India Police Analysis

IOB - Indicator of Behavior (193)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en164
es14
zh12
de2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows14
WordPress6
Google Android6
PHP6
phpMyAdmin4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.008170.13CVE-2014-4078
2Adiscon LogAnalyzer Login Button Referer Field login.php cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002040.08CVE-2018-19877
3Apple iOS IOMobileFramebuffer memory corruption8.38.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.001670.00CVE-2016-4654
4Sunny WebBox cross-site request forgery7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001810.00CVE-2019-13529
5Bitrix Site Manager Vote Module Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.007570.03CVE-2022-27228
6WordPress Password Reset wp-login.php mail password recovery6.15.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.026200.04CVE-2017-8295
7Jalios JCMS ajaxPortal.jsp cross site scripting5.65.6$0-$5k$0-$5kNot DefinedNot Defined0.001280.04CVE-2020-15497
8XiongMai uc-httpd memory corruption8.58.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.022010.03CVE-2018-10088
9Websense Forcepoint User ID Service Port 5001 unrestricted upload8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.144810.03CVE-2019-6139
10F5 BIG-IP Configuration Utility path traversal4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.033430.00CVE-2015-4040
11WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.003180.03CVE-2017-5611
12Microsoft Windows Remote Desktop Service code injection10.09.0$100k and more$0-$5kHighOfficial Fix0.752260.00CVE-2012-0002
13Kentico CMS os command injection6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.003880.03CVE-2018-7046
14Drei 3Kundenzone X.509 Certificate cryptographic issues6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000490.00CVE-2014-5828
15vsftpd deny_file3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.002610.00CVE-2015-1419
16Totolink A7100RU HTTP POST Request cstecgi.cgi main buffer overflow9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001190.09CVE-2023-7095
17D-Link DCS-936L info.cgi information disclosure6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.006210.04CVE-2018-18441
18SMA Solar Sunny WebBox hard-coded credentials7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.005680.04CVE-2015-3964
19Microsoft Windows HTML race condition7.37.2$25k-$100k$5k-$25kHighOfficial Fix0.067690.04CVE-2023-36884
20Maxprint Maxlink 1200G Diagnostic Tool os command injection7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.001440.07CVE-2023-36143

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Spyware

IOC - Indicator of Compromise (44)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.1.82.1065-1-82-106.static.creoline.netIndia PoliceSpyware06/28/2022verifiedMedium
28.5.1.33India PoliceSpyware06/28/2022verifiedMedium
38.5.1.49India PoliceSpyware06/28/2022verifiedMedium
434.246.254.156ec2-34-246-254-156.eu-west-1.compute.amazonaws.comIndia PoliceSpyware06/28/2022verifiedLow
536.86.63.182India PoliceSpyware06/28/2022verifiedMedium
652.4.209.250ec2-52-4-209-250.compute-1.amazonaws.comIndia PoliceSpyware06/28/2022verifiedLow
754.210.47.225ec2-54-210-47-225.compute-1.amazonaws.comIndia PoliceSpyware06/28/2022verifiedLow
864.15.205.100India PoliceSpyware06/28/2022verifiedMedium
964.15.205.101India PoliceSpyware06/28/2022verifiedMedium
10XX.XXX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
11XX.XXX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
12XX.XX.XXX.XXXxxxx.xxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
13XX.X.XXX.XXXxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedLow
14XX.XXX.XX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
15XX.XXX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
16XXX.XXX.XXX.XXXxxx-x.xxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
17XXX.XXX.XXX.XXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
18XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx-xx-xxxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedLow
19XXX.X.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
20XXX.X.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
21XXX.XXX.XX.XXXxxx-xxxxx.xxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
22XXX.XXX.XX.XXXxxx.xx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedLow
23XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
24XXX.XXX.XX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
25XXX.XX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
26XXX.XX.XXX.XXXxxx.xxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
27XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxx-xxxxx.xxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
28XXX.XXX.XX.XXxxxxxxxxx.xxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
29XXX.XXX.XX.XXxxxxxxxxx.xxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
30XXX.XXX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
31XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
32XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxx.xxxxxxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
33XXX.XXX.XXX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
34XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
35XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
36XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
37XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
38XXX.XXX.XX.XXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
39XXX.XX.XX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
40XXX.XX.XX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
41XXX.XX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
42XXX.XX.XX.XXXxxx-xx-xx-xxx.xxx.xxxxxxxxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
43XXX.XXX.XXX.XXXXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium
44XXX.XX.XX.XXXxxx.xxxxx.xxxXxxxx XxxxxxXxxxxxx06/28/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (103)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%PROGRAMDATA%\Razer Chroma\SDK\AppspredictiveHigh
2File.htaccesspredictiveMedium
3File/cgi-bin/cstecgi.cgi?action=loginpredictiveHigh
4File/cgi-bin/webviewer_login_pagepredictiveHigh
5File/common/info.cgipredictiveHigh
6File/mgmt/tm/util/bashpredictiveHigh
7File/recordings/index.phppredictiveHigh
8File/uncpath/predictiveMedium
9File/websshpredictiveLow
10Fileadd_vhost.phppredictiveHigh
11Fileadmin-ajax.phppredictiveHigh
12Filexxx/xxpredictiveLow
13Filexxxxx/xxxxxxx/xxxxxxxxxxxxxpredictiveHigh
14Filexxxxxxxxxxxx.xxxxpredictiveHigh
15Filexxxxxxxx.xxxpredictiveMedium
16Filexxx-xxx/xxxxx/xxxxx.xxxpredictiveHigh
17Filexxxxx/xxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
19Filexxxxxx/xxxxx.xpredictiveHigh
20Filexxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxxxxxxxx.xxxxpredictiveHigh
22Filexxx/xxxx/xxxx.xpredictiveHigh
23Filexxxxxxxxxxxx.xxxpredictiveHigh
24Filexxxxxxxx_xxxpredictiveMedium
25Filexxxxxxxxx/xxxx-xxxxxxx-xxx.xxxpredictiveHigh
26Filexxxxx.xxxpredictiveMedium
27Filexxxx_xxxx.xpredictiveMedium
28Filexxxxx.xxxpredictiveMedium
29Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
30Filexxxx.xxxpredictiveMedium
31Filexxxx_xxxx.xxxpredictiveHigh
32Filexxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
33Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveHigh
34Filexxxxx.xxxpredictiveMedium
35Filexxxxxxx/predictiveMedium
36Filexxxxxxxx.xpredictiveMedium
37Filexxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxx.xxxx_xxxxxx.xxx/xxxx_xxxxxx.xxxpredictiveHigh
38Filexxxxxxx\xxxxxxxxx\xxxxxxx.xxxpredictiveHigh
39Filexxx/xxxxxxxxx/xxxxxxxxx_xxxxx.xpredictiveHigh
40Filexxxx.xxxpredictiveMedium
41Filexxxx_xxx_xxxxxxx.xpredictiveHigh
42Filexxxxxxxxxx.xxx.xxxpredictiveHigh
43Filexxxxxxx.xxxpredictiveMedium
44Filexxxxx_xxx.xxxpredictiveHigh
45Filexxx.xpredictiveLow
46Filexxxxxxxx.xxxpredictiveMedium
47Filexxxxxxxx.xxpredictiveMedium
48Filexxxxxx.xxxxpredictiveMedium
49Filexxxxxx_xxxxxxx.xxxpredictiveHigh
50Filexxxxxxxx/xxxx/xxxx.xxx?xxxxxx=xxxxxxxxxxxxxxxxpredictiveHigh
51Filexxx%xxxxx-xxxxxxxxxxxxx+xxxxxxx/xxxxxxx+xxxxx+xxxx/predictiveHigh
52Filexxxxx/xxxxxx.xpredictiveHigh
53Filexxxx.xpredictiveLow
54Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
55Filexxxxxxxx.xxxpredictiveMedium
56Filexxxxx/xxxxxxxxpredictiveHigh
57Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
58Filexx-xxxxx.xxxpredictiveMedium
59Filexx/xx/xxxxxpredictiveMedium
60Filexxxxxxxxxxxxx.xxpredictiveHigh
61Libraryxxxxxxxx_xxxxxxxxx.xxx.xxxpredictiveHigh
62Libraryxxx/xxxxxxxxx.xxxpredictiveHigh
63LibraryxxxxxxpredictiveLow
64Argument--xxxpredictiveLow
65Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveHigh
66ArgumentxxxxxxpredictiveLow
67ArgumentxxxxxxpredictiveLow
68ArgumentxxxxxpredictiveLow
69ArgumentxxxxxxxxxxpredictiveMedium
70Argumentxxx[xxxxxx][xxxxxxxxx]predictiveHigh
71ArgumentxxxpredictiveLow
72ArgumentxxxpredictiveLow
73Argumentxxxx_xxpredictiveLow
74ArgumentxxxxxxpredictiveLow
75ArgumentxxxxxpredictiveLow
76ArgumentxxxxxxxxpredictiveMedium
77ArgumentxxxxpredictiveLow
78ArgumentxxxxxxxxxpredictiveMedium
79ArgumentxxxxpredictiveLow
80ArgumentxxpredictiveLow
81ArgumentxxxxxxpredictiveLow
82ArgumentxxxxxxxpredictiveLow
83Argumentxxxx_xxxxxx_xxpredictiveHigh
84ArgumentxxxxxpredictiveLow
85Argumentxxxxx_xxxxxxxxpredictiveHigh
86ArgumentxxxpredictiveLow
87ArgumentxxxxxxxxpredictiveMedium
88ArgumentxxxxxxxxpredictiveMedium
89ArgumentxxxxxxxxxpredictiveMedium
90ArgumentxxxpredictiveLow
91ArgumentxxxxxpredictiveLow
92ArgumentxxxxpredictiveLow
93ArgumentxxxxxxpredictiveLow
94ArgumentxxxxxxxxpredictiveMedium
95Argumentxxxxxx_xxxxxxxxpredictiveHigh
96Argument_xxxxxxxpredictiveMedium
97Input Value%xxpredictiveLow
98Input Value'>[xxx]predictiveLow
99Input Valuexxx.xxxx.%xxx.%xxxpredictiveHigh
100Input Value</xxxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
101Input ValuexxxxxpredictiveLow
102Pattern|xx xx xx xx|predictiveHigh
103Network Portxxx/xxxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!