xmrig.ELF 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (6)

时间轴

语言

en4
zh2

国家/地区

cn6

演员

xmrig.ELF1

活动

利益

时间轴

类型

Not Defined2
Programming Language Software2
Anti-Malware Software2

供应商

Not Defined4
Microsoft2

产品

ThinkAdmin2
PHP2
Microsoft Malware Protection Engine2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1Dell SonicWall Secure Remote Access Appliance editBookmark 跨网站请求伪造6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.018020.00CVE-2015-2248
2JIRA picker Username 权限升级5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.003790.02CVE-2019-3403
3PHP mysqli_real_escape_string 内存损坏8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.009320.04CVE-2017-9120
4Microsoft Malware Protection Engine Remote Code Execution8.37.3$25k-$100k$0-$5kUnprovenOfficial Fix0.050220.00CVE-2021-31985
5Jansson JSON Parser json_loads 信息公开3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.001580.00CVE-2020-36325
6ThinkAdmin 目录遍历7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.967110.00CVE-2020-25540

活动 (1)

These are the campaigns that can be associated with the actor:

  • Log4Shell

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
1129.226.180.53xmrig.ELFLog4Shell2022-02-09verified

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22Path Traversalpredictive
2TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive

IOA - Indicator of Attack (2)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/cgi-bin/editBookmarkpredictive
2File/xxxx/xxx/x/xxxx/xxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Do you know our Splunk app?

Download it now for free!