Iran Unknown Analysis

IOB - Indicator of Behavior (179)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en146
es14
de4
ru4
ar4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us126
ru24
es10
nl6
fr4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
WordPress6
nginx6
Magento4
Oracle MySQL Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1SourceCodester Library Management System index.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.00885CVE-2022-2492
2Composer URL code injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.010.05471CVE-2021-29472
3WordPress WP_Query sql injection6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.11157CVE-2022-21661
4Magento Search Module sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2021-21024
5nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined1.980.00000CVE-2020-12440
6LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.590.00000
7SourceCodester Loan Management System index.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00885CVE-2022-2766
8SPIP spip.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.320.01018CVE-2022-28959
9markdown-it-toc escape output6.96.8$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2020-28455
10MMS Gallery PHP get_file.php path traversal3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
11Microsoft Windows ALPC Privilege Escalation7.26.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.050.01150CVE-2022-23287
12PHP _php_stream_scandir memory corruption9.08.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.24563CVE-2012-2688
13WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.01034CVE-2022-21664
14Samsung Smart Phone Keymaster entropy2.62.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-25444
15nginx HTTP2 resource consumption6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01537CVE-2018-16843
16Tenable Nessus Web UI debug log file5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.050.10855CVE-2022-33757
17Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined3.230.00000
18Google Chrome libxml2 parser.c xmlStringLenDecodeEntities memory corruption7.36.6$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix0.020.03779CVE-2011-3919
19Hikvision DVR DS-7204 Authorization memory corruption7.37.3$0-$5k$0-$5kHighNot Defined0.050.73343CVE-2014-4880
20CuppaCMS index.php permission assignment7.57.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.01978CVE-2022-37190

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Albanian Government

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (91)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/administration/theme.phppredictiveHigh
2File/api/index.phppredictiveHigh
3File/cgi-bin/webprocpredictiveHigh
4File/coreframe/app/pay/admin/index.phppredictiveHigh
5File/forum/away.phppredictiveHigh
6File/index.phppredictiveMedium
7File/ofrs/admin/?page=requests/manage_requestpredictiveHigh
8File/spip.phppredictiveMedium
9File/usr/www/ja/mnt_cmd.cgipredictiveHigh
10File/wp-admin/admin-ajax.phppredictiveHigh
11Fileannouncement.phppredictiveHigh
12Fileattachment.phppredictiveHigh
13Filexxxx-xxxx.xpredictiveMedium
14Filexxxxx/xxxx-xxxx.xpredictiveHigh
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxxx.xxxpredictiveMedium
17Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
19Filexxxxxxxxx/xxx/xxxxx/xxxxx/xxxxx.xxxpredictiveHigh
20Filexxxxx.xxxxpredictiveMedium
21Filexxxxxxx.xxxpredictiveMedium
22Filexxxxxx.xxxpredictiveMedium
23Filexxxx.xxxpredictiveMedium
24Filexxxxxxx.xxxpredictiveMedium
25Filexxx/xxx-xxxxx.xpredictiveHigh
26Filexxx_xxxx.xxxpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxx/xxxxxx.xxxpredictiveHigh
29Filexxxxx.xxxpredictiveMedium
30Filexxxx_xxxx.xxxpredictiveHigh
31Filexxxxxx/xxxxxx.xpredictiveHigh
32Filexxxxxxx.xxxpredictiveMedium
33Filexxxxx_xx.xxxxpredictiveHigh
34Filexxx/xxxxxxxxx/x_xxxxxx.xpredictiveHigh
35Filexxxx.xxxpredictiveMedium
36Filexxxx_xxxx.xxxpredictiveHigh
37Filexxx_xxxx.xxxpredictiveMedium
38Filexxxxxx.xpredictiveMedium
39Filexxxxxxxxxxxxx.xxxpredictiveHigh
40Filexxxxx/xxxxxxx.xxxpredictiveHigh
41Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
42Filexxxxxx.xxxpredictiveMedium
43Filexxxxxxxxxxxxx.xxxpredictiveHigh
44Filexxxxx.xxxxpredictiveMedium
45Filexxxx-xxxxxx.xpredictiveHigh
46Filexxxxxxxxxxx.xxxpredictiveHigh
47Filexxxx.xxxpredictiveMedium
48Filexxxx.xpredictiveLow
49Filexxxx-xxxxx.xxxpredictiveHigh
50Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
51Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
52Filexx-xxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
53File~/xxxxxxxx/xxxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
54Argumentxxxxxx/xxxxxxxxpredictiveHigh
55ArgumentxxxxxpredictiveLow
56ArgumentxxxxxxxxxxxxxxpredictiveHigh
57ArgumentxxxxxxxxpredictiveMedium
58ArgumentxxxpredictiveLow
59ArgumentxxxxxxxxxxpredictiveMedium
60ArgumentxxxxxpredictiveLow
61Argumentxxx_xxpredictiveLow
62ArgumentxxxpredictiveLow
63Argumentxxxx_xxpredictiveLow
64Argumentxxxxx/xxx_xxxxx/xxxxx/xxxxxxxxxxxpredictiveHigh
65ArgumentxxxxxxxpredictiveLow
66ArgumentxxxxpredictiveLow
67ArgumentxxxxxxxpredictiveLow
68ArgumentxxpredictiveLow
69ArgumentxxxxxxxxxpredictiveMedium
70Argumentxxxxx[xxxxx][xx]predictiveHigh
71ArgumentxxxxxxxxpredictiveMedium
72ArgumentxxxxxxxxpredictiveMedium
73ArgumentxxxxxxxxpredictiveMedium
74ArgumentxxxxpredictiveLow
75ArgumentxxxxxxpredictiveLow
76ArgumentxxxxxxxxxxpredictiveMedium
77Argumentxxxxxx xxxxxpredictiveMedium
78Argumentxxxx_xxpredictiveLow
79ArgumentxxxxxxxxpredictiveMedium
80Argumentxxxx_xxxpredictiveMedium
81Argumentxxxxxxx_xxpredictiveMedium
82ArgumentxxxxxxxxpredictiveMedium
83ArgumentxxxxxxpredictiveLow
84ArgumentxxxxxxxpredictiveLow
85Argumentxxxxx_xxxpredictiveMedium
86ArgumentxxxxxpredictiveLow
87ArgumentxxxpredictiveLow
88Argumentxxxxxxxx/xxxxpredictiveHigh
89Argumentxx_xxxx_xxxxxx_xxxxxxxxxxpredictiveHigh
90Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
91Network Portxxx/xxxxxpredictiveMedium

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!