【HVV情报】2024-07-30

公众号新规只对常读和星标的公众号才能展示大图推送，建议大家把公众号“night安全”设为星标，否则可能就看不到啦！

免责声明

night安全致力于分享技术学习和工具掌握。然而请注意不得将此用于任何未经授权的非法行为，请您严格遵守国家信息安全法律法规。任何违反法律、法规的行为，均与本人无关。如有侵权烦请告知，我们会立即删除并致歉。谢谢！

##2024你懂得##

内容部分信息已脱敏,复制文章内的关键词回复公众号获取今日情报详情。

情报详情获取方式：

回复：20240730-004

风险情报

深信服下一代防火墙NGAF存在任意

< AF 8.0.17

Raisecom智能网关list_base_config
mageMagick Applmage存在任意
Adobe Experience Manager存在
捷顺JieLink+智能终端操作平台
武汉地大信息工程股份有限公司基础信息平台
数字通 /portal/default/login前台
万户网络-ezOFFICE getAutoCode.jsp
泛微E-Bridge云桥存在任意
ampache 跨站

样本情报

样本主题：投稿驳回信息.zipSHA256: 32ea677617e4cbee388a834e2a6342d9d601ec48356be50d4c8c2c3db67c14deMD5: e53950c1f86d44408743530e9b089c66恶意软件：static-aliyun-xlsx.oss-cn-beijing.aliyuncs.com相关域名：www.cmgb3.cn:443、i-sign.oppo.cn攻击手法：域前置分析结论：CobaltStrike木马样本主题：系统异常报错信息.rarSHA256: 7491c286bd06a15b829bec938022893d632e6778941a5629ac070588d13aab7fMD5: f9e3370cf6a4f30b61168bfa5b4c6566恶意软件：qdhku1nf799589.oss-cn-nanjing.aliyuncs.com、aweqrk5raapli.oss-cn-shenzhen.aliyuncs.com相关IP和域名：120.39.196.238、120.39.196.236、119.84.129.230、119.84.129.233攻击手法：域前置分析结论：CobaltStrike木马样本主题：投保相关材料.zipSHA256: 28d418aff39495ff2520d5142f16c1b6031be2a3484745ae06316fe949f8f353MD5: fa2f3a7385b494735e75ddfacbcf214c恶意软件：yuntechmirror.oss-cn-hangzhou.aliyuncs.com相关IP和域名：118.212.144.100、123youke.com、www.turingmaker.com攻击手法：域前置分析结论：CobaltStrike木马样本主题：0802参会人名单.zipSHA256: 0eb68e7aee2f7e85db4f2292ef57e186ced64f5f37841822970b8eb5373123bcMD5: daaf5968b7d6fce7aa24f503be2619fb相关IP和域名：itaoxiang.cn攻击手法：域前置分析结论：CobaltStrike木马样本主题：**计算机本科简历.rarSHA256: 84a095015ec253526138e7f17c38570646d1612d7ea224cfb33afffc063fca91MD5: f8d269153273ea121a06c7b0b8b33e4dC2：106.15.234.11:8086分析结论：CobaltStrike木马

域名情报

itaoxiang.cnwww.turingmaker.com123youke.comwww.cmgb3.cn:443i-sign.oppo.cn

ip情报

45.148.10.195 146.190.105.44 91.92.249.244 172.212.59.78 59.183.100.78 58.221.60.130 111.205.62.207 172.212.60.227124.71.66.174124.70.211.143124.70.164.58124.71.219.2981.68.191.243175.178.210.19175.178.29.37175.178.154.59175.178.250.88150.158.51.66121.4.76.117182.32.160.1382.157.80.215119.13.89.13839.105.179.123117.50.192.90183.56.204.238161.35.225.11161.35.211.190193.134.210.42161.35.65.154119.28.162.232101.200.76.10649.233.45.87101.32.211.74101.43.111.168101.34.8.23198.12.116.17224.144.71.20943.136.96.90 104.155.226.151104.155.222.239104.154.159.56104.156.253.193124.71.9.138124.71.203.39124.70.11.157124.70.200.120124.70.92.104124.71.82.109118.24.60.18296.8.121.14535.92.34.19435.86.92.87120.36.84.152172.252.85.288.140.240.131139.159.157.112139.159.216.217104.153.208.174113.65.8.39223.74.10.227 101.35.198.64 62.234.180.14 131.186.19.21561.144.152.5849.232.8.22649.234.179.160101.133.131.69114.55.59.41114.55.237.182114.55.178.190114.55.66.235182.32.220.13913.215.155.69119.45.71.6119.45.181.1482.157.248.2640.83.120.159103.7.142.100143.64.21.5140.238.14.54119.3.51.7391.238.203.36101.200.151.200221.237.37.163112.26.45.27......