Tortilla 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (3)

时间轴

语言

it	2
en	2

国家/地区

it	2

演员

Meterpreter	1
Tortilla	1

活动

利益

时间轴

类型

Operating System	2
Automation Software	2

供应商

Linux	2
Delta Electronics	2

产品

Linux Kernel	2
Delta Electronics Delta Industrial Automation PMSo ...	2

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	Pablo Software Solutions Baby ASP Web Server 权限升级	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01352	0.00	CVE-2006-1391
2	Delta Electronics Delta Industrial Automation PMSoft 信息公开	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00547	0.00	CVE-2018-14824
3	Linux Kernel Kernel Memory Subsystem Dirty COW 竞争条件	7.8	7.4	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.87936	0.02	CVE-2016-5195

活动 (1)

These are the campaigns that can be associated with the actor:

Microsoft Exchange

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	Hostname	参与者	活动	Identified	类型	可信度
1	54.221.65.242	ec2-54-221-65-242.compute-1.amazonaws.com	Tortilla	Microsoft Exchange	2021-11-04	verified	中
2	XXX.XXX.XX.XXX	xxxx.xx	Xxxxxxxx	Xxxxxxxxx Xxxxxxxx	2021-11-04	verified	高
3	XXX.XXX.XX.XXX		Xxxxxxxx	Xxxxxxxxx Xxxxxxxx	2021-11-04	verified	高

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	漏洞	访问向量	类型	可信度
1	T1068	CWE-269	Execution with Unnecessary Privileges	predictive	高

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!