ioc[.]one - OSINT Cyber Threat Intelligence Database

Apache Struts 2 Vulnerability (CVE-2018-11776) Exploited in CroniX Crypto-Mining Campaign

Tags

country:	Palau Russia
attack-pattern:	Cron - T1053.003 Dns - T1071.004 Dns - T1590.002 Exploits - T1587.004 Exploits - T1588.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Tool - T1588.002 Vulnerabilities - T1588.006 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	549069f3-8621-4354-a6ff-a10d72211542
Fingerprint	ac05addb2c372685
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 4, 2018, 4 a.m.
Added to db	Nov. 9, 2023, 12:03 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	Apache Struts 2 Vulnerability (CVE-2018-11776) Exploited in CroniX Crypto-Mining Campaign
Title	Apache Struts 2 Vulnerability (CVE-2018-11776) Exploited in CroniX Crypto-Mining Campaign
Detected Hints/Tags/Attributes	43/2/8

Source URLs

	Redirection	Url
Details	Source	https://www.f5.com/labs/articles/threat-intelligence/apache-struts-2-vulnerability--cve-2018-11776--exploited-in-cron

URL Provider

Details	Provider	Source level domain
Details	f5.com	www.f5.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	308	✔	F5 Labs Threats	https://www.f5.com/labs/rss-feeds/threats.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	26		cve-2018-11776
Details	CVE	122		cve-2017-5638
Details	CVE	11		cve-2017-1000353
Details	Domain	18		update.sh
Details	Domain	358		pastebin.com
Details	Domain	11		eu.minerpool.pw
Details	Domain	51		reg.ru
Details	Url	2		https://pastebin.com/jrergp1u