CopyKittens Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en157
es150
pl149
fr148
de143

Country

es150
pl149
fr148
de143
sv133

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1OpenJPEG memory corruption7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2013-6045
2Google Chrome Bindings use after free7.36.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.08CVE-2014-3171
3Backdoor.Win32.FTP.Lana.01.d Service Port 6666 information disclosure4.33.8$0-$5k$0-$5kProof-of-ConceptWorkaround0.08
4Gajim get_last_conversation_lines sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2012-2086
5Google Chrome ANGLE heap-based overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.13CVE-2022-0789
6ffjpeg Incomplete Fix CVE-2020-13438 jfif.c bmp_load null pointer dereference3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-45385
7Cloudflare OctoRPKI Repository denial of service3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-3910
8Apple iOS credentials management5.35.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2014-4363
9F-Secure Antivirus Engine PST File denial of service4.04.0$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-40836
10Oracle MySQL Server Replication denial of service4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-35546
11Microsoft Windows null pointer dereference7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2011-1881
12Controlup Real-Time Agent Named Pipe cuAgent.exe ProcessActionRequest os command injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-45912
13Toocharger Trombinoscope photo.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.09CVE-2012-4282
14Oracle Banking APIs Framework xml external entity reference7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-25649
15IBM MQ Appliance Messaging unknown vulnerability4.14.0$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-22321
16Cisco IOS Clientless SSL VPN memory corruption4.34.3$25k-$100k$5k-$25kNot DefinedNot Defined0.00CVE-2012-1344
17Bitdefender GravityZone Endpoint Security Tools server-side request forgery7.16.9$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-3959
18Privoxy Socket resource management5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.04CVE-2015-1030
19Microsoft Defender for Endpoint Remote Code Execution6.66.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.69CVE-2022-23278
20Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.30CVE-2021-34473

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Wilted Tulip

IOC - Indicator of Compromise (84)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
15.34.180.252vds-uuallex-113169.hosted-by-itldc.comCopyKittensWilted TulipHigh
25.34.181.13backups231.comCopyKittensWilted TulipHigh
331.192.105.16down-it-niscat.cosmeticdentistwellesley.comCopyKittensWilted TulipHigh
431.192.105.17CopyKittensWilted TulipHigh
531.192.105.28CopyKittensWilted TulipHigh
638.130.75.20h20-us75.fcsrv.netCopyKittensWilted TulipHigh
751.254.76.54CopyKittensWilted TulipHigh
862.109.2.52ns.leangroup.ruCopyKittensWilted TulipHigh
962.109.2.109mediclick.ruCopyKittensHigh
1066.55.152.16466-55-152-164.choopa.netCopyKittensWilted TulipHigh
1168.232.180.12268-232-180-122.choopa.netCopyKittensWilted TulipHigh
1280.179.42.3780.179.42.37.forward.012.net.ilCopyKittensWilted TulipHigh
1380.179.42.44lnkrten-dazling.linegrace.comCopyKittensHigh
1486.105.18.5CopyKittensHigh
1593.190.138.13793-190-138-137.hosted-by-worldstream.netCopyKittensWilted TulipHigh
16104.200.128.48CopyKittensWilted TulipHigh
17104.200.128.58CopyKittensWilted TulipHigh
18XXX.XXX.XXX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
19XXX.XXX.XXX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
20XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
21XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
22XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
23XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
24XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
25XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
26XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
27XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
28XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
29XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
30XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
31XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
32XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
33XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
34XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxx.xxXxxxxxxxxxxXxxxxx XxxxxHigh
35XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
36XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
37XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
38XXX.XXX.XXX.XXXxxx-xx-xxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
39XXX.XXX.XXX.XXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
40XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
41XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
42XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
43XXX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxHigh
44XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
45XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
46XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
47XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
48XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
49XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
50XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
51XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxx.xxXxxxxxxxxxxXxxxxx XxxxxHigh
52XXX.X.XX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
53XXX.X.XX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
54XXX.X.XX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
55XXX.X.XX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
56XXX.X.XX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
57XXX.XX.XXX.XXXxxxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
58XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
59XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
60XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
61XXX.XX.XX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
62XXX.XX.XX.XXXxxxx-xx.xxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
63XXX.XXX.XX.XXXxxxxxxxx.xxxxxxxx.xxXxxxxxxxxxxHigh
64XXX.XXX.XX.XXXxxxxxxxx.xxxxxxxx.xxXxxxxxxxxxxXxxxxx XxxxxHigh
65XXX.XXX.XXX.XXXxxxxxxxx.xxxx.xxXxxxxxxxxxxHigh
66XXX.XXX.XXX.XXXxxxxxxxxxxxx.xxxXxxxxxxxxxxHigh
67XXX.XXX.XXX.XXXxx----xxxxxxxxxxxxxxxxxxx.xx--xxxxXxxxxxxxxxxXxxxxx XxxxxHigh
68XXX.XXX.XXX.XXxxxxxxx.xxxxxxxxxxxxxxxx.xxXxxxxxxxxxxHigh
69XXX.XXX.XXX.XXXxxxxxxxxxxHigh
70XXX.XXX.XXX.XXXxxxxxxxxxxxx.xxxXxxxxxxxxxxHigh
71XXX.XXX.XX.XXxxxx.xxxxxxxxx.xx.xxXxxxxxxxxxxXxxxxx XxxxxHigh
72XXX.XX.XXX.XXXxxxxx.xx-xxx-xx-xxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
73XXX.XX.XXX.XXXxxxxxxxxxxXxxxxx XxxxxHigh
74XXX.XX.XXX.XXXxxxxx.xxxxxxxxxxxxxxxxxxxxxx.xxx.xxXxxxxxxxxxxXxxxxx XxxxxHigh
75XXX.XXX.XXX.XXXXxxxxxxxxxxXxxxxx XxxxxHigh
76XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
77XXX.XXX.XX.XXxxx-xxx-xx-xx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
78XXX.XXX.XX.XXxxx-xxx-xx-xx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
79XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxXxxxxxxxxxxHigh
80XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxXxxxxxxxxxxHigh
81XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
82XXX.XXX.XX.XXxxxx.xxxxxxxx.xx.xxXxxxxxxxxxxHigh
83XXX.XX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh
84XXX.XX.XXX.XXXxxxxx-xxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxXxxxxx XxxxxHigh

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (189)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/about/../Medium
2File/admin/admin.php?module=admin_group_edit&agIDHigh
3File/admin/configure.phpHigh
4File/admin/index.php?lfj=member&action=editmemberHigh
5File/admin/login.phpHigh
6File/apilog.phpMedium
7File/box_code_base.cHigh
8File/cloud_config/router_post/upgrade_infoHigh
9File/forgetpassword.phpHigh
10File/formAdvFirewallHigh
11File/function/booksave.phpHigh
12File/jerry-core/ecma/base/ecma-helpers-conversion.cHigh
13File/moddable/xs/sources/xsDataView.cHigh
14File/ok_png.cMedium
15Fileabc2ps.cMedium
16Fileacknow.phpMedium
17Fileadminlogin.phpHigh
18Fileadmin_home.phpHigh
19Filealfresco/s/admin/admin-nodebrowserHigh
20Fileallocator.ccMedium
21FileAndroidManifest.xmlHigh
22Filexxxxxxx_xxxx_xxxxxxx_xxxxxx_xxxxxxx.xHigh
23Filexxxxxxxxxx.xxxHigh
24Filexxxxxxxxxxxxxxxxx.xxxHigh
25Filexxxxxxxxx.xxxHigh
26Filexxxxxxx.xxxMedium
27Filexxxxxx.xMedium
28Filexxxxxx_xxxxxxxx_xxx.xxxHigh
29Filexxxxxxx.xxxMedium
30FilexxxxxxxxMedium
31Filexxxxxxx.xxxMedium
32Filexx_xxxx.xMedium
33Filexxxxxxx/xxxxxxxxx/xxxxxx_xx.xHigh
34Filexxxxxxx/xxx/xxxxxxxx/xx.xHigh
35Filexxxxxxxxxxxx.xxxHigh
36Filexxxx_xxxxxx_xxxx.xxxHigh
37Filexxxxx.xxxMedium
38Filexxxxxxxx.xxxMedium
39Filexx/xxx/xxx.xMedium
40Filexxxxxxxxxxx.xHigh
41Filexxx_xxxxxx.xxHigh
42Filexxxxxx.xxxMedium
43Filexxxxx.xxxMedium
44Filexxxxx.xxxMedium
45Filexxxxxxxxxxx.xxxHigh
46Filexxxxxxxxx.xxxHigh
47Filexxxxx.xLow
48Filexxxx.xLow
49Filexxxxxx_xxxxxxxxx.xHigh
50Filexxxxxxx.xxxMedium
51Filexxxxxxxxxxxxxxxxxxxx.xxxxHigh
52Filexxxxxx.xxxMedium
53Filexxxxxxxxx.xMedium
54Filexx.xLow
55Filexxxxxx_xxxxx.xxxHigh
56Filexxxxxxxxx.xMedium
57Filexxxxxxxxx.xxxHigh
58Filexxxxxxxx.xxxMedium
59Filexxxxxxx.xMedium
60Filexxx.xLow
61Filexxxxx.xxxMedium
62Filexxxxxxx.xxxMedium
63Filexxxxxxxx.xMedium
64Filexxxxxxxx.xMedium
65Filexxxxx.xxxMedium
66FilexxxxLow
67Filexxxxx-xxxxx.xHigh
68Filexxxxxxxx.xMedium
69Filexxxxxxxx-xxxxxx.xxxHigh
70Filexxxxxx_xxxx_xxxxxx.xxxHigh
71Filexxxxxx_xxxx.xHigh
72Filexxxxxxxxxxxxxxxxxxxx.xxxHigh
73Filexxxxxx.xxxxx.xxxHigh
74Filexxxxxxx:xxxxxxxxxxHigh
75Filexxx/xxxxxxxx.xHigh
76Filexxx/xxxxxxxxx.xHigh
77Filexxx/xxxxxxxx.xHigh
78Filexxx/xxxxx.xMedium
79Filexxx/xxx_xxxx.xHigh
80Filexxx_xxxxx.xMedium
81Filexxxxxxxxx.xxxHigh
82Filexxxxxx_xxx.xMedium
83Filexxxxxxxxxxxxx.xxHigh
84Filexxxxxxxxxxx.xxxHigh
85Filexxxxxxxxxx.xxxHigh
86Filexxxxx/xx/xx_xxx_xxxxxx.xHigh
87Filexxxxxxxx.xMedium
88Filexxxxxxxxxxxxxxxxxxxx.xxxxHigh
89Filexxxx.xLow
90Filexxx.xxxx.xxxxxHigh
91Filexxxxx_xxxxxx.xxxxxx.xxxHigh
92Filexx-xxxxx.xxxMedium
93Filexxx/xxxxx/xxx.xxxHigh
94Filexxxx.xLow
95Filexxxxxxx/xxxxx.xxxHigh
96File\xxx\xxxxxxxxxxxxxxxx.xxxxHigh
97File~/xxxxx/xxxxxxxx/xxxxx-xxxxxx-xxx-xxxxx-xxxxxxxx-xxxxxxx.xxxHigh
98File~/xxx/xxxxxxxxxxxxxxxxxxxxx.xxxHigh
99File~/xxxxxxxxx/xxxxxxxx.xxxHigh
100Libraryxxxxxxxxx.xxxHigh
101Libraryxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
102Libraryxxxx_xx.xxxMedium
103Libraryxxx/xxxx.xxMedium
104Libraryxxx/xxxxxxx.xxxHigh
105Libraryxxx/xxxxx/xxxx.xxxHigh
106Libraryxxx/xxxx/xxxxxxx/xxxxxxxx_xxxxxxx/xxxx_xxxxxxxx.xxHigh
107LibraryxxxxxxxxMedium
108Libraryxxxxxxx.xxxMedium
109Libraryxxxxxxxx.xxxMedium
110Libraryxxxxxxxx.xxxMedium
111Libraryxxxxxxxxxxxxxxx.xxxHigh
112Libraryxxxx_xxxxxx.xxxHigh
113Libraryxxx/xxx/xxxxxxxxx-xxx-xxxHigh
114Argument--xxxxxxx-xxxHigh
115ArgumentxxxxxxxLow
116ArgumentxxxxxxLow
117ArgumentxxxxxxxxxxxMedium
118ArgumentxxxxLow
119ArgumentxxxxxxxLow
120ArgumentxxxxxxLow
121ArgumentxxxxxxxxxxMedium
122ArgumentxxxxxxxLow
123ArgumentxxxxxxxxxMedium
124ArgumentxxxxxxxLow
125ArgumentxxxxxxxxxMedium
126Argumentxxxxxx_xxxxxMedium
127Argumentxxxxxx.xxxxx/xxxxxx.xxxxxxHigh
128ArgumentxxxxxxxxxxxxxxxxxxxHigh
129ArgumentxxxxxLow
130ArgumentxxxxxxxxxxxMedium
131ArgumentxxxxxLow
132Argumentxxxx_xxLow
133Argumentxxxx=Low
134Argumentxxxxxxxx/xxx/xxxxxx/xxxxxxxHigh
135Argumentxxxxxx_xxxxMedium
136Argumentxxxxxxxxxx_xxxx_xxxxxxHigh
137ArgumentxxxxLow
138Argumentxxxx_xxxxxxx_xxxxxxxxxHigh
139ArgumentxxLow
140ArgumentxxLow
141Argumentxxxxx_x/xxxxx_xHigh
142Argumentxx xxxxxxxMedium
143Argumentxxxxxx-xxxxxx-xxxxxx-xxxxHigh
144Argumentxxxxxxxxxxxxx/xxxxxxxxxxxxxxHigh
145ArgumentxxxLow
146Argumentxxx_xxxxx_xxxxxxx_xxxxxx_xxxxxHigh
147Argumentxxxx_xxLow
148ArgumentxxxxxxLow
149Argumentxxxx_xxxxMedium
150ArgumentxxxxxxLow
151ArgumentxxxLow
152ArgumentxxxxxLow
153ArgumentxxxxLow
154ArgumentxxxxxxxxMedium
155ArgumentxxxxxxxxxxxxxHigh
156Argumentxxxxx/xxxxxxxHigh
157Argumentxxxxxxx/xxxxxxxHigh
158Argumentxxxxxxxx/xxxxxxxxxHigh
159ArgumentxxxxLow
160Argumentxxxx xxxxxMedium
161Argumentxxxx xxxxxMedium
162Argumentxxxx_xxLow
163ArgumentxxxxxxxxxxxxxxxHigh
164ArgumentxxxxxxLow
165ArgumentxxxLow
166Argumentxx_xxxxxxxxxxHigh
167Argumentxxxxx_xxxxxxMedium
168Argumentxxxxx_xxxxMedium
169ArgumentxxxxxxxxMedium
170ArgumentxxxxLow
171Argumentxxx-xxxxxxxMedium
172ArgumentxxxxxxxLow
173Argumentxxxxxx_xxxx/xxxxxx_xxxx/xxxxxxxxxx_xxxxxxxxxHigh
174Argumentxxxx_xxxxMedium
175ArgumentxxxxxLow
176Argumentxxxx xxxxxMedium
177ArgumentxxLow
178ArgumentxxxxxxLow
179ArgumentxxxxxxxxMedium
180ArgumentxxxLow
181ArgumentxxxxxLow
182ArgumentxxLow
183ArgumentxxxLow
184ArgumentxxxLow
185ArgumentxxxxxxxLow
186ArgumentxxxxxxxxMedium
187ArgumentxxxxxxxxxxxxMedium
188Argumentxxxxx_xxxxxxxx_xxx_xxx_xxxxHigh
189ArgumentxxxxLow

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!