Dominican Republic Unknown Analysis

IOB - Indicator of Behavior (29)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en25
ru2
zh1
fr1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1elFinder PHP Connector command injection8.57.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.80749CVE-2019-9194
2WordPress Upgrade Package Uploader class-file-upload-upgrader.php File_Upload_Upgrader path traversal5.85.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.01232CVE-2016-7169
3WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.01974CVE-2017-5611
4wkhtmltopdf HTML File pathname traversal5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.100.01055CVE-2020-21365
5Xerox Document Centre 440 ess Remote Code Execution7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.040.01108CVE-2005-1936
6Classcms TXT File Upload classupload code injection5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.070.01276CVE-2022-25581
7Acme mini_httpd information disclosure5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.16531CVE-2018-18778
8Vastal phpVID browse_videos.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.01213CVE-2013-5312
9OctoPrint Service Port 8081 information disclosure8.28.0$0-$5k$0-$5kNot DefinedWorkaround0.030.01055CVE-2018-16710
10Microsoft Windows FTP Server privileges management7.37.1$25k-$100k$5k-$25kNot DefinedWorkaround0.060.00000
11Apache Tomcat AJP Connector Ghostcat input validation8.57.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.070.96554CVE-2020-1938
12Microsoft IIS code injection9.99.9$25k-$100k$5k-$25kNot DefinedNot Defined0.060.53588CVE-2010-1256
13Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.800.25090CVE-2017-0055
14Phusion Passenger Spawner.h information disclosure4.54.3$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00950CVE-2017-16355
15Microsoft Windows DCE/RPC information disclosure4.34.2$5k-$25k$5k-$25kNot DefinedWorkaround0.160.00000
16FFmpeg utils.c avcodec_decode_audio4 memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01055CVE-2013-2276
17OpenSSH GSS2 auth-gss2.c Username information disclosure5.35.2$5k-$25k$5k-$25kNot DefinedWorkaround0.070.05736CVE-2018-15919
18Apache HTTP Server SETTINGS Frame input validation4.84.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.07767CVE-2018-11763
19Microsoft Windows WINS information disclosure3.33.3$25k-$100k$5k-$25kNot DefinedWorkaround0.050.00000
20Microsoft Windows Terminal Services information disclosure5.35.2$5k-$25k$0-$5kNot DefinedWorkaround0.000.00000

IOC - Indicator of Compromise (142)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.62.56.80r-80-56-62-5.consumer-pool.prcdn.netDominican Republic UnknownverifiedHigh
25.62.58.76r-76-58-62-5.consumer-pool.prcdn.netDominican Republic UnknownverifiedHigh
345.5.8.0Dominican Republic UnknownverifiedHigh
445.6.40.0Dominican Republic UnknownverifiedHigh
545.12.70.61data-that.get-eye.comDominican Republic UnknownverifiedHigh
645.12.71.61Dominican Republic UnknownverifiedHigh
745.13.248.0Dominican Republic UnknownverifiedHigh
845.65.244.0lineas-dedicadas-244.cableatlantico.comDominican Republic UnknownverifiedHigh
945.74.23.128Dominican Republic UnknownverifiedHigh
1045.164.12.0Dominican Republic UnknownverifiedHigh
1145.164.172.0internet-por-fibra-172.orbitcable.com.doDominican Republic UnknownverifiedHigh
1245.169.192.0Dominican Republic UnknownverifiedHigh
1345.172.152.0Dominican Republic UnknownverifiedHigh
1445.175.68.0Dominican Republic UnknownverifiedHigh
1545.176.84.0Dominican Republic UnknownverifiedHigh
1645.176.92.0ipv4-92-0.exito-vision.netDominican Republic UnknownverifiedHigh
1745.176.96.0Dominican Republic UnknownverifiedHigh
1845.177.0.0Dominican Republic UnknownverifiedHigh
1945.184.132.0Dominican Republic UnknownverifiedHigh
2045.186.12.0Dominican Republic UnknownverifiedHigh
2145.190.192.0linea-dedicada-192.wifeet.com.doDominican Republic UnknownverifiedHigh
2245.229.32.0Dominican Republic UnknownverifiedHigh
2345.229.148.0Dominican Republic UnknownverifiedHigh
2445.230.216.0ip-a0-static-telecasa.netDominican Republic UnknownverifiedHigh
2545.231.104.0Dominican Republic UnknownverifiedHigh
2645.232.172.0internet-por-fibra-172.telecablelaunion.comDominican Republic UnknownverifiedHigh
2745.235.228.0Dominican Republic UnknownverifiedHigh
2845.237.48.0internet-por-fibra-48.cabledelnorte.comDominican Republic UnknownverifiedHigh
2957.91.64.0Dominican Republic UnknownverifiedHigh
30XX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
31XX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
32XX.XX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
33XX.XX.XX.Xx.xx.xx.xx.x.xxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
34XX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
35XX.XXX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
36XX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
37XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
38XXX.XXX.XXX.Xxxxxxxxx-xxx-xxxxx-xxx.xxxxxxxxxxxxx.xxxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
39XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
40XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
41XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
42XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
43XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
44XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
45XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
46XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
47XXX.X.X.Xx.x.x.xxx.x.xxx.xxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
48XXX.XXX.X.Xx.x.xxx.xxx.x.xxx.xxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
49XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
50XXX.XXX.X.Xx.x.xxx.xxx.x.xxx.xxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
51XXX.X.X.Xx.x.x.xxx.x.xxx.xxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
52XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
53XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
54XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
55XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
56XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
57XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
58XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
59XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
60XXX.XX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
61XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
62XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
63XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
64XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
65XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
66XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
67XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
68XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
69XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
70XXX.XX.X.Xx.x.xx.xxx.x.xxx.xxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
71XXX.XX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
72XXX.XXX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
73XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
74XXX.XX.XX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
75XXX.X.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
76XXX.X.X.Xx.x.x.xxx.x.xxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
77XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
78XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
79XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
80XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
81XXX.XXX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
82XXX.X.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
83XXX.X.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
84XXX.X.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
85XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
86XXX.XX.XXX.Xxxxxxxx-x.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
87XXX.XX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
88XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
89XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
90XXX.XXX.X.Xxxxxxxxx-xxxx-x-x.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
91XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
92XXX.XXX.XXX.Xx-xxx-xxx-xxx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
93XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
94XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
95XXX.XXX.X.Xx.x.xxx.xxx.x.xxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
96XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
97XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
98XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
99XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
100XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
101XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
102XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
103XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
104XXX.XXX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
105XXX.XX.XX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
106XXX.XX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
107XXX.XXX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
108XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
109XXX.XXX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
110XXX.XXX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
111XXX.XXX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
112XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
113XXX.X.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
114XXX.X.XX.Xx.xx.x.xxx.x.xxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
115XXX.X.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
116XXX.X.XX.Xx.xx.x.xxx.x.xxx.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
117XXX.X.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
118XXX.X.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
119XXX.X.XXX.Xxxxxxxxxxx.xxxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
120XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
121XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
122XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
123XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
124XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
125XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
126XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
127XXX.XX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
128XXX.XX.XXX.Xxxxxxxxx-xxx-xxxxx-xxx.xxxxxxxxxxxxxx.xxxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
129XXX.XX.X.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
130XXX.XX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
131XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
132XXX.XXX.XXX.Xxxx-xxx-xxx-x.xxxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
133XXX.XXX.XXX.Xx.xxx.xxx.xxx.x.xxxxxx.xxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
134XXX.XXX.XXX.Xxxxxxxx-x.xxxxxxx.xxx.xxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
135XXX.XXX.XXX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
136XXX.XXX.XX.XXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
137XXX.XX.XXX.XXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
138XXX.XXX.XX.Xxxxxxx.xxxxx.xxxXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
139XXX.XX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
140XXX.XX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
141XXX.XX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh
142XXX.XX.XXX.XXXXxxxxxxxx Xxxxxxxx XxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/uncpath/predictiveMedium
2File/_uuidspredictiveLow
3Fileagent/Core/SpawningKit/Spawner.hpredictiveHigh
4Filexxxx-xxxx.xpredictiveMedium
5Filexxxxxx_xxxxxx.xxxpredictiveHigh
6FilexxxpredictiveLow
7Filexxxxx.xpredictiveLow
8Filexx-xxxxx/xxxxxxxx/xxxxx-xxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
9Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
10File\xxxxx\xxxxxxxxxxxpredictiveHigh
11Argument--xxxx=xxxpredictiveMedium
12ArgumentxxxpredictiveLow
13ArgumentxxxxxpredictiveLow
14ArgumentxxxxxxxxxpredictiveMedium
15Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
16Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!