Dkvn Analysis

IOB - Indicator of Behavior (63)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en56
it2
pl2
de2
sv2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us60
au2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Office2
Maran PHP Shop2
potrace2
PHPWind2
Thomas R. Pasawicz HyperBook Guestbook2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.380.04187CVE-2010-0966
3magmi ajax_gettime.php cross site scripting5.25.0$0-$5k$0-$5kNot DefinedOfficial Fix0.050.27452CVE-2017-7391
4Audacity DLL Loader avformat-55.dll access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.01102CVE-2017-1000010
5Ashley Brown iWeb Server Encoded URL path traversal5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.010.01055CVE-2003-0475
6Cisco IOS Point-to-Point Tunneling Protocol Server Memory information disclosure5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01136CVE-2016-6398
7Magento GraphQL API cross-site request forgery4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2021-21027
8Cloudera HUE LdapBackend improper authentication7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2019-7319
9Microsoft Windows CredSSP improper authentication6.25.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.060.94280CVE-2018-0886
10Splunk Enterprise splunk-launch.conf access control7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00890CVE-2017-18348
11Spidersales viewCart.asp sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00986CVE-2004-0348
12jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.04499CVE-2019-7550
13Active Web Softwares Active Business Directory default.asp sql injection7.36.9$0-$5kCalculatingProof-of-ConceptNot Defined0.050.00986CVE-2008-5972
14LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.180.00000
15Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.030.00986CVE-2008-4879
16X-CMS PHP member_news.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2018-18887
17Ecommerce Online Store Kit shop.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.04386CVE-2004-0300
18StashCat Backend Database Stored key management5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.070.00885CVE-2017-11136
19PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.700.01213CVE-2015-4134
20BXCP index.php sql injection7.37.0$0-$5kCalculatingHighOfficial Fix0.030.00986CVE-2006-0821

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (31)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File$SPLUNK_HOME/etc/splunk-launch.confpredictiveHigh
2File/etc/master.passwdpredictiveHigh
3File/etc/passwdpredictiveMedium
4File/forum/away.phppredictiveHigh
5Filexxxxxx_xx.xpredictiveMedium
6Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxxxxxx.xxxpredictiveMedium
9Filexxxx.xxxpredictiveMedium
10Filexxx/xxxxxx.xxxpredictiveHigh
11Filexxxxx.xxxpredictiveMedium
12Filexxxxx-xxx-xxxxxx/xxxxx/xxx/xxxx_xxxxxxx.xxxpredictiveHigh
13Filexxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
14Filexxxx.xxxpredictiveMedium
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
17Filexxxx.xxxpredictiveMedium
18Filexxxxxxxx.xxxpredictiveMedium
19Filexxxxxxxx.xxxpredictiveMedium
20Libraryxxxxxxxx-xx.xxxpredictiveHigh
21ArgumentxxxxxxpredictiveLow
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxpredictiveLow
24ArgumentxxxxxpredictiveLow
25ArgumentxxpredictiveLow
26ArgumentxxxxxxpredictiveLow
27ArgumentxxxpredictiveLow
28ArgumentxxxxpredictiveLow
29ArgumentxxxpredictiveLow
30ArgumentxxxxxxpredictiveLow
31Input Value%xx%xx%xxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!