SharkBot 分析
IOB - Indicator of Behavior (407)
活动
利益
漏洞
IOC - Indicator of Compromise (64)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (20)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (125)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | 分类 | Indicator | 类型 | 可信度 |
---|---|---|---|---|
1 | File | %PROGRAMFILES(X86)%\Teradici\PCoIP.exe | predictive | 高 |
2 | File | /.vnc/sesman_${username}_passwd | predictive | 高 |
3 | File | /api/RecordingList/DownloadRecord?file= | predictive | 高 |
4 | File | /api/v2/cli/commands | predictive | 高 |
5 | File | /cgi-bin/supervisor/PwdGrp.cgi | predictive | 高 |
6 | File | /cgi/loginDefaultUser | predictive | 高 |
7 | File | /Duty/AjaxHandle/UpLoadFloodPlanFile.ashx | predictive | 高 |
8 | File | /mics/j_spring_security_check | predictive | 高 |
9 | File | /oauth/token | predictive | 中 |
10 | File | /opt/bin/cli | predictive | 中 |
11 | File | /rom-0 | predictive | 低 |
12 | File | /uncpath/ | predictive | 中 |
13 | File | /usr/local/WowzaStreamingEngine/bin/ | predictive | 高 |
14 | File | /video-sharing-script/watch-video.php | predictive | 高 |
15 | File | /wp-admin | predictive | 中 |
16 | File | /_xxxxx | predictive | 低 |
17 | File | /_xxxx | predictive | 低 |
18 | File | xxxxxxxxxxx.xxxx | predictive | 高 |
19 | File | xxx.x | predictive | 低 |
20 | File | xxxxxxx.xxx | predictive | 中 |
21 | File | xxx_xxxxxxx.xxx | predictive | 高 |
22 | File | xxxxx/xxxx_xxxxx_xxxx.xxx | predictive | 高 |
23 | File | xxxxx/xxxx/xxxxxxxxxxx/xxxxxxx.x | predictive | 高 |
24 | File | xx_xxxxxx_xxxxxxx.xxx | predictive | 高 |
25 | File | xxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
26 | File | xxxx/xxxxxxxxxxxx.xxx | predictive | 高 |
27 | File | xxxxx.xxx | predictive | 中 |
28 | File | xxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/ | predictive | 高 |
29 | File | xxxxxxx_xxx.xxx | predictive | 高 |
30 | File | xxxxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxxxxxx/xxxxxxxxxx.xxx | predictive | 高 |
31 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | 高 |
32 | File | xxxx\xxxxxx.xxx | predictive | 高 |
33 | File | xxxxxxxx.xxx | predictive | 中 |
34 | File | xxxxx.xxx | predictive | 中 |
35 | File | xxx/xxxxx/xxxxx.x | predictive | 高 |
36 | File | xxxxxxxxx/xx/xxxxxxxxxxxx.xxx | predictive | 高 |
37 | File | xxxx.xxx | predictive | 中 |
38 | File | xxxxxxxxxx/xxx/xxxx/xxxx/xxx/xxx/xxxxxx/xxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
39 | File | xxx/xxxxxx.xxx | predictive | 高 |
40 | File | xxx/xxxxxxxxxxx/xxxxxxx.xxx | predictive | 高 |
41 | File | xxxxxxxx/xxxxx-xx-xxxxxxxxx.xxx | predictive | 高 |
42 | File | xxxxxxxx/xxxxx_xxxxxx.xxx | predictive | 高 |
43 | File | xxxxxxxx/xxxxxx-xxxx-xxxxxxxxx-xxx | predictive | 高 |
44 | File | x_xxxxxxxx_xxxxx | predictive | 高 |
45 | File | xxxxx/xxx_xxxxxxxx | predictive | 高 |
46 | File | xxxxx/xxxxxxxxx | predictive | 高 |
47 | File | xxxxxxxxxxx/xxxxx.x | predictive | 高 |
48 | File | xxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
49 | File | xxxxx.xxx | predictive | 中 |
50 | File | xxxx.x | predictive | 低 |
51 | File | xxxx.xxx | predictive | 中 |
52 | File | xxxxxxxxxx.xxx?xxxxxx=xxxxxxx | predictive | 高 |
53 | File | xxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
54 | File | xxxxxxxxxxxx.xxxx | predictive | 高 |
55 | File | xxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxxx.xxx | predictive | 高 |
56 | File | xxx/xxxx/xxxxxxxxx/xx_xxx_xxxx_xxxxx_xxxx.x | predictive | 高 |
57 | File | xxxxx_xxxxxxxx.xxx | predictive | 高 |
58 | File | xxx/xxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxx.xxxx | predictive | 高 |
59 | File | xxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxx | predictive | 高 |
60 | File | xxxxxxx_xxxxxxx.xxx | predictive | 高 |
61 | File | xxxxxxxxxxxxx.x | predictive | 高 |
62 | File | xxxxx-xxxxxxxx-xxxxxxxxx.xxx | predictive | 高 |
63 | File | xxxxxxxx.xxx | predictive | 中 |
64 | File | xxxxx.xxx | predictive | 中 |
65 | File | xxxxxxxxxx.xxx | predictive | 高 |
66 | File | xxxxxxxx.xxx | predictive | 中 |
67 | File | xxxxxxxx.xxx | predictive | 中 |
68 | File | xxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxx | predictive | 高 |
69 | File | xxxxxxx.xxx | predictive | 中 |
70 | File | xxx_xxxxx_xxxxxxx.x | predictive | 高 |
71 | File | xxxxxx_xxxx.x | predictive | 高 |
72 | File | xxx.x | predictive | 低 |
73 | File | xxxx-xxxxxx.x | predictive | 高 |
74 | File | xxxx.xxx | predictive | 中 |
75 | File | xxxxxx/ | predictive | 低 |
76 | File | xxxx/xxxxxxxx/xxxxxxxx.xxxx | predictive | 高 |
77 | File | xxxx.xxx | predictive | 中 |
78 | File | xxxxxx.xxx | predictive | 中 |
79 | File | xx-xxxxx/xxxx-xxx-xxxx.xxx | predictive | 高 |
80 | File | xx-xxxxx/xxxxx.xxx | predictive | 高 |
81 | File | xx-xxxxxxxx/xxxxxxxxx.xxx | predictive | 高 |
82 | File | xxxxxxx.xxxx | predictive | 中 |
83 | File | xxxxxxxxxxxxx.xx | predictive | 高 |
84 | Argument | $xxxxx_xxxxxxxxxx | predictive | 高 |
85 | Argument | --xxxx=xxx | predictive | 中 |
86 | Argument | /.xxx/xxxxxx_${xxxxxxxx}_xxxxxx | predictive | 高 |
87 | Argument | xxxxxxxx | predictive | 中 |
88 | Argument | xxxxxxxx | predictive | 中 |
89 | Argument | xxxxxxxxxx | predictive | 中 |
90 | Argument | xxx | predictive | 低 |
91 | Argument | xxxx/xxxxx/xxxxx_xxxxxxxxxxx | predictive | 高 |
92 | Argument | xxxxxxx | predictive | 低 |
93 | Argument | xxxx_xxxx | predictive | 中 |
94 | Argument | xxxx | predictive | 低 |
95 | Argument | xxxxxxxxxxx | predictive | 中 |
96 | Argument | xxxx_xxxxxx_xxxxxxxxx | predictive | 高 |
97 | Argument | xxxxx | predictive | 低 |
98 | Argument | xxxx | predictive | 低 |
99 | Argument | xxxxxxxx | predictive | 中 |
100 | Argument | xxxxxxxx | predictive | 中 |
101 | Argument | xxx_xxxxx_xxxx_xxxxxxx | predictive | 高 |
102 | Argument | xx | predictive | 低 |
103 | Argument | xxxxxxxxx-xxxxxxx/xxxxxxxxx/xxxxxxxxxx | predictive | 高 |
104 | Argument | x_xxxxxxxx | predictive | 中 |
105 | Argument | x_xxxxxxxx | predictive | 中 |
106 | Argument | xxx | predictive | 低 |
107 | Argument | xxxx_xx | predictive | 低 |
108 | Argument | xxxx_xxxx | predictive | 中 |
109 | Argument | xxxxxxxx | predictive | 中 |
110 | Argument | xxx_xx_xxxx | predictive | 中 |
111 | Argument | xxxxxxxx | predictive | 中 |
112 | Argument | xxxxxxx | predictive | 低 |
113 | Argument | xxxxxx | predictive | 低 |
114 | Argument | xxxx | predictive | 低 |
115 | Argument | xxxxx_xxxx/xxxxx_xxxxxx/xxx_xxxx/xxx_xxxxxx/xxxxxxxx | predictive | 高 |
116 | Argument | xxxxxx | predictive | 低 |
117 | Argument | xxxxx | predictive | 低 |
118 | Argument | xxx | predictive | 低 |
119 | Argument | xxxx/xx/xxxx | predictive | 中 |
120 | Argument | xxxxxxxx | predictive | 中 |
121 | Argument | xxxxxxxx | predictive | 中 |
122 | Argument | _xxx_xxxxxxx_xxxxxxxxxxx_xxx_xxxxxxxx_xxxxxxx_xxxxxxxxxxxxxxxxxx_xxxxxxxx | predictive | 高 |
123 | Network Port | xxxx | predictive | 低 |
124 | Network Port | xxx/xx | predictive | 低 |
125 | Network Port | xxx xxxxxx xxxx | predictive | 高 |
参考 (4)
The following list contains external sources which discuss the actor and the associated activities: