Drinik Analysisinfo

IOB - Indicator of Behavior (315)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en246
pl18
it16
de12
es10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Siemens SPPA-T3000 MS3000 Migration Server14
Microsoft Windows14
WordPress6
vBulletin2
Total PC PHP Rocket Add-In2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.028200.52CVE-2010-0966
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
3Tiki Wiki CMS Groupware tiki-edit_wiki_section.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001520.00CVE-2010-4240
4Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000001.36
5Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011590.06CVE-2004-1386
6JForum jforum.page cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.003090.03CVE-2022-26173
7Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.914573.49CVE-2020-15906
8HP Storage Data Protector memory corruption10.010.0$5k-$25k$0-$5kHighNot Defined0.823300.10CVE-2014-2623
9AlstraSoft AskMe Pro register.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.00
10Siemens SPPA-T3000 MS3000 Migration Server Service Port 5010 integer overflow6.46.3$5k-$25k$5k-$25kNot DefinedWorkaround0.008270.00CVE-2019-18304
11Siemens SPPA-T3000 MS3000 Migration Server Service Port 7061 stack-based overflow6.46.3$5k-$25k$5k-$25kNot DefinedWorkaround0.000970.00CVE-2019-18310
12Microsoft Windows OpenType Font Parser memory corruption7.67.5$25k-$100k$5k-$25kNot DefinedOfficial Fix0.075280.00CVE-2019-1456
13Microsoft Windows Win32k information disclosure4.94.9$25k-$100k$0-$5kNot DefinedOfficial Fix0.000980.00CVE-2019-1440
14Microsoft Windows GDI information disclosure4.94.9$25k-$100k$0-$5kNot DefinedOfficial Fix0.032650.00CVE-2019-1439
15Expinion.net News Manager Lite comment_add.asp cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.007100.05CVE-2004-1845
16TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.0107510.00CVE-2006-6168
17My Link Trader out.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00
18Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.025460.21CVE-2007-2046
19WordPress wp-register.php cross site scripting4.34.2$5k-$25k$0-$5kHighUnavailable0.009660.00CVE-2007-5106
20PHPizabi template.class.php assignuser information disclosure4.34.2$0-$5k$0-$5kHighUnavailable0.004580.07CVE-2008-2018

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (99)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/out.phppredictiveMedium
3File/php-sms/classes/Master.phppredictiveHigh
4Fileadclick.phppredictiveMedium
5Fileadd.php/del.phppredictiveHigh
6Fileaddentry.phppredictiveMedium
7Fileadd_comment.phppredictiveHigh
8Fileadmin.phppredictiveMedium
9Fileadmin/index.phppredictiveHigh
10Fileadmin/scripts/FileUploader/php.phppredictiveHigh
11Filecase.filemanager.phppredictiveHigh
12Filecashconfirm.phppredictiveHigh
13Filechannels/chan_skinny.cpredictiveHigh
14Filecloud.phppredictiveMedium
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxxxxxx_xxx.xxxpredictiveHigh
17Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
19Filexxxx.xxxpredictiveMedium
20Filexxxx.xxxpredictiveMedium
21Filexxxxxxxxx.xxxpredictiveHigh
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
24Filexxxxx.xxxxpredictiveMedium
25Filexxxxx.xxxpredictiveMedium
26Filexxxxxx.xxxxpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxxxxxx/xxx.xxxpredictiveHigh
29Filexxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxpredictiveHigh
30Filexxxxxxxxx.xxxpredictiveHigh
31Filexxx_xxxx.xxxpredictiveMedium
32Filexxxx.xxxpredictiveMedium
33Filexxxxx.xxxpredictiveMedium
34Filexxxxxxxx.xxpredictiveMedium
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxxx.xxxpredictiveMedium
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
40Filexxxxxx.xxxpredictiveMedium
41Filexxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
42Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
43Filexxxxxxxx.xxxxx.xxxpredictiveHigh
44Filexxxx-xxxxxxxx.xxxpredictiveHigh
45Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
46Filexxxx-xxxxx.xxxpredictiveHigh
47Filexxxx-xxxxxxxx.xxxpredictiveHigh
48Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
49Filexxx.xxxpredictiveLow
50Filexxxx/xxxxxxxx.xxxpredictiveHigh
51Filexxxxx.xxxpredictiveMedium
52Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
53Filexx-xxxxxxxx.xxxpredictiveHigh
54Libraryxxxx/xxx/xxxxxx/xx-xxxx-xxxxxx.xxxpredictiveHigh
55Libraryxxxxxxxxx.x.x.xxx.xxxpredictiveHigh
56Libraryxxxxxxxx.xxxpredictiveMedium
57Libraryxxxxxxxx.xxxpredictiveMedium
58Argument$xxx_xxxxpredictiveMedium
59Argument$xxxxpredictiveLow
60Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxpredictiveLow
63ArgumentxxxxxxxxxxpredictiveMedium
64Argumentxxxxxxxxx[x]predictiveMedium
65ArgumentxxxxxxxpredictiveLow
66ArgumentxxxxpredictiveLow
67ArgumentxxxxxxxpredictiveLow
68ArgumentxxxxxxxpredictiveLow
69ArgumentxxxxxpredictiveLow
70Argumentxx_xxxxx_xxpredictiveMedium
71ArgumentxxxxpredictiveLow
72ArgumentxxxxxxxpredictiveLow
73Argumentxxxx_xxxxxpredictiveMedium
74ArgumentxxxxpredictiveLow
75ArgumentxxxxxxxxpredictiveMedium
76ArgumentxxpredictiveLow
77Argumentxx_xxxxpredictiveLow
78ArgumentxxxxpredictiveLow
79ArgumentxxxxxxxpredictiveLow
80ArgumentxxxpredictiveLow
81Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
82ArgumentxxxxxxpredictiveLow
83ArgumentxxpredictiveLow
84ArgumentxxxxpredictiveLow
85ArgumentxxxxxxxxpredictiveMedium
86Argumentxxxx_xxxxpredictiveMedium
87ArgumentxxxpredictiveLow
88ArgumentxxxpredictiveLow
89ArgumentxxxxxpredictiveLow
90ArgumentxxxxxxxxxxxxxxxpredictiveHigh
91ArgumentxxxpredictiveLow
92ArgumentxxxxpredictiveLow
93ArgumentxxxxxpredictiveLow
94ArgumentxxxpredictiveLow
95Argumentxxxx_xxxxxpredictiveMedium
96Argumentxxxx_xxxxxpredictiveMedium
97Input Valuexxxxx.xxxpredictiveMedium
98Network Portxxx/xxxxpredictiveMedium
99Network Portxxx/xxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!