Eking Analysisinfo

IOB - Indicator of Behavior (400)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en388
es6
zh4
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Dell BIOS22
Apple macOS20
Linux Kernel18
Google Chrome16
Apache Airflow8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft Windows PostScript Printer Driver Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.022160.00CVE-2023-24929
2SAS User Management Module cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000940.00CVE-2023-24724
3Samba LDAP Attribute permission4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.002790.00CVE-2023-0225
4Apple macOS Intel Graphics Driver out-of-bounds4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000610.00CVE-2022-32936
5Apache Pulsar HTTPS Connection certificate validation4.84.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000460.00CVE-2022-33683
6Ivanti Avalanche EnterpriseServer GetSettings improper authentication7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.028300.00CVE-2023-28126
7Nginx NJS njs_function.h njs_function_frame memory corruption6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000630.00CVE-2023-27727
8Nginx NJS njs_vmcode.c njs_vmcode_return memory corruption6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001070.00CVE-2023-27729
9Fortinet FortiAnalyzer/FortiManager GUI Report Template Image exposure of resource4.24.2$0-$5k$0-$5kNot DefinedNot Defined0.001290.00CVE-2022-26121
10Ivanti Pulse Connect Secure Header request smuggling5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000540.03CVE-2022-21826
11Linux Kernel ccp-ops.c ccp_run_aes_gcm_cmd memory leak6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2021-3764
12Google Android ActivityManager information disclosure3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2022-20315
13Google Go XML Document Decoder.Skip recursion6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.001870.00CVE-2022-28131
14Elementor Website Builder Plugin get_image_alt cross site scripting4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.000450.06CVE-2024-0506
15Google Chrome Skia integer overflow7.97.8$25k-$100k$5k-$25kHighOfficial Fix0.128000.00CVE-2023-6345
16Autodesk AutoCAD X_B File out-of-bounds7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.000650.00CVE-2023-27912
17ServiceNow Tokyo cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.006580.00CVE-2022-39048
18Apache Fineract Template server-side request forgery7.27.2$5k-$25k$5k-$25kNot DefinedNot Defined0.000960.00CVE-2023-25195
19Bosch B420 improper authentication7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000740.00CVE-2022-47648
20Telegram Web cross site scripting4.84.7$0-$5k$0-$5kNot DefinedNot Defined0.000870.03CVE-2022-43363

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Government Organizations

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (77)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/addproduct.phppredictiveHigh
2File/admin/mod_room/controller.php?action=addpredictiveHigh
3File/admin/sales/manage_sale.phppredictiveHigh
4File/apply_settingspredictiveHigh
5File/authenticationendpoint/login.dopredictiveHigh
6File/carbon/mediation_secure_vault/properties/ajaxprocessor.jsppredictiveHigh
7File/carbon/ndatasource/validateconnection/ajaxprocessor.jsppredictiveHigh
8File/confirmpredictiveMedium
9File/DesignTools/CssEditor.aspxpredictiveHigh
10File/xxx/xxxxxx/xxxxpredictiveHigh
11File/xxx/xxx/xxxxxxx.xpredictiveHigh
12File/xxxpredictiveLow
13File/xxxxxxx/predictiveMedium
14Filexxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxx/xxx/xxx/xxx/xxx.xpredictiveHigh
16Filexxx.xxxxxxxx.xxxxxxx.xxx.xxx.xxxxxxxxxxxxxpredictiveHigh
17Filexxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxxx.xxxpredictiveMedium
19Filexxxxxxx/xxxxxx/xxx/xxx-xxx.xpredictiveHigh
20Filexxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx_xxxxx.xpredictiveHigh
21Filexxxx_xxxxxx.xpredictiveHigh
22Filexx/xxxx/xxxxxxx.xpredictiveHigh
23Filexxxxxxx/xxx-xxxxxxx/xxx.xpredictiveHigh
24Filexxxxx.xxxxpredictiveMedium
25Filexxxxx.xxxpredictiveMedium
26Filexxxxx.xpredictiveLow
27Filexxx/xxx.xpredictiveMedium
28Filexxxxxx.xpredictiveMedium
29Filexxxxxxx/xxxxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
30Filexxxxxxx/xxxx/xxxxxxxx.xxxxx_xxxxxxxxxxx.xxxpredictiveHigh
31Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxx/xxxx/xx_xxxx.xpredictiveHigh
33Filexxx/xxxxxxxx/xxxx-xxx.xpredictiveHigh
34Filexxxxx.xpredictiveLow
35Filexxxx.xxxxxx.xxpredictiveHigh
36Filexxx/xxx_xx.xpredictiveMedium
37Filexxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxxxxxxx.xxxpredictiveHigh
39Filexxxxxxx-xx.xpredictiveMedium
40Filexxxx.xxxpredictiveMedium
41Filexxxxxxx.xxxpredictiveMedium
42Filex/xxxxx/xxxxxxx/xxxxxpredictiveHigh
43Filexxx/xxx_xxxxxxxx.xpredictiveHigh
44Filexxx/xxx_xxxxxx.xpredictiveHigh
45Filexxxxxx_xxxxxxx.xxxpredictiveHigh
46Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
47File_xxxxxxxxx.xxxpredictiveHigh
48Libraryxxx/xxx/xxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
49Libraryxxxxxxxx.xxxpredictiveMedium
50Argumentxxxxxxxxx xxxxxpredictiveHigh
51Argumentxxxxxxx-xxxxxxpredictiveHigh
52ArgumentxxxxpredictiveLow
53Argumentxxxxxxxxxx_xx_xxxxpredictiveHigh
54Argumentxxxxxxx xxxxpredictiveMedium
55ArgumentxxxxxxxxxxxpredictiveMedium
56ArgumentxxxxxxpredictiveLow
57Argumentxxxxxxx_xxxxxpredictiveHigh
58ArgumentxxxxxxxxpredictiveMedium
59Argumentxx_xxxx_xx/xx_xxxx_xxpredictiveHigh
60ArgumentxxpredictiveLow
61ArgumentxxxxxpredictiveLow
62ArgumentxxxxxxxpredictiveLow
63ArgumentxxxxxxxxxxxxxpredictiveHigh
64Argumentxx_xxxxxxpredictiveMedium
65ArgumentxxxxpredictiveLow
66Argumentxxx_xxxxxx_xxxxxxxxpredictiveHigh
67ArgumentxxxxxxxxpredictiveMedium
68ArgumentxxxxxpredictiveLow
69ArgumentxxxxxxpredictiveLow
70Argumentxxxx_xxxx_xxxxpredictiveHigh
71ArgumentxxxxxxxpredictiveLow
72ArgumentxxxpredictiveLow
73ArgumentxxxxxxxxxxxxpredictiveMedium
74ArgumentxxxpredictiveLow
75ArgumentxxxxxpredictiveLow
76Argumentxxxx xxxxxxxxpredictiveHigh
77Input Value<xxx xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!