Center-2 Analysisinfo

IOB - Indicator of Behavior (366)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en340
es6
zh6
fr6
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android20
Microsoft Windows12
Cisco Unified Communications Manager10
Gophish8
Cisco NX-OS6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000000.85
2FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.12CVE-2008-5928
3Sonatype Nexus Repository Manager OSS Admin Panel access control6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000440.05CVE-2022-31289
4EPiServer Ektron CMS content.aspx cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.004550.00CVE-2016-6201
5Huawei Smart Phones Moana-AL00B initialization of resource4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2020-9227
6Huawei Taurus-AL00A Message use after free5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000550.00CVE-2020-9093
7Huawei Mate 20 information disclosure4.03.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000690.00CVE-2020-9109
8Huawei WS5800-10 Message denial of service5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2020-9230
9Huawei Mate 30 type confusion7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000670.00CVE-2020-9261
10Huawei Mate 30/Mate 30 Pro information disclosure4.44.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000640.00CVE-2020-1801
11Apple iPhone malloc privileges management6.36.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.001000.00CVE-2019-9536
12vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001210.06CVE-2018-6200
13Xitex Xitex WebContent M1 redirect.do cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.002080.03CVE-2008-1209
14phpPgAds adclick.php5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.003170.08CVE-2005-3791
15phpMyAdmin Redirect url.php 7pk security7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.007640.04CVE-2015-7873
16Huawei OceanStor 5600 SSH Key hard-coded credentials7.47.3$5k-$25k$0-$5kNot DefinedWorkaround0.000730.04CVE-2016-8754
17Huawei HiSuite Library Loader access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.00CVE-2016-8274
18Cisco NX-OS memory corruption5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.002200.00CVE-2017-3879
19NVIDIA Windows GPU Display Driver Kernel Mode Layer data processing4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2017-0320
20Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.021470.00CVE-2007-1192

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
180.211.35.111host111-35-211-80.serverdedicati.aruba.itCenter-207/22/2021verifiedLow
2XX.XX.XXX.XXxxxxxx-xxx-xx-xx.xxxxxx.xxxxxxxxxx.xxXxxxxx-x07/22/2021verifiedVery Low
3XXX.XXX.XX.XXXXxxxxx-x07/22/2021verifiedLow
4XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxx.xxxXxxxxx-x07/22/2021verifiedVery Low

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (83)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ctpms/admin/?page=applications/view_applicationpredictiveHigh
2File/docs/captcha_(number).jpegpredictiveHigh
3File/etc/keystone/user-project-map.jsonpredictiveHigh
4File/forum/away.phppredictiveHigh
5File/horde/util/go.phppredictiveHigh
6File/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.cpredictiveHigh
7File/spip.phppredictiveMedium
8File/webapps/Bb-sites-user-profile-BBLEARN/profile.formpredictiveHigh
9File/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.phppredictiveHigh
10Fileaction/addproject.phppredictiveHigh
11Filexxxxxxx.xxxpredictiveMedium
12Filexxxxxxx.xxxpredictiveMedium
13Filexxxxx/xxxx/xxxxxx/xxx.xxx?xxxpredictiveHigh
14Filexxxxxxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxx.xxxpredictiveHigh
15Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxx/xx-xxxxx-xxxxxxx/xxx-xx-xxxxx-xxxxxxx.xxxpredictiveHigh
17Filexxxxxxxxxxx/xxxxxxxx/xxx.xxxpredictiveHigh
18Filexxx/xxxx/xxxx/xxxx_xxxxx_xxxx_xxxxx.xpredictiveHigh
19Filexxx/xxxx.xxx/xxxxxxxxx/predictiveHigh
20Filexxxxxxxxx.xxxpredictiveHigh
21Filexxxxx_xxxx_xx.xxxpredictiveHigh
22Filexxxxxx/xxx.xpredictiveMedium
23Filexxxxxx/xxx.xpredictiveMedium
24Filexxxxxx.xxxpredictiveMedium
25Filexxxxxxx.xxxpredictiveMedium
26Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
27Filexxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.xpredictiveHigh
28Filexxxxx/xxxxxxxxxxxxx.xxxxxx.xxxpredictiveHigh
29Filexxxxxxxxxxxxxx.xxxpredictiveHigh
30Filexxxxxx.xxxpredictiveMedium
31Filexxxxxxxxxxxxx.xxxxpredictiveHigh
32Filexxxxxx.xxxpredictiveMedium
33Filexxxxx.xxxpredictiveMedium
34Filexxx_xxxx.xxpredictiveMedium
35Filexxxxx.xpredictiveLow
36Filexxxxx.xxxpredictiveMedium
37Filexxxxx.xxxpredictiveMedium
38Filexxxxxxxx.xxpredictiveMedium
39Filexxxxxxxxxx.xxxpredictiveHigh
40Filexxxxxxxx.xxxpredictiveMedium
41Filexxxxxxx.xpredictiveMedium
42Filexxxxxx.xpredictiveMedium
43Filexxxx.xxxpredictiveMedium
44Filexxxxxxxxxxxx.xxxpredictiveHigh
45Filexxx/xxxx/xxxx/xxxxxx/xxxxxxxxxxx.xxxxpredictiveHigh
46Filexxx_xxxxx.xpredictiveMedium
47Filexxx_xxxxxxxx.xpredictiveHigh
48Filexxx.xxxpredictiveLow
49Filexxxxxxxx/xxxxxxx.xxxxpredictiveHigh
50Filexx-xxxxx.xxxpredictiveMedium
51Filexxx.xpredictiveLow
52Libraryxxx/xxxx/xxxxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
53Libraryxxxxxxxx.xxxpredictiveMedium
54Libraryxxx/xxxxxx/xxx/xxx/xxxxxxxxxxxx.xxxpredictiveHigh
55Argument$_xxx['xxx']predictiveMedium
56ArgumentxxxxxxpredictiveLow
57ArgumentxxxxxxxxpredictiveMedium
58Argumentxx/xxxxxxpredictiveMedium
59ArgumentxxxxpredictiveLow
60Argumentxxxxxx xxxxpredictiveMedium
61ArgumentxxxxxxxxxxxxpredictiveMedium
62ArgumentxxxxxxxxpredictiveMedium
63ArgumentxxxxxpredictiveLow
64ArgumentxxpredictiveLow
65ArgumentxxxxpredictiveLow
66ArgumentxxpredictiveLow
67Argumentxxxxxxxx_xxxxxxxx_xpredictiveHigh
68ArgumentxxxxxxxpredictiveLow
69ArgumentxxxxxxxxpredictiveMedium
70Argumentxx_xxxxxpredictiveMedium
71ArgumentxxxxpredictiveLow
72ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
73Argumentxxxxxxxxx_xxpredictiveMedium
74Argumentxxxxx_xxxxx_xxxxpredictiveHigh
75ArgumentxxxxxxxpredictiveLow
76ArgumentxxxpredictiveLow
77ArgumentxxxpredictiveLow
78Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveHigh
79Argumentxxxx_xxpredictiveLow
80Argumentxxx_xxxxxxxxxpredictiveHigh
81Input Value%x/%xpredictiveLow
82Network Portxxx/xxxxpredictiveMedium
83Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!