BlackByte Analysis

IOB - Indicator of Behavior (177)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en172
fr4
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome6
Apple macOS6
4Site CMS4
WordPress4
Apache HTTP Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.640.04187CVE-2010-0966
3WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.020.01319CVE-2006-5509
4ownCloud index.php path traversal7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01213CVE-2014-4929
5HPE Onboard Administrator Reflected cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2020-7132
6Telegram Web K Alpha Document Extension Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2021-40532
7pgjdbc injection6.76.6$0-$5k$0-$5kNot DefinedOfficial Fix0.040.21296CVE-2022-21724
8Dell EMC CloudLink Active Directory improper authentication8.88.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.09029CVE-2022-34379
9Linux Kernel ebpf Verifier verifier.c adjust_scalar_min_max_vals unknown vulnerability4.34.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00950CVE-2021-4159
10Web2py Password 7pk security7.77.3$0-$5k$0-$5kNot DefinedOfficial Fix0.060.01136CVE-2016-10321
11MantisBT API SOAP mc_project_get_users sql injection5.04.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.05473CVE-2020-28413
12MantisBT access control7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01319CVE-2014-9572
13October CMS ViewMaker.php#244 makeFileContents information disclosure5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01156CVE-2018-1999009
14XStream denial of service5.35.1$0-$5kCalculatingNot DefinedOfficial Fix0.010.53308CVE-2021-21341
15Eclipse Jetty Content-Length Header data processing8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.080.02686CVE-2017-7658
16HP Network Switch access control6.56.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2015-6859
17Dolibarr CRM control flow4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2022-0174
18Apple M1 Register s3_5_c15_c10_1 M1RACLES access control8.88.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000CVE-2021-30747
19Philips Collaboration Platform cross-site request forgery5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2020-14506
20SAP 3D Visual Enterprise Viewer TGA File input validation4.34.3$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00954CVE-2020-6345

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
145.9.148.114BlackByteverifiedHigh
2XXX.XX.X.XXxxxx.xxxxxxx.xxxXxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (58)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/goform/SetNetControlListpredictiveHigh
2File/server-statuspredictiveHigh
3Fileaddentry.phppredictiveMedium
4Fileadmin/categories_industry.phppredictiveHigh
5Fileadmin/content/postcategorypredictiveHigh
6FileAdminstrator/Users/Edit/predictiveHigh
7Fileagent.cfgpredictiveMedium
8Filexxx_xx_xxx_xxx.xxxpredictiveHigh
9Filexxx.xpredictiveLow
10FilexxxpredictiveLow
11Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
12Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
14Filexxx_xxxx.xpredictiveMedium
15Filexxx/xxxxx.xxxxxpredictiveHigh
16Filexxx/xxxxxx.xxxpredictiveHigh
17Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
20Filexx_xxxxx.xpredictiveMedium
21Filexxxxx_xxxxx.xpredictiveHigh
22Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
23Filexxxx.xxxpredictiveMedium
24Filexxxxx.xxxpredictiveMedium
25Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
26Filexxx_xxxx.xxxpredictiveMedium
27Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
28Filexxxxx/xxxxx.xxxxxpredictiveHigh
29Filexxxxxxx.xpredictiveMedium
30Filexxxxxxxx-x.xxpredictiveHigh
31Filexxx.xpredictiveLow
32FilexxxxxxxxxxxxxxxxpredictiveHigh
33Filexxxxxxxx_xxxxxx_xxxxx.xxxpredictiveHigh
34Filexxx-xxxxxxx-xxx.xxpredictiveHigh
35Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
36Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
37Libraryxxxxxxx.xxxpredictiveMedium
38Libraryxxxxx.xxxpredictiveMedium
39Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
40ArgumentxxxxxxpredictiveLow
41ArgumentxxxpredictiveLow
42Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
43ArgumentxxxxxxpredictiveLow
44ArgumentxxxxxxxxpredictiveMedium
45Argumentx:\xxxxxxx\xpredictiveMedium
46ArgumentxxxxxxxpredictiveLow
47Argumentxxx_xxxpredictiveLow
48ArgumentxxxxxpredictiveLow
49ArgumentxxxxpredictiveLow
50ArgumentxxpredictiveLow
51ArgumentxxxxxxxpredictiveLow
52ArgumentxxxxpredictiveLow
53ArgumentxxxxpredictiveLow
54Argumentx_xxxxpredictiveLow
55ArgumentxxxxxpredictiveLow
56ArgumentxxpredictiveLow
57ArgumentxxxxxxpredictiveLow
58Input Value//xxx//xxxxxxx.xxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!