Energetic Bear Analysisinfo

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

it566
en406
es20
pt4
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Rocket.Chat2
Thomas R. Pasawicz HyperBook Guestbook2
Microsoft Internet Explorer2
PHP-Fusion2
GetSimpleCMS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011940.08CVE-2004-1386
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.021470.00CVE-2007-1192
3DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.014700.19CVE-2010-0966
4Drupal comment_form_add_preview input validation10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.033910.04CVE-2007-0626
5Public Warehouse Light Blog add_comment.php cross site scripting4.34.1$0-$5k$0-$5kHighOfficial Fix0.010620.00CVE-2007-3131
6Wheatblog add_comment.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001640.00CVE-2006-7002
7FreeBSD Kernel Memory memory corruption4.43.9$5k-$25k$0-$5kUnprovenOfficial Fix0.000420.00CVE-2014-3952
8WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.011110.03CVE-2006-5509
9Umberto Caldera EasyMoblog Libraries add_comment.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.011260.00CVE-2007-0759
10Guidance Software EnCase Forensic Imager/EnCase Forensic Disk Image denial of service2.52.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.03
11PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.003480.04CVE-2015-4134
12Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.07CVE-2009-4935
13Rocket.Chat Messages cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001230.00CVE-2017-1000054
14SquirrelMail read_body.php cross site scripting6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.009370.00CVE-2002-1341
15Mr Digital Simple Image Popup Plugin cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000530.00CVE-2022-47610
16Apache HTTP Server Inbound Connection request smuggling7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.007530.00CVE-2022-22720
17PHP-Fusion CMS Admin Panel cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.001200.04CVE-2014-8597
18PowerDNS Authoritative Server HTTP Connector input validation7.27.1$0-$5k$0-$5kNot DefinedOfficial Fix0.016490.00CVE-2019-3871
19Pomerium debug access control6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.001950.00CVE-2022-24797

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (35)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/debugpredictiveLow
2Fileabook_database.phppredictiveHigh
3Fileaddentry.phppredictiveMedium
4Fileadd_comment.phppredictiveHigh
5Fileadmin/index.phppredictiveHigh
6Filexxxxxxxxx.xxxpredictiveHigh
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
8Filexxx.xxxpredictiveLow
9Filexxxx.xxxpredictiveMedium
10Filexxx/xxxxxx.xxxpredictiveHigh
11Filexxx_xxxx.xxxpredictiveMedium
12Filexxxxxxxxxx.xxxpredictiveHigh
13Filexxxx_xxxx.xxxpredictiveHigh
14Filexxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxx-xxxxxxxx.xxxpredictiveHigh
16Filexxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
17Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
18Filexx-xxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xpredictiveHigh
20Libraryxxxxxxxxxxxxxxx.xxxpredictiveHigh
21Libraryxxxxxxx.xxxpredictiveMedium
22Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
23Libraryxxxxxxx.xxxpredictiveMedium
24ArgumentxxxxxxxxpredictiveMedium
25ArgumentxxxxxxxpredictiveLow
26ArgumentxxxxxxxxpredictiveMedium
27ArgumentxxpredictiveLow
28ArgumentxxxxpredictiveLow
29Argumentxxxxxxx/xxxxxx_xxpredictiveHigh
30ArgumentxxpredictiveLow
31ArgumentxxxxxxxxpredictiveMedium
32ArgumentxxxxxxpredictiveLow
33ArgumentxxxpredictiveLow
34ArgumentxxxpredictiveLow
35Argumentx-xxxxxxxxx-xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!