Anatsa Analysis

IOB - Indicator of Behavior (27)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en14
de6
ru4
zh2
ja2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows4
TP-LINK Archer C52
Google Android2
Squid Proxy2
Laravel2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Check Point Quantum Gateway/Spark Gateway/CloudGuard Network Remote Access VPN information disclosure6.46.4$0-$5k$0-$5kHighNot Defined0.945040.83CVE-2024-24919
2Google Android Privilege Escalation7.67.5$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001030.05CVE-2021-0877
3Google Android use after free5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2023-21042
4Microsoft Windows Online Certificate Status Protocol SnapIn Remote Code Execution8.17.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.001200.05CVE-2023-35313
5Google Chrome V8 out-of-bounds write7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000800.04CVE-2024-0517
6GitHub Enterprise Server API information disclosure3.93.8$0-$5k$0-$5kNot DefinedOfficial Fix0.001110.00CVE-2022-46257
7Pallets Werkzeug Debugger tbtools.py render_full cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001830.04CVE-2016-10516
8Zyxel ATP/USG FLEX/VPN CGI Program unknown vulnerability5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000770.00CVE-2023-22918
9Apache OpenOffice Calc command injection7.36.4$5k-$25k$0-$5kUnprovenOfficial Fix0.006020.00CVE-2014-3524
10Microsoft Windows Kerberos Remote Code Execution8.17.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.003100.02CVE-2023-28244
11OpenVPN Access Server Authentication Token unusual condition4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.002020.00CVE-2020-36382
12V3chat V3 Chat Profiles Dating Script improper authentication7.37.3$0-$5k$0-$5kHighUnavailable0.016850.00CVE-2008-5784
13Vesta Control Panel/myVesta UploadHandler.php unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedOfficial Fix0.022980.00CVE-2021-28379
14USAA Mobile Banking Screen Cache information disclosure3.33.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001160.00CVE-2015-1314
15JAI-EXT Janino code injection8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.821700.00CVE-2022-24816
16Swagger UI URL information disclosure4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002650.05CVE-2018-25031
17John G. Myers mpack munpack memory corruption7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.012030.00CVE-2002-1424
18Squid Proxy HTTP Header crlf injection5.44.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.002480.00CVE-2015-0881
19WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.004670.09CVE-2022-21664
20Microsoft Exchange Server PowerShell ProxyNotShell Privilege Escalation7.77.3$5k-$25k$0-$5kHighOfficial Fix0.186100.08CVE-2022-41082

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1FileCalcpredictiveLow
2Filedebug/tbtools.pypredictiveHigh
3Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
4Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
5Libraryxxxxxx.xxxpredictiveMedium
6Argumentxxx_xxx_xxxxxxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!