Dark Caracal Analysis

IOB - Indicator of Behavior (329)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en256
zh64
ru4
ja2
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

la224
cz28
cn28
us22
my14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Moodle6
Microsoft Windows6
WordPress6
Joomla CMS4
Ecommerce-CodeIgniter-Bootstrap4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010757.23CVE-2006-6168
2Synacor Zimbra Collaboration mboximport pathname traversal4.74.5$0-$5k$0-$5kHighOfficial Fix0.961420.00CVE-2022-27925
3DEXT5 DEXT5Upload dext5handler.jsp unrestricted upload8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.015490.02CVE-2020-13442
4DEXT5Upload dext5handler.jsp pathname traversal4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.005030.03CVE-2020-35362
5Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009361.99CVE-2020-15906
6DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.70CVE-2010-0966
7nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.84CVE-2020-12440
8FasterXML jackson-databind input validation9.89.2$0-$5k$0-$5kNot DefinedOfficial Fix0.004100.04CVE-2019-14540
9Liferay Portal privileges management9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.006940.00CVE-2011-1571
10Drupal Sanitization API cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000560.02CVE-2020-13672
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.69
12LiteSpeed Cache Plugin Shortcode cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000510.03CVE-2023-4372
13WebTitan Appliance Extensions Persistent cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.00
14ipTIME NAS-I Bulletin Manage unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.009880.05CVE-2020-7847
15request-baskets API Request {name} server-side request forgery6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.081090.00CVE-2023-27163
16PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.019600.03CVE-2007-1287
17Microsoft Windows Scripting Engine Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.330480.00CVE-2021-34480
18DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd resource injection4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.001830.00CVE-2022-41479
19CodeIgniter old deserialization6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.068970.04CVE-2022-21647
20Basilix Webmail login.php3 command injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.02

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (161)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/dl_sendmail.phppredictiveHigh
2File/adminPage/conf/reloadpredictiveHigh
3File/api/baskets/{name}predictiveHigh
4File/api/v2/cli/commandspredictiveHigh
5File/apply.cgipredictiveMedium
6File/dede/sys_sql_query.phppredictiveHigh
7File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveHigh
8File/DXR.axdpredictiveMedium
9File/forum/away.phppredictiveHigh
10File/mfsNotice/pagepredictiveHigh
11File/novel/bookSetting/listpredictiveHigh
12File/novel/userFeedback/listpredictiveHigh
13File/owa/auth/logon.aspxpredictiveHigh
14File/spip.phppredictiveMedium
15File/usr/bin/pkexecpredictiveHigh
16File/x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3predictiveHigh
17File/zm/index.phppredictiveHigh
18Fileadclick.phppredictiveMedium
19Fileadmin.jcomments.phppredictiveHigh
20Filexxxxx/xxxx-xxxxxxx/xxxxxxxxxxxpredictiveHigh
21Filexxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
22Filexxxxx.xxxpredictiveMedium
23Filexxxxxxxxxxx.xxxpredictiveHigh
24Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxx.xxxpredictiveMedium
26Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveHigh
27Filexxxx_xxxxxxx.xxxpredictiveHigh
28Filexxx-xxx/xxxxxxx.xxpredictiveHigh
29Filexxxxx.xxxpredictiveMedium
30Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveHigh
31Filexxxxx-xxxxxxx.xxxpredictiveHigh
32Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
33Filexxxxxx.xxxpredictiveMedium
34Filexxxxxxxxxx\xxxx.xxxpredictiveHigh
35Filexxxxxxxxxxx.xxxpredictiveHigh
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxx-xxxxxx.xxxpredictiveHigh
39Filexxxx.xxxpredictiveMedium
40Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
41Filexxxx.xxxpredictiveMedium
42Filexxxxx_xxxxxxxx.xxxpredictiveHigh
43Filexxxxx_xxxx.xxxpredictiveHigh
44Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
46Filexxx/xxxxxx.xxxpredictiveHigh
47Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
48Filexxxxx.xxxxpredictiveMedium
49Filexxxxx.xxxpredictiveMedium
50Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
51Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
52Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
53Filexxx.xpredictiveLow
54Filexxxx_xxxxxxx.xxxpredictiveHigh
55Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveHigh
56Filexxxxx.xxxxpredictiveMedium
57Filexxxxx.xxxpredictiveMedium
58Filexxxx.xxxxpredictiveMedium
59Filexx_xxxx.xpredictiveMedium
60Filexxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
61Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveHigh
62Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
63Filexxxxxxx_xxxx.xxxpredictiveHigh
64Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxxxxxx.xxxpredictiveMedium
66Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
67Filexxxxxxx_xxxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
70Filexxxx.xxxpredictiveMedium
71Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
72Filexxxx_xxxxx.xxxxpredictiveHigh
73Filexxxxxxxxxx_xxxx.xxxpredictiveHigh
74Filexxx/xxxx/xxxxpredictiveHigh
75Filexxxxxx/xxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
76Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
77Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
79Filexxxx_xxxxxx.xxpredictiveHigh
80Filexxxx-xxxxx.xxxpredictiveHigh
81Filexxxx-xxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxxxx_xxxxx.xxxpredictiveHigh
84Filexxxxxx.xxxpredictiveMedium
85Filexxxxxxx-xxxxx.xxxpredictiveHigh
86Filexxxx_xxxxx.xxxpredictiveHigh
87Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
88Filexxxx.xxxpredictiveMedium
89Filexx-xxxxx/xxxx.xxxpredictiveHigh
90Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
91Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
92Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
93Filexxxx.xxxpredictiveMedium
94File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
95File~/xxxxxxxx/xxxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
96File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
97File~/xxxxxxxx/xxxxxx/xxxxxx.xxxpredictiveHigh
98Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveHigh
99Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveHigh
100Argumentxxx_xxxpredictiveLow
101ArgumentxxxxpredictiveLow
102ArgumentxxxxxxxxxpredictiveMedium
103ArgumentxxxxxxxxpredictiveMedium
104Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveHigh
105Argumentxxxxx_xxxxpredictiveMedium
106Argumentxxxx_xxx_xxxxpredictiveHigh
107ArgumentxxxxxxxxxxpredictiveMedium
108ArgumentxxxpredictiveLow
109ArgumentxxxxxxxxxxxxxxxpredictiveHigh
110ArgumentxxxxxxpredictiveLow
111ArgumentxxxxxxxxxxxxxpredictiveHigh
112ArgumentxxxxpredictiveLow
113ArgumentxxxxxpredictiveLow
114Argumentxxxxxxxxx_xxxxxxpredictiveHigh
115ArgumentxxxxxxxxxpredictiveMedium
116Argumentxx_xxxxxxxpredictiveMedium
117ArgumentxxxxpredictiveLow
118ArgumentxxxxxxxxpredictiveMedium
119ArgumentxxxxxpredictiveLow
120ArgumentxxxxxxxxxxxxxxxpredictiveHigh
121Argumentxxxxxx_xxxxxpredictiveMedium
122Argumentxx_xxpredictiveLow
123Argumentxxxxxxx[xxxxxxx]predictiveHigh
124ArgumentxxxxxxxpredictiveLow
125ArgumentxxxxxxpredictiveLow
126ArgumentxxxxxpredictiveLow
127Argumentxxxxxx_xxxx_xxxpredictiveHigh
128ArgumentxxpredictiveLow
129ArgumentxxxpredictiveLow
130ArgumentxxxxpredictiveLow
131ArgumentxxxxpredictiveLow
132Argumentxxx xxxxxxxx/xxxxxxx xxxxxxxxpredictiveHigh
133ArgumentxxxxxxxxpredictiveMedium
134ArgumentxxpredictiveLow
135Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
136ArgumentxxxxxxxpredictiveLow
137ArgumentxxxxpredictiveLow
138ArgumentxxxxxxxxpredictiveMedium
139Argumentxxxxxx_xxxxxxpredictiveHigh
140Argumentxxxxxxx xxxxpredictiveMedium
141Argumentxxxxxxxx_xxpredictiveMedium
142Argumentxxx_xxxxxxpredictiveMedium
143Argumentxxxxxx_xxxxxpredictiveMedium
144ArgumentxxxxxxxxpredictiveMedium
145Argumentxxxx_xxxxpredictiveMedium
146ArgumentxxxxpredictiveLow
147ArgumentxxxpredictiveLow
148ArgumentxxxxxxpredictiveLow
149Argumentxxxxxx_xxxx[]predictiveHigh
150ArgumentxxxxxxxpredictiveLow
151ArgumentxxxpredictiveLow
152ArgumentxxxxxpredictiveLow
153Argumentxx_xxxxxxxxpredictiveMedium
154ArgumentxxxpredictiveLow
155ArgumentxxxxxxxxpredictiveMedium
156Argument_xxx_xxxxxxxxxxx_predictiveHigh
157Input ValuexxxxxpredictiveLow
158Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
159Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
160Pattern|xx xx xx xx|predictiveHigh
161Network PortxxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!