Djibouti Unknown Analysis

IOB - Indicator of Behavior (449)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en387
fr23
de14
es13
ar5

Country

us324
fr20
es18
il14
vn12

Actors

DPRK196

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.640.04187CVE-2010-0966
3LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.770.00000
4OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.350.49183CVE-2016-6210
5Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.130.00000
6vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.160.00885CVE-2018-6200
7Ecommerce Online Store Kit shop.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.04386CVE-2004-0300
8Cisco Linksys EA2700 URL information disclosure4.34.1$5k-$25k$0-$5kProof-of-ConceptUnavailable0.070.00000
9Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.040.00986CVE-2008-4879
10Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.800.25090CVE-2017-0055
11SPIP spip.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.420.01018CVE-2022-28959
12Bitrix Site Manager redirect.php link following5.34.7$0-$5k$0-$5kUnprovenUnavailable0.100.01055CVE-2008-2052
13OpenBB read.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.610.00986CVE-2005-1612
14Advanced Custom Fields Plugin authorization3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00890CVE-2021-20866
15Woocommerce cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2021-24323
16UAEPD Shopping Cart Script products.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.030.02800CVE-2014-1618
17nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined2.540.00000CVE-2020-12440
18Engine.IO POST Request EventEmitter resource consumption4.34.3$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00954CVE-2020-36048
19Oracle FLEXCUBE Direct Banking Jasper Project access control6.15.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2019-2549
20Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.030.00986CVE-2009-4889

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.62.61.96r-96-61-62-5.consumer-pool.prcdn.netDjibouti UnknownverifiedHigh
25.62.63.72r-72-63-62-5.consumer-pool.prcdn.netDjibouti UnknownverifiedHigh
341.189.224.0Djibouti UnknownverifiedHigh
445.12.70.58loathed.get-eye.comDjibouti UnknownverifiedHigh
545.12.71.58Djibouti UnknownverifiedHigh
6XX.XX.XXX.XXXxxxxxxx XxxxxxxverifiedHigh
7XX.XX.XXX.XXXxxxxxxx XxxxxxxverifiedHigh
8XX.XX.XXX.XXXxxxxxxx XxxxxxxverifiedHigh
9XX.XX.XX.XXXXxxxxxxx XxxxxxxverifiedHigh
10XXX.XXX.XX.XXxxxxxxx XxxxxxxverifiedHigh
11XXX.XX.XX.XXxxxxxxx XxxxxxxverifiedHigh
12XXX.XX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
13XXX.XX.XX.XXxxxxxxx XxxxxxxverifiedHigh
14XXX.XX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
15XXX.XX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
16XXX.XX.XX.XXxxxxxxx XxxxxxxverifiedHigh
17XXX.XX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
18XXX.XX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
19XXX.XX.XX.XXXxxxxxxx XxxxxxxverifiedHigh
20XXX.XX.XXX.XXXxxxxxxx XxxxxxxverifiedHigh
21XXX.XX.XX.XXxxxxxxx XxxxxxxverifiedHigh
22XXX.XXX.XXX.XXxxxxxxx XxxxxxxverifiedHigh
23XXX.XXX.XX.XXxxxxxxx XxxxxxxverifiedHigh
24XXX.XXX.X.XXxxxxxxx XxxxxxxverifiedHigh
25XXX.XX.XX.XXxxxxxxx XxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22Pathname TraversalpredictiveHigh
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHigh
5TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (235)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/acms/admin/cargo_types/view_cargo_type.phppredictiveHigh
3File/admin/addemployee.phppredictiveHigh
4File/admin/index.phppredictiveHigh
5File/apilog.phppredictiveMedium
6File/appliance/users?action=editpredictiveHigh
7File/filemanager/upload.phppredictiveHigh
8File/Forms/WLAN_General_1predictiveHigh
9File/forum/away.phppredictiveHigh
10File/if.cgipredictiveLow
11File/mifs/c/i/reg/reg.htmlpredictiveHigh
12File/modules/profile/index.phppredictiveHigh
13File/news.dtl.phppredictiveHigh
14File/pages/sdcall/Download.jsppredictiveHigh
15File/see_more_details.phppredictiveHigh
16File/services/details.asppredictiveHigh
17File/setuppredictiveLow
18File/spip.phppredictiveMedium
19File/uncpath/predictiveMedium
20File/var/log/nginxpredictiveHigh
21File/VPortal/mgtconsole/Subscriptions.jsppredictiveHigh
22File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
23Fileact.phppredictiveLow
24Fileadclick.phppredictiveMedium
25FileadminpredictiveLow
26Fileadmin.phppredictiveMedium
27Fileadmin/adminsignin.htmlpredictiveHigh
28Fileadmin/movieview.phppredictiveHigh
29Fileadmin/versions.htmlpredictiveHigh
30Filexxxx_xxxxx.xxxpredictiveHigh
31Filexxx.xxxpredictiveLow
32Filexxxxxxxxxx.xxxpredictiveHigh
33Filexxxx-xxxx.xpredictiveMedium
34Filexxxxxxx.xxpredictiveMedium
35Filexxxx.xxxpredictiveMedium
36Filexxxxx.xxxxpredictiveMedium
37Filexxxxx.xxxpredictiveMedium
38Filexx_xxxx.xxxpredictiveMedium
39Filexxxxxxx/xxxxxxx/xxxxxxx.xxxx?xxxxpredictiveHigh
40Filex-xxxxxx/xxxxxxx.xpredictiveHigh
41Filexxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxxxxxxx_xxxx.xxxpredictiveHigh
44Filexxx-xxx/xxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
45Filexxx-xxx/xx.xxxpredictiveHigh
46Filexxx/xxxxxxx.xxpredictiveHigh
47Filexxxxx.xxxpredictiveMedium
48Filexxx.xxx?xxx=xxxxx_xxxxpredictiveHigh
49Filexxxxxx-xxxxx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
50Filexxxxxx.xxxpredictiveMedium
51Filexxxxxxx.xxxpredictiveMedium
52Filexxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
53Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxx.xxxpredictiveMedium
55Filexxxxxxxx.xxxpredictiveMedium
56Filexxxxxxxxx.xxxpredictiveHigh
57Filexxxx_xxxxx.xxxpredictiveHigh
58Filexxxx/predictiveLow
59Filexxxxxxx.xxxpredictiveMedium
60Filexxxxxxx-xxxxxxx.xxxxpredictiveHigh
61Filexxxx.xxxpredictiveMedium
62Filexxx/xxxx/xxxx.xpredictiveHigh
63Filexxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.xpredictiveHigh
64Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxxxxxxxx.xxxpredictiveHigh
66Filexxxxxx.xxxpredictiveMedium
67Filexxxxxxxxxx.xxxxxxx.xxpredictiveHigh
68Filexxx_xxxx.xpredictiveMedium
69Filexxxx.xxxpredictiveMedium
70Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
71Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
72Filexxxxxx.xxxpredictiveMedium
73Filexxx.xxxpredictiveLow
74Filexxx/xxxxxx.xxxpredictiveHigh
75Filexxxxxxx/xxxx_xxxxxxxx.xxxxx.xxxpredictiveHigh
76Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveHigh
77Filexxxxxxxx/xxxxxxxx.xxxpredictiveHigh
78Filexxxxx.xxxpredictiveMedium
79Filexxxxx.xxx?xx=xxxxxxx&xxx=xxxpredictiveHigh
80Filexxxxxxxxx/xxxxxxxxxpredictiveHigh
81Filexxxxxxx.xxxpredictiveMedium
82Filexxxxxxxxxx.xxxpredictiveHigh
83Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
84Filexxxx_xxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
85Filexxxxxxxxxx.xxxpredictiveHigh
86Filexxxx_xxxx.xxxpredictiveHigh
87Filexxxxxxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
88Filexxxxxx/xxxxx/xxxxxxxx.xpredictiveHigh
89Filexxx/xxxx/xxx.x/xxxx_xxxxxx.xpredictiveHigh
90Filexxxxx_xx.xxxxpredictiveHigh
91Filexxxx.xxxpredictiveMedium
92Filexxxxxxxxxxx.xxxpredictiveHigh
93Filexxx/xxxx/xxxx.xpredictiveHigh
94Filexxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
95Filexxxxxxxxx.xxx.xxxpredictiveHigh
96Filexxxx.xxxpredictiveMedium
97Filexxxxxxxx.xxxpredictiveMedium
98Filexxxxxxxxxx.xxxpredictiveHigh
99Filexxxxxxx_xxxxxxx.xxxpredictiveHigh
100Filexxxxxxxx.xxxxxxpredictiveHigh
101Filexxxxxxxxxxx.xxxpredictiveHigh
102Filexxxx.xxxpredictiveMedium
103Filexxxx_xxxx.xxxpredictiveHigh
104Filexxxxxxxxxx.xxxpredictiveHigh
105Filexxxxxx.xxxpredictiveMedium
106Filexxxxx.xxxpredictiveMedium
107Filexxxxx.xxxpredictiveMedium
108Filexxxxxxxx.xxxpredictiveMedium
109Filexxxxxxxxxx.xxxpredictiveHigh
110Filexxxxxxxx.xxxpredictiveMedium
111Filexxxxxxxx_xxxx.xxxpredictiveHigh
112Filexxxxxxx.xxxpredictiveMedium
113Filexxxx.xxxpredictiveMedium
114Filexxxxxxxxxxxxx.xxxpredictiveHigh
115Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
116Filexxx_xxxxx.xxpredictiveMedium
117Filexxx/xxx_xxxxx.xpredictiveHigh
118Filexxx.xxxpredictiveLow
119Filexxxxx/xxxxxxx/xxxxxx/xxxx_xxxx_xxxxxx.xxxpredictiveHigh
120Filexxxxxx.xxxpredictiveMedium
121Filexxxx_xxxx.xxxpredictiveHigh
122Filexxx_xxx.xpredictiveMedium
123Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
124Filexx-xxxxx/xxxxx.xxx?xxxx=xx-xxxxxxpredictiveHigh
125Filexx-xxxxx/xxxxxxxxx.xxxpredictiveHigh
126Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxxx-xpredictiveHigh
127Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
128Filexx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxxpredictiveHigh
129Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
130Library/xxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
131Libraryxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
132Libraryxxx/xxxxxxxxx.xxxpredictiveHigh
133Libraryxxx/xxxxxxxxxx.xxxpredictiveHigh
134Libraryxxx/xxxxxxxx.xxpredictiveHigh
135Libraryxxxxx.xxxpredictiveMedium
136Argument$_xxxxxx['xxx_xxxx']predictiveHigh
137Argument--xxxpredictiveLow
138Argument-xxxxxxxxxxxxxpredictiveHigh
139Argumentxxxxxxxxxx xxx xxxxxxxpredictiveHigh
140Argumentxxxxx_xxxxxpredictiveMedium
141ArgumentxxxxxxxxpredictiveMedium
142Argumentxxxxx_xxxxpredictiveMedium
143ArgumentxxxxxpredictiveLow
144ArgumentxxxxxxpredictiveLow
145Argumentxxxxxxxxxx_xxxxpredictiveHigh
146ArgumentxxxpredictiveLow
147ArgumentxxxxxxxxxxpredictiveMedium
148ArgumentxxxxxxxxxxpredictiveMedium
149Argumentxxx_xxpredictiveLow
150ArgumentxxxxxxpredictiveLow
151ArgumentxxxpredictiveLow
152ArgumentxxxxxxxxxxxxxxxpredictiveHigh
153Argumentxxxx_xxpredictiveLow
154ArgumentxxxxxxpredictiveLow
155Argumentxxxx_xxxxxxx_xxxxxxxxpredictiveHigh
156Argumentxxxxxxxxxxxx/xxxxxxxpredictiveHigh
157Argumentxxxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
158Argumentxxxxxx_xxxxpredictiveMedium
159ArgumentxxxxxxxpredictiveLow
160ArgumentxxxxxxpredictiveLow
161Argumentxx_xxxxx_xxpredictiveMedium
162Argumentxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
163Argumentxxxxxx/xxxxpredictiveMedium
164ArgumentxxxxxxpredictiveLow
165ArgumentxxxxxxpredictiveLow
166ArgumentxxxxpredictiveLow
167ArgumentxxxxxxxxxpredictiveMedium
168ArgumentxxpredictiveLow
169Argumentxx_xxxxxpredictiveMedium
170Argumentxxxxxxx_xxxpredictiveMedium
171Argumentxxxxxxx_xxxxpredictiveMedium
172ArgumentxxxxxxxxxxxxpredictiveMedium
173ArgumentxxxxxxpredictiveLow
174Argumentxxxx_xxpredictiveLow
175Argumentxxxx_xxxxxx_xxxxx/xxxx_xxxxxx_xxxx_xxxxxxpredictiveHigh
176Argumentxxxxx_xxxxpredictiveMedium
177Argumentxxxxxxx/xxxxxx_xxpredictiveHigh
178ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
179ArgumentxxxxxxxpredictiveLow
180ArgumentxxxxxxxpredictiveLow
181ArgumentxxxxxpredictiveLow
182Argumentxxxx_xxpredictiveLow
183Argumentxxxx_xxxxpredictiveMedium
184ArgumentxxpredictiveLow
185ArgumentxxxxxpredictiveLow
186ArgumentxxxxxxxxxxxxxxpredictiveHigh
187ArgumentxxxxxxpredictiveLow
188ArgumentxxxxxxpredictiveLow
189ArgumentxxxxxxxxpredictiveMedium
190ArgumentxxxxxxxxpredictiveMedium
191ArgumentxxxxpredictiveLow
192Argumentxxxx_xxxxpredictiveMedium
193ArgumentxxxxxxxxxpredictiveMedium
194Argumentxxxx_xxxx_xxxxpredictiveHigh
195ArgumentxxxpredictiveLow
196Argumentxx_xxxxpredictiveLow
197Argumentxxxxxxx_xxpredictiveMedium
198ArgumentxxxxxxxxpredictiveMedium
199ArgumentxxxxxpredictiveLow
200ArgumentxxxxxxxxxpredictiveMedium
201ArgumentxxxxxxxxxxpredictiveMedium
202ArgumentxxxxxxpredictiveLow
203ArgumentxxxxxxxxxxpredictiveMedium
204ArgumentxxxxxxxpredictiveLow
205ArgumentxxxxxxxxxxxpredictiveMedium
206Argumentxxxxxx_xxpredictiveMedium
207Argumentxxxxxxx_xxpredictiveMedium
208ArgumentxxxxxxpredictiveLow
209ArgumentxxxxpredictiveLow
210Argumentxxxx_xxxxxxpredictiveMedium
211ArgumentxxpredictiveLow
212ArgumentxxxxxxxxpredictiveMedium
213ArgumentxxxxxpredictiveLow
214Argumentxxxx xxpredictiveLow
215Argumentxxx_xxxx[x][]predictiveHigh
216Argumentxx_xxxxxxxpredictiveMedium
217ArgumentxxxpredictiveLow
218ArgumentxxxxxpredictiveLow
219Argumentxxxxx/xxxxxpredictiveMedium
220ArgumentxxxpredictiveLow
221ArgumentxxxxxxxxpredictiveMedium
222Argumentxxxxxxxx[x]predictiveMedium
223Argumentx-xxxx-xxxxxpredictiveMedium
224Argument_xxxxxxx_xxxxpredictiveHigh
225Input Value"; xx; xxxx "predictiveHigh
226Input Value../predictiveLow
227Input Valuexxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]predictiveHigh
228Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
229Input ValuexxxxxpredictiveLow
230Input Valuexxxxxxx%xx%xxxxxxx%xxxxx%xxxxxxxx%xxxxxx,%xxxxxxxxxx%xxxx%xxxxxxx_xxxx,%xxxxxx,%xxxxxxxxxx%xxxx%xxxxxxx_xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx,%xxxxxx%xxxxxx%xxxxxxxxxxx%xx%xxpredictiveHigh
231Network Portxxx/xx (xxxxxx)predictiveHigh
232Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
233Network Portxxx/xxxx (xx-xxx)predictiveHigh
234Network Portxxx/xxx, xxx/xxx, xxx/xxxx, xxx/xxxxpredictiveHigh
235Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!