Cryptojacking attack analysis: RCE through vulnerable Apache
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Escape To Host - T1611 Event Triggered Execution - T1546 Javascript - T1059.007 Powershell - T1059.001 Python - T1059.006 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Exploit Public-Facing Application - T1190 Powershell - T1086 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 2cefcf29-9001-4096-b5d8-ba7914006efc
Fingerprint 2520c95305779fab
Analysis status DONE
Considered CTI value 2
Text language
Published May 14, 2023, 11:42 p.m.
Added to db May 15, 2023, 1:50 a.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Cryptojacking attack analysis: RCE through vulnerable Apache
Title Cryptojacking attack analysis: RCE through vulnerable Apache
Detected Hints/Tags/Attributes 53/2/14
Source URLs
Redirection Url
Details Source https://medium.com/@cristobaljm/crypto-miner-installation-attack-analysis-rce-via-apache-edition-dd49b0cb2440?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 122 
cve-2017-5638
Details Domain 339 
system.net
Details Domain 23 
os.name
Details Domain 138 
java.io
Details Domain 358 
pastebin.com
Details File 3 
wi.txt
Details File 16 
lang.sys
Details File 2125 
cmd.exe
Details File 153 
config.json
Details File 2 
javae.exe
Details IPv4 1 
1.209.47.241
Details IPv4 2 
175.118.126.65
Details MITRE ATT&CK Techniques 542 
T1190
Details MITRE ATT&CK Techniques 43 
T1546