Ircbot Analysis

IOB - Indicator of Behavior (108)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en94
fr6
de2
it2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ca66
us16
de6
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Oracle Java SE6
JFrog Artifactory2
EmbedThis GoAhead2
Oracle Communications Cloud Native Core Network Fu ...2
Cisco Unity Connection2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.560.25090CVE-2017-0055
2Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2015-0988
3JFrog Artifactory Pro SAML SSO Signature Validator signature verification8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.01018CVE-2018-19971
4IBM QRadar SIEM improper authentication7.77.7$5k-$25k$5k-$25kNot DefinedNot Defined0.060.00890CVE-2019-4210
5Audacity DLL Loader avformat-55.dll access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.01102CVE-2017-1000010
6Banana Dance search.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.040.01136CVE-2011-5175
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.720.02800CVE-2007-0354
8Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined4.440.00000
9E-Blah Platinum Routines.pl cross site scripting4.34.1$0-$5k$0-$5kHighOfficial Fix0.060.01974CVE-2006-0829
10FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.220.01213CVE-2008-5928
11centreon Contact Groups Form formContactGroup.php sql injection6.35.8$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00954CVE-2022-3827
12Oracle Communications Cloud Native Core Network Function Cloud Native Environment Configuration information disclosure5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01547CVE-2021-3426
13F5 BIG-IP vCMP Hypervisor cleartext storage3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2019-6670
14Apple QuickTime memory corruption7.36.6$5k-$25kCalculatingProof-of-ConceptOfficial Fix0.050.05701CVE-2015-5751
15Oracle Java SE JAXP denial of service5.35.1$5k-$25kCalculatingNot DefinedOfficial Fix0.030.04358CVE-2015-4893
16McAfee Endpoint Security Installer EPSetup.exe code injection5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.030.00885CVE-2019-3652
17HP 3PAR Service Processor SP information disclosure4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.020.01055CVE-2015-5443
18IBM DB2 link following7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00950CVE-2018-1781
19windows-selenium-chromedriver Download cryptographic issues6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.040.01156CVE-2016-10687
203PAR Service Processor path traversal6.46.1$0-$5kCalculatingNot DefinedOfficial Fix0.000.00885CVE-2018-7098

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (65)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/catcompany.phppredictiveHigh
2File/proc/self/cwdpredictiveHigh
3File/uncpath/predictiveMedium
4File/wp-admin/options-general.phppredictiveHigh
5Fileadmin/movieview.phppredictiveHigh
6Fileadmincp/attachment.phppredictiveHigh
7Fileauth2-chall.cpredictiveHigh
8Filebase/ttinterp.cpredictiveHigh
9Filexxx.xpredictiveLow
10Filexxxxx.xxxpredictiveMedium
11Filexxxx/xxxxxxxx.xxpredictiveHigh
12Filexxxxx.xxxpredictiveMedium
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxxx.xxxpredictiveMedium
15Filexxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxxxxxx/xxx/xxx.xxx.xxxpredictiveHigh
18Filexxxxxxxxxxxx.xxxpredictiveHigh
19Filexx_xxxxxxx.xxxpredictiveHigh
20Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
22Filexxxxxxxxxx.xxxpredictiveHigh
23Filexxxxxx_xxxxxxx.xxxpredictiveHigh
24Filexxxxxx.xpredictiveMedium
25Filexxxxxxx.xpredictiveMedium
26Filexxxxx.xxxpredictiveMedium
27Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
28Filexxxxxx.xxxpredictiveMedium
29Filexxxxxxx_xxxxxxxxxxxxx.xxxpredictiveHigh
30Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
31Filexxxx_xxxx.xxxpredictiveHigh
32Filexxxxxx.xxxpredictiveMedium
33Filexxxxxxxx/xxxxxxxxxx.xpredictiveHigh
34Filexxx.xxxxxxxx.xxxpredictiveHigh
35Libraryxxxxxxxx.xxxpredictiveMedium
36Libraryxxxxxxxx-xx.xxxpredictiveHigh
37Libraryxxxxxxx.xxxpredictiveMedium
38Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
39ArgumentxxxxxxxxpredictiveMedium
40ArgumentxxxxxxxxxxpredictiveMedium
41ArgumentxxxxxxxxxxpredictiveMedium
42Argumentxxx_xxpredictiveLow
43Argumentxx_xxpredictiveLow
44Argumentxxxx_xxpredictiveLow
45ArgumentxxxxxxxxpredictiveMedium
46Argumentxxxx/xxxx/xxxxxxxxxpredictiveHigh
47ArgumentxxxxxxxxpredictiveMedium
48ArgumentxxxxpredictiveLow
49ArgumentxxxxxxxxpredictiveMedium
50ArgumentxxxxxxpredictiveLow
51ArgumentxxxxxxpredictiveLow
52ArgumentxxpredictiveLow
53ArgumentxxxxxxxpredictiveLow
54ArgumentxxxxxxxpredictiveLow
55ArgumentxxxxxxxpredictiveLow
56ArgumentxxxxxpredictiveLow
57ArgumentxxxxxxxxpredictiveMedium
58Argumentxxxxxxxx-xxxx-xxpredictiveHigh
59Input Value-xpredictiveLow
60Input ValuexxxxxxpredictiveLow
61Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
62Pattern|xx|predictiveLow
63Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
64Network Portxxx/xxxpredictiveLow
65Network Portxxx xxxxxx xxxxpredictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!