BlankSlate Analysis

IOB - Indicator of Behavior (54)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en34
de6
fr4
ru4
it4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

CentOS Web Panel4
Zenario2
pfSense2
JetBrains PhpStorm2
All in One SEO Pack Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.650.00954CVE-2010-0966
2JetBrains PhpStorm idea.log log file3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00043CVE-2022-48435
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.070.02016CVE-2007-1192
4WPForms Pro Plugin csv injection7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00229CVE-2022-3574
5Wondershare Dr.Fone permission7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.050.00082CVE-2023-29835
6All in One SEO Pack Plugin cross site scripting5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.070.00051CVE-2023-0586
7SourceCodester Responsive Ordering System Product_model.php unrestricted upload6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.050.00298CVE-2021-25206
8PuneethReddyHC online-shopping-system product.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00180CVE-2021-43109
9AffiliateWP Plugin Plugin Activation authorization5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.040.00045CVE-2023-4600
10Wondershare Dr.Fone drfone_setup_full3360.exe untrusted search path7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.070.00067CVE-2023-27767
117-zip 7Z File Parser integer underflow6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00048CVE-2023-31102
12Wondershare Repairit repairit_setup_full5913.exe untrusted search path7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.030.00067CVE-2023-27764
13Shopizer insert-product-name-here.html cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.00159CVE-2021-33562
14All in One SEO Plugin cross-site request forgery6.26.1$0-$5k$0-$5kNot DefinedNot Defined0.050.00063CVE-2022-38093
15Wondershare MobileTrans mobiletrans_setup_full5793.exe untrusted search path7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.040.00067CVE-2023-27763
16MonsterInsights Plugin Title cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00079CVE-2022-3904
17Huawei HarmonyOS DUBAI Module double free6.66.6$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00063CVE-2022-47975
18InterWorx SiteWorx domains.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00691CVE-2007-4588
19InterWorx NodeWorx cluster.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00691CVE-2007-4588
20Honda Civic keyfob Subsystem authentication replay1.81.8$0-$5k$0-$5kNot DefinedNot Defined0.050.00080CVE-2021-46145

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveHigh
5TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
7TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (33)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/login_action.cgipredictiveHigh
2File123flashchat.phppredictiveHigh
3Filecluster.phppredictiveMedium
4Filedata/gbconfiguration.datpredictiveHigh
5Filedomains.phppredictiveMedium
6Filexxxxxx_xxxxx_xxxxxxxx.xxxpredictiveHigh
7Filexxxx.xxxpredictiveMedium
8Filexxxx.xxxpredictiveMedium
9Filexxx/xxxxxx.xxxpredictiveHigh
10Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
11Filexxxxx.xxxpredictiveMedium
12Filexxx.x/xxxxxx.xpredictiveHigh
13Filexxxxxxxxxxx_xxxxx_xxxxxxxx.xxxpredictiveHigh
14Filexxxxxxxxx.xxxpredictiveHigh
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxxxxx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxxpredictiveHigh
17Filexxxxxxx_xxxxx.xxxpredictiveHigh
18Filexxxxxxxx_xxxxx_xxxxxxxx.xxxpredictiveHigh
19Filexxxx/xxxx/predictiveMedium
20Filexxxxxx_xxx_xxxxx_xxx.xxxpredictiveHigh
21Libraryxxx.xxxpredictiveLow
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxxxxxxpredictiveMedium
24Argumentxxxxx_xxxxxxxpredictiveHigh
25ArgumentxxxxpredictiveLow
26ArgumentxxxxxpredictiveLow
27ArgumentxxxxxxpredictiveLow
28ArgumentxxxxpredictiveLow
29Argumentxxxx_xxxxpredictiveMedium
30ArgumentxxxpredictiveLow
31ArgumentxxxpredictiveLow
32Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
33Network Portxxx/xx (xxx)predictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!