DEV-0322 Analysis

IOB - Indicator of Behavior (81)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en50
zh22
fr4
sv2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn48
us32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Adobe Magento Commerce10
Genetechsolutions Pie-Register2
MikroTik RouterOS2
shadowsocks-libev2
Red Hat JBoss Application Server2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2VMware Horizon Client/Horizon Message Framework Library out-of-bounds6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00890CVE-2018-6970
3Apple macOS AppleMobileFileIntegrity information disclosure3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00000CVE-2023-23499
4Tesla Model 3 Mobile App Phone Key Authentication authentication spoofing6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.060.00954CVE-2022-37709
5SSH SSH-1 Protocol cryptographic issues7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2001-1473
6Laravel PendingBroadcast.php __destruct deserialization6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00000CVE-2022-31279
7EmdedThis GoAhead unrestricted upload5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.09029CVE-2021-42342
8Next.js URL denial of service6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01018CVE-2021-43803
9Next.js _error.js redirect5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2021-37699
10Swagger UI CSS injection7.06.7$0-$5k$0-$5kNot DefinedOfficial Fix0.060.17166CVE-2019-17495
11OpenSSL c_rehash os command injection5.55.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.030.36880CVE-2022-1292
12Hikvision Product Message command injection5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000.93002CVE-2021-36260
13HD-Network Real-time Monitoring System Parameter lang pathname traversal5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000.38457CVE-2021-45043
14CodeIgniter HTTP Request input validation8.38.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2022-24711
15jwt-go Access Restriction privileges management7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2020-26160
16Yoast SEO Plugin REST Endpoint posts information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2021-25118
17Vehicle Charging Port access control6.15.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00954CVE-2022-27948
18Host RPC Portmapper Service privileges management7.37.1$0-$5k$0-$5kHighWorkaround0.090.00885CVE-1999-0632
19ProFTPD resource management9.99.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.05302CVE-2011-4130
20glusterfs Server debug io-stats Translator untrusted search path7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.02993CVE-2018-10904

Campaigns (2)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (37)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/language/langpredictiveHigh
2Fileadmin/conf_users_edit.phppredictiveHigh
3Filec_rehashpredictiveMedium
4Filedata/gbconfiguration.datpredictiveHigh
5Fileflow.phppredictiveMedium
6Filexxxxxx/xxxxxxxxxxxxpredictiveHigh
7Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
8Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxxx_xxxxxxx.xxxpredictiveHigh
10Filexxxxxxx.xpredictiveMedium
11Filexxxxxxx.xxxpredictiveMedium
12Filexxxxx/_xxxxx.xxpredictiveHigh
13Filexxxxx.xxxpredictiveMedium
14Filexxxxxxxx.xxxpredictiveMedium
15Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
16Filexxxxxxxx_xxxx.xxxpredictiveHigh
17Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
18Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
19Filexx/xxxxxxxxx/xxpredictiveHigh
20Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
21Filexxx/xxx-xxxxxxxxxx/xxxx-xxxxxx/xxxxxx.xxxpredictiveHigh
22Filexx-xxxxx.xxxpredictiveMedium
23Filexx/xx/xxxxxpredictiveMedium
24Argument--xxxxxx/--xxxxxxxxpredictiveHigh
25ArgumentxxxxxxxxxxpredictiveMedium
26Argumentxxxxx_xxxxxxpredictiveMedium
27ArgumentxxpredictiveLow
28ArgumentxxpredictiveLow
29ArgumentxxxxxpredictiveLow
30Argumentxxxxxxx_xxxpredictiveMedium
31Argumentxxxxxx_xxxpredictiveMedium
32Argumentx_xxxxxxxxpredictiveMedium
33Argumentxxxxxxx.xx-xxxxx-xxxxpredictiveHigh
34Input Value/../predictiveLow
35Input Value[]xxxxxx{}/x["xxx"]predictiveHigh
36PatternxxxxxxxxxxxpredictiveMedium
37Network Portxxx/xxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!