Drupal Bug Exploited to Deliver Monero-Mining Malware
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Ssh - T1021.004 Vulnerabilities - T1588.006 Whois - T1596.002
Show in Graph
Common Information
Type Value
UUID 9f3fb2ae-0f20-4aa3-a6f4-e09a38398a8c
Fingerprint 8691091200f1fb47
Analysis status DONE
Considered CTI value 2
Text language
Published June 21, 2018, midnight
Added to db Oct. 15, 2024, 5:17 p.m.
Last updated Nov. 17, 2024, 12:58 p.m.
Headline Drupal Bug Exploited to Deliver Monero-Mining Malware
Title Drupal Bug Exploited to Deliver Monero-Mining Malware
Detected Hints/Tags/Attributes 51/2/13
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ca/research/18/f/drupal-vulnerability-cve-2018-7602-exploited-to-deliver-monero-mining-malware.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details CVE 17 
cve-2018-7602
Details CVE 56 
cve-2018-7600
Details CVE 90 
cve-2014-0160
Details CVE 57 
cve-2014-6271
Details CVE 3 
cve-2017-5674
Details CVE 1 
cve-2004-0113
Details Domain 1 
dvir.pid
Details File 1 
up.jpg
Details File 1 
df.php
Details sha256 1 
a1d8bfc17bf395742e4c8a81ca0ba352b998c1590ac2fb014aa23671b2ee6302
Details sha256 1 
89cdf303dc94e56dacc4e894d44c54845e4658a0dc5b32d50b0650a67f92d5b3
Details IPv4 3 
197.231.221.211
Details IPv4 1 
197.231.221.0