Farseer Analysis

IOB - Indicator of Behavior (152)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en114
zh18
de6
ja6
es6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn66
us54
es6
id2
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

phpMyAdmin8
Microsoft Windows6
PHP4
DZCP deV!L`z Clanportal4
Atlassian JIRA Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2OpenSSL c_rehash os command injection5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.09738CVE-2022-1292
3Tiki Wiki CMS Groupware tiki-jsplugin.php input validation8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.03038CVE-2010-4239
4Microsoft Windows Print Spooler Privilege Escalation8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.020.00101CVE-2022-21999
5Microsoft Azure HDInsights Apache Hadoop unknown vulnerability3.93.6$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00051CVE-2023-38188
6Geddy index.js path traversal5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01347CVE-2015-5688
7Asus AsusWRT start_apply.htm os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01350CVE-2018-20334
8EvoStream Media Server HTTP Request memory corruption7.46.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.01265CVE-2017-6427
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.950.00954CVE-2010-0966
10Zulip Server Storage Backend cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00054CVE-2018-9999
11WUZHI CMS cross-site request forgery6.56.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00192CVE-2018-10312
12WebCalendar settings.php file inclusion7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.03093CVE-2005-2717
13Microsoft Windows iSCSI Target Service information disclosure4.84.4$5k-$25k$0-$5kUnprovenOfficial Fix0.050.00095CVE-2023-24945
14Microsoft Windows Netlogon Remote Code Execution8.17.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00113CVE-2023-28268
15Microsoft Windows Kernel Privilege Escalation8.17.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.060.00048CVE-2023-35359
16Microsoft Windows Error Reporting Service Local Privilege Escalation7.87.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.020.00147CVE-2023-36874
17Flask information disclosure6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00100CVE-2023-30861
18WPS Hide Login Plugin Secret Login Page options.php access control6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.02724CVE-2021-24917
19Fortinet FortiOS/FortiProxy Command Line Interpreter format string7.17.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00042CVE-2022-43953
20Fortinet FortiOS CLI Command path traversal6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.020.06752CVE-2022-41328

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (87)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.vnc/sesman_${username}_passwdpredictiveHigh
2File/admin/users.php?source=edit_user&id=1predictiveHigh
3File/forum/away.phppredictiveHigh
4File/icingaweb2/navigation/addpredictiveHigh
5File/phppath/phppredictiveMedium
6File/rest/collectors/1.0/template/custompredictiveHigh
7File/start_apply.htmpredictiveHigh
8File/uncpath/predictiveMedium
9File/WEB-INF/web.xmlpredictiveHigh
10File/wp-admin/options.phppredictiveHigh
11Filexxxxx_xxxxxxxx.xxxpredictiveHigh
12Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
13Filexxxxx.xxxpredictiveMedium
14Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxx_xxxxxxx.xxxpredictiveHigh
17Filexxx-xxx/xxxxxx.xxxpredictiveHigh
18Filexxxxxx/xx.xpredictiveMedium
19Filex_xxxxxxpredictiveMedium
20Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxxxxx.xpredictiveMedium
22Filexxxxx_xxxxxxxxxxxx.xxxpredictiveHigh
23Filexxxx.xxxpredictiveMedium
24Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
25Filexxxx_xxxx.xpredictiveMedium
26Filexxxxxxxx.xxxpredictiveMedium
27Filexxx/xxxxxx.xxxpredictiveHigh
28Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
29Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
30Filexxxxx.xxx?x=xxxxxx&x=xx_xxxxxpredictiveHigh
31Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveHigh
32Filexxx/xxx/xxxxx.xxpredictiveHigh
33Filexxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
34Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
35Filexxxxx.xxxxpredictiveMedium
36Filexxx/xxxx/xxxx_xxxxxxxxxx_xxxx.xpredictiveHigh
37Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
38Filexxxxx/xxxxxxx.xpredictiveHigh
39Filexxxxx.xxxpredictiveMedium
40Filexxxxxx.xpredictiveMedium
41Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
42Filexxxxxxxxxxx.xxpredictiveHigh
43Filexxxxx.xxxpredictiveMedium
44Filexxxxxx_xxxxxx.xxpredictiveHigh
45Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
46Filexxxxxxxxx/xxxxxx.xpredictiveHigh
47Filexxxxxxxx.xxxpredictiveMedium
48Filexxxxx.xxxpredictiveMedium
49Filexxxx-xxxxxxxx.xxxpredictiveHigh
50Filexxxxxx/xxxxxxxxxxxxpredictiveHigh
51Filexxx.xxxpredictiveLow
52Filexx-xxxxx/xxxxx.xxx?xxxx=xxx-xxxxx&xxxxxx=xxxx-xxxxxpredictiveHigh
53Filexx-xx-xxxxxx.xxxpredictiveHigh
54Libraryxxx/xxx/xxxxx.xxpredictiveHigh
55Libraryxxx/xxxx.xpredictiveMedium
56Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
57Argument${xxx}predictiveLow
58Argument/.xxx/xxxxxx_${xxxxxxxx}_xxxxxxpredictiveHigh
59Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveHigh
60ArgumentxxxxxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxxxxpredictiveLow
63ArgumentxxxpredictiveLow
64Argumentxxx_xxxxpredictiveMedium
65Argumentxxxx/xxxxpredictiveMedium
66Argumentxx_xxxxxpredictiveMedium
67ArgumentxxxxpredictiveLow
68ArgumentxxxxxpredictiveLow
69ArgumentxxpredictiveLow
70ArgumentxxxxxxxxpredictiveMedium
71Argumentxxxxxx_xxxxxpredictiveMedium
72ArgumentxxxxpredictiveLow
73Argumentxxxxx_xxpredictiveMedium
74ArgumentxxxxxxxxpredictiveMedium
75Argumentxxxx_xxxxpredictiveMedium
76Argumentxxxx_xxpredictiveLow
77Argumentxxxxxx_xxxxxxxx_xxpredictiveHigh
78ArgumentxxxpredictiveLow
79ArgumentxxxxxxxxpredictiveMedium
80ArgumentxxxpredictiveLow
81Argumentxxxx-xxxxxpredictiveMedium
82ArgumentxxxxxxxxpredictiveMedium
83Input Value-xpredictiveLow
84Input Value.%xx.../.%xx.../predictiveHigh
85Input Value..%xxpredictiveLow
86Network Portxxx/xx (xxxxxx)predictiveHigh
87Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!