Mofang Analysis

IOB - Indicator of Behavior (173)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en156
de12
es2
zh2
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us104
cn40
at8
tk6
sg4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows12
Palo Alto PAN-OS8
RoundCube4
Microsoft Office4
Apache HTTP Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2PAN-OS improper authentication7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.030.01055CVE-2019-1572
3RoundCube Webmail rcube_plugin_api.php path traversal8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.050.02762CVE-2020-12640
4DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.410.04187CVE-2010-0966
5Jitsi Meet hard-coded credentials8.57.9$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2020-11878
6Microsoft Windows Delivery Optimization Service privileges management8.17.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.050.01150CVE-2020-1392
7Palo Alto PAN-OS cleartext transmission5.85.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2020-2013
8Palo Alto PAN-OS Maintenance Mode config6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2020-2041
9RoundCube Contact Photo photo.inc Absolute path traversal6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.100.01132CVE-2015-8794
10phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2019-6798
11EmbedThis HTTP Library/Appweb httpLib.c authCondition improper authentication7.77.3$0-$5k$0-$5kHighOfficial Fix0.050.00954CVE-2018-8715
12Palo Alto PAN-OS Web Interface xml validation6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2020-1975
13Palo Alto PAN-OS insufficient permissions or privileges6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2019-17437
14Liferay Portal privileges management9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.120.20307CVE-2011-1571
15Devana profile_view.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00986CVE-2010-2673
16Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00000
17ASRock RGBLED/A-Tuning/F-Stream/RestartToUEFI Driver AsrDrv102.sys access control6.25.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00885CVE-2018-10710
18Micro-Star MSI Afterburner Driver RTCore64.sys privileges management6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.02763CVE-2019-16098
19GLPI Planning server-side request forgery4.94.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2022-36112
20BeyondTrust Privilege Management temp file5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2021-42254

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (88)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/admin/index.phppredictiveHigh
3File/cgi-mod/lookup.cgipredictiveHigh
4File/getcfg.phppredictiveMedium
5File/message/ajax/send/predictiveHigh
6File/sitecore/client/Applications/List Manager/Taskpages/Contact listpredictiveHigh
7Fileadd_comment.phppredictiveHigh
8Fileapp/controllers/application_controller.rbpredictiveHigh
9Fileapplication\api\controller\User.phppredictiveHigh
10Fileblog.phppredictiveMedium
11Filexxxxxxx/xxxxxxxxxx/xxxxxxxxx/xxxxx.xxxpredictiveHigh
12Filexxxxxxx_xxxxxxxx_xxxxx.xxxpredictiveHigh
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxx/xxxxpredictiveMedium
15Filexxxx/xxxxx.xxxpredictiveHigh
16Filexxxx/xxxxxxx.xxxpredictiveHigh
17Filexxxxxx/xxxpredictiveMedium
18Filexxxxxxx/xxxx/xxxx_xxxxxxxx.xpredictiveHigh
19Filexxxxx.xxxpredictiveMedium
20Filexxxx.xxxpredictiveMedium
21Filexx/xxxxxx_xxx.xpredictiveHigh
22Filexx/xxxx/xxx.xpredictiveHigh
23Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
24Filexxx/xxxxxx.xxxpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxx.xxxpredictiveMedium
27Filexxxxxx/xxxxx/xxxxxxxx.xpredictiveHigh
28Filexxxxxx/xxxxx.xxxpredictiveHigh
29Filexxxxxxxx.xxxpredictiveMedium
30Filexxxxx_xxxxxx.xxxpredictiveHigh
31Filexxxxxxx_xxxx.xxxpredictiveHigh
32Filexxxxxxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
33Filexxxxxxx/xxxxxxx/xxxxxx_xxxxxx_xxxx.xxxpredictiveHigh
34Filexxxxxxx/xxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
35Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
36Filexxxxxxxx.xxxpredictiveMedium
37Filexxxxxxxx.xxxpredictiveMedium
38Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
39Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
40Filexxxxxxxxxxxx.xxxxxxxx.xxxpredictiveHigh
41Filexxxxxxxxx.xpredictiveMedium
42Filexxxxxxxxxxxx.xxxpredictiveHigh
43Filexxxxx.xxxpredictiveMedium
44Filexxx-xxxxxxx.xpredictiveHigh
45Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
46Filexxxx_xxxx.xxxpredictiveHigh
47Filexxxxxxx.xxxpredictiveMedium
48Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
49Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
50Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
51Filexxxxx/xxx/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
52Libraryxxxx/xxxxx/xxxxxxx/xxxxxxx/xxx/xxx/xxxx.xxxpredictiveHigh
53Libraryxxxxxxxxx.xxx/xxxxxxxxx.xxxpredictiveHigh
54Libraryxxxx/xxxxxxx.xpredictiveHigh
55Libraryxxxxxxxx.xxxpredictiveMedium
56Libraryxxxxxxxx.xxxpredictiveMedium
57Libraryxxxxxx.xxxpredictiveMedium
58Argument--xxxxxx/--xxxxxxxxpredictiveHigh
59Argument-xpredictiveLow
60ArgumentxxxxxxpredictiveLow
61Argumentxxxx_xxxpredictiveMedium
62ArgumentxxxxxxxxpredictiveMedium
63ArgumentxxxxxxxpredictiveLow
64ArgumentxxxxpredictiveLow
65ArgumentxxxxxpredictiveLow
66ArgumentxxpredictiveLow
67Argumentxx/xxxxxxpredictiveMedium
68Argumentxxx_xxxxxxxxxxxpredictiveHigh
69ArgumentxxxxxxpredictiveLow
70ArgumentxxxxxxxxpredictiveMedium
71ArgumentxxxxxxpredictiveLow
72Argumentxxxx/xxxxxxxxxxxpredictiveHigh
73ArgumentxxxxxxxxpredictiveMedium
74ArgumentxxxxxxxxpredictiveMedium
75ArgumentxxxxpredictiveLow
76ArgumentxxxxxxxpredictiveLow
77ArgumentxxxxxxxxxpredictiveMedium
78Argumentxxxx_xxx_xxxxpredictiveHigh
79Argumentxxxxxxxx/xxpredictiveMedium
80ArgumentxxxpredictiveLow
81Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
82Argumentxx_xxxxxxxpredictiveMedium
83Argument_xxxpredictiveLow
84Argument_xxxxpredictiveLow
85Argument_xxxxpredictiveLow
86Input Value@xxxxxxxx.xxxpredictiveHigh
87Network Portxxx/xxxxpredictiveMedium
88Network Portxxx/xxxx (xx-xxx)predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!