Center-2 Analysis

IOB - Indicator of Behavior (353)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en326
fr14
de8
ru2
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

fr308
it26
us12
cn4
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android28
Microsoft Windows10
Cisco Unified Communications Manager10
Microsoft Edge8
Cisco IOS XE6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.510.00000
2FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.130.01213CVE-2008-5928
3Sonatype Nexus Repository Manager OSS Admin Panel access control6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00000CVE-2022-31289
4EPiServer Ektron CMS content.aspx cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01055CVE-2016-6201
5Huawei Smart Phones Moana-AL00B missing initialization of resource4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2020-9227
6Huawei Taurus-AL00A Message use after free5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2020-9093
7Huawei Mate 20 information disclosure4.03.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2020-9109
8Huawei WS5800-10 Message denial of service5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2020-9230
9Huawei Mate 30 type confusion7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.01036CVE-2020-9261
10Huawei Mate 30/Mate 30 Pro information disclosure4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2020-1801
11Apple iPhone malloc privileges management6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2019-9536
12vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.090.00885CVE-2018-6200
13Xitex Xitex WebContent M1 redirect.do cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.020.01136CVE-2008-1209
14phpPgAds adclick.php unknown vulnerability5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.210.01055CVE-2005-3791
15phpMyAdmin Redirect url.php 7pk security7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01408CVE-2015-7873
16Huawei OceanStor 5600 SSH Key hard-coded credentials7.47.3$5k-$25k$0-$5kNot DefinedWorkaround0.000.00885CVE-2016-8754
17Huawei HiSuite Library Loader access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01525CVE-2016-8274
18Cisco NX-OS memory corruption5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01136CVE-2017-3879
19NVIDIA Windows GPU Display Driver Kernel Mode Layer data processing4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2017-0320
20Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
180.211.35.111host111-35-211-80.serverdedicati.aruba.itCenter-2verifiedHigh
2XX.XX.XXX.XXxxxxxx-xxx-xx-xx.xxxxxx.xxxxxxxxxx.xxXxxxxx-xverifiedHigh
3XXX.XXX.XX.XXXXxxxxx-xverifiedHigh
4XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxx.xxxXxxxxx-xverifiedMedium

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (80)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ctpms/admin/?page=applications/view_applicationpredictiveHigh
2File/docs/captcha_(number).jpegpredictiveHigh
3File/etc/keystone/user-project-map.jsonpredictiveHigh
4File/forum/away.phppredictiveHigh
5File/horde/util/go.phppredictiveHigh
6File/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.cpredictiveHigh
7File/webapps/Bb-sites-user-profile-BBLEARN/profile.formpredictiveHigh
8File/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.phppredictiveHigh
9Fileaction/addproject.phppredictiveHigh
10Fileadclick.phppredictiveMedium
11Filexxxxx/xxxx/xxxxxx/xxx.xxx?xxxpredictiveHigh
12Filexxxxxxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxx/xx-xxxxx-xxxxxxx/xxx-xx-xxxxx-xxxxxxx.xxxpredictiveHigh
15Filexxxxxxxxxxx/xxxxxxxx/xxx.xxxpredictiveHigh
16Filexxx/xxxx/xxxx/xxxx_xxxxx_xxxx_xxxxx.xpredictiveHigh
17Filexxx/xxxx.xxx/xxxxxxxxx/predictiveHigh
18Filexxxxxxxxx.xxxpredictiveHigh
19Filexxxxx_xxxx_xx.xxxpredictiveHigh
20Filexxxxxx/xxx.xpredictiveMedium
21Filexxxxxx/xxx.xpredictiveMedium
22Filexxxxxx.xxxpredictiveMedium
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.xpredictiveHigh
26Filexxxxx/xxxxxxxxxxxxx.xxxxxx.xxxpredictiveHigh
27Filexxxxxxxxxxxxxx.xxxpredictiveHigh
28Filexxxxxx.xxxpredictiveMedium
29Filexxxxxxxxxxxxx.xxxxpredictiveHigh
30Filexxxxxx.xxxpredictiveMedium
31Filexxxxx.xxxpredictiveMedium
32Filexxx_xxxx.xxpredictiveMedium
33Filexxxxx.xpredictiveLow
34Filexxxxx.xxxpredictiveMedium
35Filexxxxx.xxxpredictiveMedium
36Filexxxxxxxx.xxpredictiveMedium
37Filexxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxxxx.xpredictiveMedium
40Filexxxxxx.xpredictiveMedium
41Filexxxx.xxxpredictiveMedium
42Filexxxxxxxxxxxx.xxxpredictiveHigh
43Filexxx/xxxx/xxxx/xxxxxx/xxxxxxxxxxx.xxxxpredictiveHigh
44Filexxx_xxxxx.xpredictiveMedium
45Filexxx_xxxxxxxx.xpredictiveHigh
46Filexxx.xxxpredictiveLow
47Filexxxxxxxx/xxxxxxx.xxxxpredictiveHigh
48Filexx-xxxxx.xxxpredictiveMedium
49Filexxx.xpredictiveLow
50Libraryxxx/xxxx/xxxxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
51Libraryxxxxxxxx.xxxpredictiveMedium
52Libraryxxx/xxxxxx/xxx/xxx/xxxxxxxxxxxx.xxxpredictiveHigh
53Argument$_xxx['xxx']predictiveMedium
54ArgumentxxxxxxpredictiveLow
55ArgumentxxxxxxxxpredictiveMedium
56Argumentxx/xxxxxxpredictiveMedium
57ArgumentxxxxpredictiveLow
58Argumentxxxxxx xxxxpredictiveMedium
59ArgumentxxxxxxxxxxxxpredictiveMedium
60ArgumentxxxxxxxxpredictiveMedium
61ArgumentxxxxxpredictiveLow
62ArgumentxxpredictiveLow
63ArgumentxxxxpredictiveLow
64ArgumentxxpredictiveLow
65ArgumentxxxxxxxpredictiveLow
66ArgumentxxxxxxxxpredictiveMedium
67Argumentxx_xxxxxpredictiveMedium
68ArgumentxxxxpredictiveLow
69ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
70Argumentxxxxxxxxx_xxpredictiveMedium
71Argumentxxxxx_xxxxx_xxxxpredictiveHigh
72ArgumentxxxxxxxpredictiveLow
73ArgumentxxxpredictiveLow
74ArgumentxxxpredictiveLow
75Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveHigh
76Argumentxxxx_xxpredictiveLow
77Argumentxxx_xxxxxxxxxpredictiveHigh
78Input Value%x/%xpredictiveLow
79Network Portxxx/xxxxpredictiveMedium
80Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!