MagnetGoblin Analysisinfo

IOB - Indicator of Behavior (176)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en146
zh10
de6
pl6
ja2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple macOS6
Microsoft Windows4
Avira Internet Security4
LogicBoard CMS2
MediaTek MT67812

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.06CVE-2009-4935
2PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.005540.11CVE-2007-0529
3CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload4.74.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.002060.02CVE-2024-7910
4Esoftpro Online Guestbook Pro ogp_show.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001220.04CVE-2009-2448
5AUO SunVeillance Monitoring System Access Control Picture_Manage_mvc.aspx unrestricted upload8.58.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.121380.00CVE-2019-12719
6code-projects Pharmacy Management System Parameter index.php editManager sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001090.07CVE-2024-8138
7SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000840.17CVE-2024-1875
8Adtran SR400ac Ping Command command injection8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000700.00CVE-2023-38120
9Canon Satera LBP670C CPCA Color LUT Resource Download Process out-of-bounds write9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.003570.00CVE-2023-6234
10SourceCodester Testimonial Page Manager HTTP POST Request add-testimonial.php cross site scripting4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.000500.02CVE-2024-1196
11Form.io Email Template injection8.68.6$0-$5k$0-$5kNot DefinedNot Defined0.005710.00CVE-2020-28246
12Apple macOS Local Privilege Escalation7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.00CVE-2024-27843
13Apple macOS Kernel Local Privilege Escalation7.97.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.03CVE-2024-27842
14itsourcecode Laravel Property Management System DocumentsController.php UpdateDocumentsRequest unrestricted upload7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000800.04CVE-2024-7944
15Totolink N200RE cstecgi.cgi setLanguageCfg stack-based overflow7.77.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.005330.04CVE-2024-1003
16PTC Kepware ThingWorx Kepware Server Online Tag Generation allocation of resources5.35.2$0-$5k$0-$5kNot DefinedWorkaround0.000430.03CVE-2024-6098
17Microchip Techology Advanced Software Framework DHCP Server tinydhcpserver.C lwip_dhcp_find_option buffer overflow9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000890.05CVE-2024-7490
18Laravel Framework laravel.log information disclosure4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004690.04CVE-2024-29291
19HTML5 Video Player Plugin sql injection7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.000600.05CVE-2024-5522
20SourceCodester Employee and Visitor Gate Pass Logging System Master.php save_designation cross site scripting3.23.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.003000.24CVE-2024-6650

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • CVE-2024-21887

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
123.184.48.132MagnetGoblinCVE-2024-2188703/11/2024verifiedVery High
245.9.149.215MagnetGoblinCVE-2024-2188703/11/2024verifiedVery High
3XX.XXX.XXX.XXXxxxxxxxxxxxXxx-xxxx-xxxxx03/11/2024verifiedVery High
4XX.XX.XXX.XXXXxxxxxxxxxxxXxx-xxxx-xxxxx03/11/2024verifiedVery High
5XX.XXX.XX.XXXXxxxxxxxxxxxXxx-xxxx-xxxxx03/11/2024verifiedVery High
6XXX.XX.XX.XXXXxxxxxxxxxxxXxx-xxxx-xxxxx03/11/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (69)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/emp-profile-avatar.phppredictiveHigh
2File/auth/callbackpredictiveHigh
3File/be/erpc.phppredictiveMedium
4File/be/rpc.phppredictiveMedium
5File/cgi-bin/cstecgi.cgipredictiveHigh
6File/classes/Master.phppredictiveHigh
7File/control/register_case.phppredictiveHigh
8File/etc/init.d/sshd_servicepredictiveHigh
9File/xxxxx/xxxx.xxxpredictiveHigh
10File/xxxxx.xxx#xxxxxxxxpredictiveHigh
11File/xxxxx.xxx?xxxxxx=xxxxxxxxxxxpredictiveHigh
12File/xxxxxpredictiveLow
13File/xxxx/xxxx/xxxxxxxpredictiveHigh
14File/xxxxxxx/xxxxx/xxxxxxpredictiveHigh
15File/xx_xxx.xxxpredictiveMedium
16File/xxx/xxxxxx/xxx/xxxpredictiveHigh
17File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictiveHigh
18Filexxx.xxxpredictiveLow
19Filexxx-xxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
21Filexxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
22Filexxxxxx.xxxpredictiveMedium
23Filexxxxxxx.xpredictiveMedium
24Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxx\xxxxx.xxxxxxx_xxxxxxx.xxxpredictiveHigh
26Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
27Filexxxxx.xxxxpredictiveMedium
28Filexxxxx.xxxpredictiveMedium
29Filexxxxxxx.xpredictiveMedium
30Filexxxxxxxxx.xxpredictiveMedium
31Filexxxxx.xxxpredictiveMedium
32Filexxx.xpredictiveLow
33Filexxxxxxx.xpredictiveMedium
34Filexxx_xxxx.xxxpredictiveMedium
35Filexxxxxx.xpredictiveMedium
36Filexxxxxxx_xxxxxx_xxx.xxxxpredictiveHigh
37Filexxxxxxx.xxxpredictiveMedium
38Filexxx_xxxpredictiveLow
39Filexxxxxxx.xxxpredictiveMedium
40Filexxxxxx-xxxxxxxx-xxxxxx_xx.xxxpredictiveHigh
41Filexxxxxxx/xxxx/xxxxxxx.xxxpredictiveHigh
42Filexxxxx.xpredictiveLow
43Filexxxxxxxxxxxxxx.xpredictiveHigh
44Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
45Filexxxxxx\xxxxxx\xxxxxxxxx-xxxxxx-xxxxxxx\xxx\xxxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
46Libraryxxxxxxxxx.xpredictiveMedium
47LibraryxxxxxxxxxpredictiveMedium
48ArgumentxxxxxxxpredictiveLow
49ArgumentxxxxxxxxxpredictiveMedium
50Argumentxxxxxx_xxxxpredictiveMedium
51ArgumentxxxxxxpredictiveLow
52ArgumentxxxxxxxpredictiveLow
53Argumentxxxxxx_xxxxxxxpredictiveHigh
54ArgumentxxxxxxxpredictiveLow
55Argumentxxx_xxxxpredictiveMedium
56ArgumentxxxxxpredictiveLow
57Argumentxxxxxx['xxxx']predictiveHigh
58ArgumentxxxxpredictiveLow
59ArgumentxxpredictiveLow
60ArgumentxxxxxxpredictiveLow
61ArgumentxxxxpredictiveLow
62ArgumentxxxxpredictiveLow
63Argumentxxxx/xxxxxxxxxxx/xxxxxxxxxpredictiveHigh
64ArgumentxxxxxxxxxpredictiveMedium
65Argumentxxxxxx_xxxxxxpredictiveHigh
66Argumentxxxxx/xxxx_xx/xxxxxx_xxxx/xxxxx/xxxx_xxxx/xxxx_xxxxx/xxxxx_xxxx/xxxxxxxxxxx/xxxxxxx_xxxx/xxxxxxx_xxxx/xxxxxxxx_xxxxxx/xxxxx_xxxx/xxxxxxpredictiveHigh
67ArgumentxxxxxxxxpredictiveMedium
68Input Value../../predictiveLow
69Network Portxxx/xx (xxx)predictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!