Dharma Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en994
ru4
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Mozilla Thunderbird30
Mozilla Firefox30
OpenImageIO28
Tenda F120318
Huawei HarmonyOS16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1smoothie cross site scripting4.84.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00102CVE-2022-25929
2Fuji Electric Tellus Lite V-Simulator out-of-bounds write8.38.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00109CVE-2022-3087
3Wp Social Plugin information disclosure5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00049CVE-2022-47160
4Libksba CRL Signature Parser integer overflow7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00196CVE-2022-47629
5abacus-ext-cmdline execute command injection7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000.01588CVE-2022-24431
6ActiveCampaign for WooCommerce Plugin Error Log authorization4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00056CVE-2022-3923
7Mozilla Thunderbird denial of service5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00103CVE-2022-42929
8Mozilla Thunderbird URL Parser use after free5.45.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000.00097CVE-2022-40960
9Mozilla Thunderbird getEntries cross-domain policy7.27.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00126CVE-2022-42927
10Mozilla Thunderbird Garbage Collector memory corruption7.57.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000.00138CVE-2022-42928
11Mozilla Thunderbird denial of service5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00097CVE-2022-40957
12Mozilla Thunderbird session fixiation5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00097CVE-2022-40958
13Mozilla Thunderbird initialization6.46.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00104CVE-2022-40959
14Mozilla Thunderbird Email Message unknown vulnerability4.24.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00064CVE-2022-1520
15Mozilla Firefox ESR PK11_ChangePW use after free6.96.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00129CVE-2022-38476
16Mozilla Thunderbird protection mechanism6.26.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00120CVE-2022-40956
17Mozilla Firefox ESR VR Process use after free5.45.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00084CVE-2022-1196
18Fuji Electric Tellus Lite V-Simulator stack-based overflow8.38.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00061CVE-2022-3085
19Mozilla Thunderbird Digital Signature unknown vulnerability5.65.5$25k-$100k$5k-$25kNot DefinedOfficial Fix0.020.00069CVE-2021-4126
20Mozilla Thunderbird Notification Remote Code Execution6.46.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00097CVE-2022-45408

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1178.239.173.172172.173.239.178.baremetal.zare.comDharma04/26/2022verifiedHigh
2XXX.XX.XXX.XXxxx.xx.xxx.xx.xxxxxxxxx-xxxXxxxxx05/31/2021verifiedHigh
3XXX.XXX.XXX.XXXXxxxxx04/26/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (113)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/scripts/pi-hole/phpqueryads.phppredictiveHigh
2File/api/Index/getFileBinarypredictiveHigh
3File/api/User/download_imgpredictiveHigh
4File/aya/module/admin/fst_del.inc.phppredictiveHigh
5File/aya/module/admin/fst_down.inc.phppredictiveHigh
6File/conf/predictiveLow
7File/cupseasylive/countrylist.phppredictiveHigh
8File/etc/sudoerspredictiveMedium
9File/forum/away.phppredictiveHigh
10File/goform/addressNatpredictiveHigh
11File/goform/addWifiMacFilterpredictiveHigh
12File/goform/DhcpListClientpredictiveHigh
13File/goform/exeCommandpredictiveHigh
14File/goform/fast_setting_wifi_setpredictiveHigh
15File/xxxxxx/xxxxxxxxxxxxxxxxxxxxpredictiveHigh
16File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
17File/xxxxxx/xxxxxxxxxxxpredictiveHigh
18File/xxxxxx/xxxxxxxxxxxxxxxxxxxxxpredictiveHigh
19File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
20File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
21File/xxxxxx/xxxxxxxxxxxpredictiveHigh
22File/xxxxxx/xxxxxxxxxxpredictiveHigh
23File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
24File/xxxxxx/xxxxxxxxxxxpredictiveHigh
25File/xxxxxxxx/xxxxx/xxxxxx_xxxxxxx-xxxxxxxxxx.xxxpredictiveHigh
26Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
27Filexxx/xxxx/xxxxxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
28Filexxx-xxxxxxx.xxxpredictiveHigh
29Filexxxxxxxx/xxx/xxxxxxxxxxx/__xxxx__.xxpredictiveHigh
30Filexxxxxxxxx.xxxpredictiveHigh
31Filexxxx/xxx/xxxx/xxxx/xx/xxxxxxxxxx/xxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
32Filexxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
33Filexxxx.xxxpredictiveMedium
34Filexxxx/xxxxxxxxxx/xxxxxx.xxpredictiveHigh
35Filexxxxxxxxxx/xxxxxx/xxxxxxxxxxx.xxpredictiveHigh
36Filexxx/xxxxxx.xxxpredictiveHigh
37Filexxxxx.xxxxpredictiveMedium
38Filexxxxx.xxxpredictiveMedium
39Filexxx/xxxx_xxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
40Filexxxxx.xxxxpredictiveMedium
41Filexxxx.xxpredictiveLow
42Filexxxxxxxxxxxx.xxxpredictiveHigh
43Filexxxxxx.xxxpredictiveMedium
44FilexxxxxxxxxxxxxxpredictiveHigh
45Filexxx_xxx.xxpredictiveMedium
46Filexxxx_xxxxxxxxpredictiveHigh
47Filexxxxx.xpredictiveLow
48Filexxxxxx/xx/xxxxxxx/xxxxxxx.xxpredictiveHigh
49Filexxxxxx/xxxxxxxpredictiveHigh
50Filexxxxxxxx.xxxpredictiveMedium
51Filexxxxxx/xxxxxxxxxxxx.xxpredictiveHigh
52Filexxxxxxx.xxxpredictiveMedium
53Filexxxxxxxxxx/xx/xxxxxx.xxpredictiveHigh
54Filexxx/xxxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxx.xxpredictiveHigh
55Filexxx/xxxxx.xxpredictiveMedium
56Filexxx/xxxx/xxxx/xxx/xxxxxx/xxxxxx/xxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
57Filexxx/xxxxxxx-xxxx.xxxpredictiveHigh
58Filexxxxxx/xx/xxxxxx.xxpredictiveHigh
59Filexxxxxxxxx/xxxxxx.xxxxpredictiveHigh
60Filexxxx-xxxxxxxx.xxxpredictiveHigh
61Filexxx_xxx.xxx.xxxpredictiveHigh
62Filexxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxx_xxxxxxx.xxxpredictiveHigh
64Filexxxxxxxxxx.xxxpredictiveHigh
65ArgumentxxxxxxxxpredictiveMedium
66ArgumentxxxxxxxpredictiveLow
67Argumentxx-xxxpredictiveLow
68ArgumentxxxxxxxxpredictiveMedium
69ArgumentxxxxxxxpredictiveLow
70ArgumentxxxxxxxxxxxpredictiveMedium
71ArgumentxxxxxxxxxxxpredictiveMedium
72ArgumentxxxxxxxxpredictiveMedium
73ArgumentxxxxxxxxxpredictiveMedium
74ArgumentxxxxxxxxxxxxpredictiveMedium
75ArgumentxxxxxxxxpredictiveMedium
76ArgumentxxxxxxpredictiveLow
77ArgumentxxxxpredictiveLow
78ArgumentxxxxpredictiveLow
79ArgumentxxxxxxxxxpredictiveMedium
80ArgumentxxpredictiveLow
81ArgumentxxxxxpredictiveLow
82Argumentxxxx/xxxxxx_xxxxpredictiveHigh
83ArgumentxxxxxxpredictiveLow
84ArgumentxxxxpredictiveLow
85ArgumentxxxxpredictiveLow
86Argumentxxxxxx_xxpredictiveMedium
87ArgumentxxxpredictiveLow
88Argumentxxx_xxxxpredictiveMedium
89Argumentx_xxxx.xxxxxxpredictiveHigh
90ArgumentxxxxxxpredictiveLow
91ArgumentxxxxxxxxxxxxxxxpredictiveHigh
92ArgumentxxxxpredictiveLow
93ArgumentxxxxpredictiveLow
94ArgumentxxxxxpredictiveLow
95Argumentxxxxxxx_xxxxpredictiveMedium
96ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
97ArgumentxxxxxxxxpredictiveMedium
98Argumentxxxxxxxx_xxpredictiveMedium
99Argumentxxxxx_xxxpredictiveMedium
100ArgumentxxxxpredictiveLow
101ArgumentxxxxxxxpredictiveLow
102ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
103Argumentxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
104ArgumentxxxxpredictiveLow
105ArgumentxxxxxpredictiveLow
106Argumentxxxxxxxxxxx/xxxxxxxxpredictiveHigh
107ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
108ArgumentxxxxpredictiveLow
109ArgumentxxxpredictiveLow
110ArgumentxxxxpredictiveLow
111ArgumentxxxxpredictiveLow
112ArgumentxxxxpredictiveLow
113Argument_xxxxxxxxx[xxx_xxxxxxxxxx]predictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!