FamousSparrow Analysis

IOB - Indicator of Behavior (120)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en68
zh50
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn90
us30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows8
WordPress4
IBM MQ2
Spamsniper2
FFmpeg2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1ipTIME NAS-I Bulletin Manage unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.010.01359CVE-2020-7847
2Synacor Zimbra Collaboration mboximport pathname traversal4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.14469CVE-2022-27925
3WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.01974CVE-2017-5611
4Synacor Zimbra Webmail Subsystem upload unrestricted upload6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.03917CVE-2020-12846
5Vmware Workspace ONE Access/Identity Manager Template injection9.88.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.060.93243CVE-2022-22954
6UniSharp laravel-filemanager Image File upload unrestricted upload5.85.7$0-$5k$0-$5kNot DefinedNot Defined0.110.00885CVE-2021-23814
7Citrix XenServer path traversal8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00954CVE-2018-14007
8PHPMailer validateAddress injection5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01018CVE-2021-3603
9Spamsniper Mail From stack-based overflow7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.020.01978CVE-2020-7845
10ThinkPHP index.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2018-10225
11IBM MQ TLS Key Renegotiation input validation6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00954CVE-2019-4055
12Genian NAC Parameter Validation input validation9.79.3$0-$5k$0-$5kNot DefinedOfficial Fix0.110.01156CVE-2021-26622
13ownCloud Server E-Mail Message Remote Code Execution4.64.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2022-43679
14Cacti Request Parameter remote_agent.php injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.310.42332CVE-2022-46169
15FCKeditor Connector Module path traversal7.37.0$0-$5k$0-$5kHighOfficial Fix0.030.92736CVE-2009-2265
16ProjectSend upload-process-form.php unrestricted upload7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.050.00885CVE-2019-11378
17SquirrelMail Deliver.class.php path traversal7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01282CVE-2018-8741
18JXPath JXPathContext unknown vulnerability7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000CVE-2022-41852
19IBM Lotus Domino Keyview PDF memory corruption8.07.7$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.01996CVE-2016-0301
20WSO2 Management Console login.jsp cross site scripting4.84.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.06344CVE-2020-17453

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
127.102.113.240power.playtimeins.netFamousSparrowverifiedHigh
2XX.XXX.XXX.XXXXxxxxxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/login.htmlpredictiveMedium
2File/newpredictiveLow
3File/service/uploadpredictiveHigh
4File/system?action=ServiceAdminpredictiveHigh
5File/var/log/nginxpredictiveHigh
6Fileadmin/import/class-import-settings.phppredictiveHigh
7Filexxxxx/xxxxx.xxx?x=xxxxxxxx&x=xxxpredictiveHigh
8Filexxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
9Filexxx_xxxxxxx.xxxpredictiveHigh
10Filexxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
11Filexxxxxxx.xxxxx.xxxpredictiveHigh
12Filexxxxxxx_xxxxxxx.xxpredictiveHigh
13Filexxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxxxx_xxx_xxxx_xxxxx_xx_xxxxx.xpredictiveHigh
16Filexxxxx.xxxpredictiveMedium
17Filexxxxxx/xxxxxx.xpredictiveHigh
18Filexxxxxxxxxxx/xxxxx.xpredictiveHigh
19Filexxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxx/xxxx/xxxxx/xxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxx/xxxx_xxx_xxxxx.xxxpredictiveHigh
22Filexxxxxx_xxxxx.xxxpredictiveHigh
23Filexxx_xxxx_xxxxxxx.xxxpredictiveHigh
24Filexx_xxx.xxpredictiveMedium
25Filexxxxxxxx/xxxxx/xxxxxxx.xxxx?xxxxxxxxxx=xxxxxxxxxxxxxxxx/xxxxpredictiveHigh
26Filexxxxxx-xxxxxxx-xxxx.xxxpredictiveHigh
27Filexxxxxxx/xxxxxxxx_xxxx_xx_xxx.xpredictiveHigh
28Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
29Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
30File__xxxx_xxxxxxxx.xxxpredictiveHigh
31Libraryxxxxxxxx.xxxpredictiveMedium
32Libraryxxxxxxxx.xxxpredictiveMedium
33Argument--xxxxxx/--xxxxxxxxpredictiveHigh
34Argumentxxx_xxxxx_xxxxpredictiveHigh
35ArgumentxxxxxxxxpredictiveMedium
36Argumentxxxx xxxxpredictiveMedium
37Argumentxxxxxxxx_xxxxx[]predictiveHigh
38ArgumentxxxxpredictiveLow
39ArgumentxxxxxpredictiveLow
40ArgumentxxxxxxxxpredictiveMedium
41Argumentxxxx_xxpredictiveLow
42ArgumentxxxxxxxxxxxxxpredictiveHigh
43Argumentxxxxxxxxx_predictiveMedium
44ArgumentxxxxxxpredictiveLow
45ArgumentxxxxxxxxpredictiveMedium
46Input Value../predictiveLow
47Input Valuexxxx.xxx::$xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!