Denonia Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (93)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en28
it18
pt12
de8
ja6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de94

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Denonia2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined14
Application Server Software2
Programming Language Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined6
BACKCLICK2
Jason26052
Apache2
TopManage2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Serpico4
Zoom2
BACKCLICK Professional2
Jason2605 AdminPanel2
Apache Tomcat2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Zoom Screen Sharing information disclosure4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.050.00118CVE-2021-28133
2Serpico cross-site request forgery6.56.2$0-$5k$0-$5kProof-of-ConceptUnavailable0.020.00073CVE-2019-19854
3TopManage OLK Session Cookie cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.00208CVE-2020-6845
4Serpico input validation5.34.9$0-$5k$0-$5kNot DefinedNot Defined0.040.00084CVE-2019-19859
5Serpico Password Change insufficiently protected credentials6.45.9$0-$5k$0-$5kNot DefinedNot Defined0.030.00072CVE-2019-19857
6LabVantage LIMS Database Name information disclosure5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.01430CVE-2020-7959
7Serpico list_user Stored cross site scripting3.63.4$0-$5k$0-$5kNot DefinedNot Defined0.010.00050CVE-2019-19856
8CIMTechniques CIMScan SOAP WSDL Parser GetSqlData sql injection8.48.4$0-$5k$0-$5kHighNot Defined0.040.00302CVE-2018-16803
9Serpico list_user Stored cross site scripting3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.010.00050CVE-2019-19855
10BACKCLICK Professional cross site scripting4.84.7$0-$5k$0-$5kNot DefinedNot Defined0.030.00046CVE-2022-44002
11Jason2605 AdminPanel editPlayer.php sql injection8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00127CVE-2020-13433
12Serpico UID Stored cross site scripting3.63.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00050CVE-2019-19858
13QuickBox Pro cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.040.00078CVE-2021-45281
14PHP Scripts Mall Citysearch Clone Script restaurants-details.php Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.030.00078CVE-2019-6248
15WordPress Thumbnail input validation7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.040.01063CVE-2018-1000773
16Automattic Jetpack sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.050.00079CVE-2011-4673
17Apache Tomcat Servlets access control5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00137CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1116.203.4.0static.0.4.203.116.clients.your-server.deDenonia04/07/2022verifiedHigh
2XXX.XXX.XX.XXxxxxx.xxxx.xxxx.xxXxxxxxx04/07/2022verifiedHigh
3XXX.XX.XXX.XXx.xx.xxxxxxx.xxxXxxxxxx04/07/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveHigh
3TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileadmin/add_user/UIDpredictiveHigh
2Fileadmin/list_userpredictiveHigh
3Filexxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxxpredictiveHigh
4Filexxxxxxxxxx.xxxpredictiveHigh
5Filexxxxxxxxxxx-xxxxxxx.xxxpredictiveHigh
6ArgumentxxxxxxpredictiveLow
7Argumentxxxx_xxxxpredictiveMedium
8ArgumentxxxxxxpredictiveLow
9ArgumentxxpredictiveLow
10ArgumentxxxxpredictiveLow
11ArgumentxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!