East Europe Unknown Analysis

IOB - Indicator of Behavior (244)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en148
zh68
ru16
pl6
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn110
us80
ru36
ca6
gb4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Traefik6
PHPMailer6
nginx4
Fortinet FortiOS4
WordPress4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Ignite Realtime Openfire Administration Console improper authentication7.87.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.97384CVE-2023-32315
2Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.150.00108CVE-2009-4935
3Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.480.00000
4Apple Mac OS X TCP Timestamp information disclosure5.35.1$5k-$25kCalculatingNot DefinedOfficial Fix0.050.00342CVE-2003-0882
5HP Router/Switch SNMP information disclosure3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.00285CVE-2012-3268
6Esoftpro Online Guestbook Pro ogp_show.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.040.00209CVE-2009-2441
7Plesk Obsidian Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00151CVE-2020-11583
8OpenVPN Access Server Web Portal entropy5.65.5$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00151CVE-2022-33738
9Essential Addons for Elementor Plugin password recovery8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.020.03267CVE-2023-32243
10Apache Struts ExceptionDelegator input validation8.88.4$5k-$25k$0-$5kHighOfficial Fix0.020.36440CVE-2012-0391
11Schneider Electric Vijeo Designer path traversal5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00246CVE-2021-22704
12Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix5.550.00936CVE-2020-15906
13OpenX adclick.php redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.820.00440CVE-2014-2230
14MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.520.01302CVE-2007-0354
15Hscripts PHP File Browser Script index.php path traversal5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00153CVE-2018-16549
16Matomo safemode.twig Path information disclosure4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00058CVE-2019-12215
17Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.030.00817CVE-2014-4078
18Microsoft Windows Win32k Privilege Escalation8.37.7$100k and more$0-$5kFunctionalOfficial Fix0.000.00148CVE-2021-40449
19Sphinx missing authentication7.47.3$0-$5k$0-$5kNot DefinedWorkaround0.030.01038CVE-2019-14511
20vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00312CVE-2015-1419

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (115)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/supervisor/PwdGrp.cgipredictiveHigh
2File/classes/Master.phppredictiveHigh
3File/classes/Master.php?f=delete_servicepredictiveHigh
4File/etc/postfix/sender_loginpredictiveHigh
5File/file/upload/1predictiveHigh
6File/filemanager/ajax_calls.phppredictiveHigh
7File/index.phppredictiveMedium
8File/Items/*/RemoteImages/DownloadpredictiveHigh
9File/members/view_member.phppredictiveHigh
10File/mhds/clinic/view_details.phppredictiveHigh
11File/owa/auth/logon.aspxpredictiveHigh
12File/rest/api/latest/projectvalidate/keypredictiveHigh
13File/restapi/v1/certificates/FFM-SSLInspectpredictiveHigh
14File/secure/QueryComponent!Default.jspapredictiveHigh
15File/xxxxxxx/xxxxxxxxx/%xxxxx%/xxxxxpredictiveHigh
16File/xxxxxxx/predictiveMedium
17File/xxx/xxxxx/xxxxxxxxxxxxxxxxxxxx/xxx/predictiveHigh
18File/xxxxxxx/xxx/xxxxxxx_xxx.xxxpredictiveHigh
19Filexxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxx.xxxpredictiveHigh
22Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
23Filexxxxx/?xxxx=xxxx/xxxxxx_xxxxpredictiveHigh
24Filexxxx_xxxxx.xxxpredictiveHigh
25Filexxxxxxx.xxxpredictiveMedium
26Filexxxxxxx.xxxxpredictiveMedium
27Filexxxxxx.xxxpredictiveMedium
28Filexxx/xxx.xxxpredictiveMedium
29Filexxx-xxx/xxxxx_xxx_xxxpredictiveHigh
30Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
31Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxpredictiveHigh
33Filexxxxxxx.xxxpredictiveMedium
34Filexxxxx.xxxpredictiveMedium
35Filexxx/xxxx/xxxx.xpredictiveHigh
36Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxxxx.xxx.xxxpredictiveHigh
38Filexx_xxx_xx.xpredictiveMedium
39Filexxxxx.xxxxpredictiveMedium
40Filexxx/xxxxxx.xxxpredictiveHigh
41Filexxxxx.xxxpredictiveMedium
42Filexxxxxxxx/xx/xxxx.xxpredictiveHigh
43Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
44Filexxxxxxx.xxxpredictiveMedium
45Filexxx/xxxx/xxxx_xxxxxxxxxx_xxxx.xpredictiveHigh
46Filexxx/xxxxxpredictiveMedium
47Filexxxxx.xpredictiveLow
48Filexxx_xxxx.xxxpredictiveMedium
49Filexxxxxxxx.xxxpredictiveMedium
50Filexxxxxx.xpredictiveMedium
51Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
52Filexxxxxxxxx.xxxpredictiveHigh
53Filexxxxxxxx.xxxpredictiveMedium
54Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
55Filexxxx.xxxpredictiveMedium
56Filexxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveHigh
58Filexxxxxx.xxxpredictiveMedium
59Filexxxxxxxxxxxxx.xxxxpredictiveHigh
60Filexxx_xxxxx.xxxpredictiveHigh
61Filexxxx.xxxpredictiveMedium
62Filexxxx-xxxxx.xxxpredictiveHigh
63Filexxx.xpredictiveLow
64Filexxxxxx-xxxxxx.xxpredictiveHigh
65Filexxxxxxxx/predictiveMedium
66Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
67Libraryxxx.xxxpredictiveLow
68Libraryxxx/xxxxxx.xpredictiveMedium
69ArgumentxxxxxxxxpredictiveMedium
70Argumentxxx_xxpredictiveLow
71Argumentxxx_xxxxpredictiveMedium
72ArgumentxxxxxxxxxpredictiveMedium
73ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
74ArgumentxxxxpredictiveLow
75ArgumentxxxxxxxpredictiveLow
76ArgumentxxxxxxxxpredictiveMedium
77ArgumentxxxxxxpredictiveLow
78ArgumentxxxxxpredictiveLow
79ArgumentxxxxpredictiveLow
80ArgumentxxxxxxxxpredictiveMedium
81Argumentxx_xxpredictiveLow
82ArgumentxxxxpredictiveLow
83ArgumentxxpredictiveLow
84ArgumentxxxxxxxpredictiveLow
85ArgumentxxxxxxxxpredictiveMedium
86ArgumentxxxxpredictiveLow
87ArgumentxxxpredictiveLow
88Argumentxxxxx_xxxxxx_xxx/xxxxx_xxxx_xxxxxxxxpredictiveHigh
89ArgumentxxxxpredictiveLow
90ArgumentxxxxxxxpredictiveLow
91ArgumentxxxxpredictiveLow
92ArgumentxxxxxxxxpredictiveMedium
93ArgumentxxxxxxxxpredictiveMedium
94ArgumentxxxxpredictiveLow
95ArgumentxxxxxxxxxxxxxpredictiveHigh
96Argumentxxx xxxpredictiveLow
97ArgumentxxxxxxxpredictiveLow
98ArgumentxxpredictiveLow
99ArgumentxxxxxxpredictiveLow
100ArgumentxxxxxxxxxxxpredictiveMedium
101Argumentxxxx_xxxxxpredictiveMedium
102ArgumentxxxpredictiveLow
103ArgumentxxxxxxxxxxxxpredictiveMedium
104ArgumentxxxpredictiveLow
105Argumentxxxxxx[]predictiveMedium
106ArgumentxxxpredictiveLow
107ArgumentxxxpredictiveLow
108ArgumentxxxxpredictiveLow
109ArgumentxxxxxxxxpredictiveMedium
110ArgumentxxxxxpredictiveLow
111Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
112Input Value../predictiveLow
113Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
114Input Value\xxx\xxxpredictiveMedium
115Network Portxxx/xxx (xxxx)predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!