MirrorBlast Analysis

IOB - Indicator of Behavior (628)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en554
ru24
zh14
es14
fr8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us192
sc184
cn80
ru42
de20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
Microsoft Exchange Server14
PHP10
Circontrol CirCarLife10
Cisco ASA10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Atmail Remote Code Execution9.89.4$2k-$5k$0-$1kNot DefinedOfficial Fix0.002510.04CVE-2013-5033
2spring-boot-actuator-logview LogViewEndpoint.view path traversal5.55.5$1k-$2k$0-$1kNot DefinedNot Defined0.000520.04CVE-2023-29986
3Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$2k-$5k$0-$1kProof-of-ConceptNot Defined0.001080.08CVE-2009-4935
4Apache HTTP Server response splitting5.35.1$10k-$25k$10k-$25kNot DefinedNot Defined0.000440.04CVE-2023-38709
5Palo Alto PAN-OS GlobalProtect Clientless VPN buffer overflow8.88.6$2k-$5k$0-$1kNot DefinedOfficial Fix0.001120.03CVE-2021-3056
6WordPress sql injection6.86.7$10k-$25k$0-$1kNot DefinedOfficial Fix0.004670.08CVE-2022-21664
7Daemon-tools DAEMON Tools mfc80loc.dll untrusted search path8.47.9$2k-$5k$0-$1kProof-of-ConceptNot Defined0.000450.00CVE-2010-5239
8Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$10k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
9Joomla CMS com_easyblog sql injection6.36.1$10k-$25k$5k-$10kNot DefinedNot Defined0.000000.37
10Microsoft Exchange Server ProxyShell Remote Code Execution9.58.7$25k-$50k$5k-$10kHighOfficial Fix0.973190.04CVE-2021-34473
11VeronaLabs wp-statistics Plugin API Endpoint Blind sql injection8.58.4$1k-$2k$0-$1kNot DefinedOfficial Fix0.002500.00CVE-2019-13275
12Jetty URI access control5.35.3$2k-$5k$0-$1kNot DefinedOfficial Fix0.489170.00CVE-2021-34429
13Microsoft IIS cross site scripting5.24.7$10k-$25k$0-$1kProof-of-ConceptOfficial Fix0.005480.07CVE-2017-0055
14phpMyAdmin Username sql injection7.57.3$10k-$25k$0-$1kNot DefinedOfficial Fix0.003260.03CVE-2016-9864
15HP Router/Switch SNMP information disclosure3.73.4$5k-$10k$0-$1kProof-of-ConceptOfficial Fix0.002850.05CVE-2012-3268
16SAP GUI TabOne ActiveX Control memory corruption7.36.4$50k-$100k$0-$1kProof-of-ConceptOfficial Fix0.816030.03CVE-2008-4827
17Cisco Linksys Router tmUnblock.cgi privileges management9.89.2$25k-$50k$0-$1kHighWorkaround0.000000.00
18Linksys WRT54GL Web Management Interface SysInfo1.htm information disclosure4.34.1$1k-$2k$0-$1kProof-of-ConceptNot Defined0.000460.16CVE-2024-1406
19Esoftpro Online Guestbook Pro ogp_show.php cross site scripting4.34.2$1k-$2k$0-$1kHighUnavailable0.002090.04CVE-2009-2441
20Teclib GLPI unlock_tasks.php sql injection8.58.5$1k-$2k$0-$1kNot DefinedOfficial Fix0.121490.03CVE-2019-10232

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-122CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-184CWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-55CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCAPEC-142CWE-XXXXxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx XxxxxxxxpredictiveHigh
21TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
22TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
24TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
25TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
26TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (223)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/sysmon.phppredictiveHigh
2File/api/content/posts/commentspredictiveHigh
3File/api/RecordingList/DownloadRecord?file=predictiveHigh
4File/apply.cgipredictiveMedium
5File/cgi-bin/koha/acqui/supplier.pl?op=enterpredictiveHigh
6File/debug/pprofpredictiveMedium
7File/Home/GetAttachmentpredictiveHigh
8File/html/device-idpredictiveHigh
9File/html/devstat.htmlpredictiveHigh
10File/html/repositorypredictiveHigh
11File/index.phppredictiveMedium
12File/members/view_member.phppredictiveHigh
13File/mhds/clinic/view_details.phppredictiveHigh
14File/modules/projects/vw_files.phppredictiveHigh
15File/nova/bin/consolepredictiveHigh
16File/owa/auth/logon.aspxpredictiveHigh
17File/php/ping.phppredictiveHigh
18File/rapi/read_urlpredictiveHigh
19File/rest/api/latest/projectvalidate/keypredictiveHigh
20File/scripts/unlock_tasks.phppredictiveHigh
21File/services/config/config.xmlpredictiveHigh
22File/services/system/setup.jsonpredictiveHigh
23File/SSOPOST/metaAlias/%realm%/idpv2predictiveHigh
24File/SysInfo1.htmpredictiveHigh
25File/sysinfo_json.cgipredictiveHigh
26File/xxxxxx/xxxx/xxxxxxx/xxx_xxxxx/xxxxxxxxxx.xxxpredictiveHigh
27File/xxxxxxx/predictiveMedium
28File/xxx-xxx/xxx.xxxpredictiveHigh
29File/xx-xxxxx/xxxxx-xxxx.xxx?xx_xxxx=x&xxxxxx_xxxxpredictiveHigh
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
32Filexxxxx/xxxxxx.xxxpredictiveHigh
33Filexxxx.xxxpredictiveMedium
34Filexxxxxxx/xxxx.xxxpredictiveHigh
35Filexxx/xxx.xxxpredictiveMedium
36Filexxx-xxx/xxxx_xxx.xxxpredictiveHigh
37Filexxxxxx/xxx.xpredictiveMedium
38Filexxxxxxx.xxxpredictiveMedium
39Filexxxxxx.xpredictiveMedium
40Filexxxx/xxxxx/xxxxxxx/xxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
41Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxx.xxx.xxxpredictiveHigh
43Filexxxxx/xxxxx.xxxpredictiveHigh
44Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxxx_xxxxx.xxxpredictiveHigh
46Filexxxx/xxxxpredictiveMedium
47Filexxxxx.xxxpredictiveMedium
48Filexxxxxx.xxxpredictiveMedium
49Filexxxxx.xxxpredictiveMedium
50Filexxxxxx_xxx.xpredictiveMedium
51Filexxx/xxxx/xxx/xxxxx_xxxx.xpredictiveHigh
52Filexxx/xxxx/xxxx.xpredictiveHigh
53Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxxxxxxxxx.xxpredictiveHigh
55Filexx/xx-xx.xpredictiveMedium
56Filexxx/xxxx_xxxx.xpredictiveHigh
57Filexxxxxx/xxxxxxxxxxxpredictiveHigh
58Filexxxx_xxxxxx.xpredictiveHigh
59Filexxxx/xxxxxxx.xpredictiveHigh
60Filexxxxx.xxxxpredictiveMedium
61Filexx/xxxxxxx/xxx.xpredictiveHigh
62Filexxx/xxxxxx.xxxpredictiveHigh
63Filexxx/xx/xxxx/xxxx.xxxxx.xxxpredictiveHigh
64Filexxxxxxxx/xxxxx-xxxxxx-xxxx-xxxxxxx.xxxpredictiveHigh
65Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxx.xxx?xxx=xxxx&xxx=xxxxxxxxpredictiveHigh
68Filexxxxxxxx/xx/xxxx.xxpredictiveHigh
69Filexxxxxxxxxx.xxxpredictiveHigh
70Filexxxxxx.xpredictiveMedium
71Filexxxxxxxx.xxxpredictiveMedium
72Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveHigh
73Filexxxxxx/xxxxxx.xpredictiveHigh
74Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
75Filexxxxxxxxxxxx/xxx.xpredictiveHigh
76Filexxxxx.xxxpredictiveMedium
77Filexxx_xxxxxxxxx.xpredictiveHigh
78Filexxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx.xxxpredictiveMedium
80Filexxx/xxx.xxxpredictiveMedium
81Filexxx_xxxxx_xxxx.xpredictiveHigh
82Filexxx/xxxxxpredictiveMedium
83Filexxx_xxxx.xxxpredictiveMedium
84Filexxx_xxxx.xxxpredictiveMedium
85Filexxxxxxx/xxxxpredictiveMedium
86Filexxxxxxx.xxxpredictiveMedium
87Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
88Filexxxx_xxxxxxx.xxxpredictiveHigh
89Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
90Filexxxxxx.xpredictiveMedium
91Filexxxx.xxxpredictiveMedium
92Filexxxxx.xxxpredictiveMedium
93Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
94Filexxxx.xxxpredictiveMedium
95Filexxxxxxxx.xxpredictiveMedium
96Filexxxxxxxxxx.xxxpredictiveHigh
97Filexxxxxxxx_xxxxxxxxxxxx_xxxxxx.xxpredictiveHigh
98Filexxxxxxxxxxx.xxxpredictiveHigh
99Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
100Filexxx_xxxxx_xxxxxxxxx.xpredictiveHigh
101Filexxxxxxxx.xxxpredictiveMedium
102Filexxxxxxxx/xxxx/xxxx.xxx?xxxxxx=xxxxxxxxxxxxxxxxpredictiveHigh
103Filexxxxx.xxxpredictiveMedium
104Filexxxx.xxxpredictiveMedium
105Filexxxxx/xxxxx.xxxpredictiveHigh
106Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
107Filexxxxxxxx.xxxpredictiveMedium
108Filexxxxxxxx/xxxxxxxxxxxx-xxxxxxxxxxpredictiveHigh
109Filexxxxxx/xxxxxxx/xxxxxx/xxxxxxxx.xxxpredictiveHigh
110Filexxxx.xxxpredictiveMedium
111Filexxxx-xxxxx.xxxpredictiveHigh
112Filexxx.xpredictiveLow
113Filexxxxxxxxx.xxxpredictiveHigh
114Filexxxxx/xxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
115Filexxxxxx.xxxpredictiveMedium
116Filexxxxxxxxx.xxxpredictiveHigh
117Filexxx xxxx xxxxxxxpredictiveHigh
118Filexxxx.xpredictiveLow
119FilexxxxxxxxxxpredictiveMedium
120Filexxxxxxx/xxxxx.xxxpredictiveHigh
121Filexxxxxx.xxxpredictiveMedium
122Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
123Filexxxxxxxxxxxxx.xxpredictiveHigh
124Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
125Libraryxxx-xx-xxx-xxxx-xxxx-xx-x-x.xxxpredictiveHigh
126Libraryxxx/xxxxxx.xpredictiveMedium
127Libraryxxxxxxxxx/xxx-xxxxxx/xxxxxxxx.xxxpredictiveHigh
128Libraryxxxxxxxx.xxxpredictiveMedium
129Libraryxxxxxx/xxxxxxxxx/xxxxx.xxxpredictiveHigh
130Libraryxxxxxx.xxxpredictiveMedium
131Argument-xpredictiveLow
132Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveHigh
133ArgumentxxxxxxpredictiveLow
134Argumentxxxxxxx_xxxxpredictiveMedium
135Argumentxxxxxx_xxxxpredictiveMedium
136ArgumentxxxxxxxxxxxxxxpredictiveHigh
137ArgumentxxxxxxxxpredictiveMedium
138ArgumentxxxpredictiveLow
139ArgumentxxxxxxxxxxxxxxxpredictiveHigh
140ArgumentxxxpredictiveLow
141ArgumentxxxxxxxxxpredictiveMedium
142ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
143ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
144ArgumentxxxxxpredictiveLow
145Argumentxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxpredictiveHigh
146ArgumentxxxxpredictiveLow
147Argumentxxxxxx_xxpredictiveMedium
148ArgumentxxxxxxxpredictiveLow
149Argumentxxxxxx/xxxxxxxpredictiveHigh
150Argumentxxxxxxxx[xxxx_xxx]predictiveHigh
151Argumentxxxxx->xxxxpredictiveMedium
152ArgumentxxxxxpredictiveLow
153ArgumentxxxxpredictiveLow
154ArgumentxxxxxxpredictiveLow
155Argumentxx_xxpredictiveLow
156Argumentxxxxxxxx xxxx/xxxxxxxx xxxxxxxx/xxxxxxxx xxxxxxx xx/xxxxxxx/xxxxpredictiveHigh
157ArgumentxxxxpredictiveLow
158ArgumentxxxxpredictiveLow
159ArgumentxxxxxxxxpredictiveMedium
160ArgumentxxxxpredictiveLow
161ArgumentxxpredictiveLow
162Argumentxxxxx_xxxxpredictiveMedium
163ArgumentxxxxpredictiveLow
164Argumentxxxxxxxx[xx]predictiveMedium
165ArgumentxxxpredictiveLow
166ArgumentxxxxxxxpredictiveLow
167ArgumentxxxxxxxxpredictiveMedium
168ArgumentxxxxxxxxxxpredictiveMedium
169Argumentxxxx_xxx_xxxxxxxx_xxxpredictiveHigh
170Argumentxxx_xxxxpredictiveMedium
171ArgumentxxxxxxpredictiveLow
172ArgumentxxxxpredictiveLow
173Argumentxxx_xxxxxxpredictiveMedium
174ArgumentxxxxxxxpredictiveLow
175ArgumentxxxxxxxpredictiveLow
176Argumentxxxx_xxxxxpredictiveMedium
177ArgumentxxxxxxxxpredictiveMedium
178ArgumentxxxxxxxxpredictiveMedium
179ArgumentxxxxpredictiveLow
180Argumentxxxxxx_xxxxpredictiveMedium
181ArgumentxxxxxxxpredictiveLow
182Argumentxxxxxx_xxxxxxxpredictiveHigh
183Argumentxxxxxxx/xxxxxpredictiveHigh
184Argumentxxxxx/xxxxxxxxpredictiveHigh
185ArgumentxxxxxxpredictiveLow
186ArgumentxxxxxpredictiveLow
187ArgumentxxxxxxxxxxxpredictiveMedium
188Argumentxxxxxx_xxxpredictiveMedium
189ArgumentxxxpredictiveLow
190Argumentxxxx_xxpredictiveLow
191Argumentxxxxxxxx_xxxxxxxxpredictiveHigh
192Argumentxx_xxx_xxxxxpredictiveMedium
193ArgumentxxxpredictiveLow
194ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
195Argumentxxxx_xxpredictiveLow
196ArgumentxxxpredictiveLow
197ArgumentxxxpredictiveLow
198ArgumentxxxxpredictiveLow
199ArgumentxxxxxxxxpredictiveMedium
200ArgumentxxxxxpredictiveLow
201Argumentxxxx/xx/xxxx/xxxpredictiveHigh
202ArgumentxxxxxxxxxpredictiveMedium
203Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
204Input Value.%xx.../.%xx.../predictiveHigh
205Input Value../predictiveLow
206Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
207Input ValuexxxxxpredictiveLow
208Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
209Input Valuexxxxxxx -xxxpredictiveMedium
210Input ValuexxxxxxxxxxpredictiveMedium
211Input Value\xpredictiveLow
212Input Value|<xxxxxxx>predictiveMedium
213Patternxxxxxx.xxxxxxpredictiveHigh
214Network PortxxxxpredictiveLow
215Network PortxxxxpredictiveLow
216Network Portxxxx xxxxpredictiveMedium
217Network Portxxx/xxpredictiveLow
218Network Portxxx/xxxpredictiveLow
219Network Portxxx/xxxpredictiveLow
220Network Portxxx/xxxx (xxx)predictiveHigh
221Network Portxxx/xxxxpredictiveMedium
222Network Portxxx/xxxxpredictiveMedium
223Network Portxxx/xxx (xxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!