Icloader Analysis

IOB - Indicator of Behavior (131)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en106
ru12
de8
es4
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ru100
us16
ua12
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows14
PHP Everywhere Plugin4
Lars Ellingsen Guestserver2
Supermicro H8dgu-f2
WooCommerce Instamojo Payment Gateway Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft Windows Advanced Local Procedure Call Privilege Escalation9.28.8$25k-$100k$5k-$25kHighOfficial Fix0.005590.00CVE-2023-21674
2IBM Security AppScan Enterprise Enterprise Source Database cryptographic issues9.88.5$5k-$25k$0-$5kUnprovenOfficial Fix0.000820.00CVE-2013-3989
3raspap-webgui activate_ovpncfg.php command injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.880690.00CVE-2022-39986
4Microsoft Windows Kernel Privilege Escalation7.26.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.000530.00CVE-2022-21881
5Microsoft Windows SMB Witness Service privileges management8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.001200.00CVE-2023-21549
6Microsoft SQL Server Privilege Escalation8.17.4$25k-$100k$0-$5kUnprovenOfficial Fix0.000430.05CVE-2022-23276
7PHP Everywhere Plugin Shortcode Privilege Escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001080.00CVE-2022-24663
8HP 3PAR Service Processor SP information disclosure4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.001100.00CVE-2015-5443
9Oracle Java SE/Java SE Embedded Deployment memory corruption10.09.5$25k-$100k$0-$5kNot DefinedOfficial Fix0.014720.03CVE-2013-5788
10WooCommerce PayU India Payment Gateway Plugin Purchase Price input validation6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.001140.05CVE-2019-14978
11WooCommerce Instamojo Payment Gateway Plugin Purchase amount Price input validation7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.002410.00CVE-2019-14977
12Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.09CVE-2017-0055
13Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.07CVE-2015-0988
14Apache HTTP Server smbvalid/smbval authensmb memory corruption10.09.5$25k-$100k$0-$5kNot DefinedOfficial Fix0.001330.02CVE-1999-1237
15Add Link to Facebook Plugin profile.php cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000570.03CVE-2018-5214
16openmosix libmosix.c this memory corruption4.04.0$0-$5k$0-$5kNot DefinedNot Defined0.000420.00CVE-2008-1865
17Netgate pfSense XML File config.xml restore_rrddata command injection5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.481340.00CVE-2023-27253
18User Post Gallery Plugin authorization8.58.4$0-$5k$0-$5kNot DefinedNot Defined0.051920.00CVE-2022-4060
19eSST Monitoring unrestricted upload7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.001160.00CVE-2023-41631
20Joomla Webservice Endpoint access control5.45.4$5k-$25k$5k-$25kHighNot Defined0.932080.00CVE-2023-23752

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (79)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ajax/openvpn/activate_ovpncfg.phppredictiveHigh
2File/objects/getImageMP4.phppredictiveHigh
3File/payu/icpcheckout/predictiveHigh
4File/uncpath/predictiveMedium
5Fileadmin.phppredictiveMedium
6Fileasn1fix_retrieve.cpredictiveHigh
7Filebigsam_guestbook.phppredictiveHigh
8Filebooks.phppredictiveMedium
9Filecard/pay/.../amountpredictiveHigh
10Filexxxxxxxx.xxxpredictiveMedium
11Filexxxxx.xxxpredictiveMedium
12Filexxxxxx.xxxpredictiveMedium
13Filexxxxxx.xxxpredictiveMedium
14Filexx/xx_xxxxxxx.xxxpredictiveHigh
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxxxxxx/xxxx/xxxxxx/xxxxxxx.xpredictiveHigh
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxx.xxxpredictiveMedium
19Filexxxxxxx.xxxpredictiveMedium
20Filexxxxxxxxx.xxxpredictiveHigh
21Filexxx/xxxxxx.xxxpredictiveHigh
22Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
23Filexxxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
24Filexxxx_xxxx.xxxpredictiveHigh
25Filexxxxxxxx.xpredictiveMedium
26Filexxxxxxxx.xxxpredictiveMedium
27Filexxx/xxxx/xxxx_xxxx.xpredictiveHigh
28Filexxxx.xxxxxx.xxpredictiveHigh
29Filexxx/xxxxx.xxxxpredictiveHigh
30Filexxxxx-xxxxxxx.xxxpredictiveHigh
31Filexxxxxxx.xxxpredictiveMedium
32Filexxxx.xxxpredictiveMedium
33Filexxxxxxx.xxxpredictiveMedium
34Filexxxx-xx.xxx/xxx.xxxxx/xxx-xxxxxxxx-xxxx.xxxpredictiveHigh
35Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
36Filexxx/xxxx/xxxx/xxx.xxxxxxxx.xxxxxxx/xxxxxxx/xxx/xxxxxx.xxxxpredictiveHigh
37Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
38Filexx/xx/xxxxxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
39Filexxxx.xxxpredictiveMedium
40Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
41Filexxx.xxxxxxxx.xxxpredictiveHigh
42Filexxxxxxxx.xxxpredictiveMedium
43Filexx-xxxxx/xxxxxxx.xxxpredictiveHigh
44Libraryxxxxxx.xxxpredictiveMedium
45Libraryxxx/xxxxxxx-xxxxxxxxx-x.x.x.xxxpredictiveHigh
46Libraryxxxxxxxx.xxx.xxxpredictiveHigh
47Argumentxxxxx_xxxxxxxx_xxpredictiveHigh
48ArgumentxxxxxxxxxpredictiveMedium
49ArgumentxxxxxxxxpredictiveMedium
50ArgumentxxxxxxpredictiveLow
51Argumentxxx_xxxpredictiveLow
52ArgumentxxxpredictiveLow
53Argumentxxx_xxpredictiveLow
54Argumentxxx_xxpredictiveLow
55ArgumentxxxpredictiveLow
56Argumentxxxx_xxpredictiveLow
57ArgumentxxxxxxxxpredictiveMedium
58ArgumentxxpredictiveLow
59ArgumentxxpredictiveLow
60ArgumentxxxxpredictiveLow
61Argumentxxxx_xxpredictiveLow
62ArgumentxxpredictiveLow
63ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
64Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
65ArgumentxxxxxxpredictiveLow
66ArgumentxxxxpredictiveLow
67ArgumentxxxxxxxpredictiveLow
68Argumentxxx_xxpredictiveLow
69ArgumentxxxpredictiveLow
70ArgumentxxxxpredictiveLow
71ArgumentxxxxxpredictiveLow
72ArgumentxxxpredictiveLow
73ArgumentxxxxxxpredictiveLow
74ArgumentxxxxxxxxpredictiveMedium
75Argumentxxxxxxxx/xxxxpredictiveHigh
76Argumentxxxxxxxx:xxxxxxxxpredictiveHigh
77Input Valuexxx[…]predictiveMedium
78Input Valuexxxxxxxxx:xxxxxxxxpredictiveHigh
79Network PortxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!