DazzleSpy Analysis

IOB - Indicator of Behavior (13)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en10
zh4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

SourceCodester Guest Management System2
AddToAny Share Buttons Plugin2
Ganglia Ganglia-web2
Oracle Database2
DPTech VPN2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1TrueConf Server sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00656CVE-2022-46764
2NotificationX Plugin SQL Statement sql injection5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.02414CVE-2022-0349
3AddToAny Share Buttons Plugin Image Button Setting cross site scripting2.42.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00053CVE-2021-24616
4DPTech VPN information disclosure3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00150CVE-2022-34593
5Apache Tomcat Request Header information disclosure5.65.6$5k-$25k$0-$5kNot DefinedNot Defined0.020.00300CVE-2020-17527
6Ganglia Ganglia-web Remote Code Execution7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.18799CVE-2012-3448
7Openfind Mail2000 Access Control privileges management6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.050.00087CVE-2020-12776
8SourceCodester Guest Management System myform.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00138CVE-2022-2811
9osCommerce Online Merchant unknown vulnerability5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00214CVE-2012-2991
10Oracle Database Oracle Application Express unknown vulnerability5.45.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00054CVE-2020-2973
11Minio Console Operator Console missing authentication8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.05383CVE-2021-41266
12Ubiquiti EdgeMAX EdgeRouter Firmware Update channel accessible8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00315CVE-2021-22909
13Active Choices Plugin cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2021-21616

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
188.218.192.12888.218.192.128.static.xtom.comDazzleSpy03/05/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (3)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Filemyform.phppredictiveMedium
2ArgumentxxxxpredictiveLow
3Argumentxx_xxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!