GRU Analysis

IOB - Indicator of Behavior (400)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en272
ru76
de24
es14
fr6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ru160
us146
ro46
fr6
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows10
Oracle MySQL Server10
Apache HTTP Server8
Apple macOS8
Mozilla Firefox6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2Cisco CX Cloud Agent permission7.17.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2023-20044
3nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.32CVE-2020-12440
4Zyxel ATP/USG FLEX/VPN Logs Page cross site scripting3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.000470.02CVE-2023-27990
5PHP PHAR phar_dir_read buffer overflow8.28.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000830.05CVE-2023-3824
6AMD CPU ASP memory corruption5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000630.03CVE-2022-23813
7Fortinet FortiClientEMS hard-coded key6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000620.00CVE-2021-41028
8Microsoft Excel/Office/PowerPoint/Publisher/Visio/Word/Skype Remote Code Execution7.36.7$5k-$25k$0-$5kUnprovenOfficial Fix0.000500.03CVE-2024-20673
9AMD CPU random values2.62.6$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2021-26407
10Fortinet FSSO Collector UDP Login Notification Packet improper authentication6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.04CVE-2021-26088
11Asus RT-AX56U Profile Configuration out-of-bounds write8.88.6$0-$5k$0-$5kNot DefinedNot Defined0.000730.00CVE-2022-23973
12ISC BIND named allocation of resources7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000520.03CVE-2023-6516
13Microsoft Windows DNS Client denial of service7.56.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.000900.04CVE-2024-21342
14TRENDnet TEW-815DAP POST Request do_setNTP command injection8.38.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000580.06CVE-2024-0919
15Linux-PAM pam_namespace.so protect_dir denial of service3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.04CVE-2024-22365
16Oracle MySQL Server Options denial of service4.44.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.04CVE-2024-20968
17Oracle MySQL Server RAPID denial of service6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.07CVE-2024-20960
18Google Go net-http information disclosure4.84.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000520.03CVE-2023-39326
19AMI AptioV BMP Logo unrestricted upload7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2023-39538
201C:Enterprise URL Parameter information disclosure5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.001680.04CVE-2021-3131

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (118)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/?ajax-request=jnewspredictiveHigh
3File/admin/students/view_student.phppredictiveHigh
4File/admin_ping.htmpredictiveHigh
5File/CommunitySSORedirect.jsppredictiveHigh
6File/loginLess/../../etc/passwdpredictiveHigh
7File/see_more_details.phppredictiveHigh
8File/system/proxypredictiveHigh
9File/uncpath/predictiveMedium
10File/usr/local/nagios/bin/npcdpredictiveHigh
11Fileaccountancy/customer/card.phppredictiveHigh
12Fileaddentry.phppredictiveMedium
13Fileadd_comment.phppredictiveHigh
14Fileadmin.phppredictiveMedium
15Fileadmin/create-package.phppredictiveHigh
16Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
17Filexxxxxxx.xxxpredictiveMedium
18Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
19Filexxxxxx.xxxpredictiveMedium
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
22Filexxxxxxx.xxxxx.xxxpredictiveHigh
23Filexxxxxxxxxxxx.xxxpredictiveHigh
24Filexxxxx.xxxpredictiveMedium
25Filexxxxxxxxxxxxx/xxxxxx/xxxxxxxxxxx/xxxx_xxx.xxxpredictiveHigh
26Filexxxxxxxxxxxxx/xxxxxx/xxxx/xxxx.xxxpredictiveHigh
27Filexxx/xxxxxx/xxxxxx.xpredictiveHigh
28Filexxxxxxxxx.xxxpredictiveHigh
29Filexxx/xxxxxxxxx-xxxxx.xxxpredictiveHigh
30Filexxx/xxxxxx.xxxpredictiveHigh
31Filexxxxx.xxxpredictiveMedium
32Filexxxx_xxxx.xxxpredictiveHigh
33Filexxxx_xxxxxx/xxxxxxxxx.xxpredictiveHigh
34Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxx/xxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
36Filexxxxx.xxxpredictiveMedium
37Filexxxxx.xxxxpredictiveMedium
38Filexxx_xxx.xpredictiveMedium
39Filexxxx_xxxxxx.xxxpredictiveHigh
40Filexxx_xxxxxxxxx.xxpredictiveHigh
41Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
42Filexxxx.xxxpredictiveMedium
43Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
44Filexxxxxxxx.xxxpredictiveMedium
45Filexxxxxxx.xxxpredictiveMedium
46Filexxxxxx_xxxxxxx.xxxpredictiveHigh
47Filexxxx_xxxxxx.xxxpredictiveHigh
48Filexxxxxxxxx xxxxxpredictiveHigh
49Filexxxxx/xxxxxxxxxxxx/xxxxx.xxxxpredictiveHigh
50Filexxxxxx_xxx/xxxxpredictiveHigh
51Filexxxxxx_xxxxxxxx.xxxpredictiveHigh
52Filexxxxxxxx.xxxpredictiveMedium
53Filexxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxxx.xxxpredictiveMedium
55Filexxxx_xxx_xxx_xxxx.xxxpredictiveHigh
56Filexxxxxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxx/xxxxxxxxxxx/xxxxx_xxxxxx.xxxpredictiveHigh
58Filexx-xxxxx/xxxxx.xxxpredictiveHigh
59Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
60Filexx-xxxxx.xxxpredictiveMedium
61Filexx-xxxxxxxxxxx.xxxpredictiveHigh
62File~/xxxx-xxxxxxx.xxxpredictiveHigh
63Libraryxxxxxxx.xxxpredictiveMedium
64Libraryxxx.xxxpredictiveLow
65Libraryxxx/xxxx.xxpredictiveMedium
66Libraryxxx/xxxxx/xxxxxxxx.xxpredictiveHigh
67Argument$xxx_xxxx_xxxx)predictiveHigh
68Argument*xxxxpredictiveLow
69ArgumentxxxxxxxxxxxpredictiveMedium
70ArgumentxxxxxxpredictiveLow
71Argumentxxx_xxxxx_xxxxpredictiveHigh
72ArgumentxxxxxxxxpredictiveMedium
73ArgumentxxxpredictiveLow
74ArgumentxxxxxpredictiveLow
75Argumentxxx_xxpredictiveLow
76ArgumentxxxxpredictiveLow
77ArgumentxxxpredictiveLow
78Argumentxxxx_xxpredictiveLow
79ArgumentxxxxxxxpredictiveLow
80ArgumentxxxxxxxxxpredictiveMedium
81ArgumentxxxpredictiveLow
82ArgumentxxxxxxxxpredictiveMedium
83Argumentxxxx_xxxxpredictiveMedium
84ArgumentxxxxxxpredictiveLow
85ArgumentxxxxpredictiveLow
86ArgumentxxxxpredictiveLow
87ArgumentxxpredictiveLow
88Argumentxxxx_xxxx/xxxx_xxxxpredictiveHigh
89ArgumentxxxxxxxxpredictiveMedium
90Argumentxxxxxxxx_xxxxpredictiveHigh
91Argumentxxxxxx_xxxx_xxxpredictiveHigh
92Argumentxxxxxx_xxpredictiveMedium
93ArgumentxxxpredictiveLow
94ArgumentxxxxpredictiveLow
95Argumentxxxx[]predictiveLow
96ArgumentxxxpredictiveLow
97Argumentxxxxxxxxxxx/xxxxxxxxxpredictiveHigh
98Argumentxxxxx_xxpredictiveMedium
99Argumentxxxxx_xx/xxxxxpredictiveHigh
100ArgumentxxxpredictiveLow
101ArgumentxxxxxpredictiveLow
102ArgumentxxxxxxxxxxxpredictiveMedium
103Argumentxxxxxx_xxpredictiveMedium
104ArgumentxxxxxxxxxpredictiveMedium
105Argumentxxxxxx_xxpredictiveMedium
106Argumentxxx-xxxxxxpredictiveMedium
107ArgumentxxxpredictiveLow
108Argumentxxxxxxxxx_xxxxxx_xxxpredictiveHigh
109ArgumentxxxxpredictiveLow
110ArgumentxxxpredictiveLow
111ArgumentxxxxxxpredictiveLow
112ArgumentxxxxxxxxpredictiveMedium
113Argumentxxxxxx_xxxxxxpredictiveHigh
114Input Value../predictiveLow
115Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
116Input Valuexxx%xx(xxxxxx*xxxx(xxxxxx(xxxxx(x)))x)predictiveHigh
117Network Portxxx/xx (xxxxxx)predictiveHigh
118Network Portxxx/xx (xxx)predictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!