HelloXD Analysisinfo

IOB - Indicator of Behavior (200)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en164
ru24
de6
it4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apache HTTP Server10
Microsoft IIS8
Microsoft Windows8
Wireless IP Camera 3606
Grafana4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1F21 JWT Signature JWT.php input validation7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.003070.00CVE-2015-2951
2Apple iOS/iPadOS IOMobileFrameBuffer memory corruption7.87.5$25k-$100k$5k-$25kHighOfficial Fix0.003150.03CVE-2022-22587
3Famatech Remote Administrator improper authentication7.37.1$0-$5k$0-$5kNot DefinedWorkaround0.000000.08
4systemd-resolved DNS Response input validation6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.007060.00CVE-2017-9217
5AnyDesk Portable Mode gcapi.dll uncontrolled search path6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000600.00CVE-2020-35483
6guzzlehttp psr7 HTTP Message interpretation conflict5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.003030.07CVE-2023-29197
7FreeBSD Ping pr_pack stack-based overflow7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2022-23093
8SourceCodester Garage Management System editbrand.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000980.08CVE-2022-2468
9Endian UTM Firewall changepw.cgi cross-site request forgery4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00
10Gitea permission6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005950.00CVE-2021-45327
11Microsoft Windows Installer Privilege Escalation8.37.5$100k and more$0-$5kProof-of-ConceptOfficial Fix0.000430.04CVE-2021-43883
12Apache Guacamole Connection History permission4.94.9$5k-$25k$5k-$25kNot DefinedNot Defined0.000660.04CVE-2020-11997
13Wireless IP Camera 360 Service Port 9527 hard-coded credentials7.57.4$0-$5k$0-$5kNot DefinedWorkaround0.012010.04CVE-2017-11634
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.24CVE-2020-12440
15Linux Kernel use after free7.47.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2023-0461
16Hughes mSQL memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.015980.00CVE-1999-0276
17Xiaomi Router command injection7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.001000.00CVE-2023-26320
18Dreamer CMS Password Hash Calculation UserController.java updatePwd algorithmic complexity5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001500.00CVE-2023-2473
19iamdroppy phoenixcf articles.cfm sql injection6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001730.17CVE-2011-10001
20Creative Minds CM Download Manager Plugin deletescreenshot cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.001240.00CVE-2020-24145

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (72)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.bash_historypredictiveHigh
2File.procmailrcpredictiveMedium
3File/+CSCOE+/logon.htmlpredictiveHigh
4File/cgi-bin/changepw.cgipredictiveHigh
5File/debug/pprofpredictiveMedium
6File/editbrand.phppredictiveHigh
7File/etc/raspap/hostapd/enablelog.shpredictiveHigh
8File/infusions/shoutbox_panel/shoutbox_admin.phppredictiveHigh
9File/xxx/xxxxxpredictiveMedium
10File/xxxxxxx/xxxpredictiveMedium
11File/xxxxxxx/predictiveMedium
12Filexxxxx_xxxxxxxx.xxxpredictiveHigh
13Filexxxxxxx.xxxpredictiveMedium
14Filexxxxx-xx-xxxxxx-xxxxx.xxxpredictiveHigh
15Filexxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx/x-xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
17Filexxxxxxxxxxxxxxxxxx.xxpredictiveHigh
18Filexxxxxx.xxxpredictiveMedium
19Filexxxxxxx/xxx/xxx-xxx.xpredictiveHigh
20Filexxxxxx.xpredictiveMedium
21Filexxxxxxx.xxxpredictiveMedium
22Filexx/xxx/xxxxxxx/xxxxxx.xxx/xxxxxxxxxxxx.xxxpredictiveHigh
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxxxx/xxxx/xxxx.xxpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxxxxxx/xx/xxxx_xxxxxx.xxpredictiveHigh
27Filexxx/xxxxxxx/xxx/xxxxxx/xxxxxxx/xxx.xxx.xxxxxxxxxxxxxx.xxxxx.xxxxxxxpredictiveHigh
28Filexxx.xxxpredictiveLow
29Filexxxxxxxx.xpredictiveMedium
30Filexxxxxxxxxx/xxxxxxx.xpredictiveHigh
31Filexxxxx.xxxxpredictiveMedium
32Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveHigh
33Filexxxxxxxx.xxxpredictiveMedium
34Filexxxxxx/xxxxxx/xxxxxxpredictiveHigh
35Filexxxxxxxx.xpredictiveMedium
36Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveHigh
37Filexxx_xxxxx_xxx.xpredictiveHigh
38Filexxx.xxxpredictiveLow
39Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
40Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
41Filexxxxxxx.xxxpredictiveMedium
42Filexxxx.xxxxx.xxxxxxpredictiveHigh
43Filexxxxx-xxxxxx.xxxpredictiveHigh
44Filexxxx.xxxpredictiveMedium
45Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
46Libraryxxxxx.xxxpredictiveMedium
47Libraryxxx/xxxxxx/xxxxxxxxx/xxxxxxx.xxpredictiveHigh
48Libraryxxxx.xxxxxpredictiveMedium
49Argument$xxxxxx/$xxxxxxxxxxx_xxxx/$xxxxx_xxxxx/$xxxxx_xxxxpredictiveHigh
50ArgumentxxxxxxxxpredictiveMedium
51ArgumentxxxxxxxxpredictiveMedium
52Argumentxxx_xxpredictiveLow
53ArgumentxxxxxxxxxxpredictiveMedium
54ArgumentxxxxpredictiveLow
55ArgumentxxpredictiveLow
56ArgumentxxxxxxxxxxxxxpredictiveHigh
57ArgumentxxpredictiveLow
58Argumentxxxx_xxpredictiveLow
59Argumentxxx-xx-xxxxxxxx-xxxxxpredictiveHigh
60ArgumentxxxxxxxxpredictiveMedium
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxxpredictiveLow
63Argumentxxxxxxx_xxxxpredictiveMedium
64Argumentxxxx_xxpredictiveLow
65ArgumentxxxxxxpredictiveLow
66Argumentxxxxxx_xxxxpredictiveMedium
67ArgumentxxxxxpredictiveLow
68Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
69Input ValuexxxxxxpredictiveLow
70Pattern|xx|xx|xx|predictiveMedium
71Network Portxxx/xxxxpredictiveMedium
72Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!