Hive Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en10
fr1

Country

us5
ru3

Actors

Hive4
Astro Locker3
Silence2

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1F5 BIG-IP HTTP Proxy/SOCKS command injection7.77.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-6157
2NVIDIA Jetson Trusty malloc heap-based overflow8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-34372
3Dell PowerEdge T640 NVDIMM-N stack-based overflow4.24.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-21556
4Brocade SANnav IPv6 information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-15378
5Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.86CVE-2017-0055
6CentOS Web Panel ajax_admin_apis.php os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-15607
7CentOS Web Panel ajax_php_pecl.php os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2020-15433
8Linux Kernel V4L2 Subsystem vivid vivid_stop_generating_vid_cap race condition6.16.1$5k-$25k$0-$5kNot DefinedNot Defined0.03CVE-2019-18683
9Exim input validation8.57.9$5k-$25k$0-$5kFunctionalOfficial Fix0.08CVE-2019-10149
10vBulletin visitormessage.php code injection7.57.4$0-$5k$0-$5kHighUnavailable0.07CVE-2014-9463
11Discuz! DiscuzX spacecp_space.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2018-5375

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
191.208.52.149nl1.encryptedconnection.infoHiveverifiedHigh
2XXX.XX.XXX.XXXxxxverifiedHigh
3XXX.XX.XXX.XXXXxxxverifiedHigh
4XXX.XX.XXX.XXxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/uncpath/predictiveMedium
2Fileajax_admin_apis.phppredictiveHigh
3Filexxxx_xxx_xxxx.xxxpredictiveHigh
4Filexxxxxxx/xxxxx/xxxxxxxx/xxxxxpredictiveHigh
5Filexxxxxxx\xxxxxxx\xxxxxxx_xxxxx.xxxpredictiveHigh
6Filexxxxxxxxxxxxxx.xxxpredictiveHigh
7ArgumentxxxxxpredictiveLow
8ArgumentxxxxpredictiveLow
9ArgumentxxxxxxxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!