Ddostf DDoS Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (127)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en	128

Country

DE: Germany	126
IO: British Indian Ocean Territory	2

Actors

Ddostf DDoS	1
Meterpreter	1

Activities

Interest

Timeline

Type

Not Defined	8
Firewall Software	2
Operating System	2

Vendor

F5	2
Digital Communications Technologies	2
Apple	2
Not Defined	2
MiCODUS	2

Product

F5 BIG-IP	2
Digital Communications Technologies Syrus4 IoT Tel ...	2
Apple macOS	2
SEOPanel	2
MiCODUS MV720 GPS Tracker	2

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#	Vulnerability	Base	Temp	0day	Today	Exp	Cou	KEV	EPSS	CTI	CVE
1	F5 BIG-IP iControl REST Authentication bash missing authentication	9.8	9.7	$5k-$25k	$0-$5k	High	Official fix	verified	0.94456	0.02	CVE-2022-1388
2	Digital Communications Technologies Syrus4 IoT Telematics Gateway MQTT Server improper authentication	9.9	9.9	$0-$5k	$0-$5k	Not defined	Not defined		0.03210	0.05	CVE-2023-6248
3	FreeBSD Ping pr_pack stack-based overflow	6.9	6.8	$5k-$25k	$0-$5k	Not defined	Official fix		0.02040	0.00	CVE-2022-23093
4	MiCODUS MV720 GPS Tracker authorization	6.3	6.2	$0-$5k	$0-$5k	Not defined	Not defined		0.00099	0.02	CVE-2022-34150
5	Apple iOS/iPadOS CoreGraphics out-of-bounds write	6.3	6.0	$100k and more	$5k-$25k	Not defined	Official fix		0.00601	0.00	CVE-2021-30919
6	SEOPanel Import Website unrestricted upload	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Official fix		0.05674	0.00	CVE-2020-27461
7	rConfig POST Request login.php ldap injection	6.5	6.2	$0-$5k	$0-$5k	Not defined	Official fix		0.00197	0.02	CVE-2020-23148
8	Apple macOS WebKit Remote Code Execution	6.3	6.0	$5k-$25k	$0-$5k	Not defined	Official fix		0.01461	0.00	CVE-2021-30797
9	Siemens Tecnomatix Plant Simulation SPP File Parser PlantSimCore.dll memory corruption	5.5	5.3	$5k-$25k	$0-$5k	Not defined	Official fix		0.00262	0.01	CVE-2021-27397
10	Aruba ClearPass Policy Manager XML Data xml external entity reference	6.3	6.0	$0-$5k	$0-$5k	Not defined	Official fix		0.00749	0.00	CVE-2021-29140
11	Bandmin index.cgi cross site scripting	4.3	3.9	$0-$5k	$0-$5k	Proof-of-Concept	Not defined		0.00519	0.00	CVE-2003-0416

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	136.243.103.119	static.119.103.243.136.clients.your-server.de	Ddostf DDoS		11/16/2023	verified	High

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1059.007	CAPEC-18	CWE-80	Basic Cross Site Scripting	predictive	High
2	TXXXX	CAPEC-XXX	CWE-XX	Xxx Xxxxxxxxx	predictive	High
3	TXXXX.XXX	CAPEC-X	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/mgmt/tm/util/bash	predictive	High
2	File	index.cgi	predictive	Medium
3	File	xxxx/xxxxx.xxx	predictive	High
4	Library	xxxxxxxxxxxx.xxx	predictive	High
5	Argument	xxxxxxxxx	predictive	Medium
6	Argument	xxxx/xxxxx/xxxx	predictive	High

References (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

This view requires CTI permissions

Just purchase a CTI license today!