Cpuminer Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (328)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en306
ru20
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA34
CN: China26
RU: Russia4
ES: Spain2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

AsyncRAT2
Cobalt Strike2
RedLine Stealer2
Responder2
TeamTNT1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined138
WordPress Plugin24
Content Management System14
Operating System14
Programming Language Software10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined78
mooSocial16
Google12
PHP Jabbers10
Apple8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

mooSocial mooDating14
Google Chrome6
Apple macOS6
Google Android4
4Site CMS4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection7.57.2$0-$5k$0-$5kProof-of-ConceptWorkaroundexpected0.915200.05CVE-2024-7120
2Netgear WN604 Web Interface downloadFile.php information disclosure5.35.1$5k-$25k$0-$5kProof-of-ConceptWorkaroundexpected0.921240.03CVE-2024-6646
3Byzoro Smart S210 Management Platform uploadfile.php unrestricted upload7.57.3$0-$5k$0-$5kProof-of-ConceptNot definedexpected0.867110.02CVE-2024-0939
4TVT DVR TD-2104TS-CL queryDevInfo information disclosure5.35.1$0-$5k$0-$5kProof-of-ConceptWorkaroundexpected0.812850.02CVE-2024-7339
5osCommerce all-products cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot defined 0.101160.03CVE-2024-4348
6D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection8.18.1$5k-$25k$0-$5kAttackedWorkaroundverified0.944050.07CVE-2024-3273
7mooSocial mooDating URL users cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.071890.02CVE-2023-3847
8Dahua Smart Park Management devicePoint_addImgIco unrestricted upload7.57.3$0-$5k$0-$5kProof-of-ConceptNot definedexpected0.904460.03CVE-2023-3836
9PHP Jabbers Bus Reservation System index.php cross site scripting4.94.8$0-$5k$0-$5kProof-of-ConceptNot defined 0.050230.03CVE-2023-4111
10PHP Jabbers Taxi Booking index.php cross site scripting4.94.8$0-$5k$0-$5kProof-of-ConceptNot defined 0.062580.05CVE-2023-4116
11DedeCMS select_templets.php path traversal4.64.5$0-$5k$0-$5kProof-of-ConceptNot defined 0.025530.02CVE-2023-2059
12PHP Jabbers Availability Booking Calendar index.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.043440.06CVE-2023-4110
13Ellucian Ethos Identity logout cross site scripting4.94.8$0-$5k$0-$5kProof-of-ConceptOfficial fixpossible0.770480.03CVE-2023-2822
14PlayTube Redirect information disclosure5.45.2$0-$5k$0-$5kProof-of-ConceptNot definedexpected0.900350.00CVE-2023-4714
15ColumbiaSoft Document Locator WebTools login improper authentication8.18.0$0-$5k$0-$5kNot definedOfficial fixexpected0.875650.07CVE-2023-5830
16Academy LMS GET Parameter filter sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot definedpossible0.432310.06CVE-2023-4974
17mooSocial mooDating URL question cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.071890.07CVE-2023-3843
18mooSocial mooDating URL ajax_invite cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.071890.02CVE-2023-3845
19Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password7.57.3$0-$5k$0-$5kProof-of-ConceptNot definedexpected0.906610.02CVE-2023-5222
20Ruijie RG-EW1200G Administrator Password set_passwd access control7.16.9$0-$5k$0-$5kProof-of-ConceptNot definedexpected0.909560.03CVE-2023-4169

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.9.148.117Cpuminer07/16/2022verifiedMedium
2XXX.XXX.XX.XXXXxxxxxxx10/06/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-24, CWE-28, CWE-425Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-XXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-XCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxpredictiveHigh
19TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
22TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (169)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/academy/tutor/filterpredictiveHigh
2File/ad-listpredictiveMedium
3File/admin/suppliers/view_details.phppredictiveHigh
4File/ajax.php?action=read_msgpredictiveHigh
5File/api/authentication/loginpredictiveHigh
6File/api/sys/loginpredictiveHigh
7File/api/sys/set_passwdpredictiveHigh
8File/api/v2/open/rowsInfopredictiveHigh
9File/app/sys1.phppredictiveHigh
10File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictiveHigh
11File/cas/logoutpredictiveMedium
12File/catalog/all-productspredictiveHigh
13File/cgi-bin/adm.cgipredictiveHigh
14File/cgi-bin/mesh.cgi?page=upgradepredictiveHigh
15File/cgi-bin/nas_sharing.cgipredictiveHigh
16File/cgi-bin/nightled.cgipredictiveHigh
17File/cgi-bin/touchlist_sync.cgipredictiveHigh
18File/cgi-bin/vitogate.cgipredictiveHigh
19File/debug/pprofpredictiveMedium
20File/xxxxxxx_xxx/xxxx.xxxx.xxx?xxxxxx=xxxxxxxxxxpredictiveHigh
21File/xxxxxxxxxxxx.xxxpredictiveHigh
22File/xxxx/xxxxxxxxxxx_xxxxxxxxx?xxxxxxxxxxxx=xxxxpredictiveHigh
23File/xxxpredictiveLow
24File/xxxx-x-xxxxxpredictiveHigh
25File/xxxxxxxpredictiveMedium
26File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
27File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
28File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
29File/xxx/xxxxxx/xxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
30File/xxxxx.xxxpredictiveMedium
31File/xxxxx.xxx?xxxx=xxxxxxxx_xxxpredictiveHigh
32File/xxxxxx/xxxxxxx.xxxpredictiveHigh
33File/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
34File/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
35File/xxxxxpredictiveLow
36File/xxx/xxxx.xxxpredictiveHigh
37File/xxxxxxxx/xxxxx.xxxpredictiveHigh
38File/xxxxxxxxxxxxpredictiveHigh
39File/xxxxxxpredictiveLow
40File/xxxxxx/xxxxxpredictiveHigh
41File/xxx/xxxxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
42File/xxxx/xxxxxxxxxx.xxxpredictiveHigh
43File/xxxxxpredictiveLow
44File/xxxxx/xxxxpredictiveMedium
45Filexxx-xxxxxx-xxxx.xxxpredictiveHigh
46Filexxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
47Filexxxxx/xxxxx-xxx-xxxxx-xxxxx.xxxpredictiveHigh
48Filexxxxx/xxxxxxx/xxxxxxxxxxxxpredictiveHigh
49Filexxxxxxxxxxxx/xxxxx/xxxx/predictiveHigh
50Filexxxxx.xxxpredictiveMedium
51Filexxx_xx_xxx_xxx.xxxpredictiveHigh
52Filexxx/xxxxxx/xxxx/xxx_xxxxxx.xxxpredictiveHigh
53Filexxx.xpredictiveLow
54FilexxxpredictiveLow
55Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
56Filexxxxxx.xxxpredictiveMedium
57Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
58Filexxx_xxxx.xpredictiveMedium
59Filexxx/xxxxx.xxxxxpredictiveHigh
60Filexxxx/xxxxxxxx/xxx&xx=xxxxxxxpredictiveHigh
61Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
62Filexxxxxxx_xxx.xxxxpredictiveHigh
63Filexxxxxx.xxxpredictiveMedium
64Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
65Filexxxxx.xxxpredictiveMedium
66Filexx_xxxxx.xpredictiveMedium
67Filexxxxx_xxxxx.xpredictiveHigh
68Filexxxxxxxx/xxxxxxxxxpredictiveHigh
69Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
70Filexxxx.xxxpredictiveMedium
71Filexxxxx.xxxpredictiveMedium
72Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
73Filexxxxxxxx.xxxpredictiveMedium
74Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
75Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
76Filexxxxx.xxxpredictiveMedium
77Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
78Filexxxxx/xxxxx.xxxxxpredictiveHigh
79Filexxxxxxx.xpredictiveMedium
80Filexxxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxx-xxxxxxx.xxxpredictiveHigh
82Filexxxxxx-xxxxxx.xxxpredictiveHigh
83Filexxxxxxxxx.xxxpredictiveHigh
84Filexxxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
85Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
86Filexxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
87Filexxx/xxxx.xpredictiveMedium
88Filexxx.xpredictiveLow
89FilexxxxxxxxxxxxxxxxpredictiveHigh
90Filexxx-xxxxxxx-xxx.xxpredictiveHigh
91Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
92Filexxxxxxx.xpredictiveMedium
93Filexxxxxxx.xxxpredictiveMedium
94Filexxx.xxxpredictiveLow
95Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
96File\xxxxxxxxxx\xxxxxxxxx\xxx\xxxxxx.xxpredictiveHigh
97File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
98Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
99Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
100Libraryxxxxxxx.xxxpredictiveMedium
101Libraryxxxxx.xxxpredictiveMedium
102Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
103ArgumentxxxxxxpredictiveLow
104ArgumentxxxxxxpredictiveLow
105ArgumentxxxpredictiveLow
106ArgumentxxxxxxxxxxxpredictiveMedium
107Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
108ArgumentxxxxxxpredictiveLow
109Argumentx:\xxxxxxx\xpredictiveMedium
110Argumentxxxxx_xxxxpredictiveMedium
111ArgumentxxxpredictiveLow
112ArgumentxxxpredictiveLow
113ArgumentxxxxxxxpredictiveLow
114Argumentxxxxx_xxpredictiveMedium
115ArgumentxxxxxxxxpredictiveMedium
116ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
117Argumentxxx_xxxpredictiveLow
118ArgumentxxxxpredictiveLow
119ArgumentxxxxpredictiveLow
120ArgumentxxxxxxxxpredictiveMedium
121Argumentxxxx_xxxxxpredictiveMedium
122Argumentxxxx_xxxxxxpredictiveMedium
123Argumentxxxxxx[xxxxxxx]/xxxxxx[xxxxx]predictiveHigh
124Argumentxxxxxx_xxxpredictiveMedium
125ArgumentxxxxpredictiveLow
126ArgumentxxpredictiveLow
127ArgumentxxxxxpredictiveLow
128ArgumentxxxxxpredictiveLow
129Argumentxxxxx/xxxxxx_xxpredictiveHigh
130ArgumentxxxxxxxpredictiveLow
131ArgumentxxpredictiveLow
132ArgumentxxxxxxpredictiveLow
133ArgumentxxxxpredictiveLow
134Argumentxxxxxxxx[xx]predictiveMedium
135ArgumentxxxpredictiveLow
136ArgumentxxxxpredictiveLow
137ArgumentxxxxpredictiveLow
138ArgumentxxxxxxpredictiveLow
139Argumentxxxxx_xxx/xxxxx_xxxpredictiveHigh
140ArgumentxxxxxxxpredictiveLow
141Argumentx_xxxxpredictiveLow
142ArgumentxxxxxxxxxxxxxpredictiveHigh
143Argumentxxxxxxxxxxx/xxxxpredictiveHigh
144Argumentxxxxxx_xxxxpredictiveMedium
145Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
146ArgumentxxxxxxxxxxpredictiveMedium
147ArgumentxxxxxxpredictiveLow
148Argumentxxxxxxx_xxpredictiveMedium
149ArgumentxxxpredictiveLow
150ArgumentxxxxxpredictiveLow
151Argumentxxxxx_xxxxpredictiveMedium
152ArgumentxxxxxxpredictiveLow
153Argumentxxxxx_xxxxpredictiveMedium
154ArgumentxxxxxxxxpredictiveMedium
155ArgumentxxxxxxxxxxxpredictiveMedium
156ArgumentxxpredictiveLow
157ArgumentxxxxxxpredictiveLow
158ArgumentxxxpredictiveLow
159ArgumentxxxxxxpredictiveLow
160ArgumentxxxxxxxxpredictiveMedium
161ArgumentxxxxpredictiveLow
162Argumentx-xxxxxxxxx-xxxxpredictiveHigh
163Input Value"><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
164Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
165Input Value/../../../../../../../../../xxxxxxx/xxx.xxxpredictiveHigh
166Input Value//xxx//xxxxxxx.xxxpredictiveHigh
167Input ValuexxxxxxpredictiveLow
168Input ValuexxpredictiveLow
169Input Valuexxxxxxx -xxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!