Inside ImageTragick: The Real Payloads Being Used to Hack Websites
Tags
| country: | Singapore |
| attack-pattern: | Ip Addresses - T1590.005 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | b67e5a19-0db8-4fad-9e22-e00f42e082dd |
| Fingerprint | 9cf39cd1c8272c95 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 9, 2016, 1:34 p.m. |
| Added to db | Jan. 18, 2023, 8:20 p.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | Inside ImageTragick: The Real Payloads Being Used to Hack Websites |
| Title | Inside ImageTragick: The Real Payloads Being Used to Hack Websites |
| Detected Hints/Tags/Attributes | 39/2/21 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 17 | cve-2016-3714 |
|
| Details | Domain | 1 | pre09.example.net |
|
| Details | Domain | 831 | example.com |
|
| Details | Domain | 1 | a0074942.example.com |
|
| Details | Domain | 54 | subprocess.call |
|
| Details | Domain | 1 | profile-photos.example.com |
|
| Details | File | 674 | node.js |
|
| Details | File | 1 | someting_by_nebezial-d5cdlor.jpg |
|
| Details | File | 32 | image.jpg |
|
| Details | File | 1 | sdfsdf.jpg |
|
| Details | File | 3 | x.py |
|
| Details | File | 2 | a.py |
|
| Details | File | 1 | xtralarge.png |
|
| Details | IPv4 | 1441 | 127.0.0.1 |
|
| Details | IPv4 | 45 | 127.0.0.0 |
|
| Details | Url | 1 | https://pre09.example.net/15bd/th/pre/f/2012/237/c/7/all_work_and_no_something |
|
| Details | Url | 1 | https://127.0.0.1/image.jpg |
|
| Details | Url | 1 | https://127.0.0.0/sdfsdf.jpg |
|
| Details | Url | 2 | https://example.com/image.jpg |
|
| Details | Url | 1 | http://example.com/x.py |
|
| Details | Url | 1 | https://profile-photos.example.com/production/000/003/658/b4eb8_ |