Inception Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

sv123
es120
de112
en110
pl107

Country

sv122
es120
de112
pl107
fr104

Actors

VBShower998
Inception2

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Tenda AC15 setsambacfg command injection5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2022-28557
2Extended Choice Parameter Plugin cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2022-29038
3Adobe Acrobat Reader Annotation use after free7.06.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2022-27802
4MikroTik RouterOS tr069-client null pointer dereference6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.15CVE-2021-36614
5Microsoft .NET Framework denial of service3.63.3$5k-$25k$0-$5kUnprovenOfficial Fix0.00CVE-2022-30130
6Adobe Acrobat Reader use after free6.35.5$25k-$100k$0-$5kUnprovenOfficial Fix0.09CVE-2015-3055
7Google Android bindBackupAgent race condition7.06.5$5k-$25k$5k-$25kUnprovenOfficial Fix0.03CVE-2014-7953
8DBD-Firebird dbdimp.c ib_fill_isqlda memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-2788
9SonicWALL Global VPN Client Installer uncontrolled search path6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-20051
10Oracle E-Business Suite Information Discovery Logging input validation6.66.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-44832
11Oracle Communications Performance Intelligence Center Software Platform integer overflow8.68.4$5k-$25k$5k-$25kNot DefinedOfficial Fix0.05CVE-2020-10878
12Oracle Communications Cloud Native Core Network Repository Function OCNRF code injection9.89.6$25k-$100k$25k-$100kNot DefinedOfficial Fix0.03CVE-2022-22965
13Access Demo Importer Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2022-23975
14AnyCubic Chitubox AnyCubic Plugin GF File heap-based overflow7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-21948
15Juniper Junos OS Management Interface initialization7.37.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-22186
16Zoho ManageEngine OpManager path traversal5.35.3$0-$5k$0-$5kHighNot Defined0.03CVE-2014-6034
17Fortinet FortiWan Password File inadequate encryption4.64.6$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-26113
18MDT AutoSave Working Directory information exposure6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-32937
19Google Android Media information exposure2.52.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-39761
20PHP FPM SAPI out-of-bounds write8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.10CVE-2021-21703

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Inception

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
151.255.139.194ip194.ip-51-255-139.euInceptionverifiedHigh
282.221.100.55web.a1yola.comInceptionverifiedHigh
3XX.XXX.XXX.XXXxxxxxxxxverifiedHigh
4XX.XX.XXX.XXXxxx.xxx-xx-xx-xxx.xxxxxxxxx.xxxx-xxx.xxxXxxxxxxxxverifiedHigh
5XXX.XXX.XX.XXXxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxverifiedHigh
6XXX.XXX.XXX.XXxxxx.xx-xxx-xxx-xxx.xxxXxxxxxxxxverifiedHigh
7XXX.XX.XX.XXXXxxxxxxxxverifiedHigh
8XXX.XXX.XX.XXxxxx.xxxxxxxxx.xxxXxxxxxxxxverifiedHigh
9XXX.XXX.XXX.XXXXxxxxxxxxverifiedHigh
10XXX.XXX.XXX.XXxxxxxxxxx.xxxxxxx.xxXxxxxxxxxXxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
2T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
3TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
6TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
7TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (245)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.jboss-cli-historypredictiveHigh
2File/admin.php?id=posts&action=display&value=1&postid=predictiveHigh
3File/admin/inbox.php&action=readpredictiveHigh
4File/admin/news/news_mod.phppredictiveHigh
5File/admin/page_edit/3predictiveHigh
6File/administrator/alerts/alertLightbox.phppredictiveHigh
7File/apps/acs-commons/content/page-compare.htmlpredictiveHigh
8File/blog/blog.phppredictiveHigh
9File/cgi-bin/luci/api/diagnosepredictiveHigh
10File/cgi-bin/main.cgipredictiveHigh
11File/cgi-bin/uploadWeiXinPicpredictiveHigh
12File/cms/classes/Master.php?f=delete_designationpredictiveHigh
13File/controller/Adv.phppredictiveHigh
14File/dvcset/sysset/set.cgipredictiveHigh
15File/example/editorpredictiveHigh
16File/goform/setsambacfgpredictiveHigh
17File/goform/websURLFilterpredictiveHigh
18File/guest_auth/cfg/upLoadCfg.phppredictiveHigh
19File/include/make.phppredictiveHigh
20File/jquery_file_upload/server/php/index.phppredictiveHigh
21File/mobile/SelectUsers.jsppredictiveHigh
22File/php/ajax.phppredictiveHigh
23File/ptms/classes/Users.phppredictiveHigh
24File/public/admin/index.php?add_productpredictiveHigh
25File/resolv/nss_dns/dns-host.cpredictiveHigh
26File/role/saveOrUpdateRole.dopredictiveHigh
27File/scbs/admin/?page=facilities/manage_facilitypredictiveHigh
28File/xxxxxx/xxx/xxx_xxxpredictiveHigh
29File/xxx/xxxxx/xxx/xxxpredictiveHigh
30File/xxxxxxxx_xxxxx/xxxxxxx/xxxxxx.xxx?x=xxxxxx_xxxpredictiveHigh
31File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxx/predictiveHigh
32File/xxxxxxx/xxx/xxx.xxxpredictiveHigh
33Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
34Filexxxxx/xxxxx-xxxx-xxxxxx-xxxx-xxxxx.xxxpredictiveHigh
35Filexxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
36Filexxxxx/xxxxxxxx/xxxx_xxxxxxxx/xxxx_xxxxxxxx.xxxpredictiveHigh
37Filexxxxx/xxxxx/xxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxx/x/xxxxx/xxxxx-xxxxxxxxxxxpredictiveHigh
39Filexxxxxx/xxxxxx/xxxxx.xxxpredictiveHigh
40Filexxxxxxxxxxxxx.xxxxpredictiveHigh
41Filexxx/xxxxx/xxxxxxx/xxxx_xxxx_xxxxxxx_xxxxxxx.xxxpredictiveHigh
42Filexxxx.xxx_xxxxx_xxxx_xxxxxxxxxx.xxxpredictiveHigh
43Filexxxxxx.xxxpredictiveMedium
44Filexxxxxxxx.xxxpredictiveMedium
45Filexxx_xxxx_xxxxx.xpredictiveHigh
46Filexxxxxxxxxx-x.xxxpredictiveHigh
47Filexxxxxxxxx.xxxpredictiveHigh
48FilexxxxxxxxpredictiveMedium
49Filexxxxxxx/xxxxxxxxx.xxx.xxxpredictiveHigh
50Filexx/xxxxx/xxxx/xxxxxx.xxxpredictiveHigh
51Filexxxxxx/xxx.xpredictiveMedium
52Filexxx.xx.xxxxxxxxx.xxxxxxxx.xxxxxx.xxxxxxxxxxxxx.xx.xx.xxxxxxxxxxxxxpredictiveHigh
53Filexxxxxx.xpredictiveMedium
54Filexxxxxx/xxx.xpredictiveMedium
55Filexxxxxx.xxxpredictiveMedium
56Filexxxxxxx-xxxxx-xxxxxxxx.xxxpredictiveHigh
57Filexxxx_xxxxx_xxxxxxx.xxxxpredictiveHigh
58Filexxxxxx.xpredictiveMedium
59Filexxxx_xxxxxxx.xpredictiveHigh
60Filexxxx_xxxxxxxxxx.xxxxpredictiveHigh
61Filexxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
62Filexx/xxxxxx.xpredictiveMedium
63Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
64Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxx/xxxxxxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxx.xxxpredictiveMedium
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxxxxxx.xxpredictiveHigh
70Filexxx.xpredictiveLow
71Filexxx_xxxxxx_xxxxxx.xxpredictiveHigh
72Filexxxxxxx.xpredictiveMedium
73Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
74Filexxxxxxxxxxxxx.xxxxpredictiveHigh
75Filexxxxxxx-xxx-xxxxxxx.xpredictiveHigh
76Filexxxxx.xxxpredictiveMedium
77Filexxxxxxxx.xxxpredictiveMedium
78Filexxxxxxx.xxxpredictiveMedium
79Filexxxxxx.xxxpredictiveMedium
80Filexxxxxxxxx.xpredictiveMedium
81Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxx/xxxxx/xxxxxxxx/xxxx.xpredictiveHigh
83Filexxxxxxxxx/xxxxxx.xpredictiveHigh
84Filexxxxxxxxx/predictiveMedium
85Filexxx_xx/xxx_xx_xxxxxx.xpredictiveHigh
86Filexxx/xxxx/xx_xxxx_xxxxx.xpredictiveHigh
87Filexxxxxxx/xxxxxx/xxxxxx.xxxpredictiveHigh
88Filexxxxxx.xxxpredictiveMedium
89Filexxxxxxxx.xxxpredictiveMedium
90Filexxxxxxx-xxxxxx.xxxpredictiveHigh
91Filexxxxx.xxxpredictiveMedium
92Filexxxxxx.xpredictiveMedium
93Filexxxxxxxx.xxxpredictiveMedium
94Filexxxxxxx.xxxpredictiveMedium
95Filexxxxxxx.xxxpredictiveMedium
96Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
97Filexxxxxxx.xxxpredictiveMedium
98Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
99Filexxxxxxxxxx/xxxx_xxxxx.xpredictiveHigh
100Filexxxxxx.xxxpredictiveMedium
101Filexxx_xxx.xxpredictiveMedium
102Filexxx/xxxxxxxx/xxxxx/xxxxx_xxxxx.xpredictiveHigh
103Filexxx/xxxxxxxxx.xpredictiveHigh
104Filexxx/xxx_xxxx.xpredictiveHigh
105Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
106Filexx_xxxx/xx_xxxxxxxxx.xpredictiveHigh
107Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
108Filexxxxxxxx+.xxxpredictiveHigh
109Filexxxxxxxx_xxxxx_xxxxxxxx.xxxpredictiveHigh
110Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
111Filexxxxx-xxxxx.xxxpredictiveHigh
112Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
113Filexxxxxx.xxxpredictiveMedium
114Filexxxxxxxx_xxxxx.xxxpredictiveHigh
115Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
116Filexxxxx/xxxx-xxxxxxx.xpredictiveHigh
117Filexxxx_xxxx.xxxpredictiveHigh
118Filexxxx.xxxpredictiveMedium
119Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
120Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
121Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
122Filexx-xxxxx/xxxxx.xxxpredictiveHigh
123Filexx-xxxxxxx/xxxxxxx/xxxxxxxxx-xxxxxxx/predictiveHigh
124Filexxx_xxxxxxxx.xxxpredictiveHigh
125File\xxxxx\xxxxxxxx_xxxxxx.xxxpredictiveHigh
126File\xxxxxxx\xxxxxxxx_xxxxxxxxxx.xxxpredictiveHigh
127File~/xxxxxxx/xxxxxx/xxxxx.xxxpredictiveHigh
128File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
129File~/xxxxpredictiveLow
130Libraryxxxxxxxx.xxxpredictiveMedium
131Libraryxxx/xxxxxxx-xxxxxxxxx-x.x.x.xxxpredictiveHigh
132Libraryxxx/xxxxxxx/xxxxxxxxx.xxxpredictiveHigh
133Libraryxxx/xxxx/xxx.xxpredictiveHigh
134Libraryxxx/xxx/xxxxxxx.xpredictiveHigh
135Libraryxxx/xxxxx.xxxpredictiveHigh
136Libraryxxx/xx/xxx.xxpredictiveHigh
137Libraryxxx/xxxx/xxxxxx.xpredictiveHigh
138Libraryxxxx.xx.xpredictiveMedium
139Libraryxxx_xxx.xpredictiveMedium
140Libraryxxxxxxxx.xxxpredictiveMedium
141Libraryxxxxxxx.xxxpredictiveMedium
142Libraryxxxxxxxx.xxxpredictiveMedium
143Libraryxxx/xxx/xxxx/xxx/xxxx.xxxpredictiveHigh
144Libraryxxxxxxx.xxxpredictiveMedium
145Argument$_xxxpredictiveLow
146Argument-xpredictiveLow
147Argumentx/xpredictiveLow
148ArgumentxxxxxxpredictiveLow
149ArgumentxxxxxxxxxxxxpredictiveMedium
150Argumentxxxxxx_xx[]predictiveMedium
151Argumentxxxxx.xxxxxxxxpredictiveHigh
152ArgumentxxxpredictiveLow
153Argumentxxxxxxx_xxpredictiveMedium
154ArgumentxxxxxxpredictiveLow
155Argumentxxxxxx_xxxxxx_xxxxxpredictiveHigh
156ArgumentxxxpredictiveLow
157ArgumentxxxxxxxxpredictiveMedium
158ArgumentxxxpredictiveLow
159ArgumentxxxxxxxpredictiveLow
160ArgumentxxxxxxpredictiveLow
161ArgumentxxxxxxxxxpredictiveMedium
162ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
163ArgumentxxxxpredictiveLow
164ArgumentxxxxxxpredictiveLow
165ArgumentxxxxxxxxxxxpredictiveMedium
166ArgumentxxxxxxxxxxpredictiveMedium
167ArgumentxxxxxxxxpredictiveMedium
168Argumentxxxxxx/xxxxpredictiveMedium
169ArgumentxxxxxpredictiveLow
170ArgumentxxxxxpredictiveLow
171Argumentxxxxxxx_xxpredictiveMedium
172Argumentxxxx_xxpredictiveLow
173Argumentxxxxxx[x]predictiveMedium
174ArgumentxxxxpredictiveLow
175ArgumentxxxxxxxxpredictiveMedium
176ArgumentxxxxxxxxpredictiveMedium
177ArgumentxxxxxxxxpredictiveMedium
178Argumentxxxx_xxxxpredictiveMedium
179ArgumentxxxxxxxxxxpredictiveMedium
180ArgumentxxxxxxxxxxpredictiveMedium
181ArgumentxxxxxpredictiveLow
182Argumentxx_xxxxxxpredictiveMedium
183Argumentx_xxxxpredictiveLow
184ArgumentxxxxpredictiveLow
185ArgumentxxxxpredictiveLow
186ArgumentxxxxxxxxpredictiveMedium
187ArgumentxxpredictiveLow
188Argumentxxxxx_xxxxx_xxxxxxpredictiveHigh
189ArgumentxxxpredictiveLow
190Argumentxx_xxxxpredictiveLow
191Argumentxxxxx_xxxpredictiveMedium
192ArgumentxxxxpredictiveLow
193ArgumentxxxxpredictiveLow
194Argumentxxxxxxxx=xxpredictiveMedium
195ArgumentxxxxxxpredictiveLow
196Argumentxxxxx[xxxxxxx]predictiveHigh
197Argumentxxx_xxxxxxxx_xxxxxxpredictiveHigh
198ArgumentxxxxxpredictiveLow
199ArgumentxxxxpredictiveLow
200ArgumentxxxxxxxpredictiveLow
201ArgumentxxxxxxxxpredictiveMedium
202ArgumentxxxxxpredictiveLow
203ArgumentxxxpredictiveLow
204ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
205ArgumentxxxxxxxxpredictiveMedium
206ArgumentxxxxpredictiveLow
207ArgumentxxxpredictiveLow
208ArgumentxxxxxxxxpredictiveMedium
209ArgumentxxxxxxpredictiveLow
210Argumentxxxxx_xxxxxxxx/xxxxx_xxxxxx/xxxxx_xxxxxxxxxxxpredictiveHigh
211ArgumentxxxxxpredictiveLow
212Argumentxxxxxxxx_xxpredictiveMedium
213ArgumentxxxxxxxxxxxpredictiveMedium
214ArgumentxxxxxxxxpredictiveMedium
215ArgumentxxxxxxpredictiveLow
216ArgumentxxxxxxxxxxxxxxpredictiveHigh
217ArgumentxxxxxxpredictiveLow
218ArgumentxxxxxxpredictiveLow
219ArgumentxxxxxxxpredictiveLow
220ArgumentxxxxxxxpredictiveLow
221ArgumentxxxxxxxxpredictiveMedium
222ArgumentxxxxxpredictiveLow
223ArgumentxxxxxxxxxxxxxxpredictiveHigh
224ArgumentxxpredictiveLow
225Argumentxxx_xxxxpredictiveMedium
226Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
227Argumentxxx_xxxxx_xxx_xxxxpredictiveHigh
228ArgumentxxxxpredictiveLow
229ArgumentxxxxxpredictiveLow
230ArgumentxxpredictiveLow
231ArgumentxxxxxxpredictiveLow
232Argumentxxxxxxxxxx_xxxx_xxxxxxx/xxxxxxxxxx_xxxx_xxxxxx/xxxxxxxxxx_xxxx_xxxx/xxxxxxxxxx_xxxx_xxxxxxx/xxxxxxxxxx_xxxx_xxxpredictiveHigh
233ArgumentxxxxxxxxpredictiveMedium
234ArgumentxxxxxxxxpredictiveMedium
235Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
236Argumentxxxx_xxpredictiveLow
237ArgumentxxxxxxpredictiveLow
238Argumentxxx xxx xxx/xxxxxxx xxxxpredictiveHigh
239Argumentx_xxpredictiveLow
240Argumentx_xx_xxxxxxxxxxxxxxxxxxxpredictiveHigh
241ArgumentxxxpredictiveLow
242Argument_xxxxxpredictiveLow
243Input Value<xxxxxx>xxxxx(x)</xxxxxx>xxxpredictiveHigh
244Input Valuexxxx://:xxpredictiveMedium
245Network Portxxx/xxxpredictiveLow

References (5)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!