HyperBro Analysisinfo

IOB - Indicator of Behavior (120)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en88
zh14
ru12
de6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OpenSSH4
Microsoft Windows4
Google Chrome4
Microsoft Excel4
Synacor Zimbra Collaboration Suite4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
2MediaWiki Submission index.php cross site scripting5.85.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002420.04CVE-2012-4378
3CodeAstro Hospital Management System Add Patient Details Page his_admin_register_patient.php cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000840.12CVE-2024-11675
4RoundCube sql injection8.68.5$0-$5k$0-$5kHighOfficial Fix0.020180.05CVE-2021-44026
5Yoast SEO Plugin REST Endpoint posts information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001550.07CVE-2021-25118
6OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.068840.27CVE-2016-6210
7Vmware Workspace ONE Access/Identity Manager Template injection9.89.4$5k-$25k$0-$5kHighOfficial Fix0.974830.07CVE-2022-22954
8MinIO Admin API authentication bypass9.08.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000940.03CVE-2020-11012
9Microsoft Windows MSHTML path traversal8.68.2$25k-$100k$5k-$25kHighOfficial Fix0.969290.02CVE-2021-40444
10Fortinet FortiMail/FortiVoiceEntreprise Password Change improper authentication8.58.5$0-$5k$0-$5kHighNot Defined0.024610.00CVE-2020-9294
11jforum username User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.003180.03CVE-2019-7550
12Oracle WebLogic Server Core information disclosure6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.05CVE-2024-21006
13Apple M1 Register s3_5_c15_c10_1 M1RACLES access control8.88.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.06CVE-2021-30747
14Cellopoint Secure Email Gateway Packets stack-based overflow9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000880.03CVE-2024-9043
15Vivotek Network Camera upload_file.cgi unrestricted upload8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-26548
16Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection7.57.2$0-$5k$0-$5kProof-of-ConceptWorkaround0.766860.08CVE-2024-7120
17Sinatra Header code download6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.006120.00CVE-2022-45442
18JFrog Artifactory input validation8.58.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-4142
19Zimbra Collaboration Suite Document Endpoint cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.001140.00CVE-2023-45206
20Fortinet FortiOS SSL-VPN out-of-bounds write9.89.7$100k and more$25k-$100kHighOfficial Fix0.024890.04CVE-2024-21762

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
18.218.77.161HyperBro03/11/2023verifiedHigh
245.77.32.13945.77.32.139.vultrusercontent.comHyperBro03/29/2023verifiedMedium
345.77.250.14145.77.250.141.vultrusercontent.comHyperBro03/29/2023verifiedMedium
4XX.XX.XXX.XXXxx.xxx-x.xxXxxxxxxx03/30/2023verifiedHigh
5XX.XXX.XX.XXXXxxxxxxx04/01/2023verifiedHigh
6XX.XX.XXX.XXXXxxxxxxx03/30/2023verifiedHigh
7XXX.XX.XX.XXXXxxxxxxx03/29/2023verifiedHigh
8XXX.XX.XX.XXXxxxxxxx04/01/2023verifiedHigh
9XXX.XXX.XXX.XXXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxxx03/31/2023verifiedHigh
10XXX.XXX.XXX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx04/01/2023verifiedHigh
11XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxXxxxxxxx04/01/2023verifiedHigh
12XXX.XX.XXX.XXXXxxxxxxx03/11/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (62)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/backend/admin/his_admin_register_patient.phppredictiveHigh
3File/cgi-bin/cstecgi.cgipredictiveHigh
4File/debug/pprofpredictiveMedium
5File/h/predictiveLow
6File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
7File/public/launchNewWindow.jsppredictiveHigh
8File/xxxx/xxxx_xxxpredictiveHigh
9File/xxxx/xxxxxxxxxx.xxxpredictiveHigh
10File/xxxxxxx/predictiveMedium
11Filexxxxx/xxxxx_xxxx.xxxpredictiveHigh
12Filexxxxx/xxxxxxx/xxxxxx_xxxx/xxx_xxx.xxx?xxxxxxxxpredictiveHigh
13Filexxx/xxxxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
14Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxxxxx.xxxxpredictiveMedium
16Filexxxxx.xxxpredictiveMedium
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
19Filexxxxx.xxxpredictiveMedium
20Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
21Filexxxxxxxxxx/xxx/xxxxxx_xxxx.xxxpredictiveHigh
22Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
23Filexxx/xxxx.xxxpredictiveMedium
24Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
27Filexxxxxxxxxx.xxxpredictiveHigh
28Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
29Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
30Filexxxx.xpredictiveLow
31Filexxxx-xxxxxx.xpredictiveHigh
32Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
33Filexxxxxx_xxxx.xxxpredictiveHigh
34Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
35Filexx/xx/xxxxxpredictiveMedium
36File_xxxxxxxxx_xxxxxx_xxxxx___.xxxpredictiveHigh
37Libraryxxxxx.xxxpredictiveMedium
38Libraryxxxxxxx/xxx/xxxxxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
39Argumentxxxx_xxpredictiveLow
40Argumentxxxxxxx-xxxxxxxxxxxpredictiveHigh
41ArgumentxxxxxxxxpredictiveMedium
42ArgumentxxxxxxxxxpredictiveMedium
43ArgumentxxxxxxxxxxxpredictiveMedium
44Argumentxxxx_xxxxxxpredictiveMedium
45ArgumentxxxxxpredictiveLow
46ArgumentxxxxpredictiveLow
47ArgumentxxpredictiveLow
48ArgumentxxxpredictiveLow
49ArgumentxxxxxxxxxxpredictiveMedium
50Argumentxx_xxpredictiveLow
51ArgumentxxxxxxxxpredictiveMedium
52Argumentxxx_xxxxx/xxx_xxxxxxx/xxx_xxxxx/xxx_xxx/xxx_xxx/xxx_xxxxxx/xxx_xxxxx/xxx_xxxx/xxx_xxxxpredictiveHigh
53Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
54ArgumentxxxxxpredictiveLow
55ArgumentxxxxxxxpredictiveLow
56ArgumentxxxxxxxpredictiveLow
57ArgumentxxxxxxxxpredictiveMedium
58ArgumentxxxpredictiveLow
59ArgumentxxxxxxxpredictiveLow
60Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
61Argument_xxx_xxxxxxxxxxx_predictiveHigh
62Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!