East Timor Unknown Analysisinfo

IOB - Indicator of Behavior (28)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en26
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apache HTTP Server4
Mozilla Firefox2
TP-LINK TL-MR32202
Benjamin Arnaudetr Ginkgocms2
LogicBoard CMS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft IIS WebDav memory corruption5.65.2$25k-$100k$0-$5kHighOfficial Fix0.971760.04CVE-2003-0109
2LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000001.10
3YaBB yabb.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.012400.03CVE-2004-2402
4Benjamin Arnaudetr Ginkgocms index.php sql injection7.37.3$0-$5k$0-$5kHighNot Defined0.001290.00CVE-2013-5318
5Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.004830.06CVE-2017-0055
6Apache HTTP Server mod_proxy_uwsgi request smuggling7.17.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013520.00CVE-2023-27522
7Apache HTTP Server mod_proxy request smuggling7.47.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.010000.04CVE-2023-25690
8Apache HTTP Server Limit Directive ap_limit_section use after free6.46.3$5k-$25k$0-$5kHighOfficial Fix0.974000.04CVE-2017-9798
9Aruba Networks ArubaOS Command Line Interface denial of service5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000750.00CVE-2022-37910
10Arvados PAM improper authentication6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.00CVE-2022-39238
11Apple macOS wifivelocityd default permission8.28.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.001480.17CVE-2020-3838
12Trend Micro Antivirus 2021 access control8.38.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000450.00CVE-2021-43771
13Backdoor.Win32.Wollf.h Service Port 7300 hard-coded credentials9.88.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000000.00
14Microsoft Exchange Server ProxyShell9.48.6$25k-$100k$5k-$25kHighOfficial Fix0.848120.03CVE-2021-34523
15Microsoft Windows Multimedia Library winmm.dll memory corruption9.18.8$100k and more$0-$5kHighOfficial Fix0.972950.04CVE-2012-0003
16Microsoft Excel MergeCells Record Heap access control4.43.9$5k-$25k$0-$5kUnprovenOfficial Fix0.952410.04CVE-2012-0185
17ZTE ZXDT22 SF01 path traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.004060.00CVE-2017-10933
18Apache OpenMeetings Password Reset sendHashByUser information disclosure7.57.1$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002230.00CVE-2016-0783
19Host Web Server phpinfo.php phpinfo information disclosure5.35.2$5k-$25k$0-$5kNot DefinedWorkaround0.000000.05
20IBM Tivoli Endpoint Manager HTTPOnly Flag Cookie Handling information disclosure7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.003050.00CVE-2012-1837

IOC - Indicator of Compromise (46)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
114.137.33.0East Timor Unknown05/30/2023verifiedMedium
235.248.7.128East Timor Unknown05/30/2023verifiedHigh
335.248.7.144East Timor Unknown05/30/2023verifiedHigh
435.248.7.148East Timor Unknown05/30/2023verifiedHigh
535.248.7.150var1.bch1-ae21-0.us.twtelecom.netEast Timor Unknown05/30/2023verifiedHigh
635.248.7.152East Timor Unknown05/30/2023verifiedHigh
735.248.7.156East Timor Unknown05/30/2023verifiedHigh
835.248.7.158var2.bch1-ae21-0.3549.level3.netEast Timor Unknown05/30/2023verifiedHigh
943.243.120.0East Timor Unknown05/30/2023verifiedMedium
1043.254.56.0East Timor Unknown01/13/2023verifiedMedium
11XX.XX.XX.XXXxx-xxxx-xx.xxxxxxxxxxxx.xxxXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
12XX.XX.XX.XXXXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
13XX.XXX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
14XX.XX.XXX.XXXXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
15XX.XX.XXX.XXXXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
16XX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
17XXX.XX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
18XXX.XX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
19XXX.XX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
20XXX.XX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
21XXX.XX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
22XXX.XX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
23XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
24XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
25XXX.XXX.XXX.Xxxx-xxx-xxx-x.xxxxx.xxXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
26XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
27XXX.XXX.XXX.Xxx-xxx-x.xxxxxxxxx.xxXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
28XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
29XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
30XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
31XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
32XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
33XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
34XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
35XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
36XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
37XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
38XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
39XXX.XX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
40XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
41XXX.XXX.XXX.XXxxx Xxxxx Xxxxxxx01/13/2023verifiedMedium
42XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
43XXX.XXX.XX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium
44XXX.XX.XX.XXXXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
45XXX.XX.XXX.XXXXxxx Xxxxx Xxxxxxx01/13/2023verifiedHigh
46XXX.XX.XXX.XXxxx Xxxxx Xxxxxxx05/30/2023verifiedMedium

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (17)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/uncpath/predictiveMedium
3Filefetchsettings.phppredictiveHigh
4Filexxx/xxxxxx.xxxpredictiveHigh
5Filexxxxx.xxxpredictiveMedium
6Filexxxxx/xxxxx.xxxpredictiveHigh
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxx.xxpredictiveLow
9Libraryxxxxx.xxxpredictiveMedium
10ArgumentxxxxxxxxpredictiveMedium
11ArgumentxxxxxpredictiveLow
12ArgumentxxxxxxxxxxxpredictiveMedium
13ArgumentxxpredictiveLow
14ArgumentxxxxpredictiveLow
15ArgumentxxxxxxxxxxpredictiveMedium
16ArgumentxxxxxxpredictiveLow
17Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxx+xxxxxx+x,x,xxxx,xxx,x,x+xxxx+xxx_xxxxx+xxxxx+xx=x--+predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!