Generickdz Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (152)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	122
de	8
fr	6
pl	4
es	4

Country

US: USA	90
CA: Canada	18
GB: Great Britain	6
FR: France	6
DE: Germany	6

Actors

Generickdz	8
Glupteba	5
Cobalt Strike	2
IcedID	2
GandCrab	2

Activities

Interest

Timeline

Type

Not Defined	44
Forum Software	8
Operating System	8
Programming Language Software	6
Web Browser	4

Vendor

Not Defined	44
Microsoft	6
IBM	4
Petwant	4
Zoho ManageEngine	2

Product

Microsoft Windows	4
Petwant PF-103	4
Petwant Petalk AI	4
Microsoft Internet Explorer	2
BlueZ	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00501	0.00	CVE-2004-2175
2	Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00526	0.04	CVE-2011-0643
3	OpenSSH Authentication Username information disclosure	5.3	4.8	$5k-$25k	$0-$5k	High	Official Fix	0.10737	0.38	CVE-2016-6210
4	212cafe 212cafeboard view.php sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00064	0.04	CVE-2008-4713
5	Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog os command injection	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06887	0.04	CVE-2019-17364
6	Petwant PF-103/Petalk AI libcommon.so processCommandSetMac os command injection	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06887	0.00	CVE-2019-16737
7	Apple macOS Login Window state issue	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00064	0.05	CVE-2021-30702
8	Microsoft IIS cross site scripting	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00548	0.17	CVE-2017-0055
9	PhotoPost PHP Pro showproduct.php sql injection	9.8	9.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00276	0.06	CVE-2004-0250
10	Floosietek FTGate memory corruption	10.0	9.0	$0-$5k	Calculating	Proof-of-Concept	Official Fix	0.23839	0.02	CVE-2005-3640
11	Aboleo.net Portmon privileges management	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00042	0.07	CVE-2003-0448
12	Sun MySQL MS DOS Device Name denial of service	7.5	7.1	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.07050	0.04	CVE-2005-0799
13	PHP Link Directory Administration Page index.html cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00399	0.00	CVE-2007-0529
14	BitTorrent uTorrent Bencoding Parser input validation	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00867	0.04	CVE-2020-8437
15	MDaemon Webmail cross site scripting	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00072	0.03	CVE-2019-8983
16	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	Calculating	High	Workaround	0.02016	0.00	CVE-2007-1192
17	Synology DiskStation Manager Change Password password recovery	7.1	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00068	0.03	CVE-2018-8916
18	Webmin Package Updates Module update.cgi command injection	8.8	8.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.16211	0.03	CVE-2019-12840
19	Totolink LR1200GB Web Interface cstecgi.cgi loginAuth stack-based overflow	9.8	9.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.04	CVE-2024-1783
20	PHP unserialize use after free	8.5	8.2	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.20110	0.04	CVE-2015-6834

IOC - Indicator of Compromise (70)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	5.9.72.48	cpanelbk.pcready.me	Generickdz	05/05/2022	verified	Medium
2	12.167.151.118		Generickdz	05/05/2022	verified	Medium
3	23.12.144.134	a23-12-144-134.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
4	23.12.144.141	a23-12-144-141.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
5	23.207.202.8	a23-207-202-8.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
6	23.207.202.25	a23-207-202-25.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
7	23.207.202.50	a23-207-202-50.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
8	23.207.202.61	a23-207-202-61.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
9	23.221.227.169	a23-221-227-169.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
10	23.221.227.172	a23-221-227-172.deploy.static.akamaitechnologies.com	Generickdz	10/02/2023	verified	Very High
11	37.1.193.43	1.1.1.1	Generickdz	05/05/2022	verified	Medium
12	40.112.72.205		Generickdz	05/05/2022	verified	Medium
13	43.230.143.219		Generickdz	04/08/2022	verified	Medium
14	43.231.4.7		Generickdz	05/05/2022	verified	Medium
15	XX.XX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
16	XX.XXX.XX.XX	xxxxxxxx.xx-xx-xxx-xx.xx	Xxxxxxxxxx	05/04/2022	verified	Medium
17	XX.X.XXX.XX	xxx-xx-x-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Low
18	XX.XX.X.XXX		Xxxxxxxxxx	05/05/2022	verified	Medium
19	XX.XX.XX.XX		Xxxxxxxxxx	04/12/2022	verified	Medium
20	XX.XXX.XXX.XX	xx-xx-xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
21	XX.XXX.XXX.XXX		Xxxxxxxxxx	05/04/2022	verified	Medium
22	XX.XX.XXX.XX	xxxxx.xxxxxxx.xx	Xxxxxxxxxx	04/08/2022	verified	Medium
23	XX.XXX.XXX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
24	XX.XXX.XX.XXX		Xxxxxxxxxx	04/12/2022	verified	Medium
25	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
26	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
27	XX.XXX.XX.XXX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
28	XX.XXX.XX.XX	xx.xxxxx.xxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
29	XX.XX.XX.XX	xxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxxx	05/05/2022	verified	Medium
30	XX.XXX.XXX.XX	xxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxx	04/08/2022	verified	Medium
31	XX.XXX.XX.XXX	xxxxx.xxxxxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Medium
32	XX.XXX.XXX.XXX	xxxxxxx.xxxxxxxxx.xx	Xxxxxxxxxx	04/08/2022	verified	Medium
33	XX.XXX.XXX.XXX		Xxxxxxxxxx	04/08/2022	verified	Medium
34	XXX.XX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
35	XXX.XX.XX.XXX		Xxxxxxxxxx	05/05/2022	verified	Medium
36	XXX.XX.XXX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
37	XXX.XX.XXX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
38	XXX.XX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
39	XXX.XX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
40	XXX.XXX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
41	XXX.XXX.XXX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	10/02/2023	verified	High
42	XXX.XXX.XXX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	10/02/2023	verified	High
43	XXX.XX.XXX.XXX		Xxxxxxxxxx	04/08/2022	verified	Medium
44	XXX.X.XXX.XXX		Xxxxxxxxxx	05/05/2022	verified	Medium
45	XXX.X.XXX.XX		Xxxxxxxxxx	04/08/2022	verified	Medium
46	XXX.XXX.XX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
47	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
48	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxxx	05/05/2022	verified	Medium
49	XXX.XXX.XX.XX	xxxxxxxxx-xx-xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
50	XXX.XXX.XX.XXX	xxxxxxxxx-xxx-xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
51	XXX.XXX.X.XXX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
52	XXX.XXX.X.XXX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
53	XXX.XXX.XXX.XXX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
54	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
55	XXX.XXX.XX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
56	XXX.XXX.XX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
57	XXX.XX.XXX.XX	xxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Low
58	XXX.XX.XX.XXX	xxx-xxxxxx.xxxxxx-xx-xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Low
59	XXX.XXX.XXX.XX		Xxxxxxxxxx	05/05/2022	verified	Medium
60	XXX.XX.XX.XXX	xxxxxxxx.xxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	04/08/2022	verified	Low
61	XXX.X.XX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	10/02/2023	verified	High
62	XXX.X.XX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	10/02/2023	verified	High
63	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
64	XXX.XX.XXX.XXX		Xxxxxxxxxx	05/05/2022	verified	Medium
65	XXX.XX.XXX.XXX	xxx.xxxxxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
66	XXX.XX.XXX.X	xx-xxx.xxx	Xxxxxxxxxx	05/04/2022	verified	Medium
67	XXX.XXX.XX.XX		Xxxxxxxxxx	05/04/2022	verified	Medium
68	XXX.XXX.XX.XX	xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
69	XXX.XXX.XXX.XX	xxxxxxxxxx.xxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	05/05/2022	verified	Medium
70	XXX.XXX.XXX.XXX		Xxxxxxxxxx	05/05/2022	verified	Medium

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
8	TXXXX	CAPEC-	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
9	TXXXX	CAPEC-	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
10	TXXXX	CAPEC-108	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	High
11	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	High
12	TXXXX	CAPEC-50	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
13	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
14	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
15	TXXXX.XXX	CAPEC-112	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	High
16	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin/departments/view_department.php	predictive	High
2	File	/aux	predictive	Low
3	File	/cgi-bin/cstecgi.cgi	predictive	High
4	File	/etc/sudoers	predictive	Medium
5	File	/items/view_item.php	predictive	High
6	File	/pages/processlogin.php	predictive	High
7	File	/uncpath/	predictive	Medium
8	File	/way4acs/enroll	predictive	High
9	File	admin/conf_users_edit.php	predictive	High
10	File	xxxxxxxxxxxx.xxx	predictive	High
11	File	xxx.xxx	predictive	Low
12	File	xxxxxxxx.xxx	predictive	Medium
13	File	xxxxxxxxxxxx.xxx	predictive	High
14	File	xxxxxxxx/xxxxxxxxxx.xxxx	predictive	High
15	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
16	File	xxxxxx.xxx	predictive	Medium
17	File	xxxx.xxx	predictive	Medium
18	File	xxxxxxxxxxx/xxxxx.xxx	predictive	High
19	File	xxxxxxxxxxxxxxxx.xxx	predictive	High
20	File	xxxxxxx.xxx	predictive	Medium
21	File	xxxxxxxxxx.xxx	predictive	High
22	File	xxxxx.xxxx	predictive	Medium
23	File	xxxxx.xxx	predictive	Medium
24	File	xxxxx.xxx?x=/xxxx/xxxxxxxx	predictive	High
25	File	xxxxx/xxxxxxxx.x	predictive	High
26	File	xxxxxxxxx.xx	predictive	Medium
27	File	xxxxx.xxx	predictive	Medium
28	File	xxxx.xxx	predictive	Medium
29	File	xxxx_xxxx.xxx	predictive	High
30	File	xxx.xx	predictive	Low
31	File	xxxxxxx_xxx_xxxxx_xxxxxx.xxxx	predictive	High
32	File	xxxx_xxxxxxxxx.xxx	predictive	High
33	File	xxxx-xxxxxx.x	predictive	High
34	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	High
35	File	xxxxxxxxxxx.xxx	predictive	High
36	File	xxxxxx.xxx	predictive	Medium
37	File	xxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxx	predictive	High
38	File	xxxx.xxx	predictive	Medium
39	File	xxxxxxxx.xxx	predictive	Medium
40	File	xx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxx	predictive	High
41	File	xxxxxx.xxx	predictive	Medium
42	File	~/xxx/xxxx-xxxxxxxxx.xxx	predictive	High
43	Argument	-x/-x	predictive	Low
44	Argument	xxx	predictive	Low
45	Argument	xxxxxxxx	predictive	Medium
46	Argument	xxxxx	predictive	Low
47	Argument	xxx_xx	predictive	Low
48	Argument	xx_xx	predictive	Low
49	Argument	xxxx	predictive	Low
50	Argument	xxxx_xxxxxx	predictive	Medium
51	Argument	xxxxx	predictive	Low
52	Argument	xxxxxxxx	predictive	Medium
53	Argument	xxxx_xxxxxxxx_xxxx	predictive	High
54	Argument	xxxx_xxxx	predictive	Medium
55	Argument	xx	predictive	Low
56	Argument	xxxxxxx_xxx	predictive	Medium
57	Argument	xxxx_xx	predictive	Low
58	Argument	xxxx	predictive	Low
59	Argument	xxxxx	predictive	Low
60	Argument	xxxxx	predictive	Low
61	Argument	xxxxxxxx	predictive	Medium
62	Argument	xxx	predictive	Low
63	Argument	xxx	predictive	Low
64	Argument	xxxxxxxxxxxxxxxx	predictive	High
65	Argument	xxx	predictive	Low
66	Argument	xxxx	predictive	Low
67	Input Value	.%xx.../.%xx.../	predictive	High
68	Input Value	xxxx://xxx.xxxxxxx.xxx/xxxxxxxx.xxx?xxxxxxxxxxx=xxx	predictive	High

References (8)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!