BadPatch Analysisinfo

IOB - Indicator of Behavior (31)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en26
fr6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

POS Codekop2
ElkaGroup Image Gallery2
Saskia Bruckner Saskias Shopsystem2
AjPortal2Php2
ampleShop2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
16.43.51.17Badpatch10/23/2019verifiedLow
2XXX.XXX.XXX.XXXxxxxxx.xxxxxx.xxXxxxxxxx12/23/2020verifiedLow
3XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xxXxxxxxxx12/23/2020verifiedVery Low

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2TXXXX.XXXCAPEC-XXXCWE-XXXxxxx Xxxxx Xxxx XxxxxxxxxpredictiveHigh
3TXXXXCAPEC-XXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
5TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/usr/local/sbin/webproject/set_param.cgipredictiveHigh
2Filecategory.cfmpredictiveMedium
3Filecontent.phppredictiveMedium
4Filexxxxxxxx/xxxxx.xxx.xxxpredictiveHigh
5Filexxx_xxxxx_xxxx.xpredictiveHigh
6Filexxxxx.xxxpredictiveMedium
7Filexxxxx.xxxpredictiveMedium
8Filexxxxxx/xxxxxxx/xxxxxxxxxxx/xxxx.xxxpredictiveHigh
9Filexxxx.xxxpredictiveMedium
10ArgumentxxxpredictiveLow
11ArgumentxxxpredictiveLow
12ArgumentxxpredictiveLow
13Argumentxx_xxxxxxpredictiveMedium
14ArgumentxxxxxxxxxxpredictiveMedium
15ArgumentxxxxxxpredictiveLow
16ArgumentxxxxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!