公众号新规只对常读和星标的公众号才能展示大图推送,建议大家把公众号“night安全”设为星标,否则可能就看不到啦!
免责声明
night安全致力于分享技术学习和工具掌握。然而请注意不得将此用于任何未经授权的非法行为,请您严格遵守国家信息安全法律法规。任何违反法律、法规的行为,均与本人无关。如有侵权烦请告知,我们会立即删除并致歉。谢谢!
##2024你懂得##
内容部分信息已脱敏,复制文章内的关键词回复公众号获取今日风险情报以及ip情报,样本域名情报以及吃瓜娱乐请看文章。
有粉丝回复换个网盘,从本文章开始会将情报上传到百度和阿里两个网盘中,大家自行选择。
情报详情获取方式:
回复:HW20240731
风险情报
【网传0Day】 H3C-CASH3C路由器userLogin.aspLiveBOS Uploadlmage.do证书查询系统甄云 SRM 云平台热网无线监测系统frmSaveChartImage用友畅捷通-TPlus系统Ufida.T.SM.UIP.ashx用友U8 Cloud MeasQueryConditionFrameAction用友U8 Cloud linkntbLiveBOS Upload****.dopanabit日志审计系统sprog_upstatusQuicklancer存在KubePi存在JWT tokenEKing-管理易FileUpload.ihtm存在SpringBlade后台框架menu/list存在达梦数据库laravel v11.x PHPDlink-820LW存在TELNET服务Dlink-860L存在TELNET服务因酷教育平台方天云智慧平台系统GetCompanyIte方天云智慧平台系统Upload.ashx泛微ecology系统ecology_dev.zip用友时空KSOA系统存在多个ClusterControl存在万户ezOFFICE协同管理平台getAutoCode.jsp微信发卡小程序存在JeecgBoot-企业级低代码平台
样本情报
样本主题:FEE9D2B13985879BA348080A9BF4E6F1SHA256:eb552b17b3978ef35b096bd2c1a778d04f883a7b1f6510038549651e147e2e73MD5:fee9d2b13985879ba348080a9bf4e6f1SHA1:faa5910a7cfe61860e799720fdff2f37b56c8017相关ip:27.106.123.108攻击手法:木马样本主题:1_登录问题反馈.zipSHA256: abc7a9aab22e1f766e77cd4cdc2b3425426cd0d3d3d5bc730fa72ae02b115a5dMD5: 71b19faded5ec9998e758a8408040d1c相关IP和域名:180.163.146.83、112.19.11.240、121.29.38.228、118.180.56.23358.218.215.171、111.12.25.241、223.111.24.109、itaoxiang.cn攻击手法:域前置分析结论:CobaltStrike木马样本主题:20240739人员名单信息.rarSHA256: 84f8e88566266fe215b9c4b4819dc48bb0ef8f0cfcad6ab57436f3d50e4e1a5dMD5: 3b509bcd6a5fb2dca02e1a9597b0a33eC2:123.207.74.22:11443攻击手法:原版CobaltStrike分析结论:CobaltStrike木马样本主题:杭州**会计师事务所——工作需求问题汇总.exeSHA256: 0f5296f5e75fcf0d0fe0ce0d5d70d1e8ad92765c37b5174a93ddde2073c7b97bMD5: f3312f78b85d9edbc4e19dc61e17fe73相关IP和域名:42.81.215.200、119.0.107.231、124.225.127.200、124.225.127.202 124.225.45.224、50.242.56.252、218.77.199.228、myhuaweicloud.com攻击手法:域前置分析结论:CobaltStrike木马样本主题:病毒样本.exeSHA256: d684b9bead9e82fb1810f069e1d5bfb7d87f1cfaa98acaee25c93217aa0760cbMD5: 98a44fd3336696a7514afa248e1b7b6cC2:154.12.88.29:1234攻击手法:域前置分析结论:CobaltStrike木马样本主题:异常登录处理指引 2.zipSHA256: c3d84f86b7b0c2964520a2bf284be2b7b5a04821634acfdefcecc7c3961b04c7MD5: 27e28278095f29a8abc2e0b8e941e40d恶意软件:yuntechmirror.oss-cn-hangzhou.aliyuncs.com相关IP和域名:118.212.144.100、123youke.com、www.turingmaker.com攻击手法:域前置分析结论:CobaltStrike木马
域名情报
123youke.comwww.turingmaker.comitaoxiang.cn
ip情报
47.98.177.252121.41.224.186150.109.204.187121.41.168.2245.66.35.22117.162.138.199171.121.37.5335.178.82.113117.233.152.21692.118.39.100138.185.143.23192.109.206.11590.154.100.10977.243.118.197212.164.59.146192.109.206.12262.122.96.124218.7.209.43126.4.240.245117.215.217.13742.7.221.15124.95.40.64170.64.161.133182.240.20.47175.30.69.15737.252.66.188177.221.181.31177.221.181.31123.141.81.101111.85.248.102134.122.70.11113.24.167.66179.56.3.217161.35.58.177145.224.73.58117.243.84.4565.76.237.12142.236.218.101132.145.95.32182.92.100.2478.134.99.19420.163.177.24814.42.237.46116.55.178.12927.72.77.16692.63.206.71207.6.130.19058.71.218.164183.164.44.14538.207.164.8638.207.165.52175.178.6.226147.78.247.19764.69.32.42106.225.185.249167.94.138.7727.215.47.3536.93.240.7545.79.130.861.183.89.4682.157.13.184107.175.2.47107.175.206.101107.172.25.150112.74.94.239139.224.31.118124.156.239.98193.36.183.250223.199.188.133101.206.204.142111.39.248.13845.235.10.200114.226.69.24221.228.150.183182.91.195.65111.19.135.153190.107.186.18458.47.66.228116.136.165.4124.220.94.35 中国 上海市 上海市122.51.5.252 中国 上海市 上海市101.43.27.241 中国 上海市 上海市
吃瓜娱乐
推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
还没有评论,来说两句吧...