Generickdz Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (151)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en120
de16
fr6
ru4
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA104
CA: Canada12
DE: Germany10
HU: Hungary4
JP: Japan2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Generickdz9
Glupteba5
GandCrab4
Tofsee2
IcedID2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined52
WordPress Plugin8
Programming Language Software6
Content Management System4
Web Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined42
Microsoft8
VMware4
IBM4
Chamilo2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft IIS4
VMware Spring Framework4
Popup Maker Plugin4
Lansweeper2
Chamilo LMS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.006100.00CVE-2004-2175
2Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot defined 0.000980.13CVE-2011-0643
3OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial fixexpected0.924870.65CVE-2016-6210
4212cafe 212cafeboard view.php sql injection7.37.1$0-$5k$0-$5kHighUnavailablepossible0.001440.02CVE-2008-4713
5Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog os command injection9.89.8$0-$5k$0-$5kNot definedNot defined 0.032530.05CVE-2019-17364
6Petwant PF-103/Petalk AI libcommon.so processCommandSetMac os command injection9.89.8$0-$5k$0-$5kNot definedNot defined 0.032530.00CVE-2019-16737
7Apple macOS Login Window state issue4.34.1$0-$5k$0-$5kNot definedOfficial fix 0.000540.00CVE-2021-30702
8Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.013870.13CVE-2017-0055
9PhotoPost PHP Pro showproduct.php sql injection9.89.4$0-$5k$0-$5kNot definedOfficial fix 0.008610.00CVE-2004-0250
10Floosietek FTGate memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.084480.02CVE-2005-3640
11Aboleo.net Portmon privileges management5.15.1$0-$5k$0-$5kNot definedNot defined 0.001120.03CVE-2003-0448
12Sun MySQL MS DOS Device Name denial of service7.57.1$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.018230.00CVE-2005-0799
13PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot definedNot defined 0.002850.52CVE-2007-0529
14BitTorrent uTorrent Bencoding Parser input validation6.46.4$0-$5k$0-$5kNot definedNot defined 0.207260.09CVE-2020-8437
15MDaemon Webmail cross site scripting5.45.3$0-$5k$0-$5kNot definedOfficial fix 0.003400.08CVE-2019-8983
16Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaroundpossible0.029560.00CVE-2007-1192
17Synology DiskStation Manager Change Password password recovery7.17.0$0-$5k$0-$5kNot definedOfficial fix 0.002330.03CVE-2018-8916
18Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot definedOfficial fixexpected0.869682.59CVE-2020-15906
19DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.009700.39CVE-2010-0966
20LiteSpeed Cache Plugin privileges assignment8.58.2$0-$5k$0-$5kProof-of-ConceptNot definedpossible0.542820.05CVE-2024-28000

IOC - Indicator of Compromise (70)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.9.72.48cpanelbk.pcready.meGenerickdz05/05/2022verifiedMedium
212.167.151.118Generickdz05/05/2022verifiedMedium
323.12.144.134a23-12-144-134.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
423.12.144.141a23-12-144-141.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
523.207.202.8a23-207-202-8.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
623.207.202.25a23-207-202-25.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
723.207.202.50a23-207-202-50.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
823.207.202.61a23-207-202-61.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
923.221.227.169a23-221-227-169.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
1023.221.227.172a23-221-227-172.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
1137.1.193.431.1.1.1Generickdz05/05/2022verifiedMedium
1240.112.72.205Generickdz05/05/2022verifiedMedium
1343.230.143.219Generickdz04/08/2022verifiedLow
1443.231.4.7Generickdz05/05/2022verifiedMedium
15XX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
16XX.XXX.XX.XXxxxxxxxx.xx-xx-xxx-xx.xxXxxxxxxxxx05/04/2022verifiedMedium
17XX.X.XXX.XXxxx-xx-x-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedVery Low
18XX.XX.X.XXXXxxxxxxxxx05/05/2022verifiedMedium
19XX.XX.XX.XXXxxxxxxxxx04/12/2022verifiedLow
20XX.XXX.XXX.XXxx-xx-xxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
21XX.XXX.XXX.XXXXxxxxxxxxx05/04/2022verifiedMedium
22XX.XX.XXX.XXxxxxx.xxxxxxx.xxXxxxxxxxxx04/08/2022verifiedLow
23XX.XXX.XXX.XXXxxxxxxxxx05/05/2022verifiedMedium
24XX.XXX.XX.XXXXxxxxxxxxx04/12/2022verifiedLow
25XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
26XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
27XX.XXX.XX.XXXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
28XX.XXX.XX.XXxx.xxxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
29XX.XX.XX.XXxxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx05/05/2022verifiedMedium
30XX.XXX.XXX.XXxxxxxxxx.xxxxx.xxx.xxXxxxxxxxxx04/08/2022verifiedLow
31XX.XXX.XX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedLow
32XX.XXX.XXX.XXXxxxxxxx.xxxxxxxxx.xxXxxxxxxxxx04/08/2022verifiedLow
33XX.XXX.XXX.XXXXxxxxxxxxx04/08/2022verifiedLow
34XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
35XXX.XX.XX.XXXXxxxxxxxxx05/05/2022verifiedMedium
36XXX.XX.XXX.XXXxxxxxxxxx05/05/2022verifiedMedium
37XXX.XX.XXX.XXXxxxxxxxxx05/05/2022verifiedMedium
38XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
39XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
40XXX.XXX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
41XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedMedium
42XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedMedium
43XXX.XX.XXX.XXXXxxxxxxxxx04/08/2022verifiedLow
44XXX.X.XXX.XXXXxxxxxxxxx05/05/2022verifiedMedium
45XXX.X.XXX.XXXxxxxxxxxx04/08/2022verifiedLow
46XXX.XXX.XX.XXXxxxxxxxxx05/05/2022verifiedMedium
47XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
48XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx05/05/2022verifiedMedium
49XXX.XXX.XX.XXxxxxxxxxx-xx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
50XXX.XXX.XX.XXXxxxxxxxxx-xxx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
51XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
52XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
53XXX.XXX.XXX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
54XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
55XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
56XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
57XXX.XX.XXX.XXxxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedLow
58XXX.XX.XX.XXXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxxxx05/05/2022verifiedLow
59XXX.XXX.XXX.XXXxxxxxxxxx05/05/2022verifiedMedium
60XXX.XX.XX.XXXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedVery Low
61XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedMedium
62XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedMedium
63XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
64XXX.XX.XXX.XXXXxxxxxxxxx05/05/2022verifiedMedium
65XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
66XXX.XX.XXX.Xxx-xxx.xxxXxxxxxxxxx05/04/2022verifiedMedium
67XXX.XXX.XX.XXXxxxxxxxxx05/04/2022verifiedMedium
68XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
69XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedMedium
70XXX.XXX.XXX.XXXXxxxxxxxxx05/05/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-XXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
16TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (69)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/departments/view_department.phppredictiveHigh
2File/auxpredictiveLow
3File/cgi-bin/cstecgi.cgipredictiveHigh
4File/etc/sudoerspredictiveMedium
5File/items/view_item.phppredictiveHigh
6File/pages/processlogin.phppredictiveHigh
7File/uncpath/predictiveMedium
8File/way4acs/enrollpredictiveHigh
9Fileadmin/conf_users_edit.phppredictiveHigh
10Filexxxxxxxxxxxx.xxxpredictiveHigh
11Filexxx.xxxpredictiveLow
12Filexxxxxxxx.xxxpredictiveMedium
13Filexxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
15Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxx.xxxpredictiveMedium
17Filexxxx.xxxpredictiveMedium
18Filexxxxxxxxxxx/xxxxx.xxxpredictiveHigh
19Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxxx.xxxpredictiveHigh
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxxxx.xxxxpredictiveMedium
24Filexxxxx.xxxpredictiveMedium
25Filexxxxx.xxx?x=/xxxx/xxxxxxxxpredictiveHigh
26Filexxxxx/xxxxxxxx.xpredictiveHigh
27Filexxxxxxxxx.xxpredictiveMedium
28Filexxxxx.xxxpredictiveMedium
29Filexxxx.xxxpredictiveMedium
30Filexxxx_xxxx.xxxpredictiveHigh
31Filexxx.xxpredictiveLow
32Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
33Filexxxx_xxxxxxxxx.xxxpredictiveHigh
34Filexxxx-xxxxxx.xpredictiveHigh
35Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
36Filexxxxxxxxxxx.xxxpredictiveHigh
37Filexxxx-xxxxx.xxxpredictiveHigh
38Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
39Filexxxx.xxxpredictiveMedium
40Filexxxxxxxx.xxxpredictiveMedium
41Filexx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxxpredictiveHigh
42Filexxxxxx.xxxpredictiveMedium
43File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
44Argument-x/-xpredictiveLow
45ArgumentxxxxxxxxpredictiveMedium
46ArgumentxxxpredictiveLow
47ArgumentxxxxxxxxpredictiveMedium
48ArgumentxxxxxpredictiveLow
49Argumentxxx_xxpredictiveLow
50Argumentxx_xxpredictiveLow
51Argumentxxxx_xxxxxxpredictiveMedium
52ArgumentxxxxxpredictiveLow
53ArgumentxxxxxxxxpredictiveMedium
54Argumentxxxx_xxxxxxxx_xxxxpredictiveHigh
55Argumentxxxx_xxxxpredictiveMedium
56ArgumentxxpredictiveLow
57Argumentxxxxxxx_xxxpredictiveMedium
58Argumentxxxx_xxpredictiveLow
59ArgumentxxxxpredictiveLow
60ArgumentxxxxxpredictiveLow
61ArgumentxxxxxpredictiveLow
62ArgumentxxxxxxxxpredictiveMedium
63ArgumentxxxpredictiveLow
64ArgumentxxxpredictiveLow
65ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
66ArgumentxxxpredictiveLow
67ArgumentxxxxpredictiveLow
68Input Value.%xx.../.%xx.../predictiveHigh
69Input Valuexxxx://xxx.xxxxxxx.xxx/xxxxxxxx.xxx?xxxxxxxxxxx=xxxpredictiveHigh

References (8)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!