |
157 | Argument | x-xxxxxxxxx-xxx | predictive | 高 |
158 | Argument | x-xxxxxxxxx-xxx | predictive | 高 |
159 | Argument | xxx_xxxxxx/xxx_xxxxxxxx | predictive | 高 |
160 | Argument | xxxx | predictive | 低 |
161 | Input Value | /%xx/ | predictive | 低 |
162 | Input Value | xxxxxxxxx/xxxxxxxxx | predictive | 高 |
163 | Pattern | |xx xx xx| | predictive | 中 |
164 | Network Port | xxx/xxx | predictive | 低 |
参考 (8)
The following list contains external sources which discuss the actor and the associated activities:
- https://blog.talosintelligence.com/2018/09/threat-roundup-0921-0928.html
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxxxx.xxx/xxxxx/xxxxx_xxxxxx_xxxxxxxxxxxx/xxxx/xxxx/xxxxxx/xxxxxx