DoppelDridex Analysisinfo

IOB - Indicator of Behavior (37)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en24
de6
sv2
zh2
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Jo Webserver2
Frank Mcingvale luxman2
PHPGurukul Management System2
Orion Application Server2
Oracle Application Server2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
2Drupal File Module Upload cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.574140.00CVE-2019-6341
3Apache HTTP Server Backend Application information disclosure8.38.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.018250.09CVE-2024-38476
4Apache HTTP Server mod_rewrite server-side request forgery7.67.5$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000790.03CVE-2024-40898
5ClamAV HFS+ Partition Scanning buffer overflow9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.003470.05CVE-2023-20032
6HAProxy Header Field request smuggling8.28.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002860.04CVE-2023-25725
7Frank Mcingvale luxman Libraries memory corruption9.38.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010650.00CVE-2005-0385
8rtf2latex2e reader.c readfonttbl memory corruption10.09.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.013700.00CVE-2004-1293
9Microsoft Skype Remote Code Execution7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.000000.03
10VMware Zimbra Collection Suite Web Application improper authentication5.44.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001500.00CVE-2013-5119
11Apple Mac OS X Installer access control9.89.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.006210.00CVE-2013-1027
12Juniper Junos Express Path data processing6.86.8$5k-$25k$0-$5kNot DefinedNot Defined0.001180.00CVE-2017-10619
13Orion Application Server Error Page cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000910.00CVE-2005-2981
14Macromedia JRun web-inf privileges management5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.086840.02CVE-2002-1855
15Lars Ellingsen Guestserver guestserver.cgi privileges management9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002060.00CVE-2001-0180
16Oracle Application Server web-inf privileges management5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.042820.00CVE-2002-1858
17Pramati Server web-inf privileges management5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.013390.00CVE-2002-1860
18Jo Webserver web-inf privileges management5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.005680.00CVE-2002-1857
19Orion Application Server web-inf privileges management5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.012190.00CVE-2002-1859
20Oracle WebLogic Server WLS Security access control8.78.6$25k-$100k$0-$5kHighOfficial Fix0.967840.06CVE-2017-10271

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Filedata/gbconfiguration.datpredictiveHigh
2Filefull-profile.phppredictiveHigh
3Fileguestserver.cgipredictiveHigh
4Filexxx/xxxxxx.xxxpredictiveHigh
5Filexxx_xxxxx_xxxx.xpredictiveHigh
6Filexxxxxx.xpredictiveMedium
7Filexxx-xxxpredictiveLow
8ArgumentxxxxxxxxpredictiveMedium
9Argumentxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
10ArgumentxxxxxpredictiveLow
11ArgumentxxpredictiveLow
12ArgumentxxxxpredictiveLow
13Argumentxx_xxxx_xxxxxpredictiveHigh
14Input Value/../predictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!