ioc[.]one - OSINT Cyber Threat Intelligence Database

FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet - Check Point Research

Tags

cmtmf-attack-pattern:

Acquire Infrastructure Application Layer Protocol Command And Scripting Interpreter Compromise Infrastructure Event Triggered Execution Exploit Public-Facing Application Masquerading Network Denial Of Service Network Sniffing Resource Hijacking

attack-pattern:

Acquire Infrastructure Data Acquire Infrastructure - T1583 Adversary-In-The-Middle - T1557 Application Layer Protocol - T1437 Arp Cache Poisoning - T1557.002 Botnet - T1583.005 Botnet - T1584.005 Command And Scripting Interpreter - T1623 Compromise Infrastructure - T1584 Credentials - T1589.001 Direct Network Flood - T1498.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Event Triggered Execution - T1624 Event Triggered Execution - T1546 Exfiltration Over C2 Channel - T1646 Exploitation Of Remote Services - T1428 Exploit Public-Facing Application - T1377 Exploitation For Client Execution - T1658 Exploits - T1587.004 Exploits - T1588.005 File And Directory Permissions Modification - T1222 Network Denial Of Service - T1464 Linux And Mac File And Directory Permissions Modification - T1222.002 Local Data Staging - T1074.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Network Service Scanning - T1423 Network Denial Of Service - T1498 Network Devices - T1584.008 Python - T1059.006 Reflection Amplification - T1498.002 Resource Hijacking - T1496 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Unix Shell - T1059.004 Web Protocols - T1071.001 Web Protocols - T1437.001 Tool - T1588.002 Vulnerabilities - T1588.006 Unix Shell - T1623.001 .Bash_Profile And .Bashrc - T1156 Standard Application Layer Protocol - T1071 Brute Force - T1110 Command-Line Interface - T1059 Data Encoding - T1132 Data Obfuscation - T1001 Data Staged - T1074 Deobfuscate/Decode Files Or Information - T1140 Exfiltration Over Command And Control Channel - T1041 Exploit Public-Facing Application - T1190 Exploitation For Client Execution - T1203 Exploitation Of Remote Services - T1210 Masquerading - T1036 Network Service Scanning - T1046 Network Sniffing - T1040 Remote Services - T1021 Exploit Public-Facing Application Exploitation Of Remote Services Masquerading Network Service Scanning Network Sniffing

Show in Graph

Common Information

Type	Value
UUID	c15d70f8-68c3-4f75-8223-2bd6c75546c3
Fingerprint	9db1af93e03b2283
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 19, 2021, 10:58 a.m.
Added to db	Sept. 11, 2022, 12:46 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet
Title	FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet - Check Point Research
Detected Hints/Tags/Attributes	117/2/37

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

Attributes

Details	Type	#Events	Value
Details	CVE	9	cve-2020-28188
Details	CVE	5	cve-2021-3007
Details	CVE	19	cve-2020-7961
Details	Domain	2	out.py
Details	Domain	4	gxbrowser.net
Details	Domain	1	n3cr0m0rph.tc
Details	Domain	1	win32.n3cr0m0rph.tc
Details	Domain	2	kiwiirc.com
Details	File	2	makecvs.php
Details	File	1	out.py
Details	sha256	1	7c7273d0ac2aaba3116c3021530c1c868dc848b6fdd2aafa1deecac216131779
Details	sha256	1	05908f2a1325c130e3a877a32dfdf1c9596d156d031d0eaa54473fe342206a65
Details	sha256	1	ac4f2e74a7b90b772afb920f10b789415355451c79b3ed359ccad1976c1857a8
Details	MITRE ATT&CK Techniques	542	T1190
Details	MITRE ATT&CK Techniques	66	T1583
Details	MITRE ATT&CK Techniques	245	T1203
Details	MITRE ATT&CK Techniques	43	T1546
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	125	T1110
Details	MITRE ATT&CK Techniques	168	T1046
Details	MITRE ATT&CK Techniques	159	T1021
Details	MITRE ATT&CK Techniques	42	T1040
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	58	T1498
Details	MITRE ATT&CK Techniques	66	T1584
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	265	T1222
Details	MITRE ATT&CK Techniques	21	T1557
Details	MITRE ATT&CK Techniques	109	T1210
Details	MITRE ATT&CK Techniques	67	T1074
Details	MITRE ATT&CK Techniques	107	T1496
Details	MITRE ATT&CK Techniques	96	T1132
Details	MITRE ATT&CK Techniques	75	T1001
Details	Url	1	https://gxbrowser.net
Details	Url	1	http://gxbrowser.net
Details	Url	1	https://kiwiirc.com