LULU Analysis

IOB - Indicator of Behavior (290)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en290

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

it16
us4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Adobe Acrobat Reader42
Apple watchOS14
Foxit Reader14
Oracle VM VirtualBox14
Oracle MySQL Server14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.86CVE-2010-0966
3PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.019600.03CVE-2007-1287
4cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal6.36.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000790.11CVE-2022-4065
5OpenSSL c_rehash os command injection5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.106490.03CVE-2022-1292
6Asus Aura Sync Asusgio Low-Level Driver access control6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000770.02CVE-2018-18535
7GNU elfutils eblobjnote.c ebl_object_note memory corruption6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.003600.02CVE-2019-7146
8ZoneMinder controlcaps.php Stored cross site scripting5.25.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.00CVE-2019-6992
9ZoneMinder zm_user.cpp zmLoadUser memory corruption8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002100.00CVE-2019-6991
10ZoneMinder Zone Name zones.php Stored cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000530.00CVE-2019-6990
11OpenJPEG opj_malloc.c opj_calloc resource consumption5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.001320.00CVE-2019-6988
12Vivo Vitro SPARQL individual input validation6.46.4$0-$5k$0-$5kNot DefinedOfficial Fix0.009020.00CVE-2019-6986
13Red Hat Enterprise Linux systemd-journald journald-server.c dispatch_message_real resource management3.33.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.02CVE-2019-3815
14Debian apt 302 Redirect injection8.17.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.036050.09CVE-2019-3462
15Adobe Experience Manager Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2018-19727
16Adobe Experience Manager Stored cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2018-19726
17Adobe Experience Manager Forms Stored cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2018-19724
18Ceph Debug Logging Password information disclosure6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.001580.00CVE-2018-16889
19BlueZ access control4.04.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2018-10910
20Yii CORS Policy Converter origin validation5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.000620.03CVE-2018-20745

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Pegasus

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (63)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/user_list_backend.phppredictiveHigh
2File/individualpredictiveMedium
3Fileadmin.php?m=backup&c=backup&a=dobackpredictiveHigh
4Fileadmin.php?mod=product&act=statepredictiveHigh
5Fileadmin/cp-functions/event-add.phppredictiveHigh
6Fileadmin/modules/tools/ip_history_logs.phppredictiveHigh
7Fileassets/javascripts/workflowStepEditorKO.jspredictiveHigh
8Filebadcache.cpredictiveMedium
9Filexxxxx-xxx.xpredictiveMedium
10Filexxxx/xxxxxxxx.xxxpredictiveHigh
11Filexxx.xpredictiveLow
12Filex_xxxxxxpredictiveMedium
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxx/xxxxxxx.xpredictiveHigh
15Filexxxxxxx/xxx/xxx-xxxxx.xpredictiveHigh
16Filexxxxxxxxxx.xpredictiveMedium
17Filexx_xxxxx_xxxxx.xpredictiveHigh
18Filexx_xxx_xxx.x/xx_xxxx.x/xx_xxxx.xpredictiveHigh
19Filexxxxx_xxxxxxxxx.xxxpredictiveHigh
20Filexxxx.xxxpredictiveMedium
21Filexxx/xxxxxx.xxxpredictiveHigh
22Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
23Filexxxxxxx/xxxxxx.xpredictiveHigh
24Filexxxxxxxx-xxxxxx.xpredictiveHigh
25Filexxxx.xpredictiveLow
26Filexxxxxxx/xx_xxx.xpredictiveHigh
27Filexxxxx_xxxx_xxxxxxxxx.xxxpredictiveHigh
28Filexxx_xxxxxxx.xpredictiveHigh
29Filexxxxxxx/xxx_xxxxxx.xpredictiveHigh
30Filexxxxxxxx-xxxxx-xxxxxxxxxx/xxx/xxxx/xxxxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxxxxpredictiveHigh
31Filexxxxxxx.xxxpredictiveMedium
32Filexxx-xxx.xpredictiveMedium
33Filexxx-xxxx.xpredictiveMedium
34Filexxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxx.xxxxpredictiveMedium
36Filexxxxxxxxxxx_xxxxx.xxxpredictiveHigh
37Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
38Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxx/xxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
39Filexxxxx/xxx/xxxxx/xxxxx.xxpredictiveHigh
40Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
41Filexxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
42Filexxxx-xxxx_xxxxx.xxxpredictiveHigh
43Filexxxxxxxx.xpredictiveMedium
44Filexxx/xxxxx/xxxxxxx/xxxxx/xxxxxxxxxxx.xxxpredictiveHigh
45Filexxx/xxxxx/xxxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxx.xxxpredictiveHigh
47Filexx_xxxx.xxxpredictiveMedium
48Libraryxxxxxxx_xxxxxxxpredictiveHigh
49ArgumentxxxxxxxxpredictiveMedium
50ArgumentxxxxxxxpredictiveLow
51Argumentxxxxxxx_xx[]predictiveMedium
52Argumentxxxxxxxxxxx[xxxx]predictiveHigh
53Argumentxxxx_xxxxxxxpredictiveMedium
54ArgumentxxxxpredictiveLow
55Argumentxxxxxxxx_xpredictiveMedium
56ArgumentxxxxxxxxxpredictiveMedium
57Argumentxxxxxxx[]predictiveMedium
58ArgumentxxxpredictiveLow
59ArgumentxxxxxxxxxpredictiveMedium
60Argument_xxxxxxx=predictiveMedium
61Input Value%xxpredictiveLow
62Input Value/../predictiveLow
63Input ValuexxxxxxxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!