Genkryptik Analysisinfo

IOB - Indicator of Behavior (110)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en76
de18
pl6
fr4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows4
Microsoft IIS4
Python2
IBM Sterling B2B Integrator Standard Edition2
GNU GRUB2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.006100.00CVE-2004-2175
2NAVER Cloud Explorer file inclusion7.87.8$0-$5k$0-$5kNot definedNot defined 0.005040.00CVE-2020-9752
3NAVER Vaccine nsz Archive nsGreen.dll path traversal7.07.0$0-$5k$0-$5kNot definedNot defined 0.004290.00CVE-2019-13157
4GNU GRUB ext2.c grub_ext2_read_block memory corruption6.46.3$0-$5k$0-$5kNot definedOfficial fix 0.014470.00CVE-2017-9763
5PhotoPost PHP Pro showproduct.php sql injection9.89.4$0-$5k$0-$5kNot definedOfficial fix 0.008610.00CVE-2004-0250
6OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial fixexpected0.924870.08CVE-2016-6210
7BitTorrent uTorrent Bencoding Parser input validation6.46.4$0-$5k$0-$5kNot definedNot defined 0.207260.09CVE-2020-8437
8MDaemon Webmail cross site scripting5.45.3$0-$5k$0-$5kNot definedOfficial fix 0.003400.08CVE-2019-8983
9WIKINDX PAGING.php getPagingStart cross site scripting5.75.7$0-$5k$0-$5kNot definedNot defined 0.002800.00CVE-2019-13588
10Synology DiskStation Manager Change Password password recovery7.17.0$0-$5k$0-$5kNot definedOfficial fix 0.002330.03CVE-2018-8916
11Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.013870.00CVE-2017-0055
12gtk-vnc Framebuffer memory corruption8.58.2$0-$5k$0-$5kNot definedOfficial fix 0.017330.00CVE-2017-1000044
13Oracle MySQL Enterprise Monitor Apache Struts 2 memory corruption9.89.4$100k and more$0-$5kProof-of-ConceptOfficial fix 0.075170.00CVE-2016-4436
14PHP var_export information disclosure5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.086830.07CVE-2010-2531
15Wing FTP Server Admin Web Client default permission6.46.4$0-$5k$0-$5kNot definedNot defined 0.001340.08CVE-2023-37878
16Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot definedOfficial fixexpected0.869680.49CVE-2020-15906
17SharpZipLib path traversal6.86.6$0-$5k$0-$5kNot definedOfficial fix 0.020160.00CVE-2021-32840
18Apache HTTP Server mod_proxy_ajp request smuggling7.37.0$25k-$100k$5k-$25kNot definedOfficial fixpossible0.484080.06CVE-2022-26377
19Vinchin Backup and Recovery hard-coded credentials9.09.0$0-$5k$0-$5kNot definedNot defined 0.002820.00CVE-2022-35866
20Microsoft Exchange Server privilege escalation8.37.6$25k-$100k$5k-$25kUnprovenOfficial fix 0.160650.00CVE-2023-35388

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (50)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/Controller/Ajaxfileupload.ashxpredictiveHigh
2File/etc/sudoerspredictiveMedium
3File/uncpath/predictiveMedium
4Fileadmin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowserpredictiveHigh
5Filecat.phppredictiveLow
6Filecategory.cfmpredictiveMedium
7Filecore/lists/PAGING.phppredictiveHigh
8Filexxxxxx.xxxpredictiveMedium
9Filexxxx/xxxxx.xxxpredictiveHigh
10Filexxxxxxxxxxx/xxxxx.xxxpredictiveHigh
11Filexx/xxxx.xpredictiveMedium
12Filexxxxxxx.xxxpredictiveMedium
13Filexxxxx.xxxpredictiveMedium
14Filexxxxxxxxx/xx/xxx/xxxxxxx.xxpredictiveHigh
15Filexxxxx/xxxxxxxx.xpredictiveHigh
16Filexxxxxxx/xxxx.xxxpredictiveHigh
17Filexxxxxxx/xx.xpredictiveMedium
18Filexxx.xxpredictiveLow
19Filexxxxxxxx.xxxpredictiveMedium
20Filexxxxxxx_xxxxxxx_xxxx.xxxpredictiveHigh
21Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
22Filexxxx_xxxxxxxxx.xxxpredictiveHigh
23Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
24Filexxxxxxx.xxxpredictiveMedium
25Filexxxxxxxxxxx.xxxpredictiveHigh
26Filexxxx-xxxxx.xxxpredictiveHigh
27Filexxxx-xxxxxxxx.xxxpredictiveHigh
28Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
29Libraryxxxxxxxxxxxx_xxx.xxxpredictiveHigh
30Libraryxxxxxxx.xxxpredictiveMedium
31Libraryxxxxxxx.xxx.xx.xxxpredictiveHigh
32ArgumentxxxpredictiveLow
33ArgumentxxxxxpredictiveLow
34Argumentxxx_xxpredictiveLow
35ArgumentxxxpredictiveLow
36ArgumentxxxxxxxxxxpredictiveMedium
37ArgumentxxxxpredictiveLow
38ArgumentxxxxxxxxpredictiveMedium
39ArgumentxxpredictiveLow
40Argumentxxxx_xxpredictiveLow
41ArgumentxxxxxxxxpredictiveMedium
42ArgumentxxxxxpredictiveLow
43ArgumentxxxxxpredictiveLow
44ArgumentxxxxxxxxxxxpredictiveMedium
45ArgumentxxxxxxxxpredictiveMedium
46ArgumentxxpredictiveLow
47Argumentxxxxxxxx_xxpredictiveMedium
48ArgumentxxxxxxxxxxxxxxxpredictiveHigh
49ArgumentxxxxpredictiveLow
50Input Valuexxxxxxxx.+xxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!