Lucifer Analysis

IOB - Indicator of Behavior (30)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en28
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn18
us2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android4
Top Bar Plugin2
Oracle PeopleSoft Enterprise PeopleTools2
Oracle Communications Pricing Design Center2
Elastic Enterprise Search App2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft Windows NetBIOS WinNuke denial of service7.57.2$25k-$50k$0-$1kHighOfficial Fix0.003040.03CVE-1999-0153
2mlflow os command injection9.09.0$1k-$2k$1k-$2kNot DefinedNot Defined0.862320.05CVE-2023-6018
3Oracle PeopleSoft Enterprise PeopleTools Integration Broker access control6.55.9$10k-$25k$0-$1kProof-of-ConceptOfficial Fix0.007990.05CVE-2017-3548
4ZyXEL NAS326/NAS540/NAS542 UDP Packet format string9.89.6$10k-$25k$0-$1kNot DefinedOfficial Fix0.004350.00CVE-2022-34747
5MediaWiki cross site scripting4.34.3$1k-$2k$0-$1kNot DefinedNot Defined0.001430.00CVE-2007-4883
6OpenSSH input validation7.36.6$25k-$50k$0-$1kProof-of-ConceptOfficial Fix0.022830.05CVE-2007-4752
7Dian Gemilang DGNews news.php sql injection7.37.3$2k-$5k$0-$1kNot DefinedNot Defined0.002140.00CVE-2007-2994
8PHP-Generics include.php file inclusion7.36.9$2k-$5k$0-$1kProof-of-ConceptNot Defined0.153340.00CVE-2007-2346
9JumpDEMAND 4ECPS Web Forms Plugin cross site scripting3.63.6$0-$1k$0-$1kNot DefinedNot Defined0.000500.00CVE-2022-44628
10Top Bar Plugin Setting cross site scripting2.42.3$0-$1k$0-$1kNot DefinedOfficial Fix0.000580.00CVE-2022-2629
11Apple watchOS Audio File out-of-bounds4.34.1$2k-$5k$0-$1kNot DefinedOfficial Fix0.001090.00CVE-2020-29610
12Openscad STL File import_stl.cc import_stl stack-based overflow6.36.3$2k-$5k$1k-$2kNot DefinedNot Defined0.002080.00CVE-2020-28599
13NVIDIA Jetson Linux Driver Package Cboot Module blob_decompress buffer overflow5.55.4$1k-$2k$0-$1kNot DefinedOfficial Fix0.000420.00CVE-2022-28196
14Oracle Communications Pricing Design Center Python buffer overflow9.89.6$100k and more$25k-$50kNot DefinedOfficial Fix0.038390.00CVE-2021-3177
15SolarWinds SQL Sentry information exposure4.64.6$1k-$2k$0-$1kNot DefinedNot Defined0.000780.05CVE-2022-38107
16Google Android DevicePolicyManager information disclosure3.33.2$10k-$25k$1k-$2kNot DefinedOfficial Fix0.000420.00CVE-2022-20275
17Google Android Task.java Local Privilege Escalation6.56.4$10k-$25k$2k-$5kNot DefinedOfficial Fix0.000480.03CVE-2021-39696

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • CVE-2021-25646

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (10)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileimport_stl.ccpredictiveHigh
2Fileinc/config.phppredictiveHigh
3Filexxxxxxx.xxxpredictiveMedium
4Filexxxx.xxxpredictiveMedium
5Filexxxx.xxxxpredictiveMedium
6ArgumentxxxxxxxxpredictiveMedium
7Argumentxxxx/xxxxpredictiveMedium
8ArgumentxxxxxxpredictiveLow
9Argumentx-xxxxxxxxx-xxxpredictiveHigh
10Argument_xxx_xxxxxxxx_xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!