Hploki Analysis

IOB - Indicator of Behavior (31)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en30
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us20
ru8
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Cisco Linksys Router2
Omron CX-One CX-Programmer2
Octopus2
Comcast MX011ANM2
Corel ActiveCGM Browser2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft Internet Explorer memory corruption7.16.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.05742CVE-2017-11856
2VISAGESOFT Expert Pdf Viewer Activex ActiveX Control VSPDFViewerX.ocx input validation9.18.9$0-$5k$0-$5kFunctionalUnavailable0.020.04482CVE-2008-4919
3Irfan Skiljan IrfanView LZW Compression memory corruption9.38.9$0-$5kCalculatingNot DefinedOfficial Fix0.000.07777CVE-2013-5351
4Yoast SEO Plugin class-gsc-table.php cross site scripting3.63.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01061CVE-2017-16842
5PHP URL Validation filter_var input validation5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.01018CVE-2021-21705
6Node.js zlib input validation6.46.1$0-$5kCalculatingNot DefinedOfficial Fix0.000.01213CVE-2017-14919
7Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2015-0988
8ZModo ZP-NE14-S/ZP-IBH-13W Telnet hard-coded credentials9.89.7$0-$5k$0-$5kNot DefinedWorkaround0.080.01055CVE-2016-5081
9Corel ActiveCGM Browser ActiveX Control acgm.dll memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.13217CVE-2007-2921
10Bochs ne2k.cc rx_frame memory corruption9.38.8$0-$5kCalculatingProof-of-ConceptNot Defined0.000.01282CVE-2007-2893
11Microsoft Windows Secondary Login CreateProcessWithLogon access control7.87.5$25k-$100k$0-$5kHighOfficial Fix0.060.03613CVE-2016-0099
12Comcast MX011ANM Web Inspector input validation6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2017-9497
13Cisco Linksys Router tmUnblock.cgi privileges management9.89.2$25k-$100k$0-$5kHighWorkaround0.030.00000
14AbleDating search_results.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.010.00986CVE-2008-6572
15FFmpeg MPEG File mpegvideodsp.c gmc_mmx out-of-bounds5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.060.01213CVE-2017-17081
16GNU binutils libbfd elf.c memory corruption6.46.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01055CVE-2017-17080
17Logitech Media Server favorite cross site scripting4.44.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.02437CVE-2017-16567
18Octopus cross site scripting4.44.2$0-$5kCalculatingNot DefinedOfficial Fix0.080.01055CVE-2017-16810
19CMS Made Simple Access Restriction action.upload.php is_file_acceptable cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.01055CVE-2017-16798
20Rockettheme Com Rokmodule index.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.01319CVE-2010-1479

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (19)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileadmin/google_search_console/class-gsc-table.phppredictiveHigh
2FileDevInfo.txtpredictiveMedium
3Fileelf.cpredictiveLow
4Filexxxxx.xxxpredictiveMedium
5Filexxxxx/xxxx.xxpredictiveHigh
6Filexxxxxxxxxx/xxx/xxxxxxxxxxxx.xpredictiveHigh
7Filexxxxxxx/xxxxxxxxxxx/xxxxxx.xxxxxx.xxxpredictiveHigh
8Filexxxxxx_xxxxxxx.xxxpredictiveHigh
9Filexxxxxxxxx.xxxpredictiveHigh
10Filexxxxxxxxxxxx.xxxpredictiveHigh
11Libraryxxxx.xxxpredictiveMedium
12Argumentxxxxxx_xxxxxxxx_xxxpredictiveHigh
13ArgumentxxxxxxxpredictiveLow
14ArgumentxxxxxxxxpredictiveMedium
15Argumentxxxx_xxpredictiveLow
16Argumentxxxxx/xxxxxxpredictiveMedium
17ArgumentxxxxxxxxxxpredictiveMedium
18Input Value<xxxxxxxxx>xxxpredictiveHigh
19Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!