EvilBunny Analysisinfo

IOB - Indicator of Behavior (120)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en102
zh8
fr4
ja2
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

AnalogX Proxy6
FFmpeg4
Google Android4
SourceCodester Online Computer and Laptop Store4
Netgear DGN2200 N3004

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.04CVE-2016-6195
2IBM WebSphere Host On-Demand Remote Code Execution7.36.9$25k-$100k$5k-$25kProof-of-ConceptNot Defined0.013860.00CVE-2006-6537
3Apple iOS/iPadOS Assets resource transfer5.35.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2020-9979
4nuxt code injection8.48.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002920.04CVE-2023-3224
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.021950.75CVE-2010-0966
6wp-google-maps Plugin REST API class.rest-api.php input validation8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.966920.00CVE-2019-10692
7GNU Tar Remote Code Execution9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.006910.03CVE-2005-2541
8Breakdance Plugin authorization5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.000450.04CVE-2024-5331
9Breakdance Plugin Remote Code Execution7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.00CVE-2024-4605
10Senstar Symphony SSOAuth deserialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.002180.03CVE-2020-17405
11Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.004830.06CVE-2017-0055
12Apache Tomcat Reverse-Proxy Http11InputBuffer.java information disclosure6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001890.04CVE-2016-8747
13Banu Tinyproxy HTTP Proxy Server acl.c config3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.004320.04CVE-2011-1499
14Trojan-Proxy.Win32.Symbab.o Service Port 8080 heap-based overflow7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.03
15AnalogX Proxy SMTP memory corruption7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.005210.03CVE-2000-0657
16AnalogX Proxy URL memory corruption10.010.0$0-$5k$0-$5kNot DefinedNot Defined0.096980.00CVE-2003-0410
17AnalogX Proxy Request memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.195870.00CVE-2002-1001
18AnalogX Proxy POP3 memory corruption7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.005210.00CVE-2000-0658
19AnalogX Proxy FTP memory corruption7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011600.00CVE-2000-0656
20PHP PHAR phar_dir_read buffer overflow8.28.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.001340.03CVE-2023-3824

IOC - Indicator of Compromise (20)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (65)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/sales/index.phppredictiveHigh
2File/category.phppredictiveHigh
3File/classes/Master.php?f=save_sub_categorypredictiveHigh
4File/errorpredictiveLow
5File/etc/passwdpredictiveMedium
6File/getcfg.phppredictiveMedium
7File/uncpath/predictiveMedium
8Fileacl.cpredictiveLow
9Filexxxxxxx.xxpredictiveMedium
10Filexxx_xx_xxxxxx_xx.xxpredictiveHigh
11Filexxxxx/xxxx/xxxxxxxxpredictiveHigh
12Filexx_xxxxxxxpredictiveMedium
13Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
14Filexx/xxxxx.xpredictiveMedium
15Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
16Filexxx/xxxxxx.xxxpredictiveHigh
17Filexxxxxxxx/xxxxx.xxxx-xxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxxxx.xxxpredictiveMedium
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxxx/xxx.xpredictiveHigh
22Filexxxxxxxxxx/xxxxxx.xpredictiveHigh
23Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
24Filexxx/xxx_xxxx_xxx.xpredictiveHigh
25Filexxxxxxx/xxxxxxx/xxx_xxxxxxx.xpredictiveHigh
26Filexxxxx-xxxxxxx.xxpredictiveHigh
27Filexxx-xxxx.xxxpredictiveMedium
28Filexxxxx.xxxpredictiveMedium
29Filexxxxxxxxxxxx.xxxpredictiveHigh
30Filexxx_xxxxxxx.xxxpredictiveHigh
31Filexxxxxx_xxx.xxxpredictiveHigh
32Filexxxx/xxxxxxxxx.xpredictiveHigh
33Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
34Filexxxx/xxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
36Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
37Filexx-xxxxxxxxxxx.xxxpredictiveHigh
38Argumentxxx_xxxxpredictiveMedium
39ArgumentxxxxxxxxpredictiveMedium
40Argumentxxxx_xxxxx/xxxx_xxxpredictiveHigh
41ArgumentxxpredictiveLow
42Argumentxxxxxxx[xxxxxx]predictiveHigh
43ArgumentxxxxxxpredictiveLow
44ArgumentxxxxpredictiveLow
45ArgumentxxxxpredictiveLow
46ArgumentxxpredictiveLow
47Argumentxx/xpredictiveLow
48ArgumentxxxxxxxxxxxpredictiveMedium
49ArgumentxxxxxxpredictiveLow
50Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
51ArgumentxxxpredictiveLow
52ArgumentxxxxxxxpredictiveLow
53ArgumentxxxxxxxxxxxpredictiveMedium
54ArgumentxxxxxxpredictiveLow
55ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
56ArgumentxxxxxxxxpredictiveMedium
57ArgumentxxxpredictiveLow
58Argumentxxx_xxxxxxxxpredictiveMedium
59ArgumentxxxxxpredictiveLow
60ArgumentxxxxpredictiveLow
61Argument__xxxxxxxxxxxxxpredictiveHigh
62Input Valuexxxxx/xxxxxxxxpredictiveHigh
63Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
64Network Portxxx/xxxxxpredictiveMedium
65Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!