MOVEit Transfer Vulnerability (CVE-2023-34362) | Kroll
Tags
attack-pattern: Data Ip Addresses - T1590.005 Software - T1592.002 Web Shell - T1505.003 Tool - T1588.002 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID 7f86d963-4fb0-4156-9d64-dca7a91d03e3
Fingerprint 5cb109df0b201d25
Analysis status DONE
Considered CTI value 0
Text language
Published June 8, 2023, midnight
Added to db June 20, 2023, 1:43 p.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline Clop Ransomware Likely Sitting on MOVEit Transfer Vulnerability (CVE-2023-34362) Since 2021
Title MOVEit Transfer Vulnerability (CVE-2023-34362) | Kroll
Detected Hints/Tags/Attributes 32/1/12
Source URLs
Redirection Url
Details Source https://www.kroll.com/en/insights/publications/cyber/clop-ransomware-moveit-transfer-vulnerability-cve-2023-34362
URL Provider
Details Provider Source level domain
Details kroll.com www.kroll.com
Attributes
Details Type #Events CTI Value
Details CVE 244 
cve-2023-34362
Details File 36 
human2.aspx
Details File 13 
moveitisapi.dll
Details File 17 
guestaccess.aspx
Details IPv4 1 
92.51.2.10
Details IPv4 1 
92.118.36.112
Details IPv4 1 
92.118.36.233
Details IPv4 3 
45.129.137.232
Details IPv4 1 
92.118.36.123
Details IPv4 3 
92.118.36.210
Details IPv4 5 
92.118.36.213
Details IPv4 2 
92.118.36.249