Miori Analysis

IOB - Indicator of Behavior (65)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en56
fr4
de4
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us36
de16
ru6
dz4
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Procmail4
Revive Adserver4
emlog2
shadow2
Oracle MySQL Server2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1IBM Security Access Manager Appliance Advanced Access Control access control6.96.9$5k-$25k$5k-$25kNot DefinedNot Defined0.040.00890CVE-2018-1850
2Google Chrome Sandbox input validation8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.57747CVE-2019-5782
3Oracle MySQL Server Encryption information disclosure5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00954CVE-2019-2922
4Oracle MySQL Server Compiling buffer overflow9.89.4$100k and more$5k-$25kNot DefinedOfficial Fix0.030.02686CVE-2019-5482
5Procmail Signal privileges management7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01034CVE-2001-0905
6CA XCOM Data Transport code injection9.89.8$25k-$100k$5k-$25kNot DefinedNot Defined0.030.01055CVE-2012-5973
7OpenSSH Supplemental Group privileges management4.64.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01282CVE-2021-41617
8WordPress Pingback server-side request forgery5.75.7$5k-$25k$5k-$25kNot DefinedNot Defined0.180.00885CVE-2022-3590
9emlog index.php information disclosure5.55.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00885CVE-2021-3293
10PHPWind sql injection5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2019-6691
11ONLYOFFICE Document Server NSFileDownloader input validation8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.050.01440CVE-2020-11534
12VMware ESXi System Call privileges management7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00885CVE-2020-4005
13Joomla CMS GMail Authentication access control5.34.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.040.01055CVE-2014-7984
14Joomla CMS sql injection7.37.0$5k-$25k$0-$5kHighOfficial Fix0.030.64384CVE-2015-7858
15PageLayer Plugin AJAX pagelayer_save_content improper authorization7.47.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2020-35947
16MDaemon Webmail cross site scripting5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00885CVE-2019-8983
17Google Chrome Renderer use after free7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.23230CVE-2019-13699
18Google Chrome Password Manager memory corruption7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.07670CVE-2019-13726
19PrestaShop Authentication improper authentication8.57.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2020-4074
20Magento XML Layout Update input validation6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01156CVE-2019-7896

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
194.177.226.227host227-226-177-94.static.arubacloud.deMioriverifiedHigh
2XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxverifiedHigh
3XXX.XX.XXX.XXXxxx.xxXxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (23)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.procmailrcpredictiveMedium
2File/debian/patches/load_ppp_generic_if_neededpredictiveHigh
3File/etc/fstabpredictiveMedium
4File/xxxx/xxxx/xxxxxxxxxpredictiveHigh
5Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
6Filexxxxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveHigh
7Filexxxx.xxxxpredictiveMedium
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxxxxxx-xxx/xx.xxxpredictiveHigh
10Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
11Filexxx/xxxxxx.xxxpredictiveHigh
12Filexxxxxx.xxxpredictiveMedium
13Filex/xxxxx.xxxpredictiveMedium
14Filexx-xxxxx/xxxxx.xxx?xxxx=xxx-xxxxx&xxxxxx=xxxx-xxxxxpredictiveHigh
15Argument-xpredictiveLow
16ArgumentxxxxxxxxpredictiveMedium
17ArgumentxxxxxxxxxxpredictiveMedium
18Argumentxxxxxxxx_xxxxxxxpredictiveHigh
19Argumentxxxx_xxpredictiveLow
20Argumentxxxxxxx[]predictiveMedium
21Input Value..predictiveLow
22Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
23Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!