Gallmaker Analysis

IOB - Indicator of Behavior (115)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en104
zh8
ru4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

la74
us18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Moodle6
Linux Kernel4
CodeIgniter4
Microsoft Office4
Adobe ColdFusion4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.02945CVE-2010-5048
2Microsoft Office Remote Code Execution7.06.1$5k-$25k$0-$5kUnprovenOfficial Fix0.060.01528CVE-2023-21735
3Alt-N MDaemon Worldclient injection4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.10855CVE-2021-27182
4CouchCMS mysql2i.func.php Path information disclosure3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.010.00000CVE-2019-1010042
5Esri ArcGIS Server sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2021-29114
6Shenzhen Yunni Technology iLnkP2P UID Generator Random cryptographic issues7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.020.01055CVE-2019-11219
7Cisco Linksys Router tmUnblock.cgi privileges management9.89.2$25k-$100k$0-$5kHighWorkaround0.000.00000
8Appnitro Machform File Upload view.php unrestricted upload7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.01213CVE-2013-4949
9Qualcomm Snapdragon Compute information disclosure6.26.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2022-25653
10PHPUnit HTTP POST eval-stdin.php code injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.170.88682CVE-2017-9841
11DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.580.04187CVE-2010-0966
12Microsoft Exchange Server Privilege Escalation8.37.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.170.01150CVE-2023-21764
13SalesForce Tableau Server Administration Agent path traversal8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.070.01156CVE-2022-22128
14Strapi Admin Panel authorization5.65.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00890CVE-2021-28128
15Xampp Installation default permission6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.040.01086CVE-2022-29376
16CodeIgniter DB_query_builder.php sql injection8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.090.00885CVE-2022-40835
17ZZZCMS zzzphp File Upload unrestricted upload7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2019-16720
18M-Files Server/Web excessive authentication5.05.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-41807
19Plesk Obsidian REST API commands cross-site request forgery4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2022-45130
20SAP BusinessObjects BI Platform Central Management Console/BI LaunchPad deserialization9.39.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2022-41203

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
194.140.116.124GallmakerverifiedHigh
2XX.XXX.XXX.XXXXxxxxxxxxverifiedHigh
3XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (67)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/dl_sendmail.phppredictiveHigh
2File/api/v2/cli/commandspredictiveHigh
3File/spip.phppredictiveMedium
4Fileadmin.jcomments.phppredictiveHigh
5Fileapplication/modules/admin/views/ecommerce/products.phppredictiveHigh
6Filebase/ErrorHandler.phppredictiveHigh
7Fileblog.phppredictiveMedium
8Filec4t64fx.cpredictiveMedium
9Filexxx-xxx/xxxxxpredictiveHigh
10Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
11Filexx.xxxpredictiveLow
12Filexxxxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxxx.xpredictiveHigh
13Filexxxx-xxxxxx.xxxpredictiveHigh
14Filexxxx.xxxpredictiveMedium
15Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxx/xxxxxx.xxxpredictiveHigh
17Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
20Filexxxxx.xxxpredictiveMedium
21Filexxxxxxxxx.xpredictiveMedium
22Filexx_xxxx.xpredictiveMedium
23Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveHigh
24Filexxxxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
27Filexxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx_xxxx.xxpredictiveHigh
28Filexxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.xpredictiveHigh
29Filexxxx_xxxxx.xxxxpredictiveHigh
30Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
31Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
32Filexxxx-xxxxx.xxxpredictiveHigh
33Filexxxxxxxxx.xxxpredictiveHigh
34Filexxxxxx.xxxpredictiveMedium
35Filexxxxxxx-xxxxx.xxxpredictiveHigh
36Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
37Filexxxx.xxxpredictiveMedium
38Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
39Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
40File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
41File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
42ArgumentxxxxxxxxpredictiveMedium
43Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveHigh
44Argumentxxxxx_xxxxpredictiveMedium
45ArgumentxxxpredictiveLow
46ArgumentxxxxxxxxxxxxxxxpredictiveHigh
47Argumentxxxxxxxxx_xxxxxxpredictiveHigh
48ArgumentxxxxxxxxxpredictiveMedium
49ArgumentxxxxpredictiveLow
50ArgumentxxxxxxxxpredictiveMedium
51Argumentxxxxxxx[xxxxxxx]predictiveHigh
52ArgumentxxpredictiveLow
53ArgumentxxxxpredictiveLow
54ArgumentxxxxpredictiveLow
55Argumentxxxxxx_xxxxxxpredictiveHigh
56Argumentxxxxxxxx_xxpredictiveMedium
57Argumentxxxxxx_xxxxxpredictiveMedium
58ArgumentxxxxxxpredictiveLow
59ArgumentxxxxxxxpredictiveLow
60Argumentxxxxx/xxxpredictiveMedium
61Argumentxxxx_xxpredictiveLow
62ArgumentxxxpredictiveLow
63ArgumentxxxxxxxxpredictiveMedium
64Argumentxxx:xxxxpredictiveMedium
65Argument_xxx_xxxxxxxxxxx_predictiveHigh
66Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
67Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!