Careto Analysis

IOB - Indicator of Behavior (598)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en574
de20
pl2
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de186
us92
es10
ru2
cn2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
Adobe Magento Commerce14
Linux Kernel10
Google Chrome8
Poppler6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Atlassian Confluence Server/Data Center uncontrolled search path5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2021-43940
2Apple macOS Login Window state issue4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00954CVE-2021-30702
3Microsoft Windows Active Directory integrated DNS privileges management8.88.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.01967CVE-2020-0761
4lighttpd mod_alias_physical_handler mod_alias.c path traversal7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.12492CVE-2018-19052
5nginx ngx_http_mp4_module information disclosure4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.04714CVE-2018-16845
6Click Studios Passwordstate PIN Generator information disclosure4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.010.01055CVE-2020-27747
7Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.090.25090CVE-2017-0055
8WordPress Password Reset wp-login.php mail password recovery6.15.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.020.23476CVE-2017-8295
9HPE OfficeConnect 1820 improper authentication9.19.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2022-37932
10Apache Flume JMS Source injection8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01978CVE-2022-34916
11SourceCodester Online Class and Exam Scheduling System class_sched.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00885CVE-2022-2706
12TCL LinkHub Mesh Wi-Fi MS1G Configuration logserver GetValue buffer overflow9.49.4$0-$5k$0-$5kNot DefinedNot Defined0.080.00885CVE-2022-24014
13Download Monitor Plugin wp-config.php access control4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.020.00890CVE-2021-31567
14Questions For Confluence App hard-coded credentials8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.16531CVE-2022-26138
15Wavlink WL-WN575A3 POST Request obtw command injection7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.030.02055CVE-2022-34592
16Google Chrome Chrome OS Shell use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.020.27766CVE-2022-2296
17Dice File unrestricted upload7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.010.01338CVE-2022-32413
18HMA VPN unquoted search path8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.02042CVE-2022-26634
19Apple iOS/iPadOS libxml2 use after free6.96.7$100k and more$25k-$100kNot DefinedOfficial Fix0.040.02686CVE-2022-23308
20Aruba ClearPass Policy Manager cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00885CVE-2022-23659

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (194)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/update_setuppredictiveHigh
2File/APP_Installation.asppredictiveHigh
3File/cgi-bin/live_api.cgipredictiveHigh
4File/IISADMPWDpredictiveMedium
5File/pages/class_sched.phppredictiveHigh
6File/php-fusion/infusions/shoutbox_panel/shoutbox_archive.phppredictiveHigh
7File/platform.cgipredictiveHigh
8File/Status/wan_button_action.asppredictiveHigh
9File/tmp/.uci/networkpredictiveHigh
10File/uncpath/predictiveMedium
11File/UserspredictiveLow
12File/usr/predictiveLow
13FileAavmker4.syspredictiveMedium
14Fileadd_user.phppredictiveMedium
15Fileadmin/app/physical/physical.phppredictiveHigh
16Fileadmin/auto.defpredictiveHigh
17Fileapi/settings/valuespredictiveHigh
18Fileapp/admin/custom-fields/filter.phppredictiveHigh
19Fileappfeed.cpredictiveMedium
20Fileashmem.cpredictiveMedium
21Fileauth-gss2.cpredictiveMedium
22Filexxxxxxxx.xxxpredictiveMedium
23Filexxxxxxxxxx/xxxxx.xxxpredictiveHigh
24Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
25Filexxxxxxxxxxx.xxxpredictiveHigh
26Filexxxxx/xxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
27FilexxxxpredictiveLow
28Filexxxx/xxxxxxx.xxxpredictiveHigh
29Filexxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
30Filexxxx/xxx/xxxxxx_xxx.xxxpredictiveHigh
31Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxxxxxx/xxxxxxx/xxxxxxx-xxxx.xpredictiveHigh
33Filexxxxxx.xxxpredictiveMedium
34Filexxxx.xxxpredictiveMedium
35Filexxxxxxxxxx_xxxxxx_xxxxxx.xxxpredictiveHigh
36Filexxxx.xpredictiveLow
37Filexxxx/xxxxx.xxpredictiveHigh
38Filexxx_xxxxxx.xpredictiveMedium
39Filexxxxxx.xxxpredictiveMedium
40Filexxxxxxx/xxx/xxx/xxx/xxxxxxx/xxxxxx/xxxxxx_xx_xxxxxxxxx.xpredictiveHigh
41Filexxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.xpredictiveHigh
42Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx/xxxxxx.xpredictiveHigh
43Filexxxxxxx/xxxx/xxxxxxx/xxxxxxxx.xpredictiveHigh
44Filexxxxx.xxxpredictiveMedium
45Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xpredictiveHigh
46Filexxxxxxx.xpredictiveMedium
47Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
48Filexxxxxxxxxxx.xxxpredictiveHigh
49Filexx/xxxxx/xxxx-xxxxx-xxxxx.xpredictiveHigh
50Filexxxxxxx.xpredictiveMedium
51Filexxx/xxxx_xxxx.xpredictiveHigh
52Filexxxxxx/xxxxxpredictiveMedium
53Filexxxx_xxxxxx.xpredictiveHigh
54Filexxxxxxxxx.xpredictiveMedium
55Filexxxx/xxxx/xxxxxxx/xxxxx.xxxxpredictiveHigh
56Filexx.xxpredictiveLow
57Filexxxx_xxxx.xpredictiveMedium
58Filexx/xxx/xxxxxx-xxx.xpredictiveHigh
59Filexx/xxx/xxx.xpredictiveMedium
60Filexxxxxxx/xx/xxxxxx/xxxxxx-xxx.xpredictiveHigh
61Filexxxxxxx/xxxxx/xxxxxx/xxxx.xpredictiveHigh
62Filexxxxx.xxxpredictiveMedium
63Filexxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxxpredictiveHigh
64Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxxxxxxxx/xxxxx/xxx_xxx/xxxx.xxxpredictiveHigh
66Filexxx.xpredictiveLow
67Filexxxxxxxx/xxx_xxxx.xpredictiveHigh
68Filexxxxx.xpredictiveLow
69Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
70Filexxx_xxx.xpredictiveMedium
71Filexxxxxxxx.xxxpredictiveMedium
72FilexxxxxxxxxpredictiveMedium
73Filexxxxx.xxxpredictiveMedium
74Filexxxxxxxx.xxxpredictiveMedium
75Filexxxxxxx/xxxxxx_xxxxxxx/{xx}predictiveHigh
76Filexxxxxxxxxxx.xxpredictiveHigh
77Filexxxxxxxxx.xpredictiveMedium
78Filexx/xxxxxxx.xpredictiveMedium
79Filexx/xxxxxxxxx.xpredictiveHigh
80Filexxx/xxx_xxx/xxxxxx/xxx_xxxxxx.xpredictiveHigh
81Filexxxxxxx/xxxxx/xxxx.xpredictiveHigh
82Filexxx_xxxxx.xpredictiveMedium
83Filexxx/xxxx/xxx.xpredictiveHigh
84Filexxx/xxxxxxxx/xxxxxxx.xpredictiveHigh
85Filexxxxxxxxxxx.xxxpredictiveHigh
86Filexxxxxx.xpredictiveMedium
87Filexxx_xxxx.xpredictiveMedium
88Filexxxxxx.xxxpredictiveMedium
89Filexxxxxx_xxxxxxxxxx.xxpredictiveHigh
90Filexxxxxx.xpredictiveMedium
91Filexxxxxxx/xxxxxxxxxxxxx/xxxxx-xxxx.xxxpredictiveHigh
92Filexxxxxxx/xxxxxxx/xx_xxxxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
93Filexxxx.xpredictiveLow
94Filexxxxx-xxx.xpredictiveMedium
95Filexxxxxxxxxxx.xxxxpredictiveHigh
96Filexxxxxxxxxx.xxxpredictiveHigh
97Filexxx/xxxxxpredictiveMedium
98Filexxx.xpredictiveLow
99Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
100Filexxxxxx.xxxpredictiveMedium
101Filexxxxxxxx/xxxxxxxxxxxxxx.xxxx/xxxxxxxxxxxxpredictiveHigh
102Filexxxxx.xxxpredictiveMedium
103Filexxxxx/xxx/xxxxx/xxxxxx.xpredictiveHigh
104Filexxxxxx.xxpredictiveMedium
105Filexxx/xxxxxxxxxx_xxxxpredictiveHigh
106Filexxx_xxxxxxxx.xpredictiveHigh
107Filexxxxxxx/xxxxxxxxxxxxpredictiveHigh
108Filexxxxxxxx.xxxpredictiveMedium
109Filexxxxxxxx.xxxxpredictiveHigh
110Filexxxxxx_xxxxxxx_xxxx_xxxxx.xxxpredictiveHigh
111Filexxxxx/_xxxxxxxx.xxxpredictiveHigh
112Filexxx.xxxpredictiveLow
113Filexxxxxx.xxxpredictiveMedium
114Filexx/xxxxxxxxx/xxpredictiveHigh
115Filexxxxxxxxx.xxxpredictiveHigh
116Filexxxxxx/xxxxxx.xpredictiveHigh
117Filexxxx/xxxxxxx-xxxx.xpredictiveHigh
118Filexxxxxxxx.xxxpredictiveMedium
119Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx-xxxx&xxxxxxx=xxxxpredictiveHigh
120Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxx%xxxxxxxxxxx.xxxpredictiveHigh
121Filexx-xxxxxx.xxxpredictiveHigh
122Filexx-xxxxx.xxxpredictiveMedium
123Filexxxxxxxxx.xxxpredictiveHigh
124Filexxxx.xxpredictiveLow
125Libraryxxxxxxx.xxxpredictiveMedium
126Libraryxxx/xxx.xpredictiveMedium
127Libraryxxxxxxxx.xxxpredictiveMedium
128Libraryxxxxxx.xxx.xxxxxx.xxxpredictiveHigh
129Libraryxxxxxxxx.xxxpredictiveMedium
130Libraryxxxxxxx.xxxpredictiveMedium
131Libraryxxxxxxxx.xxxpredictiveMedium
132Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
133Argument-xpredictiveLow
134ArgumentxxxxxxxxxxxxpredictiveMedium
135Argumentxxxx_xxxxxxpredictiveMedium
136ArgumentxxxxxpredictiveLow
137Argumentxxxxxxxxxxxx_xxxxxxxxxxxxpredictiveHigh
138ArgumentxxxxxpredictiveLow
139ArgumentxxxxxxxpredictiveLow
140Argumentxxxxxx_xxxxxx_xxpredictiveHigh
141ArgumentxxxxxxpredictiveLow
142Argumentxxxx_xxxxpredictiveMedium
143Argumentxxxxxx xxxx/xxxxxx xxxxxxx/xxxx xxxx/xxxxx/xxxxxxxx/xxxpredictiveHigh
144Argumentxxxxxxxxxxxx_xxxx_xxxx[x]predictiveHigh
145ArgumentxxxpredictiveLow
146ArgumentxxxxpredictiveLow
147ArgumentxxxxxxxxpredictiveMedium
148ArgumentxxxxxxpredictiveLow
149ArgumentxxxxpredictiveLow
150Argumentx_xxxxxxxxpredictiveMedium
151ArgumentxxxxxxxpredictiveLow
152Argumentxxxxxx_xxx/xxxxx_xxxpredictiveHigh
153ArgumentxxxxpredictiveLow
154ArgumentxxxxpredictiveLow
155Argumentxxxx_xxxxxpredictiveMedium
156ArgumentxxpredictiveLow
157ArgumentxxpredictiveLow
158ArgumentxxxxpredictiveLow
159ArgumentxxxxxxxxpredictiveMedium
160ArgumentxxxxxxpredictiveLow
161ArgumentxxxxxxxpredictiveLow
162ArgumentxxxxxpredictiveLow
163ArgumentxxxxxpredictiveLow
164ArgumentxxxxxxxxxpredictiveMedium
165ArgumentxxxxxxxxpredictiveMedium
166ArgumentxxxxpredictiveLow
167ArgumentxxxpredictiveLow
168ArgumentxxxxxxxpredictiveLow
169ArgumentxxxxxxxxxxxpredictiveMedium
170Argumentxxxxxx_xxxpredictiveMedium
171ArgumentxxxxxxxpredictiveLow
172Argumentxxxxxx xxxxxxxxxpredictiveHigh
173Argumentxxxxx_xxx/xxxxx_xxxxxpredictiveHigh
174Argumentxx_xxxxpredictiveLow
175ArgumentxxxxpredictiveLow
176ArgumentxxxxxxxxxxxxxpredictiveHigh
177ArgumentxxxxxpredictiveLow
178ArgumentxxxxxxxxpredictiveMedium
179ArgumentxxxxpredictiveLow
180Argumentxxxx_xxxxpredictiveMedium
181Argument{xxxxxpredictiveLow
182Input Value'||(xxxxxx xxxxxxxxxx xxxxx xxxx=xxxx xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x))||'predictiveHigh
183Input Value**@xxxxxxpredictiveMedium
184Input Value../predictiveLow
185Input Valuexxx.x.x.xpredictiveMedium
186Input Valuexxxxx://xxxx.xxxxxxx.xxx@xxxxxx.xxxxxxx.xxx/predictiveHigh
187Input ValuexxxxxxxxxxpredictiveMedium
188Input ValuexxxxpredictiveLow
189Network Portxxx xxxxxpredictiveMedium
190Network Portxxx xxxxxpredictiveMedium
191Network Portxxx/xxxpredictiveLow
192Network Portxxx/xxxxpredictiveMedium
193Network Portxxx/xxx (xxx)predictiveHigh
194Network Portxxx xxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!