Macedonia Unknown Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (191)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en170
it8
fr6
sv2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA134
MK: Macedonia18
IT: Italy10
GB: Great Britain4
RU: Russia4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

FYROM1
AsyncRAT1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined86
Content Management System14
Web Server6
Programming Language Software6
Firewall Software4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined48
Microsoft6
Cisco6
itsourcecode6
SourceCodester6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress8
Discuz! DiscuzX4
CodeAstro Online Railway Reservation System4
Krpano Panorama Viewer2
SAP Solution Manager2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.042771.79CVE-2006-6168
2CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload4.74.5$0-$5k$0-$5kProof-of-ConceptNot defined 0.002470.07CVE-2024-7910
3itsourcecode Online Discussion Forum register_me.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot defined 0.003220.07CVE-2024-5733
4Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot definedOfficial fixexpected0.869682.42CVE-2020-15906
5SourceCodester Computer Laboratory Management System SystemSettings.php update_settings_info sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.002390.08CVE-2024-8346
6ampleShop category.cfm sql injection7.37.3$0-$5kCalculatingNot definedUnavailable 0.013040.07CVE-2006-2038
7Trojan.Win32.Xocry.ff ProgData permission6.36.0$0-$5k$0-$5kProof-of-ConceptNot defined 0.000000.02
8Microsoft IIS uncpath cross site scripting5.25.0$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.013870.18CVE-2017-0055
9Bareos ACL improper authorization8.88.6$0-$5k$0-$5kNot definedOfficial fix 0.001860.09CVE-2024-45044
10DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.009700.72CVE-2010-0966
11code-projects Blood Bank System register.php sql injection8.07.8$0-$5k$0-$5kProof-of-ConceptNot defined 0.000800.00CVE-2024-9797
12Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot definedNot defined 0.000000.99
13Microchip Techology Advanced Software Framework DHCP Server tinydhcpserver.C lwip_dhcp_find_option buffer overflow9.89.8$0-$5k$0-$5kNot definedNot defined 0.009730.00CVE-2024-7490
14SourceCodester Kortex Lite Advocate Office Management System register_case.php sql injection5.55.4$0-$5k$0-$5kProof-of-ConceptNot defined 0.002820.00CVE-2024-3621
15Microsoft Windows Point-to-Point Protocol Remote Code Execution9.88.5$25k-$100k$5k-$25kUnprovenOfficial fix 0.135710.00CVE-2022-35744
16Alt-N MDaemon Worldclient injection4.94.7$5k-$25k$0-$5kNot definedOfficial fix 0.014170.00CVE-2021-27182
17DameWare Mini Remote Control User ID lstrcpyA memory corruption5.65.1$5k-$25k$0-$5kProof-of-ConceptOfficial fixpossible0.641970.02CVE-2005-2842
18Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaroundpossible0.029560.00CVE-2007-1192
19SAP Solution Manager privileges management9.49.4$5k-$25k$0-$5kHighNot definedverified0.939140.01CVE-2020-6207
20wp-invoice Plugin Access Control exposure of resource6.36.2$0-$5k$0-$5kNot definedOfficial fix 0.003190.00CVE-2016-11007

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1185.225.28.228Macedonia Unknown05/28/2024verifiedVery High
2185.225.28.229Macedonia Unknown05/14/2024verifiedVery High
3185.225.28.230Macedonia Unknown05/28/2024verifiedVery High
4XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/15/2024verifiedVery High
5XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/28/2024verifiedVery High
6XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/15/2024verifiedVery High
7XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/14/2024verifiedVery High
8XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/14/2024verifiedVery High
9XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/14/2024verifiedVery High
10XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/28/2024verifiedVery High
11XXX.XXX.XX.XXXXxxxxxxxx Xxxxxxx05/15/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxxx XxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-XXXCWE-XX, CWE-XXXxxxx Xxxxx Xxxx XxxxxxxxxpredictiveHigh
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXXCAPEC-XXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
9TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-XXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (126)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/admin-update-employee.phppredictiveHigh
2File/admin/emp-profile-avatar.phppredictiveHigh
3File/admin/mod_room/controller.php?action=addpredictiveHigh
4File/anony/mjpg.cgipredictiveHigh
5File/assets/something/services/AppModule.classpredictiveHigh
6File/cgi-bin/wlogin.cgipredictiveHigh
7File/classes/Master.phppredictiveHigh
8File/classes/SystemSettings.php?f=update_settingspredictiveHigh
9File/classes/Users.php?f=deletepredictiveHigh
10File/control/register_case.phppredictiveHigh
11File/manage_sy.phppredictiveHigh
12File/ndmComponents.jspredictiveHigh
13File/oauth/idp/.well-known/openid-configurationpredictiveHigh
14File/owa/auth/logon.aspxpredictiveHigh
15File/Report/ParkCommon/GetParkInThroughDeivcespredictiveHigh
16File/xxxxxxx.xxxpredictiveMedium
17File/xxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
18File/xxxxxxx/predictiveMedium
19File/xxxxxx/xxxxxx.xxxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxx.xxxxx.xxxpredictiveHigh
22Filexxxxx.xxxpredictiveMedium
23Filexxxxx/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
24Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
25Filexxxxx_xxxxx.xxxpredictiveHigh
26Filexxxxx_xxxxxxx_xxxxx.xxxpredictiveHigh
27Filexxxx/xxxxxx/xxxxxx_xxxpredictiveHigh
28Filexxxxxxxx\xxxxx.xxxpredictiveHigh
29Filexxxxxxx.xxpredictiveMedium
30Filexxx.xxxpredictiveLow
31Filex:\xxxxxxxxpredictiveMedium
32Filexxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
33Filexxxxxxxx.xxxpredictiveMedium
34Filexxxxx.xxxpredictiveMedium
35Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
36Filexxxxxxxxxx.xxxpredictiveHigh
37Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxx_xxxxx.xxxpredictiveHigh
39Filexxxxxxx.xxxpredictiveMedium
40Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
41Filexxxxx.xxxpredictiveMedium
42Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxxpredictiveHigh
43Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=xpredictiveHigh
44Filexxxxxxxx/xx/xxx.xxpredictiveHigh
45Filexxxxxxxx-xxxxxx-xxxxxx.xxxpredictiveHigh
46Filexxxx/xxxx.xxpredictiveMedium
47Filexxxxxxx.xxxpredictiveMedium
48Filexxx/xxxxxx.xxxpredictiveHigh
49Filexxxxxxx\xxxxxxx\xxxxxxx_xxxxx.xxxpredictiveHigh
50Filexxxxxxx\xxxxxxx\xxxxxxx_xxxxxx.xxxpredictiveHigh
51Filexxxxx.xxxpredictiveMedium
52Filexxxxxxx_xxxx.xxxpredictiveHigh
53Filexxxxx:/xxxxxxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
54Filexxxx_xxxx.xxxpredictiveHigh
55Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
56Filexxxxx.xxxpredictiveMedium
57Filexxxxxx_xxxx.xxxpredictiveHigh
58Filexxxxxxxx.xxxpredictiveMedium
59Filexxxxxxxx_xx.xxxpredictiveHigh
60Filexxxx.xxxpredictiveMedium
61Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
62Filexxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxxxxxxxx.xxxpredictiveHigh
64Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
65Filexxxxxx_xxxx/xxxxx.xxxpredictiveHigh
66Filexxxxxxxxxx_xxxxxxx.xxxpredictiveHigh
67Filexxxx-xxxxxxxx.xxxpredictiveHigh
68Filexxxx-xxxxx.xxxpredictiveHigh
69Filexxxx-xxxxxxxx.xxxpredictiveHigh
70Filexxxxxxxxxxxxxx.xpredictiveHigh
71Filexxxxxx/xxxxxx.xxxxpredictiveHigh
72Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
73Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
74Libraryxxxxxxxx.xxxpredictiveMedium
75Argumentxx/xxpredictiveLow
76ArgumentxxxxxxpredictiveLow
77Argumentxxxxxxx/xxxxxxxxxxpredictiveHigh
78ArgumentxxxxxpredictiveLow
79ArgumentxxxxxxxxpredictiveMedium
80ArgumentxxxxxxxxpredictiveMedium
81Argumentxxxx_xxxxxxxxxpredictiveHigh
82ArgumentxxxpredictiveLow
83ArgumentxxxxxxxxxxpredictiveMedium
84Argumentxxx_xxpredictiveLow
85Argumentxxxx_xxpredictiveLow
86ArgumentxxxxpredictiveLow
87ArgumentxxxxxxxxpredictiveMedium
88ArgumentxxxxxxpredictiveLow
89ArgumentxxxxxxxxxxxxpredictiveMedium
90Argumentxxx_xxxxx /xxx_xxxxx /xxx_xxx_xxxx/xxx_xxxxpredictiveHigh
91ArgumentxxxpredictiveLow
92Argumentxxxxx_xxxpredictiveMedium
93Argumentxxxxxxxxx/xxxxxxpredictiveHigh
94Argumentxxxx_xxpredictiveLow
95ArgumentxxpredictiveLow
96ArgumentxxpredictiveLow
97ArgumentxxpredictiveLow
98ArgumentxxxxxxpredictiveLow
99ArgumentxxxxxxxxxpredictiveMedium
100ArgumentxxxxxpredictiveLow
101Argumentxx_xxxxxpredictiveMedium
102Argumentxx_xxxxxxpredictiveMedium
103ArgumentxxxxxpredictiveLow
104ArgumentxxxxpredictiveLow
105ArgumentxxpredictiveLow
106ArgumentxxxxpredictiveLow
107ArgumentxxxxxpredictiveLow
108ArgumentxxxxxxxxpredictiveMedium
109Argumentxxxxxx[xxxx].xxxpredictiveHigh
110ArgumentxxxxxxpredictiveLow
111ArgumentxxxxxxxpredictiveLow
112ArgumentxxxxxxxxxxpredictiveMedium
113ArgumentxxxxxxpredictiveLow
114Argumentxxxx_xxpredictiveLow
115Argumentxxxxxx xxxx/xxxxxx xxxxx xxxxpredictiveHigh
116Argumentx:xxxxxxxxpredictiveMedium
117Argumentxxxxx/xxxx_xx/xxxxxx_xxxx/xxxxx/xxxx_xxxx/xxxx_xxxxx/xxxxx_xxxx/xxxxxxxxxxx/xxxxxxx_xxxx/xxxxxxx_xxxx/xxxxxxxx_xxxxxx/xxxxx_xxxx/xxxxxxpredictiveHigh
118ArgumentxxxxpredictiveLow
119ArgumentxxxxxxxxpredictiveMedium
120ArgumentxxxxxpredictiveLow
121Argumentxxxxxxxxxxxx[xxxx]predictiveHigh
122ArgumentxxxxxxxpredictiveLow
123Argumentxxx_xxxx_xxpredictiveMedium
124ArgumentxxxpredictiveLow
125Network Portxxx/xx, xxx/xxxpredictiveHigh
126Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!