BlackTech Analysis

IOB - Indicator of Behavior (332)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en256
zh66
de4
es2
ja2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ms144
cn118
us68

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Palo Alto PAN-OS8
phpMyAdmin6
PHP4
KeyCloak4
Apache HTTP Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1vTiger CRM sql injection7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00890CVE-2019-11057
2Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.64728CVE-2022-1040
3PAN-OS improper authentication7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.030.01055CVE-2019-1572
4WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.01974CVE-2017-5611
5XoruX LPAR2RRD/STOR2RRD hard-coded credentials6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00954CVE-2021-42371
6Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.020.61804CVE-2021-34473
7FCKeditor Connector Module path traversal7.37.0$0-$5k$0-$5kHighOfficial Fix0.030.92736CVE-2009-2265
8RoundCube Webmail rcube_plugin_api.php path traversal8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.050.02762CVE-2020-12640
9Mailman input validation6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01018CVE-2018-13796
10OpenSSL c_rehash os command injection5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.36880CVE-2022-1292
11Kingsoft WPS Office Registry wpsupdater.exe access control5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.030.23850CVE-2022-24934
12Palo Alto PAN-OS cleartext transmission5.85.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2020-2013
13Palo Alto PAN-OS Maintenance Mode config6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2020-2041
14RoundCube Contact Photo photo.inc Absolute path traversal6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.100.01132CVE-2015-8794
15Roundcube Webmail Configuration File access control7.06.7$0-$5k$0-$5kHighOfficial Fix0.020.04804CVE-2017-16651
16phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2019-6798
17EmbedThis HTTP Library/Appweb httpLib.c authCondition improper authentication7.77.3$0-$5k$0-$5kHighOfficial Fix0.050.00954CVE-2018-8715
18Liferay Portal CE JSON Payload deserialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.020.05634CVE-2019-16891
19Apache Solr ResourceLoader path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.03384CVE-2013-6397
20ThinkPHP input validation8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.84749CVE-2019-9082

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (155)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cdsms/classes/Master.php?f=delete_enrollmentpredictiveHigh
2File/cgi-bin/portalpredictiveHigh
3File/cgi-mod/lookup.cgipredictiveHigh
4File/forum/away.phppredictiveHigh
5File/mifs/c/i/reg/reg.htmlpredictiveHigh
6File/modules/profile/index.phppredictiveHigh
7File/RPC2predictiveLow
8File/server-infopredictiveMedium
9File/service/uploadpredictiveHigh
10File/tmppredictiveLow
11File/uncpath/predictiveMedium
12File/wp-json/oembed/1.0/embed?urlpredictiveHigh
13Filea2billing/customer/iridium_threed.phppredictiveHigh
14Fileadmin.phppredictiveMedium
15Fileadmin.php?s=/Channel/add.htmlpredictiveHigh
16Fileadmin/class-bulk-editor-list-table.phppredictiveHigh
17Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
18Filexxxxxxxxxxx\xxx\xxxxxxxxxx\xxxx.xxxpredictiveHigh
19Filexxxxxxxx\xxxxx.xxxpredictiveHigh
20Filexxxx.xxxpredictiveMedium
21Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
22Filexxx-xxx/xxxxxxpredictiveHigh
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxx/xxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
25Filex_xxxxxxpredictiveMedium
26Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
27Filexxxx_xxxxx.xxxpredictiveHigh
28Filexxxxxx.xxxpredictiveMedium
29Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxpredictiveHigh
30Filexxxxxx.xxxpredictiveMedium
31Filexxxxxxx/xxxx/xxxx_xxxxxxxx.xpredictiveHigh
32Filexxxxxxx/xxxxx/xxxxxxxx/xxxxxpredictiveHigh
33Filexxxxxxxxxxx/xxxx-xxxxxx-xxxxxx.xxxpredictiveHigh
34Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
35Filexx/xxxxxx_xxx.xpredictiveHigh
36Filexx/xxxx/xxx.xpredictiveHigh
37Filexx/xx-xx.xpredictiveMedium
38Filexxxx.xxxpredictiveMedium
39Filexxxxx_xxxxxxxx.xxxpredictiveHigh
40Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
41Filexxx/xxxxxx.xxxpredictiveHigh
42Filexxxxx.xxxpredictiveMedium
43Filexxxxx.xxx/xxxxxxxxxxxxx/xxxpredictiveHigh
44Filexxx/xxx_xxx_xx.xxxxpredictiveHigh
45Filexxxx_xxxx.xxxpredictiveHigh
46Filexxxxxxx.xxxpredictiveMedium
47Filexxxxxx/xxxxx/xxxxxxxx.xpredictiveHigh
48Filexxxxxxxxxx/xxxxxx.xpredictiveHigh
49Filexxxxxxxxx/xxxxxxx.xxx.xxxpredictiveHigh
50Filexxx.xpredictiveLow
51Filexxxxxxx.xxxpredictiveMedium
52Filexxxxxxx.xxxpredictiveMedium
53Filexxxxxxx.xxpredictiveMedium
54Filexxx_xxxx.xxxpredictiveMedium
55Filexxxxx/xxxxx.xxxpredictiveHigh
56Filexxxxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxx/xxxx.xxxpredictiveHigh
58Filexxxxxxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
59Filexxxxxxx/xxxxxxx/xxxxxx_xxxxxx_xxxx.xxxpredictiveHigh
60Filexxxxxxx/xxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
61Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
62Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
63Filexxx.xpredictiveLow
64Filexxxxxxxx.xxxpredictiveMedium
65Filexxxxxxx/xxxxx/xxxx-xxx/xxxxxx.xpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxx-xxxxxxxxx.xxxpredictiveHigh
68Filexxxxxx.xxxpredictiveMedium
69Filexxxx.xxxxpredictiveMedium
70Filexxxxxxxxx.xpredictiveMedium
71Filexxxxxxxx/xxxxxxxxpredictiveHigh
72Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
73Filexxxxxxxxx.xxxpredictiveHigh
74Filexxxxx.xxxpredictiveMedium
75Filexxxxx/xxxxxxx/xxxxxxxx/xxxxx.xxx.xxxxpredictiveHigh
76Filexxxxxxx.xxxpredictiveMedium
77Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveHigh
78Filexxxxxxx.xxxpredictiveMedium
79Filexxxxxxxx.xxxpredictiveMedium
80Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
81Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
82Filexx-xxxxx/xxxxxx-xxxx.xxxpredictiveHigh
83Filexx-xxxxxxx/xxxxxxx/xx-xxxxxxxx-xxxxx-xxx/predictiveHigh
84Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
85Filexxxxxxxxxx.xxxpredictiveHigh
86Filexx_xxx_xxxxxx.xxxpredictiveHigh
87File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
88Libraryxxxx/xxxxx/xxxxxxx/xxxxxxx/xxx/xxx/xxxx.xxxpredictiveHigh
89Libraryxxxx/xxxxxxx.xpredictiveHigh
90Libraryxxxxxxxx.xxxpredictiveMedium
91Libraryxxx/xxxx/xxxxxx.xxxxx.xxxpredictiveHigh
92Libraryxxx/xxx.xxxpredictiveMedium
93Argument-xpredictiveLow
94ArgumentxxxxxxxpredictiveLow
95ArgumentxxxxxxpredictiveLow
96Argumentxxxxxx_xxxxpredictiveMedium
97ArgumentxxxxxxpredictiveLow
98ArgumentxxxxxxxxpredictiveMedium
99ArgumentxxxxxxxpredictiveLow
100ArgumentxxxpredictiveLow
101Argumentxxxx_xxpredictiveLow
102Argumentxxxxxxx-xxxxxxpredictiveHigh
103Argumentxxxxxxx_xxpredictiveMedium
104Argumentxxx_xxxpredictiveLow
105ArgumentxxxxxxxxxxxxxxxpredictiveHigh
106ArgumentxxxxxxpredictiveLow
107ArgumentxxxxpredictiveLow
108ArgumentxxxxxxxpredictiveLow
109ArgumentxxxxpredictiveLow
110ArgumentxxpredictiveLow
111ArgumentxxxxxxxxxpredictiveMedium
112Argumentxx_xxxxpredictiveLow
113ArgumentxxxxxpredictiveLow
114Argumentx/xx/xxxpredictiveMedium
115ArgumentxxxxpredictiveLow
116ArgumentxxxxxxxxxxpredictiveMedium
117ArgumentxxxxpredictiveLow
118Argumentxxxx/xxxxxxxpredictiveMedium
119ArgumentxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
120ArgumentxxxxxpredictiveLow
121ArgumentxxxxxxxpredictiveLow
122Argumentxxxxxx_xxxxpredictiveMedium
123ArgumentxxxxxxxxpredictiveMedium
124ArgumentxxxxxxxpredictiveLow
125ArgumentxxxxxxxxxxxxxpredictiveHigh
126Argumentxxxxxxxx_xxxxxxxpredictiveHigh
127ArgumentxxxxxxxxpredictiveMedium
128ArgumentxxxxxxpredictiveLow
129ArgumentxxxxpredictiveLow
130Argumentxxxxxx/xxxxxpredictiveMedium
131Argumentxxxxxxxx[]predictiveMedium
132Argumentxxxxxxxx[xxxx]predictiveHigh
133ArgumentxxxxpredictiveLow
134Argumentxxxx_xxxxpredictiveMedium
135ArgumentxxxpredictiveLow
136ArgumentxxxxxxxxpredictiveMedium
137Argumentxxx_xxxx[x][]predictiveHigh
138Argumentxxxxxxxx/xxxpredictiveMedium
139Argumentxxxxxx[]predictiveMedium
140ArgumentxxpredictiveLow
141ArgumentxxxxxxxxxxxxxpredictiveHigh
142ArgumentxxxpredictiveLow
143ArgumentxxxxxxxxpredictiveMedium
144Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
145ArgumentxxxxxxxxxxxxxpredictiveHigh
146ArgumentxxxxxpredictiveLow
147Argument_xxxpredictiveLow
148Argument_xxxxpredictiveLow
149Argument_xxxxpredictiveLow
150Input Value-xpredictiveLow
151Input Valuexxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]predictiveHigh
152Input Value…/.predictiveLow
153Pattern|xx|xx|xx|predictiveMedium
154Pattern|xx xx xx|predictiveMedium
155Network Portxxx xxxxxx xxxxpredictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!