Miori Analysis

IOB - Indicator of Behavior (110)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en94
de10
ar4
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us50
de18
ru10
il4
kr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome10
Magento4
Google Android4
PukiWiki Pukiwiki Plus!2
Ruckus ZoneFlex R5002

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Vmware Workspace ONE Access/Identity Manager Template injection9.88.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.97403CVE-2022-22954
2IBM Security Access Manager Appliance Advanced Access Control access control7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00167CVE-2018-1850
3Microsoft Windows WLAN AutoConfig Service Remote Code Execution8.87.7$100k and more$5k-$25kUnprovenOfficial Fix0.030.07773CVE-2021-36965
4Google Chrome Sandbox input validation8.07.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.02420CVE-2019-5782
5Oracle MySQL Server Encryption information disclosure5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00173CVE-2019-2922
6Oracle MySQL Server Compiling buffer overflow9.89.4$100k and more$25k-$100kNot DefinedOfficial Fix0.040.09761CVE-2019-5482
7Procmail Signal privileges management7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2001-0905
8CA XCOM Data Transport code injection9.89.8$25k-$100k$5k-$25kNot DefinedNot Defined0.020.00287CVE-2012-5973
9OpenSSH Supplemental Group privileges management4.64.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00056CVE-2021-41617
10WordPress Pingback server-side request forgery5.75.7$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00120CVE-2022-3590
11emlog index.php information disclosure5.55.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00300CVE-2021-3293
12PHPWind sql injection5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.040.00072CVE-2019-6691
13Microsoft Windows Security Center API Remote Code Execution8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.030.01735CVE-2022-21874
14Google Android Privilege Escalation5.55.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00109CVE-2021-1049
15ONLYOFFICE Document Server NSFileDownloader input validation8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00847CVE-2020-11534
16Microsoft Office Excel authorization7.36.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.01269CVE-2021-42292
17VMware ESXi System Call privileges management7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00044CVE-2020-4005
18Microsoft Windows WLAN AutoConfig Service Remote Code Execution8.07.0$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00055CVE-2021-36967
19D-Link DIR-816 HTTP Request Parameter form2userconfig.cgi command injection4.64.5$5k-$25k$0-$5kNot DefinedNot Defined0.000.00214CVE-2021-39509
20pac-resolver PAC File Remote Code Execution5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00323CVE-2021-23406

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
194.177.226.227host227-226-177-94.static.arubacloud.deMiori03/27/2022verifiedHigh
2XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx03/27/2022verifiedHigh
3XXX.XX.XXX.XXXxxx.xxXxxxx07/17/2022verifiedHigh
4XXX.XXX.XX.XXXxxxx07/17/2019verifiedHigh

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (38)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.procmailrcpredictiveMedium
2File/debian/patches/load_ppp_generic_if_neededpredictiveHigh
3File/etc/fstabpredictiveMedium
4File/forms/nslookupHandlerpredictiveHigh
5File/goform/form2userconfig.cgipredictiveHigh
6File/xxxx/xxxx/xxxxxxxxxpredictiveHigh
7Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
8Filexxxxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveHigh
9Filexxxx.xxxxpredictiveMedium
10Filexxxxxx.xpredictiveMedium
11Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
12Filexxxxxxxx-xxx/xx.xxxpredictiveHigh
13Filexxxxxxx.xxpredictiveMedium
14Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
15Filexxx/xxxxxx.xxxpredictiveHigh
16Filexxxxxxxx/xxxxx-xxxxxxxxx.xxxpredictiveHigh
17Filexxxxxx-xxxxxxx.xxxpredictiveHigh
18Filexxxxxxx.xxxpredictiveMedium
19Filexxxxxx.xxxpredictiveMedium
20Filexxxxxx.xxxpredictiveMedium
21Filex/xxxxx.xxxpredictiveMedium
22FilexxxxxxxxxpredictiveMedium
23Filexx-xxxxx/xxxxx.xxx?xxxx=xxx-xxxxx&xxxxxx=xxxx-xxxxxpredictiveHigh
24Argument-xpredictiveLow
25ArgumentxxxxxxxxpredictiveMedium
26Argumentxxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
27ArgumentxxpredictiveLow
28ArgumentxxxxxxxpredictiveLow
29ArgumentxxxxxxxxxxpredictiveMedium
30Argumentxxxxxxxx_xxxxxxxpredictiveHigh
31ArgumentxxxxxxxxxxxxxxpredictiveHigh
32ArgumentxxxxxxpredictiveLow
33Argumentxxxx_xxpredictiveLow
34Argumentxxxxxxx[]predictiveMedium
35Input Value..predictiveLow
36Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
37Input Value|xxx${xxx}predictiveMedium
38Network Portxxx xxxxxx xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!