Dofloo Analysisinfo

IOB - Indicator of Behavior (92)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en86
de4
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows8
Unisoc T6104
Unisoc T6064
Unisoc T7604
Adobe ColdFusion2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1itsourcecode Online Book Store admin_delete.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000760.05CVE-2024-6013
2CmsEasy GET Request image.admin.php path traversal4.64.6$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2024-31551
3White Bear Solutions WBSAirback cross-site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-3782
4Totolink EX200 getWiFiExtenderConfig information disclosure4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-31812
5Linux Kernel devlink_init use after free5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2024-26734
6Schneider Electric Harmony Control Relay RMNF22TB30 NFC improper authentication8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-0568
7PHPEMS Session Data session.cls.php deserialization7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.006470.09CVE-2023-6654
8Responsive Filemanager unrestricted upload6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001760.00CVE-2022-44276
9Adobe ColdFusion deserialization8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.008930.08CVE-2023-44353
10Slimstat Analytics Plugin Setting cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined0.000530.00CVE-2023-40676
11Tenda AC8 SetNetControlList stack-based overflow7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.001900.00CVE-2023-40900
12Sentry Debug improper authorization6.26.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000920.05CVE-2023-36826
13Travelmate Travelable Trek Management Solution Comment Box cross site scripting3.12.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000540.04CVE-2023-3862
14Wireshark iSCSI Dissector buffer over-read4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000440.00CVE-2023-3649
15WP ERP Plugin Setting process_crm_contact cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.001820.00CVE-2020-36735
16Netgear RAX30 UPnP command injection8.88.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000490.04CVE-2023-35722
17Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.018710.09CVE-2007-2046
18Microsoft Windows DNS Server Privilege Escalation6.66.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.010260.00CVE-2023-28256
19eSyndicat Directory Software suggest-listing.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.82

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
149.0.248.230ecs-49-0-248-230.compute.hwclouds-dns.comDofloo12/20/2021verifiedLow
2XXX.XXX.XX.XXXxxxxx03/02/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (37)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/goform/SetNetControlListpredictiveHigh
2File/goform/WifiBasicSetpredictiveHigh
3File/usr/local/WowzaStreamingEngine/bin/predictiveHigh
4Fileadclick.phppredictiveMedium
5Fileadm/menu_list_update.phppredictiveHigh
6Filexxxxx_xxxxxx.xxxpredictiveHigh
7Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
8Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
9Filexxxxxxx/xxxx/xxxxxxxx/xxxxxxxx.xpredictiveHigh
10Filexxxxx/xxxx.xxxpredictiveHigh
11FilexxxpredictiveLow
12Filexxxxxxxx.xxxpredictiveMedium
13FilexxxxxxpredictiveLow
14Filexxxxxxxxxxx.xxxpredictiveHigh
15Filexxxxxxxx.xpredictiveMedium
16Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
17File~/xxxxxxxxxxxxx.xxxpredictiveHigh
18Libraryxxx/xxxxx/xxxxx.xxxxx.xxxpredictiveHigh
19Libraryxxx/xxxxxxx.xxx.xxxpredictiveHigh
20Libraryxxxxxxxx.xxxpredictiveMedium
21Argument--xxxxx/--xxxxxpredictiveHigh
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxxxxxpredictiveLow
24ArgumentxxxxxpredictiveLow
25ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
26ArgumentxxxxpredictiveLow
27ArgumentxxxxxxxxpredictiveMedium
28Argumentxxxxx[xxxxx][xx]predictiveHigh
29ArgumentxxxxxxpredictiveLow
30ArgumentxxxxpredictiveLow
31ArgumentxxxxpredictiveLow
32Argumentxx_xxxxpredictiveLow
33Argumentx_xxxxpredictiveLow
34Argumentxxxx_xxxxxxxxxpredictiveHigh
35ArgumentxxxxxxxxpredictiveMedium
36ArgumentxxxxxpredictiveLow
37Network Portxxx/xxxx (xxxx) & xxx/xxxx (xx-xxxx)predictiveHigh

References (1)

The following list contains external sources which discuss the actor and the associated activities:

Samples (2)

The following list contains associated samples:

This view requires CTI permissions

Just purchase a CTI license today!