Decoy Dog Analysisinfo

IOB - Indicator of Behavior (45)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en36
zh4
fr4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Exim6
OpenSSH4
Apache ZooKeeper2
Arista Metamako Operating System2
ImpressCMS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TrueConf Server sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010200.05CVE-2022-46764
2Apache NiFi ExtractCCDAAttributes Processor xml external entity reference6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000890.03CVE-2023-22832
3imgurl localhost sql injection4.64.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.002730.07CVE-2022-29305
4atoms183 CMS product_admin.php sql injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.002080.00CVE-2021-35283
5Apache ZooKeeper HTTP Request Header improper authentication7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-51504
6Lantronix xPrintServer credentials management9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.004950.00CVE-2016-4325
7OpenSSH Signal grace_alarm_handler regreSSHion race condition8.17.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.002610.03CVE-2024-6387
8Tilde CMS content.php information disclosure5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.001240.08CVE-2017-11327
9Cisco Unity Connection unrestricted upload8.18.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.001450.04CVE-2024-20272
10Tortoise ORM Mass Update sql injection6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.03CVE-2020-11010
11Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.008170.08CVE-2014-4078
12National Education Technologies Boomerang Parental Control App ADB Backup information disclosure3.23.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000590.00CVE-2023-36620
13Seiko Epson Product untrusted search path6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.001480.00CVE-2020-5674
14Lexmark Device input validation5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.309130.00CVE-2023-26068
15Skipper File unrestricted upload5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.004860.00CVE-2022-27262
16jQuery Cookie Prototype cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000740.09CVE-2022-23395
17Node.js permission6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001490.02CVE-2023-23918
18OpenSSH Supplemental Group privileges management4.64.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.03CVE-2021-41617
19zzcms Cookie search.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.005120.02CVE-2018-18791
20Fuel CMS 1 sql injection8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.029030.00CVE-2020-24791

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1185.22.152.227exdamnhust.comDecoy Dog02/19/2024verifiedVery High
2XXX.XXX.XXX.XXXxxxx Xxx02/19/2024verifiedVery High
3XXX.XX.XX.XXxxxxx.xxxxxxxxxxxx.xxxXxxxx Xxx02/19/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (25)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/churchcrm/WhyCameEditor.phppredictiveHigh
2File/newpredictiveLow
3File/upload/localhostpredictiveHigh
4Fileadmin/content.phppredictiveHigh
5Filexxxx_xxxxxxxx.xxxpredictiveHigh
6Filexxxxxx.xxxpredictiveMedium
7Filexxxxx/predictiveLow
8Filexxx/xxxxxxx.xxxpredictiveHigh
9Filexxxxxxx/xxxxxxxxx.xxxpredictiveHigh
10Filexxxxx/xxxxxxx/xpredictiveHigh
11Filexxxxxxx_xxxxx.xxxpredictiveHigh
12Filexxxxx.xxxpredictiveMedium
13Filexxxxxx\xxxxxxx\xxxxx\xxxxxxx.xxxpredictiveHigh
14Filexxxxxxx_xxxx/xxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
15Filexx/xxxxxx.xxxpredictiveHigh
16Argumentxxx=xxxx/xxx=xxxxpredictiveHigh
17Argumentxxxx_xxxxxxx_xxpredictiveHigh
18ArgumentxxxxxxpredictiveLow
19ArgumentxxxxxxxxxpredictiveMedium
20Argumentxxxx/xxxxx/xxpredictiveHigh
21ArgumentxxxxpredictiveLow
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxxxxpredictiveLow
24ArgumentxxxxxxxxpredictiveMedium
25Input Valuexxxx+x@!xxxx+predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!