ElectrumDosMiner Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en592
de140
zh132
es28
sv26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us710
de130
es18
sv18
it10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

ElectrumDosMiner2
SocGholish1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined58
Content Management System18
Forum Software18
WordPress Plugin14
Smartphone Operating System6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined74
Google8
SourceCodester6
Infopop4
Matt Wright4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android6
WordPress4
Infopop Ultimate Bulletin Board4
Matt Wright Matt Wright Guestbook4
DZCP deV!L`z Clanportal4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.02CVE-2007-1192
2MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.92CVE-2007-0354
3Microsoft Exchange Server ChainedSerializationBinder deserialization7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.06
4Squid Web Proxy Gopher Gateway null pointer dereference6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.003740.02CVE-2023-46728
5Fortinet FortiOS prof-admin Profile improper authorization7.77.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.03CVE-2023-41841
6Oracle Java SE Windows DLL access control8.38.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.002570.02CVE-2018-2942
7WordPress wp-trackback.php sql injection7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.046510.06CVE-2007-0233
8OpenSSL DH Key dh_check.c DH_check denial of service5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.001300.02CVE-2023-3817
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.15CVE-2010-0966
10WordPress wp-trackback.php mb_convert_encoding cryptographic issues5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.033580.04CVE-2009-3622
11Microsoft Office/Office LTSC/OneNote unknown vulnerability4.54.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000510.00CVE-2023-36769
12Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.05CVE-2009-4889
13JD-WordPress wp-trackback.php privileges management5.35.0$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000000.02
14Icewarp Webclient HTTP POST Request Persistent cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000660.02CVE-2010-5338
15Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.33CVE-2005-4222
16Matt Wright Matt Wright Guestbook guestbook.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.009910.11CVE-2006-1697
17esoftpro Online Guestbook Pro ogp_show.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.001350.05CVE-2010-4996
18SignKorn Guestbook admin.php privileges management5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03
19Apple M1 Register s3_5_c15_c10_1 M1RACLES access control8.88.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.04CVE-2021-30747
20PC Keyboard Server missing authentication9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.003610.00CVE-2022-45479

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.5.6.1ElectrumDosMiner04/30/2019verifiedHigh
2XXX.XXX.XX.XXXxxxx.xxxxxxx.xxxXxxxxxxxxxxxxxxx04/30/2019verifiedHigh
3XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx04/30/2019verifiedHigh
4XXX.XX.XXX.XXXXxxxxxxxxxxxxxxx04/30/2019verifiedHigh
5XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx04/30/2019verifiedHigh

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-23Path TraversalpredictiveHigh
2T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
3T1059.007CAPEC-209CWE-79, CWE-80, CWE-84Cross Site ScriptingpredictiveHigh
4TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
11TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
12TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (137)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/edit_member.phppredictiveHigh
2File/admin/maintenance/view_designation.phppredictiveHigh
3File/backend/register.phppredictiveHigh
4File/cgi-binpredictiveMedium
5File/cgi-bin/ExportAllSettings.shpredictiveHigh
6File/forum/away.phppredictiveHigh
7File/include/comm_post.inc.phppredictiveHigh
8File/magnoliaPublic/travel/members/login.htmlpredictiveHigh
9File/register.dopredictiveMedium
10File/secure/EditSubscription.jspapredictiveHigh
11File/spip.phppredictiveMedium
12Fileaddentry.phppredictiveMedium
13Fileadmin.phppredictiveMedium
14Fileadmin/admin.guestbook.phppredictiveHigh
15Fileadmin/admin.phppredictiveHigh
16Fileadmin/conf_users_edit.phppredictiveHigh
17Fileadmin/index.phppredictiveHigh
18Filexxxxxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxxxxx.xxxpredictiveMedium
20Filexxxxxxx.xxpredictiveMedium
21Filexxx/xxx.xxxpredictiveMedium
22Filexxxxx.xxxpredictiveMedium
23Filexxxxxxxxx.xpredictiveMedium
24Filexx-xxxxxxxxx.xxxpredictiveHigh
25Filexxxx_xx.xxpredictiveMedium
26Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
27Filexxxxx-xxxxxx-xxxxx-xx.xxpredictiveHigh
28Filexxxxx.xxxpredictiveMedium
29Filexxxxxx.xxxpredictiveMedium
30Filexxxxxx/xx/xx_xxxxx.xpredictiveHigh
31Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxxxx.xxxpredictiveMedium
33Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
34Filexxxxxx.xxxpredictiveMedium
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxxx.xxxpredictiveMedium
37Filexxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxxx.xxpredictiveMedium
39Filexxx/xxxxxx.xxxpredictiveHigh
40Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
41Filexxxxx.xxxxpredictiveMedium
42Filexxxxx.xxxpredictiveMedium
43Filexxxx_xx.xxxpredictiveMedium
44Filexxxx.xxxpredictiveMedium
45Filexxxxxx_xxxxxxxxx.xxpredictiveHigh
46Filexxx_xxx_xxxx.xxxpredictiveHigh
47Filexx/xxxxxx.xpredictiveMedium
48Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
49Filexxx_xxxxx.xxxpredictiveHigh
50Filexxxxxxxxx.xxxpredictiveHigh
51Filexxx_xxxx.xxxpredictiveMedium
52Filexxxxxxx.xxxpredictiveMedium
53Filexxx_xxxx_xx_xxxxxx.xxxpredictiveHigh
54Filexxxxxxxx.xxxpredictiveMedium
55Filexxxxxxxxxxxx.xxxpredictiveHigh
56Filexxxxxxxxxxx.xxxpredictiveHigh
57Filexxx_xxxxxxxx.xxxpredictiveHigh
58Filexxx_xxx_xxxx_xxx.xxxpredictiveHigh
59Filexxxx.xxxpredictiveMedium
60Filexxxxxxxxxx.xxxpredictiveHigh
61Filexxxxxxxx.xxxpredictiveMedium
62Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
63Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveHigh
64Filexxxxxxxx.xxxpredictiveMedium
65Filexxxxxxxxxxxxx.xxxpredictiveHigh
66Filexxxxxxxxxxx.xxxpredictiveHigh
67Filexxxxxxx/xxxxxx.xxxpredictiveHigh
68Filexxxxxxx-xxxxxxxx.xxxpredictiveHigh
69Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
70Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
71Filexxxxxxxx.xxxxx.xxxpredictiveHigh
72Filexxxx-xxxxx.xxxpredictiveHigh
73Filexxxx-xxxxx.xxxpredictiveHigh
74Filexxxx-xxxxxxxx.xxxpredictiveHigh
75Filexxxxxxxxx.xxxpredictiveHigh
76Filexxxxxxx/xxxxx/predictiveHigh
77Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
78Filexx-xxxxx-xxxxx-xxxxxxxxxxxxx.xxxpredictiveHigh
79Filexx-xxxxxxxxx.xxxpredictiveHigh
80Filexxxx.xxpredictiveLow
81Libraryxxxx/xxx/xxxxxx.xxxpredictiveHigh
82Libraryxxxxxxxxxx.xxxpredictiveHigh
83ArgumentxxxxxxxxpredictiveMedium
84ArgumentxxxxxpredictiveLow
85ArgumentxxxxxxpredictiveLow
86ArgumentxxxpredictiveLow
87ArgumentxxxxxxxxxxpredictiveMedium
88ArgumentxxxxxxxpredictiveLow
89Argumentxxxxxx[xxxx]predictiveMedium
90Argumentxxxxxxxxx[x]predictiveMedium
91ArgumentxxxxxxxxpredictiveMedium
92ArgumentxxxxpredictiveLow
93Argumentxxx/xxxxxxxpredictiveMedium
94Argumentxxx_xxxxpredictiveMedium
95ArgumentxxxxxxxpredictiveLow
96ArgumentxxxxxpredictiveLow
97Argumentxx_xxxxx_xxpredictiveMedium
98Argumentxxxxx_xxxpredictiveMedium
99Argumentxxxxx_xx/xxxx_xxxx/xxxxx/xxxxxx/xxxxxxx/xxxxxxpredictiveHigh
100ArgumentxxxxxxxxxpredictiveMedium
101ArgumentxxxxpredictiveLow
102Argumentxx_xxpredictiveLow
103ArgumentxxxxpredictiveLow
104Argumentxxxxx_xxpredictiveMedium
105Argumentxxxxxxxxx/xxxxxxpredictiveHigh
106ArgumentxxxxxxxpredictiveLow
107Argumentxxxxxxx[xxxxx_xxxx]predictiveHigh
108ArgumentxxpredictiveLow
109Argumentxxx_xxxxxxxxpredictiveMedium
110ArgumentxxxxxxxpredictiveLow
111Argumentxxxxxxxx_xxxpredictiveMedium
112Argumentxxx_xxxx_xxxxxxxpredictiveHigh
113ArgumentxxxxpredictiveLow
114ArgumentxxxxxxxxxxpredictiveMedium
115Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
116ArgumentxxxxpredictiveLow
117ArgumentxxxxxxxpredictiveLow
118ArgumentxxxxpredictiveLow
119ArgumentxxxxxxpredictiveLow
120ArgumentxxxxpredictiveLow
121Argumentxxxxxxx_xxxxx_xxxxpredictiveHigh
122ArgumentxxxxxxpredictiveLow
123ArgumentxxxxxpredictiveLow
124ArgumentxxxpredictiveLow
125ArgumentxxxxxpredictiveLow
126ArgumentxxxxxxpredictiveLow
127ArgumentxxxpredictiveLow
128Argumentxx_xxpredictiveLow
129ArgumentxxxpredictiveLow
130ArgumentxxxxxpredictiveLow
131ArgumentxxxxxxxxxpredictiveMedium
132ArgumentxxxpredictiveLow
133ArgumentxxxxpredictiveLow
134ArgumentxxxxxxxxpredictiveMedium
135Argumentx-xxxxxxxxx-xxxpredictiveHigh
136Argument_xxx[xxxxxxx][xxxxxx]predictiveHigh
137Network Portxxx/xxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!