PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Model Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 |
Common Information
Type | Value |
---|---|
UUID | f1a2ce2d-71dd-4fc2-85f3-0992935c8b62 |
Fingerprint | 8c3934b19b4b9e8f |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 8, 2025, 5:35 a.m. |
Added to db | Jan. 8, 2025, 6:43 a.m. |
Last updated | Jan. 17, 2025, 12:06 p.m. |
Headline | PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner |
Title | PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner |
Detected Hints/Tags/Attributes | 21/2/10 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://gbhackers.com/php-vulnerability-packetcrypt-mining/ |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 125 | ✔ | GBHackers Security | #1 Globally Trusted Cyber Security News Platform | https://gbhackers.com/feed/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 66 | cve-2024-4577 |
|
Details | Domain | 1311 | any.run |
|
Details | File | 4 | dr0p.exe |
|
Details | File | 3 | pkt1.exe |
|
Details | File | 3 | packetcrypt.exe |
|
Details | File | 15 | php-cgi.exe |
|
Details | sha256 | 3 | e3d0c31608917c0d7184c220d2510848f6267952c38f86926b15fb53d07bd562 |
|
Details | sha256 | 3 | d078d8690446e831acc794ee2df5dfabcc5299493e7198993149e3c0c33ccb36 |
|
Details | sha256 | 3 | 717fe92a00ab25cae8a46265293e3d1f25b2326ecd31406e7a2821853c64d397 |
|
Details | IPv4 | 3 | 23.27.51.244 |