Autoit Analysis

IOB - Indicator of Behavior (468)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en432
de10
jp8
ar6
es6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us50
de44
io42
la6
gg2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome8
Google Android6
Qualcomm Snapdragon Auto6
Qualcomm Snapdragon Compute6
Qualcomm Snapdragon Connectivity6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2Cisco IOS XE IP SLA Responder state issue6.96.6$5k-$25k$5k-$25kNot DefinedOfficial Fix0.040.01055CVE-2020-3422
3Gempar Script Toko Online shop_display_products.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.00986CVE-2009-0296
4Google Android NFC out-of-bounds3.83.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.01156CVE-2020-0281
5Huawei AR3200 SCTP Message integer overflow6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.020.01055CVE-2017-15344
6Nextcloud Desktop Client code injection5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2020-8140
7unrar integer overflow8.57.7$25k-$100kCalculatingProof-of-ConceptOfficial Fix0.010.03910CVE-2012-6706
8QNAP QTS Video Station cross site scripting3.73.7$0-$5kCalculatingNot DefinedNot Defined0.030.01055CVE-2019-7184
9Forma LMS ajax.server.php sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2019-5111
10shadowsocks-libev ss-manager missing authentication6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01365CVE-2019-5164
11shadowsocks-libev UDPRelay missing authentication5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.010.00954CVE-2019-5163
12AccuSoft ImageGear igcore19d.dll out-of-bounds write8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.020.01156CVE-2019-5133
13AccuSoft ImageGear GEM Raster Parser igcore19d.dll out-of-bounds write8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.010.01156CVE-2019-5132
14Forma LMS ajax.server.php sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2019-5112
15Cameron Hamilton-Rich axTLS TLS Handshake tls1.c process_certificate buffer overflow7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.040.01018CVE-2019-9689
16Autodesk FBX Software Development Kit FBX File buffer overflow7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2019-7366
17Autodesk Desktop Application DLL Loader untrusted search path6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.050.01036CVE-2019-7365
18OpenResty ngx.req.get_post_args sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01055CVE-2018-9230
19PRTG Network Monitor login.htm access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.09029CVE-2018-19410
20Apache Pulsar TLS certificate validation4.84.8$5k-$25k$5k-$25kNot DefinedNot Defined0.040.00885CVE-2022-33681

IOC - Indicator of Compromise (42)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.206.225.104hosted-by.blazingfast.ioAutoitverifiedHigh
28.248.165.254AutoitverifiedHigh
38.249.217.254AutoitverifiedHigh
48.253.131.121AutoitverifiedHigh
513.56.128.67screenconnect.medsphere.comAutoitverifiedHigh
623.3.13.88a23-3-13-88.deploy.static.akamaitechnologies.comAutoitverifiedHigh
723.3.13.154a23-3-13-154.deploy.static.akamaitechnologies.comAutoitverifiedHigh
823.63.245.19a23-63-245-19.deploy.static.akamaitechnologies.comAutoitverifiedHigh
923.63.245.50a23-63-245-50.deploy.static.akamaitechnologies.comAutoitverifiedHigh
10XX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
11XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxverifiedMedium
12XX.XX.XXX.XXXXxxxxxverifiedHigh
13XX.XXX.XXX.XXXxxxxxxxxx.xxxXxxxxxverifiedHigh
14XX.XX.XX.XXXXxxxxxverifiedHigh
15XX.XXX.XXX.Xxxxxxx.xxxxxxxxxxx.xxXxxxxxverifiedHigh
16XXX.XX.X.XXXXxxxxxverifiedHigh
17XXX.XX.X.XXXXxxxxxverifiedHigh
18XXX.XX.X.XXXXxxxxxverifiedHigh
19XXX.XX.XX.XXXXxxxxxverifiedHigh
20XXX.XX.XX.XXXXxxxxxverifiedHigh
21XXX.XX.XX.XXXXxxxxxverifiedHigh
22XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxverifiedHigh
23XXX.XXX.XX.XXxxxxx.xxxxxxx.xxXxxxxxverifiedHigh
24XXX.XX.XX.XXXXxxxxxverifiedHigh
25XXX.XXX.X.XXXXxxxxxverifiedHigh
26XXX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxverifiedHigh
27XXX.XXX.XX.XXXXxxxxxverifiedHigh
28XXX.XX.XX.XXXxxxxxverifiedHigh
29XXX.XX.XXX.XXXxxxxxverifiedHigh
30XXX.XX.XXX.XXXXxxxxxverifiedHigh
31XXX.XX.XXX.XXXXxxxxxverifiedHigh
32XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxxverifiedHigh
33XXX.XX.XXX.XXXxxxxxverifiedHigh
34XXX.XX.XXX.XXXXxxxxxverifiedHigh
35XXX.X.XXX.XXxxxxxxx.xxxx.xxxXxxxxxverifiedHigh
36XXX.XX.XXX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxverifiedHigh
37XXX.XXX.XXX.XXxxxxx.xxxxxxxxxx.xxXxxxxxverifiedHigh
38XXX.XXX.XX.XXxxx.xxxxxXxxxxxverifiedHigh
39XXX.XX.XXX.XXXXxxxxxverifiedHigh
40XXX.XXX.XXX.XXxxxx.xxxxx.xxxXxxxxxverifiedHigh
41XXX.XXX.XX.XXxxxxxxx-xxx.xxxxxx.xxxXxxxxxverifiedHigh
42XXX.XXX.XXX.XXXXxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (188)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/appLms/ajax.server.phppredictiveHigh
2File/apps/predictiveLow
3File/etc/shadowpredictiveMedium
4File/mgmt/tm/util/bashpredictiveHigh
5File/ofrs/admin/?page=reportspredictiveHigh
6File/onlineordering/GPST/store/initiateorder.phppredictiveHigh
7File/products/details.asppredictiveHigh
8File/public/login.htmpredictiveHigh
9File/RPC2predictiveLow
10File/ruppredictiveLow
11File/var/hnap/timestamppredictiveHigh
12Fileadmin.color.phppredictiveHigh
13Fileadmin.phppredictiveMedium
14Fileadmin/admin_login.phppredictiveHigh
15Fileadmin/index.php?page=manage_carpredictiveHigh
16Fileadmin/media.phppredictiveHigh
17Fileadmin_events.phppredictiveHigh
18Fileaffich.phppredictiveMedium
19FileAp4StscAtom.cpppredictiveHigh
20FileAp4StssAtom.cpppredictiveHigh
21FileAp4StszAtom.cpppredictiveHigh
22Filexxx/xxxxxxxx.xxx?xxxxxx=xxxxxxxx_xxxxxx&xxxxxx=xxxxxxxxxxxxxpredictiveHigh
23Filexxx\xxxxxxxx\xxxxxxx_xxxx.xxxpredictiveHigh
24Filexxxxx_xxxx.xpredictiveMedium
25Filexxxx-xxxx.xpredictiveMedium
26Filexxxx.xxxpredictiveMedium
27Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
28Filexxxxxxxxxx(/xxx/xxxxx/xxxxxxxxxx/xxxxxxxxx)predictiveHigh
29Filexxx_xxxx.xxpredictiveMedium
30Filexxx-xxx/xxxx-xxxpredictiveHigh
31Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
32Filexxxxx.xxxxx.xxxpredictiveHigh
33Filexxxxx.xxxxxxxx.xxxpredictiveHigh
34Filexxx.xxxpredictiveLow
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxxxxxxxxx/xxxxxxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxx.xxx.xxxpredictiveHigh
38Filexxxxxxxxx.xxxpredictiveHigh
39Filexxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
40Filexxxx/xxxxxxxxxxx.xpredictiveHigh
41Filexxxx/xxxxxxx/xxxxxx_xxxxxxx_xx.xxpredictiveHigh
42Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
43Filexxx.xxxpredictiveLow
44Filexxxxxx.xxxpredictiveMedium
45Filexxxxxxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxxxxxxxxxxx.xxxpredictiveHigh
48Filexxxxxxx/xxx/xxx/xxxxxxx/xxxxxxx_xxxxx.xpredictiveHigh
49Filexxxxxxx/xxxxxxxxxx/xx/xxxx_xx/xx_xxxxx.xpredictiveHigh
50Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveHigh
51Filexxxxxxxxxxx/xxxxxpredictiveHigh
52Filexxxx/xxxxxxxxxx/xxxx/xxx/xxxxxx-xxx-xxxxxxxx.xpredictiveHigh
53Filexxxxxx.xxxpredictiveMedium
54Filexx/xxxxx/xxxxxxx.xpredictiveHigh
55Filexx/xxxx/xxxxxxxx.xpredictiveHigh
56Filexxxxxxxxxxxx_xxxx.xxxpredictiveHigh
57Filexxxxxx/xxxxxxxxxxxxxpredictiveHigh
58Filexxxx.xxxpredictiveMedium
59Filexxxxxx.xxxpredictiveMedium
60Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
61Filexx/xxxxx/xxx.xpredictiveHigh
62Filexxxxxxxxx.xxxpredictiveHigh
63Filexxx/xxxxxx.xxxpredictiveHigh
64Filexxxxxxxx/xxxxx_xxxxxxxx.xxxpredictiveHigh
65Filexxxxxxxx/xxxxxxxxx_xxx_xxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxxxxx/xxxxx_xxxxxx.xxxpredictiveHigh
68Filexxxxx.xxxxxxx.xxxpredictiveHigh
69Filexxxx_xxxx.xxxpredictiveHigh
70Filexxxxx.xpredictiveLow
71Filexxxxxxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
72Filexxx_xxxx.xxpredictiveMedium
73Filexxxx.xxxpredictiveMedium
74Filexxxxxxxx/xxxx_xxxxxx/xxxx_xxxxx_xxxxx.xxxpredictiveHigh
75Filexxxx/xxx/xxx.xpredictiveHigh
76Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
77Filexxxxx.xxxpredictiveMedium
78Filexxxxxx.xxxpredictiveMedium
79Filexx/xxx.xpredictiveMedium
80Filexxx_xxxxx.xxxpredictiveHigh
81Filexxxxxxx_xxxxxxx/xxxxxxx/xxxxx_xxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxx.xxxxxpredictiveHigh
83FilexxxpredictiveLow
84Filexxxxxxx.xxx.xxxpredictiveHigh
85FilexxxxpredictiveLow
86Filexxxx.xxxpredictiveMedium
87Filexxxxxxx/xxxxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
88Filexxx.xpredictiveLow
89Filexxxx.xxxpredictiveMedium
90Filexxxxxxx.xxxxxx.xxxpredictiveHigh
91Filexxxxxx/xxxxx/xxxx/xxxxxxx.xxxxpredictiveHigh
92Filexxxxxx.xxxxpredictiveMedium
93Filexxxx-xxxxx.xpredictiveMedium
94Filexxxxxx_xxx_xxxxxx.xpredictiveHigh
95Filexxxx.xxxpredictiveMedium
96Filexxxxxxx.xxxpredictiveMedium
97Filexxxxxx_xxxx.xxxpredictiveHigh
98Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
99Filexxxxxxxxxxxx.xxxpredictiveHigh
100Filexxxxx.xxxpredictiveMedium
101Filexxxxxxxxxx.xxxpredictiveHigh
102Filexxx/xxxxxxxxxxpredictiveHigh
103Filexxxxx.xpredictiveLow
104Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
105Filexxxx.xpredictiveLow
106Filexxxx_xxxxx.xpredictiveMedium
107Filexxxxx.xxxpredictiveMedium
108Filexxxx.xxxpredictiveMedium
109Filexxxxxxxxxxxx.xxxpredictiveHigh
110Filexxxxxxx.xxxpredictiveMedium
111FilexxxxxxxpredictiveLow
112Filexxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
113File_xxxx_/xxxxxxx/xxxxxxpredictiveHigh
114Libraryxxxxxxxx.xxxpredictiveMedium
115Libraryxxxxxx_xxx[xxx_xxxpredictiveHigh
116Libraryxxxxxxxx.xxxpredictiveMedium
117Libraryxxxxxxxxx.xxxpredictiveHigh
118Libraryxxxxxxx.xxxpredictiveMedium
119Libraryxxx/xxxxxxxxxx/xxxxx/xxxxxx.xxxpredictiveHigh
120Libraryxxxxxxxx.xxxpredictiveMedium
121Argumentxxx_xxxx_xxxxxpredictiveHigh
122ArgumentxxxxxxxpredictiveLow
123ArgumentxxxxxpredictiveLow
124ArgumentxxxpredictiveLow
125ArgumentxxxxpredictiveLow
126ArgumentxxxxxxxxpredictiveMedium
127ArgumentxxxxxxxxpredictiveMedium
128ArgumentxxxpredictiveLow
129ArgumentxxxxxpredictiveLow
130Argumentxxx_xxpredictiveLow
131ArgumentxxxpredictiveLow
132ArgumentxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
133ArgumentxxxpredictiveLow
134Argumentxxxx_xxpredictiveLow
135Argumentxxxxxx_xxx[xxx_xxx]predictiveHigh
136Argumentxxxx/xxxxpredictiveMedium
137ArgumentxxxxpredictiveLow
138ArgumentxxxxxxxpredictiveLow
139ArgumentxxxxxxxpredictiveLow
140ArgumentxxxxxxpredictiveLow
141Argumentxxxx_xxxxxx_xxxxxxxxxpredictiveHigh
142ArgumentxxxxxxxxxxpredictiveMedium
143Argumentxxxxxx_xxxpredictiveMedium
144Argumentxxxxxx_xxxxxxpredictiveHigh
145ArgumentxxxxxxxpredictiveLow
146ArgumentxxxxxxxxpredictiveMedium
147Argumentxxxxx_xxpredictiveMedium
148Argumentxxxx_xxxxpredictiveMedium
149Argumentxxxx_xxxxxxpredictiveMedium
150ArgumentxxpredictiveLow
151ArgumentxxxxxxxxxxpredictiveMedium
152ArgumentxxxxxpredictiveLow
153Argumentxxxx_xxpredictiveLow
154ArgumentxxxxpredictiveLow
155Argumentxxxx_xxxxpredictiveMedium
156ArgumentxxxxxxxxpredictiveMedium
157Argumentxxx_xxxxxxx_xxxpredictiveHigh
158Argumentxxxxx_xxxx/xxxxx_xxxxxxxpredictiveHigh
159ArgumentxxxxxxpredictiveLow
160Argumentxxxxxxxxx_xxxx_xxxxpredictiveHigh
161Argumentxxx_xxxxx_xxxxpredictiveHigh
162ArgumentxxpredictiveLow
163Argumentxxxxxxxxxxxx xxxxpredictiveHigh
164ArgumentxxxxpredictiveLow
165ArgumentxxxxxxpredictiveLow
166ArgumentxxxxxxxxpredictiveMedium
167Argumentxxxx_xx_xx_xxxpredictiveHigh
168ArgumentxxxxpredictiveLow
169Argumentxxxxx_xxxx_xxxxpredictiveHigh
170Argumentxxxxxxx_xxpredictiveMedium
171ArgumentxxxpredictiveLow
172Argumentxxxxx_xxxxxxpredictiveMedium
173Argumentxxxxxx xxxxxxxxpredictiveHigh
174ArgumentxxxxxxxxxpredictiveMedium
175ArgumentxxxxxxxxxxxxpredictiveMedium
176Argumentxxxxxx_xxxx_xxxxpredictiveHigh
177Argumentxxxxxx/xxxxx/xxxxxx/xxxxxxx/xxxxxxxxxpredictiveHigh
178Argumentxxxxxxx_xxpredictiveMedium
179Argumentxxxx/xxxxxx/xxxxxpredictiveHigh
180Argumentxxx_xxxxxxxpredictiveMedium
181Argumentxxxx_xxxxxpredictiveMedium
182ArgumentxxxxxxxxxxpredictiveMedium
183ArgumentxxxxxxxxxxxxpredictiveMedium
184ArgumentxxxpredictiveLow
185Argumentxxxxxxxxxxx/xxxxx_xxxxxpredictiveHigh
186ArgumentxxxpredictiveLow
187Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
188Network Portxxx/xxxxxpredictiveMedium

References (9)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!