Mofang Analysisinfo

IOB - Indicator of Behavior (254)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en226
zh10
de8
es6
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows14
Palo Alto PAN-OS10
Linux Kernel6
RoundCube6
WordPress6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
2SysAid On-Premise path traversal8.48.3$0-$5k$0-$5kHighOfficial Fix0.952950.00CVE-2023-47246
3Aruba InstantOS/ArubaOS PAPI Protocol buffer overflow9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.006710.00CVE-2022-37889
4PAN-OS improper authentication7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.003100.00CVE-2019-1572
5EmbedThis HTTP Library/Appweb httpLib.c authCondition improper authentication7.77.5$0-$5k$0-$5kHighOfficial Fix0.030750.00CVE-2018-8715
6RoundCube Webmail rcube_plugin_api.php path traversal8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.015850.00CVE-2020-12640
7Ultimate Member Plugin sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.001720.04CVE-2024-1071
8RoundCube DBMail Driver injection8.88.2$0-$5k$0-$5kNot DefinedOfficial Fix0.004900.00CVE-2015-2180
9Softnext SPAM SQR code injection7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000510.05CVE-2023-24835
10Mastodon Media File path traversal8.17.9$0-$5k$0-$5kNot DefinedOfficial Fix0.008700.05CVE-2023-36460
11DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.028200.21CVE-2010-0966
12Jitsi Meet hard-coded credentials8.57.9$0-$5k$0-$5kNot DefinedNot Defined0.002790.00CVE-2020-11878
13Microsoft Windows Delivery Optimization Service privileges management8.17.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000610.02CVE-2020-1392
14Palo Alto PAN-OS cleartext transmission5.85.6$0-$5k$0-$5kNot DefinedOfficial Fix0.001990.00CVE-2020-2013
15Palo Alto PAN-OS Maintenance Mode config6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001790.00CVE-2020-2041
16RoundCube Contact Photo photo.inc Absolute path traversal6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002210.00CVE-2015-8794
17phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.003300.04CVE-2019-6798
18Palo Alto PAN-OS Web Interface xml validation6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.00CVE-2020-1975
19Palo Alto PAN-OS insufficient permissions or privileges7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2019-17437
20Liferay Portal privileges management9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.019780.02CVE-2011-1571

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (120)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/admin/index.phppredictiveHigh
3File/api/wechat/app_authpredictiveHigh
4File/cgi-mod/lookup.cgipredictiveHigh
5File/getcfg.phppredictiveMedium
6File/ipms/imageConvert/imagepredictiveHigh
7File/message/ajax/send/predictiveHigh
8File/proc/self/environpredictiveHigh
9File/sitecore/client/Applications/List Manager/Taskpages/Contact listpredictiveHigh
10File/v2/customerdb/operator.svc/apredictiveHigh
11File/view/bugSolve/captureData/commit.phppredictiveHigh
12Fileadd_comment.phppredictiveHigh
13Fileapp/controllers/application_controller.rbpredictiveHigh
14Fileapplication\api\controller\User.phppredictiveHigh
15Filexxxx.xxxpredictiveMedium
16Filexxxxxxxx.xxxpredictiveMedium
17Filexxxxxxx/xxxxxxxxxx/xxxxxxxxx/xxxxx.xxxpredictiveHigh
18Filexxxxxxx_xxxxxxxx_xxxxx.xxxpredictiveHigh
19Filexxxxxxxxxx.xxxpredictiveHigh
20Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxx/xxxxpredictiveMedium
22Filexxxx/xxxxx.xxxpredictiveHigh
23Filexxxx/xxxxxxx.xxxpredictiveHigh
24Filexxxxxx/xxxpredictiveMedium
25Filexxxxxxx/xxxx/xxxx_xxxxxxxx.xpredictiveHigh
26Filexxxxx.xxxpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxxxx.xxpredictiveMedium
29Filexxxx_xxxxx.xxxpredictiveHigh
30Filexx/xxxxxx_xxx.xpredictiveHigh
31Filexx/xxxx/xxx.xpredictiveHigh
32Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
33Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
34Filexxx/xxxxxx.xxxpredictiveHigh
35Filexxxxx.xxxpredictiveMedium
36Filexxxx.xxxpredictiveMedium
37Filexxxxxx/xxxxx/xxxxxxxx.xpredictiveHigh
38Filexxxxx.xxxxpredictiveMedium
39Filexxxxxx/xxxxx.xxxpredictiveHigh
40Filexxxxxxxx.xxxpredictiveMedium
41Filexxxxx_xxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxxx.xxx.xxxpredictiveHigh
43Filexxxxx_xxxxxx.xxxpredictiveHigh
44Filexxxxxxx_xxxx.xxxpredictiveHigh
45Filexxxxxxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
46Filexxxxxxx/xxxxxxx/xxxxxx_xxxxxx_xxxx.xxxpredictiveHigh
47Filexxxxxxx/xxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
48Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
49Filexxxxxxxx.xxxpredictiveMedium
50Filexxxxxxxx.xxxpredictiveMedium
51Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
52Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
53Filexxxxxxxxxxxx.xxxxxxxx.xxxpredictiveHigh
54Filexxxxxxxxx.xpredictiveMedium
55Filexxxxxxxxxxxx.xxxpredictiveHigh
56Filexxxxx/xxxxx.xxxpredictiveHigh
57Filexxxxx.xxxpredictiveMedium
58Filexxxxxxxxxx.xpredictiveMedium
59Filexxx-xxxxxxx.xpredictiveHigh
60Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
61Filexxxx_xxxx.xxxpredictiveHigh
62Filexxxxxxx.xxxpredictiveMedium
63Filexxxxxx.xxxpredictiveMedium
64Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
65Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveHigh
66Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
67Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
68Filexxxxxxxxxxxxx.xxxxpredictiveHigh
69Filexxxxx/xxx/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
70File\xxxxx\xxx\xxxxxxxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
71Libraryxxxx/xxxxx/xxxxxxx/xxxxxxx/xxx/xxx/xxxx.xxxpredictiveHigh
72Libraryxxxxxxxxx.xxx/xxxxxxxxx.xxxpredictiveHigh
73Libraryxxxxxxxx_xxxxxxxxx.xxx.xxxpredictiveHigh
74Libraryxxxx/xxxxxxx.xpredictiveHigh
75Libraryxxxxxxxx.xxxpredictiveMedium
76Libraryxxxxxxxx.xxxpredictiveMedium
77Libraryxxxxxx.xxxpredictiveMedium
78Argument$xxxxpredictiveLow
79Argument--xxxxxx/--xxxxxxxxpredictiveHigh
80Argument-xpredictiveLow
81ArgumentxxxxxxpredictiveLow
82Argumentxxxx_xxxpredictiveMedium
83ArgumentxxxxxxxxpredictiveMedium
84Argumentxxx[xxxxxx][xxxxxxxxx]predictiveHigh
85ArgumentxxxxxxxpredictiveLow
86Argumentxxxxx$xxx$xxxxxxxxxxxpredictiveHigh
87ArgumentxxxxpredictiveLow
88ArgumentxxxxxpredictiveLow
89ArgumentxxxxxxxxpredictiveMedium
90ArgumentxxxxxxxpredictiveLow
91ArgumentxxxxxpredictiveLow
92ArgumentxxpredictiveLow
93Argumentxx/xxxxxxpredictiveMedium
94Argumentxxx_xxxxxxxxxxxpredictiveHigh
95Argumentxx-xxxpredictiveLow
96ArgumentxxxxxxpredictiveLow
97ArgumentxxxxxxxxpredictiveMedium
98ArgumentxxxxxxpredictiveLow
99Argumentxxxx/xxxxxxxxxxxpredictiveHigh
100ArgumentxxxxpredictiveLow
101ArgumentxxxxxxxxpredictiveMedium
102ArgumentxxxxxxxxpredictiveMedium
103ArgumentxxxxpredictiveLow
104ArgumentxxxxxxxpredictiveLow
105Argumentxxxx_xxpredictiveLow
106ArgumentxxxxxxxxxpredictiveMedium
107Argumentxxxxxx_xxxpredictiveMedium
108Argumentxxxx_xxx_xxxxpredictiveHigh
109ArgumentxxxxxxxpredictiveLow
110Argumentxxxxxxxx/xxpredictiveMedium
111ArgumentxxxpredictiveLow
112Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
113Argumentxx_xxxxxxxpredictiveMedium
114Argumentx-xxxxxxxxx-xxxpredictiveHigh
115Argument_xxxpredictiveLow
116Argument_xxxxpredictiveLow
117Argument_xxxxpredictiveLow
118Input Value@xxxxxxxx.xxxpredictiveHigh
119Network Portxxx/xxxxpredictiveMedium
120Network Portxxx/xxxx (xx-xxx)predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!