BlackByte Analysis

IOB - Indicator of Behavior (270)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en240
ru16
de8
fr4
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us62
cn26
ru12
fr6
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple macOS10
Google Chrome10
WordPress6
Perl4
4Site CMS4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.700.00943CVE-2010-0966
3WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.020.00804CVE-2006-5509
4ownCloud index.php path traversal7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00749CVE-2014-4929
5Dahua DHI-HCVR7216A-S3 SmartPSS Auto Login Hash access control6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.040.00331CVE-2017-6342
6Cyr to Lat Plugin sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00050CVE-2022-4290
7SourceCodester Food Ordering System PHP File ajax.php unrestricted upload7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00307CVE-2023-24646
8Linux Kernel capsule-loader.c use after free4.64.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2022-40307
9HPE Onboard Administrator Reflected cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00050CVE-2020-7132
10xwikisas macro-pdfviewer PDF Viewer Macro information disclosure6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.67-0.00000CVE-2024-30263
11Moises Heberle WooCommerce Bookings Calendar Plugin cross site scripting5.04.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00043CVE-2024-31117
12Foxit PDF Reader AcroForm use after free6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00046CVE-2024-30354
13Tenda AC10 SetStaticRouteCfg fromSetRouteStatic stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.110.00045CVE-2024-2581
14MediaTek MT8798 Lk memory corruption6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00043CVE-2024-20022
15Kofax Power PDF PNG File Parser out-of-bounds4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00065CVE-2024-27336
16Linux Kernel ASPM pci_set_power_state_locked deadlock4.84.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00043CVE-2024-26605
17Elementor Plugin deserialization5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000CVE-2024-24934
18IBM Security Access Manager Container DSC Server resource consumption6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00044CVE-2023-31006
19WP Recipe Maker Plugin cross site scripting5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.020.00045CVE-2024-0382
20Dahua IPC/SD/NVR/XVR Packet unknown vulnerability4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00063CVE-2022-30564

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.9.148.114BlackByte02/15/2022verifiedHigh
2XXX.XX.X.XXxxxx.xxxxxxx.xxxXxxxxxxxx07/29/2022verifiedHigh
3XXX.XXX.XX.XXXXxxxxxxxx07/07/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (93)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ajax.php?action=read_msgpredictiveHigh
2File/debug/pprofpredictiveMedium
3File/desktop_app/file.ajax.php?action=uploadfilepredictiveHigh
4File/envpredictiveLow
5File/fos/admin/ajax.phppredictiveHigh
6File/goform/SetNetControlListpredictiveHigh
7File/goform/SetStaticRouteCfgpredictiveHigh
8File/server-statuspredictiveHigh
9File/src/chatbotapp/chatWindow.javapredictiveHigh
10Fileaddentry.phppredictiveMedium
11Filexxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
12Filexxxxx/xxxxx-xxx-xxxxx-xxxxx.xxxpredictiveHigh
13Filexxxxx/xxxxxxx/xxxxxxxxxxxxpredictiveHigh
14Filexxxxxxxxxxxx/xxxxx/xxxx/predictiveHigh
15Filexxxxx.xxxpredictiveMedium
16Filexxx_xx_xxx_xxx.xxxpredictiveHigh
17Filexxx.xpredictiveLow
18FilexxxpredictiveLow
19Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
20Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxx/xxxxxxxx/xxx/xxxxxxx-xxxxxx.xpredictiveHigh
22Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
23Filexxx_xxxx.xpredictiveMedium
24Filexxxxx_xxxxxxxx.xxxxpredictiveHigh
25Filexxx/xxxxx.xxxxxpredictiveHigh
26Filexxxx/xxxxxxxx/xxx&xx=xxxxxxxpredictiveHigh
27Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
28Filexxxxxx.xxxpredictiveMedium
29Filexxx/xxxxxx.xxxpredictiveHigh
30Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
31Filexxxxx.xxxpredictiveMedium
32Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
33Filexx_xxxxx.xpredictiveMedium
34Filexxxxx_xxxxx.xpredictiveHigh
35Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
36Filexxxx.xxxpredictiveMedium
37Filexxxxx.xxxpredictiveMedium
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
40Filexxx_xxxx.xxxpredictiveMedium
41Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
42Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
43Filexxxxx/xxxxx.xxxxxpredictiveHigh
44Filexxxxxxx.xpredictiveMedium
45Filexxxxxxxx-x.xxpredictiveHigh
46Filexxxxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxxx-xxxxxx.xxxpredictiveHigh
48Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
49Filexxx.xpredictiveLow
50FilexxxxxxxxxxxxxxxxpredictiveHigh
51Filexxxxxxxx_xxxxxx_xxxxx.xxxpredictiveHigh
52Filexxx-xxxxxxx-xxx.xxpredictiveHigh
53Filexxxxxxx.xpredictiveMedium
54Filexxx.xxxpredictiveLow
55Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
56File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
57Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
58Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
59Libraryxxxxxxx.xxxpredictiveMedium
60Libraryxxxxx.xxxpredictiveMedium
61Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
62ArgumentxxxxxxpredictiveLow
63ArgumentxxxpredictiveLow
64Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
65ArgumentxxxxxxpredictiveLow
66ArgumentxxxxxxxxpredictiveMedium
67Argumentx:\xxxxxxx\xpredictiveMedium
68Argumentxxxxx_xxxxpredictiveMedium
69Argumentxxxxx_xxpredictiveMedium
70ArgumentxxxxxxxxpredictiveMedium
71ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
72ArgumentxxxxxxxpredictiveLow
73Argumentxxx_xxxpredictiveLow
74ArgumentxxxxpredictiveLow
75ArgumentxxxxpredictiveLow
76Argumentxxxx_xxxxxpredictiveMedium
77ArgumentxxxxxpredictiveLow
78Argumentxxxxxx_xxxpredictiveMedium
79ArgumentxxxxpredictiveLow
80ArgumentxxpredictiveLow
81ArgumentxxxxxxxpredictiveLow
82ArgumentxxxxpredictiveLow
83ArgumentxxxxpredictiveLow
84ArgumentxxxxxxxpredictiveLow
85Argumentx_xxxxpredictiveLow
86Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
87ArgumentxxxpredictiveLow
88ArgumentxxxxxpredictiveLow
89ArgumentxxxxxxxxxxxpredictiveMedium
90ArgumentxxpredictiveLow
91ArgumentxxxxxxpredictiveLow
92Argumentx-xxxxxxxxx-xxxxpredictiveHigh
93Input Value//xxx//xxxxxxx.xxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!