BadPatch Analysis

IOB - Indicator of Behavior (24)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en24

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

BadPatch1
KasperAgent1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Wireless LAN Software2
Not Defined2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Netgear2
Infiray2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Netgear DGN1000B2
Infiray IRAY-A8Z32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Netgear DGN1000B setup.cgi privileges management9.89.3$25k-$100kCalculatingProof-of-ConceptNot Defined0.010.00000
2Infiray IRAY-A8Z3 Web Application set_param.cgi hard-coded credentials8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2022-31210
3AjPortal2Php pages.inc.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.12567CVE-2007-2142

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
1148.251.135.117server.pogled.baBadPatchverifiedHigh
2XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xxXxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1068CWE-269Execution with Unnecessary PrivilegespredictiveHigh
2TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh

IOA - Indicator of Attack (5)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/usr/local/sbin/webproject/set_param.cgipredictiveHigh
2Fileincludes/pages.inc.phppredictiveHigh
3Filexxxxx.xxxpredictiveMedium
4ArgumentxxxxxxxxxxpredictiveMedium
5ArgumentxxxxxxxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!