Gallmaker Analysis

IOB - Indicator of Behavior (233)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en180
zh42
ru6
pl4
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

la198
us14
cn4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress6
Moodle6
Adobe ColdFusion6
Google Android4
Revive Adserver4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix3.950.01009CVE-2006-6168
2Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix3.330.00936CVE-2020-15906
3Drupal Sanitization API cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00056CVE-2020-13672
4LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.600.00000
5LiteSpeed Cache Plugin Shortcode cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00051CVE-2023-4372
6WebTitan Appliance Extensions Persistent cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
7ipTIME NAS-I Bulletin Manage unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00988CVE-2020-7847
8request-baskets API Request {name} server-side request forgery6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000.08109CVE-2023-27163
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.260.00943CVE-2010-0966
10PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.02101CVE-2007-1287
11nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
12Microsoft Windows Scripting Engine Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.32182CVE-2021-34480
13DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd resource injection4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00183CVE-2022-41479
14Basilix Webmail login.php3 command injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00000
15JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00489CVE-2010-5048
16Microsoft Office Remote Code Execution7.06.1$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00169CVE-2023-21735
17Alt-N MDaemon Worldclient injection4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00090CVE-2021-27182
18CouchCMS mysql2i.func.php Path information disclosure3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00241CVE-2019-1010042
19Esri ArcGIS Server sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00123CVE-2021-29114
20Shenzhen Yunni Technology iLnkP2P UID Generator Random cryptographic issues7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.030.00176CVE-2019-11219

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
194.140.116.124Gallmaker12/17/2020verifiedHigh
2XX.XXX.XXX.XXXXxxxxxxxx12/17/2020verifiedHigh
3XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx12/17/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/dl_sendmail.phppredictiveHigh
2File/api/baskets/{name}predictiveHigh
3File/api/v2/cli/commandspredictiveHigh
4File/DXR.axdpredictiveMedium
5File/forum/away.phppredictiveHigh
6File/novel/bookSetting/listpredictiveHigh
7File/novel/userFeedback/listpredictiveHigh
8File/owa/auth/logon.aspxpredictiveHigh
9File/spip.phppredictiveMedium
10File/zm/index.phppredictiveHigh
11Fileadclick.phppredictiveMedium
12Fileadmin.cropcanvas.phppredictiveHigh
13Fileadmin.jcomments.phppredictiveHigh
14Fileapplication/modules/admin/views/ecommerce/products.phppredictiveHigh
15Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxx.xxxpredictiveMedium
17Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveHigh
18Filexxxxxxx.xpredictiveMedium
19Filexxxx_xxxxxxx.xxxpredictiveHigh
20Filexxx-xxx/xxxxxpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveHigh
23Filexxxxx-xxxxxxx.xxxpredictiveHigh
24Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxxx\xxxx.xxxpredictiveHigh
26Filexxxxxxxxxxx.xxxpredictiveHigh
27Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
28Filexx.xxxpredictiveLow
29Filexxxxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxxx.xpredictiveHigh
30Filexxxx-xxxxxx.xxxpredictiveHigh
31Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
32Filexxxx.xxxpredictiveMedium
33Filexxxxx_xxxx.xxxpredictiveHigh
34Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
35Filexxx/xxxxxx.xxxpredictiveHigh
36Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
37Filexxxxx.xxxxpredictiveMedium
38Filexxxxx.xxxpredictiveMedium
39Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
40Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
41Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
42Filexxxx_xxxxxxx.xxxpredictiveHigh
43Filexxxxx.xxxxpredictiveMedium
44Filexxxxx.xxxpredictiveMedium
45Filexxxxxxxxx.xpredictiveMedium
46Filexx_xxxx.xpredictiveMedium
47Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveHigh
48Filexxxxxxx_xxxx.xxxpredictiveHigh
49Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxx.xxxpredictiveMedium
51Filexxxxxxxxxxxxxx.xxxpredictiveHigh
52Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
53Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
54Filexxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx_xxxx.xxpredictiveHigh
55Filexxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.xpredictiveHigh
56Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
57Filexxxxxxx_xxxxxx.xxxpredictiveHigh
58Filexxxx_xxxxx.xxxxpredictiveHigh
59Filexxx/xxxx/xxxxpredictiveHigh
60Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
61Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
62Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
63Filexxxx-xxxxx.xxxpredictiveHigh
64Filexxxx-xxxxxxxx.xxxpredictiveHigh
65Filexxxxxxxxx.xxxpredictiveHigh
66Filexxxxxx.xxxpredictiveMedium
67Filexxxxxxx-xxxxx.xxxpredictiveHigh
68Filexxxx_xxxxx.xxxpredictiveHigh
69Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
70Filexxxx.xxxpredictiveMedium
71Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
72Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
73Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
74Filexxxx.xxxpredictiveMedium
75File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
76File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
77Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveHigh
78Argumentxxx_xxxpredictiveLow
79ArgumentxxxxxxxxxpredictiveMedium
80ArgumentxxxxxxxxpredictiveMedium
81Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveHigh
82Argumentxxxxx_xxxxpredictiveMedium
83Argumentxxxx_xxx_xxxxpredictiveHigh
84ArgumentxxxxxxxxxxpredictiveMedium
85ArgumentxxxpredictiveLow
86ArgumentxxxxxxxxxxxxxxxpredictiveHigh
87ArgumentxxxxxxxxxxxxpredictiveMedium
88ArgumentxxxxpredictiveLow
89Argumentxxxxxxxxx_xxxxxxpredictiveHigh
90ArgumentxxxxxxxxxpredictiveMedium
91Argumentxx_xxxxxxxpredictiveMedium
92ArgumentxxxxpredictiveLow
93ArgumentxxxxxxxxpredictiveMedium
94Argumentxxxxxx_xxxxxpredictiveMedium
95Argumentxx_xxpredictiveLow
96Argumentxxxxxxx[xxxxxxx]predictiveHigh
97ArgumentxxxxxpredictiveLow
98ArgumentxxpredictiveLow
99ArgumentxxxxpredictiveLow
100ArgumentxxxxpredictiveLow
101Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
102ArgumentxxxxxxxpredictiveLow
103ArgumentxxxxpredictiveLow
104Argumentxxxxxx_xxxxxxpredictiveHigh
105ArgumentxxxpredictiveLow
106Argumentxxxxxxxx_xxpredictiveMedium
107Argumentxxxxxx_xxxxxpredictiveMedium
108ArgumentxxxxxxpredictiveLow
109Argumentxxxx_xxxxpredictiveMedium
110ArgumentxxxxpredictiveLow
111ArgumentxxxxxxxpredictiveLow
112ArgumentxxxpredictiveLow
113ArgumentxxxxxpredictiveLow
114Argumentxxxxx/xxxpredictiveMedium
115Argumentxxxx_xxpredictiveLow
116ArgumentxxxpredictiveLow
117ArgumentxxxxxxxxpredictiveMedium
118Argumentxxx:xxxxpredictiveMedium
119Argument_xxx_xxxxxxxxxxx_predictiveHigh
120Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
121Pattern|xx xx xx xx|predictiveHigh
122Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!