Fileless Analysis

IOB - Indicator of Behavior (352)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en342
fr6
ko2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

is294
us12
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows58
D-Link DCS-113010
Qualcomm Snapdragon Auto10
Qualcomm Snapdragon Consumer IOT10
Qualcomm Snapdragon Industrial IOT10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1UNCTAD ASYCUDA World Java RMI Server inadequate encryption8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.004220.03CVE-2020-9761
2Microsoft Windows Hyper-V Network Switch input validation5.95.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.001130.07CVE-2019-0714
3Microsoft Windows Hyper-V Network Switch input validation5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001130.00CVE-2019-0715
4Microsoft Windows DHCP Server memory corruption9.89.4$100k and more$25k-$100kNot DefinedOfficial Fix0.060820.02CVE-2019-1213
5Microsoft Windows Bluetooth cryptographic issues8.07.9$25k-$100k$0-$5kNot DefinedOfficial Fix0.001050.02CVE-2019-9506
6Microsoft Windows memory corruption5.85.6$5k-$25k$5k-$25kNot DefinedOfficial Fix0.001380.00CVE-2019-0716
7Microsoft Windows Hyper-V Network Switch input validation5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001130.02CVE-2019-0717
8Microsoft Edge information disclosure5.04.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.005860.00CVE-2019-1030
9Microsoft Windows Hyper-V Network Switch input validation5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001130.00CVE-2019-0723
10Microsoft Windows Hyper-V Network Switch input validation5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001130.00CVE-2019-0718
11JetBrains YouTrack Plugin Template injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.007700.00CVE-2019-10100
12Joomla CMS LDAP Authentication Password ldap injection7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.010390.04CVE-2017-14596
13Microsoft Windows JET Database Engine memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013560.00CVE-2019-1146
14Microsoft Windows JET Database Engine memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013560.02CVE-2019-1147
15Microsoft Windows Graphics Component information disclosure4.84.8$25k-$100k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2019-1148
16Microsoft Windows Graphics Component information disclosure4.84.8$25k-$100k$0-$5kNot DefinedOfficial Fix0.000430.02CVE-2019-1153
17Microsoft Windows Graphics Component information disclosure4.84.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000690.04CVE-2019-1154
18Microsoft Windows JET Database Engine memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013560.02CVE-2019-1156
19Microsoft Windows JET Database Engine memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013560.00CVE-2019-1155
20Microsoft Windows JET Database Engine memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.013560.00CVE-2019-1157

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (70)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/acms/classes/Master.php?f=delete_cargopredictiveHigh
2File/admin/config_MT.php?action=deletepredictiveHigh
3File/domains/listpredictiveHigh
4File/sbinpredictiveLow
5File/sbin/orthruspredictiveHigh
6File/sbin/rtspdpredictiveMedium
7File/sysmanage/changelogo.phppredictiveHigh
8File/var/www/video/mp4tspredictiveHigh
9Fileadmin/listMailConfigurationpredictiveHigh
10Filexxxxx.xxxpredictiveMedium
11Filexxxxxx/xxx.xpredictiveMedium
12Filexxxxxx/xx.xpredictiveMedium
13Filexxxxxx/xxxx.xpredictiveHigh
14Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
15Filexxxxxx/xxxx_xxxxxxxx.xxxpredictiveHigh
16Filexxxxx_xxxxx.xxx_xxxpredictiveHigh
17Filexxxx_xxxxxxx.xxxpredictiveHigh
18Filexxxxx.xpredictiveLow
19Filexxxxxxx.xxxxpredictiveMedium
20Filexxxx_xxx.xpredictiveMedium
21Filexxxx/xxxxxxxxxx.xxpredictiveHigh
22Filexxxxxxx/xxx.xxxpredictiveHigh
23Filexxxx.xxxpredictiveMedium
24Filexxxxx.xxxpredictiveMedium
25Filexx/xxxxxx.xxxxxxxxxxx.xxpredictiveHigh
26Filexxxxxxxxxxxx.xxpredictiveHigh
27Filexxxxx.xxxpredictiveMedium
28Filexx-xxxxx/xxxx-xxxx.xxxpredictiveHigh
29Filexxxxxxxxx.xxxpredictiveHigh
30Filexxxxxxxxxx.xxpredictiveHigh
31Filexxxxxx/xxxxx.xxxpredictiveHigh
32Filexxx_xxx.xxx?xxx=xxx.xxx.x.x&xxxx=xx&xxxx=xxxpredictiveHigh
33Filexxx/xxx/xxx/xxxxxxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
34Filexxxxxxxx.xxxpredictiveMedium
35Filexxxxx_xxxxx.xxxpredictiveHigh
36Filexxxxxx.xxxpredictiveMedium
37Filexxxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxx/xxxxxxx/xxxxxxxxxxxpredictiveHigh
39Filexxxxx-xx.xxxpredictiveMedium
40Libraryxxxxxx.xxxpredictiveMedium
41Libraryxxxxxxxxxxx.xxxpredictiveHigh
42Libraryxxxx.xxxpredictiveMedium
43Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
44Libraryxxxxxx.xxxpredictiveMedium
45Libraryxxxxx.xxxpredictiveMedium
46Libraryxxxxxxx.xxxpredictiveMedium
47Libraryxxxx.xxxpredictiveMedium
48Libraryxxxxxxxxxxxxxx.xxxpredictiveHigh
49Libraryxxxxxxxx.xxxpredictiveMedium
50Libraryxxxxxx.xxxpredictiveMedium
51Libraryxxxxxxx.xxxpredictiveMedium
52Argument-xpredictiveLow
53ArgumentxxxxpredictiveLow
54ArgumentxxxxxxxxpredictiveMedium
55Argumentxxxx_xxxxxxpredictiveMedium
56Argumentxxxx-xxxx-xxxxxxxxpredictiveHigh
57Argumentxx_xxxxxxpredictiveMedium
58ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
59ArgumentxxxxxxxpredictiveLow
60ArgumentxxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxpredictiveLow
63ArgumentxxxxxxxxxxxxxxpredictiveHigh
64Argumentxxx_xxxxpredictiveMedium
65ArgumentxxxxxxxxxxpredictiveMedium
66ArgumentxxxpredictiveLow
67ArgumentxxxxxxxxxxxxxxxpredictiveHigh
68Network Portxxx/xx (xxx)predictiveMedium
69Network Portxxx/xxxxxpredictiveMedium
70Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!