Hunters International Analysisinfo

IOB - Indicator of Behavior (13)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Alfresco Reset Password Add-On2
Elementor Pro Plugin2
Google Chrome2
OpenSSH2
phpMyAdmin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1OpenSSH Authentication Username information disclosure5.34.8$10k-$25k$0-$1kHighOfficial fixexpected0.924870.07CVE-2016-6210
2Open5GS HTTP Request missing authentication6.46.4$1k-$2k$0-$1kNot definedNot defined 0.000560.00CVE-2023-4884
3WordPress path traversal5.75.5$5k-$10k$0-$1kProof-of-ConceptOfficial fixpossible0.714680.03CVE-2023-2745
4WordPress Scheduled Task wp-cron.php resource consumption5.55.5$5k-$10k$2k-$5kNot definedNot defined 0.030510.03CVE-2023-22622
5Bricks Plugin improper authentication8.68.5$1k-$2k$0-$1kNot definedNot definedexpected0.936350.07CVE-2024-25600
6Byzoro Smart S80 PHP File updatelib.php unrestricted upload7.57.3$1k-$2k$0-$1kProof-of-ConceptNot defined 0.000350.07CVE-2023-6274
7Google Chrome libGLESv2.dll getActiveUniformMaxLength numeric error10.09.5$50k-$100k$0-$1kNot definedOfficial fix 0.041690.00CVE-2011-1300
8Alfresco Reset Password Add-On input validation8.27.2$2k-$5k$0-$1kNot definedOfficial fix 0.002300.00CVE-2020-15181
9phpMyAdmin SearchController sql injection8.07.7$10k-$25k$0-$1kNot definedOfficial fixexpected0.800660.04CVE-2020-26935
10Apache HTTP Server ETag information disclosure5.35.1$10k-$25k$0-$1kNot definedOfficial fix 0.003210.03CVE-2003-1418
11Oracle GlassFish Server Java Server Faces access control5.35.2$10k-$25k$0-$1kNot definedOfficial fix 0.007340.07CVE-2018-3210
12Elementor Pro Plugin customize.php elementor-edit-template cross site scripting5.25.1$1k-$2k$0-$1kNot definedOfficial fix 0.006110.00CVE-2018-18379

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • CVE-2024-55591

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1192.155.106.11Hunters InternationalCVE-2024-5559103/30/2025verifiedVery High
2XXX.XXX.XXX.XXXxxxxxx Xxxxxxxxxxxxx02/06/2024verifiedHigh
3XXX.XXX.XXX.XXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxx XxxxxxxxxxxxxXxx-xxxx-xxxxx03/30/2025verifiedHigh

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/sysmanage/updatelib.phppredictiveHigh
2Filewp-admin/customize.phppredictiveHigh
3Filexx-xxxx.xxxpredictiveMedium
4Libraryxxxxxxxxx.xxxpredictiveHigh
5Argumentxxxx_xxxxxxpredictiveMedium
6ArgumentxxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!