Mispadu Analysisinfo

IOB - Indicator of Behavior (99)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en42
zh24
de14
ru8
es6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Oracle E-Business Suite4
Trend Micro Interscan Viruswall2
YaBB SE2
netcf2
Televes COAXDATA GATEWAY 1Gbps2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.30CVE-2007-1167
2Suricata Rule path traversal6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.001140.04CVE-2023-35852
3YaBB SE file inclusion6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.024900.04CVE-2000-1176
4NukeViet CMS addtotopics.php sql injection8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.001740.00CVE-2020-21808
5ECshop order.php sql injection6.15.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004050.15CVE-2023-5294
6JoomGallery Image Sort default.php sql injection6.16.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001300.04CVE-2018-25067
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.81CVE-2007-0354
8Hitachi Vantara Pentaho Security Model applicationContext-spring-security.xml access control5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.164490.00CVE-2021-31602
9Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.002460.04CVE-2014-8572
10jQuery html cross site scripting6.25.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.062710.08CVE-2020-11022
11SailPoint Identity Security Cloud Message Server API improper validation of specified quantity in input5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2024-3317
12handlebars Template Compile Remote Code Execution5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.149350.03CVE-2021-23369
13ThinkPHP System Environment Parameter index.php information disclosure5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.011490.04CVE-2022-25481
14SourceCodester Food Ordering Management System Price place-order.php improper validation of specified quantity in input4.34.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.001230.11CVE-2024-8558
15Cybozu Garoon E-Mail access control5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000820.00CVE-2021-20762
16SourceCodester AC Repair and Services System HTTP POST Request Master.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.002040.05CVE-2023-3657
17miniBB bb_functions.php Local Privilege Escalation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.04
18SourceCodester Online Pizza Ordering System index.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001730.08CVE-2023-0883
19SourceCodester Human Resource Management System detailview.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001730.04CVE-2023-3391
20SourceCodester Record Management System edit_emp.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.11CVE-2024-6900

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.59.255.65Mispadu07/29/2023verifiedHigh
23.19.223.147ec2-3-19-223-147.us-east-2.compute.amazonaws.comMispadu05/31/2021verifiedVery Low
318.219.25.133ec2-18-219-25-133.us-east-2.compute.amazonaws.comMispadu05/31/2021verifiedVery Low
4XX.XXX.XX.XXXXxxxxxx02/16/2024verifiedVery High
5XX.XX.XX.XXXXxxxxxx05/31/2021verifiedLow
6XX.XX.XX.XXXxxxxxx08/09/2024verifiedVery High
7XX.XX.XXX.XXXXxxxxxx08/09/2024verifiedVery High
8XX.XX.XXX.XXXXxxxxxx08/09/2024verifiedVery High
9XX.XX.XXX.XXXxxxxxx08/09/2024verifiedVery High
10XX.XX.XXX.XXXxxxxxx08/09/2024verifiedVery High
11XX.XX.XXX.XXXxxxxxx08/09/2024verifiedVery High
12XX.XX.XXX.XXXXxxxxxx08/09/2024verifiedVery High
13XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxx08/09/2024verifiedVery High
14XXX.XXX.XXX.XXXXxxxxxx08/09/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (52)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/order.phppredictiveHigh
2File/cgi-bin/nas_sharing.cgipredictiveHigh
3File/foms/routers/place-order.phppredictiveHigh
4File/mib.dbpredictiveLow
5File/php-opos/index.phppredictiveHigh
6File/sendKeypredictiveMedium
7Fileadministrator/components/com_joomgallery/views/config/tmpl/default.phppredictiveHigh
8Filexxxxxxxxxxxxxxxxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
9Filexx_xxxxxxxxx.xxxpredictiveHigh
10Filexxxxx_xx_xxxx.xxxpredictiveHigh
11Filexxxxxx_xxxxxx.xxxpredictiveHigh
12Filexxxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxx.xxxpredictiveMedium
14Filexxxxxxx/xxxxx/xxx/xxx-xxx/xxxxx.xpredictiveHigh
15Filexxxx-xxxx.xxxpredictiveHigh
16Filexxxx_xxx.xxxpredictiveMedium
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxxx.xxxpredictiveHigh
19Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
20Filexxxxx.xxxpredictiveMedium
21Filexxxx.xxpredictiveLow
22Filexxxxxx.xxx?x=xxxx_xxxxpredictiveHigh
23Filexxxxxxx/xxxx/xxxxx/xxxxxxxxxxx.xxxpredictiveHigh
24Filexxx/xxxxxx/xxxxx.xxxpredictiveHigh
25Filexxxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxxx.xxxpredictiveMedium
27Filexxx.xpredictiveLow
28Filexxxxx.xxxxpredictiveMedium
29Filexxxx_xxxxxxx.xxxpredictiveHigh
30ArgumentxxxxxxxpredictiveLow
31ArgumentxxxxxxxpredictiveLow
32Argumentxxxxx_xxxxxxxpredictiveHigh
33ArgumentxxxxxxxxxxxpredictiveMedium
34ArgumentxxxxxxxxxxpredictiveMedium
35ArgumentxxxxpredictiveLow
36Argumentxxxxx_xxpredictiveMedium
37ArgumentxxpredictiveLow
38ArgumentxxpredictiveLow
39ArgumentxxxxxpredictiveLow
40ArgumentxxxxxxxxpredictiveMedium
41ArgumentxxxxpredictiveLow
42ArgumentxxxxxxxxpredictiveMedium
43ArgumentxxxxxxxxpredictiveMedium
44ArgumentxxxxxxxxxxxpredictiveMedium
45ArgumentxxxxxxxxpredictiveMedium
46ArgumentxxxxxxxxxpredictiveMedium
47ArgumentxxxxxxpredictiveLow
48Argumentxxxx_xxpredictiveLow
49ArgumentxxxxxxxxpredictiveMedium
50ArgumentxxxxxpredictiveLow
51Input ValuexxxxpredictiveLow
52Network Portxxx/xxxxpredictiveMedium

References (5)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!