Magniber Analysis

IOB - Indicator of Behavior (27)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en26
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us20
cn4
tr2
ir2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Magniber3
Space Pirates1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined8
Database Software2
Database Administration Software2
Content Management System2
Operating System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined8
Apache2
Oracle2
Thomas R. Pasawicz2
Microsoft2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

kustomize-controller2
Apache RocketMQ2
Oracle Database Server2
phpMyAdmin2
e-Quick Cart2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.01621CVE-2007-1192
2Apache RocketMQ Broker path traversal6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00058CVE-2019-17572
3Oracle Database Server Remote Code Execution7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.040.08907CVE-2009-1019
4Adobe Connect Server AMF Message deserialization8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00920CVE-2021-40719
5WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.080.00230CVE-2022-21664
6e-Quick Cart shopprojectlogin.asp sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.110.00000
7EyouCMS Index.php wechat_return xml external entity reference5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00072CVE-2021-42194
8Tencent WeChat code injection7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00196CVE-2019-17151
9Tencent WeChat Desktop out-of-bounds4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00391CVE-2021-27247
10Microsoft Windows Network File System Remote Code Execution9.88.9$100k and more$5k-$25kUnprovenOfficial Fix0.030.01389CVE-2022-24491
11Microsoft Windows Network File System Remote Code Execution9.89.6$100k and more$5k-$25kNot DefinedOfficial Fix0.050.01389CVE-2022-24497
12kustomize-controller Kubernetes Secrets os command injection7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00207CVE-2021-41254
13Forcepoint NGFW Engine HTTP User Response denial of service4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00089CVE-2021-41530
14Server NFS Server privileges management9.89.6$0-$5k$0-$5kHighWorkaround0.030.01500CVE-1999-0548
15phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.040.00164CVE-2019-6798

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
192.222.121.30ip30.ip-92-222-121.euMagniber07/28/2022verifiedHigh
2XX.XX.XXX.XXXxxxxx.xx-xx-xx-xxx.xxXxxxxxxx07/28/2022verifiedHigh
3XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx12/09/2022verifiedHigh
4XXX.XXX.XXX.XXxxxx.xx-xxx-xxx-xxx.xxXxxxxxxx07/28/2022verifiedHigh
5XXX.XX.XX.XXXxxxxx.xx-xxx-xx-xx.xxXxxxxxxx07/28/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveHigh
4TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (4)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/controller/Index.phppredictiveHigh
2Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
3Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
4ArgumentxxxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!