menuPass Analysis

IOB - Indicator of Behavior (74)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en56
zh8
it4
fr4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OpenSSH4
Apache Tomcat4
Apache HTTP Server2
Spyce2
JV2 Folder Gallery2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined3.000.00000CVE-2020-12440
2Litespeed Technologies OpenLiteSpeed access control8.07.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.07308CVE-2021-26758
3emercoin Header resource consumption6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.010.01055CVE-2018-19152
4OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.420.49183CVE-2016-6210
5Apple tvOS WebKit memory corruption6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.01889CVE-2021-30849
6Igno Saitz libmikmod denial of service5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.010.01537CVE-2007-6720
7PEEL phpinfo.php phpinfo information disclosure5.35.1$0-$5k$0-$5kHighUnavailable0.000.01136CVE-2008-1506
8Gallery file inclusion5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.010.06790CVE-2004-2124
9Apple iOS Cache dyld.cpp openSharedCacheFile memory corruption9.08.6$100k and more$0-$5kNot DefinedOfficial Fix0.090.01108CVE-2013-3950
10OKLite File Upload modulec_control.php unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2019-16131
11HPE System Management Homepage improper authentication5.85.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00890CVE-2017-12549
12Google Android ion.c ion_buffer_kmap_get integer overflow5.35.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.050.01036CVE-2021-39714
13Maccms Video cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2021-45787
14FreeBSD Ping pr_pack stack-based overflow7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.090.00000CVE-2022-23093
15Seafile authorization6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2021-43820
16Spyce cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.080.01917CVE-2008-0980
17OpenSSH ssh-agent double free5.85.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.140.01282CVE-2021-28041
18SOY CMS Inquiry Form deserialization8.67.6$0-$5k$0-$5kNot DefinedOfficial Fix0.010.05634CVE-2020-15188
19Zoho ManageEngine ServiceDesk Plus REST-API improper authentication6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2021-37415

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (41)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/anony/mjpg.cgipredictiveHigh
2File/secure/admin/InsightDefaultCustomFieldConfig.jspapredictiveHigh
3File/uncpath/predictiveMedium
4Filecart.phppredictiveMedium
5Filecategorie.php3predictiveHigh
6Filexxxxx/xxxxxxxx-xxxxxxxxx/xxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
7Filexxx.xxxxxxx.xxxpredictiveHigh
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxx.xxxpredictiveMedium
10Filexxxxxxxxx/xxxxx/xxxxxxx_xxxxxxx.xxxpredictiveHigh
11Filexxx/xxxxxx.xxxpredictiveHigh
12Filexxxxxxx_xxxx/xxxxxxxx.xxxpredictiveHigh
13Filexxxxxxxxx/xxx/xxx_xxxxxxxx.xxxpredictiveHigh
14Filexxx.xpredictiveLow
15Filexxxx_xxx.xxxxpredictiveHigh
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
18Filexxxx/xxxxxpredictiveMedium
19Filexxxx.xxxpredictiveMedium
20Filexxxxxxxxx/xxxxxxxxxxpredictiveHigh
21Filexx-xxxxx/xxxxxxxx/xxxxx-xxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
22Filexxxx.xxpredictiveLow
23ArgumentxxxxxxxxpredictiveMedium
24ArgumentxxxxxpredictiveLow
25ArgumentxxxpredictiveLow
26ArgumentxxxxxxxxxxxpredictiveMedium
27ArgumentxxxxxxxxxxxxxxxpredictiveHigh
28Argumentxxxxxxx_xxxxxxxpredictiveHigh
29Argumentxxxxxxx[xx_xxx_xxxx]predictiveHigh
30Argumentxxxx_xxxx/xxxxxxx_xxxxxxxxxxxpredictiveHigh
31ArgumentxxpredictiveLow
32ArgumentxxxxxxpredictiveLow
33Argumentxxxx/xxxxxxxpredictiveMedium
34Argumentxxxxxx xxxxxxpredictiveHigh
35ArgumentxxxxxxxxpredictiveMedium
36ArgumentxxxxxxxxpredictiveMedium
37Argumentxxxx_xxpredictiveLow
38ArgumentxxxxpredictiveLow
39ArgumentxxxxxxxxxpredictiveMedium
40Input ValuexxxxpredictiveLow
41Network Portxxx xxxxxx xxxxpredictiveHigh

References (6)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!