Armageddon Analysis

IOB - Indicator of Behavior (48)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en46
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Magento8
Magento LTS4
Adobe Magento4
Nfec.de RechnungsZentrale2
OpenResty2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Magento Search Module sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000700.00CVE-2021-21024
2Magento code injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.003630.00CVE-2020-9585
3Magento File Upload unrestricted upload4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000850.04CVE-2020-24407
4Magento WebAPI os command injection4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.001680.03CVE-2021-21016
5Magento unrestricted upload4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.001200.00CVE-2021-21014
6OpenResty ngx.req.get_post_args sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.006370.05CVE-2018-9230
7Magento session expiration5.65.6$0-$5k$0-$5kNot DefinedNot Defined0.002710.00CVE-2021-21032
8Jumpserver API access control5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.002360.07CVE-2021-3169
9PbootCMS function.php parserIfLabel code injection8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.399540.04CVE-2022-32417
10Synacor Zimbra Collaboration Memcache Command injection6.36.0$0-$5k$0-$5kHighOfficial Fix0.096650.05CVE-2022-27924
11Synacor Zimbra Collaboration Suite Element Attribute injection5.55.3$0-$5k$0-$5kHighOfficial Fix0.019330.04CVE-2022-24682
12Google gson writeReplace deserialization6.66.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.002470.00CVE-2022-25647
13Nfec.de RechnungsZentrale authent.php4 sql injection5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.015130.05CVE-2006-1954
14Thruk Parameter cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000860.00CVE-2021-35489
15jeecg-boot CMS upload unrestricted upload5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.004810.06CVE-2020-28088
16Canvas LMS server-side request forgery6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001940.05CVE-2020-5775
17Magento Scheduled Operation Module os command injection4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.002060.00CVE-2021-21018
18Magento Product Layout Update xml injection4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000840.07CVE-2021-21025
19Magento LTS deserialization9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.004780.00CVE-2021-21426
20Magento LTS sql injection4.74.5$0-$5kCalculatingNot DefinedOfficial Fix0.000960.00CVE-2021-21427

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/jeecg-boot/sys/common/uploadpredictiveHigh
2File/thruk/#cgi-bin/extinfo.cgi?type=2predictiveHigh
3Filexxxxxxx.xxxxpredictiveMedium
4Filexxxxxxxx.xxxpredictiveMedium
5Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
6Filexxx/xxxxxxx.xpredictiveHigh
7Filexxxxxx.xpredictiveMedium
8Filexxxxxxx.xpredictiveMedium
9Filexxxxx/xxxxxxx/xxxxxxxx/xxxxx.xxx.xxxxpredictiveHigh
10Filexxx/xxx/xxxxxxxxx.xxxpredictiveHigh
11Argumentxxxx/xxxxxxx/xxxxxxxpredictiveHigh
12ArgumentxxxxxxxpredictiveLow
13Argumentxxxxxxxx_xxxxxxxpredictiveHigh
14ArgumentxxxxpredictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!