ModernLoader Analysisinfo

IOB - Indicator of Behavior (57)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en54
ru2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Netgear WNDR3700v24
FreePBX cdr2
SourceCodester Simple Payroll System2
risheesh debutsav2
Dynamic Transaction Queuing System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1SourceCodester Medical Certificate Generator App action.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001850.18CVE-2023-0774
2Itech Movie Portal Script show_news.php Error sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.007060.02CVE-2017-20139
3Microsoft Exchange Server Remote Code Execution7.67.1$25k-$100k$0-$5kFunctionalOfficial Fix0.025360.05CVE-2021-31206
4SmarterTools SmarterMail Service Port 17001 uninitialized pointer8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.880450.09CVE-2019-7214
5Sony Playstation 3 Save Game PARAM.SFO privileges management7.47.0$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000000.00
6VUBB usercp.php sql injection6.36.3$0-$5kCalculatingNot DefinedNot Defined0.000000.00
7WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.005760.06CVE-2022-21664
8PowerDNS Authoritative Server/PowerDNS Recursor Zone Transfer Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002950.03CVE-2022-27227
9SourceCodester Online School Fees System GET Parameter ajx.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.010420.03CVE-2023-3340
10SourceCodester Theme Park Ticketing System GET Parameter print_ticket.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002690.18CVE-2023-2865
11ampleShop youraccount.cfm sql injection7.37.3$0-$5k$0-$5kNot DefinedUnavailable0.005900.05CVE-2006-2038
12X-Man sql injection6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.001680.00CVE-2022-46021
13Ebay Feeds Plugin magpie_slashbox.php cross site scripting5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.002010.00CVE-2014-4525
14SourceCodester Music Gallery Site view_category.php sql injection6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001800.00CVE-2023-1053
15SourceCodester Simple Payroll System POST Parameter page cross site scripting3.23.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.05CVE-2023-1113
16Netgear WNDR3700v2 Web Management Interface denial of service6.05.8$5k-$25k$0-$5kProof-of-ConceptWorkaround0.001740.06CVE-2023-0848
17Netgear WNDR3700v2 Web Interface denial of service4.34.2$5k-$25k$0-$5kProof-of-ConceptNot Defined0.001210.08CVE-2023-0850
18Xoslab Easy File Locker xlkfs.sys MessageNotifyCallback denial of service6.36.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.03CVE-2023-0908
19SourceCodester Simple Food Ordering System process_order.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.001300.08CVE-2023-0902
20tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting5.55.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002470.06CVE-2015-10073

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
131.41.244.231ModernLoader12/21/2022verifiedMedium
231.41.244.235ModernLoader12/21/2022verifiedMedium
3XX.XXX.XX.XXXxxxxxxxxxxx05/06/2023verifiedHigh
4XX.XXX.XX.XXXxxxxxxxxxxx04/07/2023verifiedHigh
5XX.XXX.XX.XXXxxxxxxxxxxx12/21/2022verifiedMedium
6XX.XXX.XX.XXXXxxxxxxxxxxx12/21/2022verifiedMedium
7XX.XXX.XX.XXXXxxxxxxxxxxx01/03/2023verifiedMedium
8XX.XXX.XX.XXXXxxxxxxxxxxx12/27/2022verifiedMedium
9XXX.XXX.XX.XXXxxxxxxxxxxx04/20/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (74)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/ajax.php?action=save_windowpredictiveHigh
2File/admin/api/theme-edit/predictiveHigh
3File/face-recognition-php/facepay-master/camera.phppredictiveHigh
4File/forum/PostPrivateMessagepredictiveHigh
5File/home/masterConsolepredictiveHigh
6File/hrm/employeeadd.phppredictiveHigh
7File/hrm/employeeview.phppredictiveHigh
8File/show_news.phppredictiveHigh
9Fileaction.phppredictiveMedium
10Filexxxxx.xxx&x=xxxxxxx/xxxxxxxxxxxx/xxxxpredictiveHigh
11Filexxxxx/?xxxx=xxxxxpredictiveHigh
12Filexxxx/xx_*.xxxpredictiveHigh
13Filexxx.xxxpredictiveLow
14Filexxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
15Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
16Filexxxxxx.xxxxpredictiveMedium
17Filexxxxx_xxxx.xpredictiveMedium
18Filexxxx_xxxxxxxxx.xxxxxpredictiveHigh
19Filexxx/xxxxx.xxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxx.xxxpredictiveMedium
21Filexxxxx.xxx?xxxx=xxxxxpredictiveHigh
22Filexxxxxx.xxxxxxxxxx.xxpredictiveHigh
23Filexxx/xxxxxxx/xxxxxx.xxpredictiveHigh
24Filexxx/xxxxxx.xxpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxxxx/xxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
27Filexxxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
28Filexxxx/xxx/xxxx/xxxxxx/xxxxx/xxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
29Filexxxxx.xxxpredictiveMedium
30Filexxxxx_xxxxxx.xxxpredictiveHigh
31Filexxxxx.xpredictiveLow
32Filexxxxxxx_xxxxx.xxxpredictiveHigh
33Filexxxxxxx/xxxxxxxxxx.xxpredictiveHigh
34Filexxxxxx-xxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxx/xxxx/xxxxxxxx+xxxxxxxxx.xpredictiveHigh
36Filexxx/xxxx/xxxx/xxxxxx/xxx/xxxxxxxxxxxxxxxx.xxxxpredictiveHigh
37Filexxx/xxxx/xxxx/xxx/xxxxxx/xxxxxx/xxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
38Filexxx/xxxxxxxxx.xpredictiveHigh
39Filexxxxxx-xxxxxx.xxxpredictiveHigh
40Filexxx/xxx.xxxxx.xxxpredictiveHigh
41Filexxxxxx.xxxpredictiveMedium
42Filexxxx_xxxxxxxx.xxxpredictiveHigh
43Filexxxxxxx.xxxx.xxxpredictiveHigh
44Filexxxxxxxxxxx.xxxpredictiveHigh
45Libraryxxxxx.xxxpredictiveMedium
46ArgumentxxxxxpredictiveLow
47ArgumentxxpredictiveLow
48ArgumentxxxxxxxpredictiveLow
49ArgumentxxxxxxxpredictiveLow
50ArgumentxxxxxpredictiveLow
51ArgumentxxxxxxxxpredictiveMedium
52ArgumentxxpredictiveLow
53Argumentxx_xxxxxpredictiveMedium
54ArgumentxxxxxxxxpredictiveMedium
55Argumentxxxxx/xxxxxxpredictiveMedium
56ArgumentxxxxpredictiveLow
57Argumentxxx_xxxxpredictiveMedium
58ArgumentxxxxpredictiveLow
59Argumentxxxx_xxxxxxxxxxpredictiveHigh
60ArgumentxxxxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62Argumentxxx_xxxpredictiveLow
63ArgumentxxxxxxpredictiveLow
64Argumentxxxxxx_xxxxxxxxpredictiveHigh
65Argumentxxxxxxx/xxxxxxxpredictiveHigh
66Argumentxxxx/xxxxxx xxxxpredictiveHigh
67Argumentxxxx_xxxpredictiveMedium
68ArgumentxxxpredictiveLow
69ArgumentxxxxxxpredictiveLow
70ArgumentxxxxxxxxpredictiveMedium
71ArgumentxxxxxpredictiveLow
72ArgumentxxxxpredictiveLow
73Input Valuexxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxxxx_xxxx xxxxx xx x)x)predictiveHigh
74Network PortxxxxxpredictiveLow

References (7)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!