Moon Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en936
de34
fr18
pl6
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de34
gb22
fr18
pl6
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Juniper Junos28
Linux Kernel26
Microsoft Windows24
Google Android16
VMware ESX14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.660.25090CVE-2017-0055
2Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.770.29797CVE-2014-4078
3IBM Cognos Disclosure Management EdrawSoft ActiveX Component access control10.08.7$25k-$100k$0-$5kUnprovenOfficial Fix0.080.01055CVE-2013-0501
4VMware vSphere Client Certificate cryptographic issues4.84.2$5k-$25kCalculatingUnprovenOfficial Fix0.040.00885CVE-2014-1210
5Cisco IOS Service Module access control7.87.0$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.00885CVE-2013-5522
6Sun Solaris tcsh Remote Code Execution8.88.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01034CVE-2003-1024
7IBM Cognos TM1 API denial of service5.34.6$5k-$25kCalculatingUnprovenOfficial Fix0.040.01055CVE-2013-0484
8IBM AIX TLS 7pk security3.73.6$5k-$25kCalculatingNot DefinedOfficial Fix0.030.01537CVE-2016-0266
9Automatedsolutions Modbus/TCP Master OPC Server memory corruption10.09.0$0-$5kCalculatingProof-of-ConceptOfficial Fix0.030.16177CVE-2010-4709
10Microsoft MS-DOS/Windows Carbon Copy 32 information disclosure3.33.2$25k-$100kCalculatingNot DefinedOfficial Fix0.050.00000
11IBM Tivoli Monitoring Express Enterprise Portal kde.dll heap-based overflow10.09.0$25k-$100kCalculatingProof-of-ConceptOfficial Fix0.020.11270CVE-2007-2137
12Cisco Call Manager cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.010.01319CVE-2007-4633
13Asterisk PBX res_http_websocket.so resource management6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.03079CVE-2018-17281
14Red Hat Enterprise Linux Desktop 389 Directory Server Password information management7.57.3$5k-$25kCalculatingProof-of-ConceptOfficial Fix0.030.01213CVE-2016-5405
15IBM AIX rmsock Kernel information disclosure4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00950CVE-2018-1655
16Citrix Receiver Desktop Lock Screen Lock access control6.86.6$5k-$25k$0-$5kProof-of-ConceptUnavailable0.000.07474CVE-2016-9111
17IBM Cognos TM1 admin input validation4.34.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2016-0381
18Juniper Junos srxpfe resource consumption6.46.1$5k-$25kCalculatingNot DefinedOfficial Fix0.030.00885CVE-2019-0052
19Microsoft IIS FTP Server memory corruption7.57.2$25k-$100k$0-$5kHighOfficial Fix0.080.83715CVE-2010-3972
20Microsoft Internet Explorer memory corruption6.96.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.080.13772CVE-2014-8985

IOC - Indicator of Compromise (20)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (196)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/appLms/ajax.server.phppredictiveHigh
2File/config/pw_changeusers.htmlpredictiveHigh
3File/dev/dri/card1predictiveHigh
4File/etc/cmh/cmh.confpredictiveHigh
5File/etc/shadowpredictiveMedium
6File/includes/plugins/mobile/scripts/login.phppredictiveHigh
7File/monitor/data/Upgrade/predictiveHigh
8File/port_3480predictiveMedium
9File/proc/kcore/predictiveMedium
10File/Site/Troubleshooting/DiagnosticReport.asppredictiveHigh
11File/systemlog.logpredictiveHigh
12File/tmppredictiveLow
13File/uncpath/predictiveMedium
14Fileadmin/src/containers/InputModalStepperProvider/index.jspredictiveHigh
15Fileadmin\db\DoSql.phppredictiveHigh
16Fileadmsession.phppredictiveHigh
17Fileapcupsd_status.phppredictiveHigh
18FileAppOpsService.javapredictiveHigh
19Fileapp\contacts\contact_addresses.phppredictiveHigh
20Fileapp\contacts\contact_edit.phppredictiveHigh
21Fileapp\messages\messages_thread.phppredictiveHigh
22Filearch/powerpc/mm/mmu_context_book3s64.cpredictiveHigh
23FileBaseWidgetProvider.javapredictiveHigh
24Filexxxxxx/xxxxxxx.xpredictiveHigh
25Filexxxxxx.xpredictiveMedium
26Filexxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
27Filexxxx.xxxpredictiveMedium
28Filexxxxxxxxx/xxxxxxxxxx/xxxxxxpredictiveHigh
29Filexxxxxx/xx_xxxx.xxxxpredictiveHigh
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxx/xxxxxxxxxxxx.xxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
32Filexxxxxxxx.xpredictiveMedium
33Filexxxxxxx.xxxpredictiveMedium
34Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
35Filexxxx_xxxxxxx.xxxpredictiveHigh
36Filexxx/xxxxxxx.xxxpredictiveHigh
37Filexxxxxxx/xxx/xxx-xxxx.xpredictiveHigh
38Filexxxxxxx/xxx/xxxxxx/xxxxxx.xpredictiveHigh
39Filexxxxxxx/xxxxx/xx-xxxxxxx.xpredictiveHigh
40Filexxxxxxx/xxx/xxx/xxx/xxxx_xxx.xpredictiveHigh
41Filexxxxxxx/xxx/xxx/xxx/xxxx_xxx/xxxx_xxx_xxx.xpredictiveHigh
42Filexxxxxxx/xxx/xxxxxxxxxx/xxxxx.xpredictiveHigh
43Filexxxxxxx/xxx/xxxxx/xxx.xpredictiveHigh
44Filexxxxxxx/xxx/xxxxx/xxx-xxx.xpredictiveHigh
45Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHigh
46Filexxxxxxx/xxx/xxxx/xxxxxx.xpredictiveHigh
47Filexxxxxxx/xxx/xxxx/xxxxxxxxx.xpredictiveHigh
48Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveHigh
49Filexxxxxxxx.xxxpredictiveMedium
50Filexxxxxxxxxxxx.xxxpredictiveHigh
51Filexxx_xxxxxxxx.xxpredictiveHigh
52Filexxxx_xxxxxxxxx.xpredictiveHigh
53Filexxxx/xxxxxxxxxx.xxpredictiveHigh
54Filexxxxxxxx/xxxxxxx.xpredictiveHigh
55Filexx/xxxxx/xxxxx-xxxxxx.xpredictiveHigh
56Filexx/xxxxx/xxxxxx.xpredictiveHigh
57Filexxxxxxxxx.xxxxxxxx.xxxxx.xxx.xxxpredictiveHigh
58Filexxxxxxxx_xxxxxx.xxpredictiveHigh
59Filexxx_xxxx.xxpredictiveMedium
60Filexxx_xxxxxx.xxxpredictiveHigh
61Filexxxx/xxxxx/xx/xxxxxpredictiveHigh
62Filexx/xxxxxxx/xxxxxx_xxx.xpredictiveHigh
63Filexx/xxxx/xxx_xxxxxx.xpredictiveHigh
64Filexx/xxx/xxx-xxxx.xpredictiveHigh
65Filexx/xxxxxx/xxxxxx.xpredictiveHigh
66Filexxxxxxxx-xxxxx-xxxxxxxx.xpredictiveHigh
67Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxxx.xxx?x=xxxxxx-xxxxxxpredictiveHigh
70Filexxxxxx/xxxxxxx/xxxxx.xpredictiveHigh
71Filexxxxxx/xxxxx.xpredictiveHigh
72Filexxxx/xxx/x/xxx_xxxxxx.xpredictiveHigh
73Filexxxx/xxx/x/xxx_xxxx.xpredictiveHigh
74Filexxxxxx.xpredictiveMedium
75Filexxxxx.xxxxpredictiveMedium
76Filexxxx.xxx.xxxpredictiveMedium
77Filexxxx.xxxpredictiveMedium
78Filexxxx.xxx?x=xxxxxpredictiveHigh
79Filexxxx.xxx?x=xxxxxpredictiveHigh
80Filexxxx.xxx?x=xxxxx&xxxx=xpredictiveHigh
81Filexxxxxxx.xpredictiveMedium
82Filexx_xxxx.xpredictiveMedium
83Filexxxxxx/xxxxx.xxxpredictiveHigh
84Filexxxxxxxx.xpredictiveMedium
85Filexxxxxxxxx.xxxpredictiveHigh
86Filexxxxxxx.xxxpredictiveMedium
87Filexxx_xx_xxx.xxpredictiveHigh
88Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
89Filexxx_xxxxxx.xxxxpredictiveHigh
90Filexxxxx.xxxpredictiveMedium
91Filexxxxxxxxxxx.xxxpredictiveHigh
92Filexxxxxxxxxxxxxx.xxxpredictiveHigh
93Filexxxxxxxxxx.xxxpredictiveHigh
94Filexxxxxxxxxxxxxx.xxxpredictiveHigh
95Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
96Filexxxxx_xxx.xxxpredictiveHigh
97Filexxxxxx/xxx_xxxxxxx.xxxpredictiveHigh
98Filexxxxx.xxxpredictiveMedium
99Filexxxxx.xxpredictiveMedium
100Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
101Filexxxxx.xxpredictiveMedium
102Filexxx/xxx_xxx_xxxxxxxx.xpredictiveHigh
103Filexxx_xxxx_xxxxxxxxx.xxpredictiveHigh
104Filexxx.xpredictiveLow
105Filexxxxxxxx/xxxx/xxxxxx.xpredictiveHigh
106Filexxxxxx_xxxxxxxx.xxxpredictiveHigh
107Filexxxxxx_xxxxxxxxx.xxxpredictiveHigh
108Filexxxxxxxxxx.xxxpredictiveHigh
109Filexxxxx/xxxx/xxx_xxxxxx.xpredictiveHigh
110Filexxxxxx.xxxpredictiveMedium
111Filexxxxxxxxxx/xxxxxx_xxxxxxxx_xxxxxxx_xxxxxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
112Filexxxxxxxxxxxxxx.xxxxxxx.xxxxxxx.xxxpredictiveHigh
113Filexxxxxx.xxxpredictiveMedium
114Filexxxx.xpredictiveLow
115Filexxxxxxxxx.xpredictiveMedium
116Filexxxxxxx.xxxpredictiveMedium
117Filexx/xxxxxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
118Filexxx_xxxxxx.xpredictiveMedium
119Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
120Filexxx_xxxxxxxxx.xpredictiveHigh
121Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
122Filexxx/xxxxxxx/xxxx/xxxx/xxxx.xxxpredictiveHigh
123Filexxxx/xxxx_xxxxxxxxx.xpredictiveHigh
124Libraryxxxxxx.xxxpredictiveMedium
125Libraryxxxxxx.xxxpredictiveMedium
126Libraryxxxxxxxxx.xxxpredictiveHigh
127Libraryxxx.xxxpredictiveLow
128Libraryxxxxxx.xxxpredictiveMedium
129Libraryxxxxxxx.xxxpredictiveMedium
130Libraryxxxxxxxxxxxx.xxxxxx.xxxpredictiveHigh
131Libraryxxxxxxx.xxxpredictiveMedium
132Libraryxxxxxx.xxxpredictiveMedium
133Argument$xxxxxpredictiveLow
134Argument$xxxxxx.xxxxxxxxpredictiveHigh
135Argumentxxxxxx-xxxxxxxxpredictiveHigh
136ArgumentxxxxxxxxxxxpredictiveMedium
137ArgumentxxxpredictiveLow
138ArgumentxxxxpredictiveLow
139Argumentxxxxxxx_xxxxpredictiveMedium
140Argumentxxxxxx.xxxx[]/xxxxxx.xxxxx[]predictiveHigh
141ArgumentxxxxxxpredictiveLow
142Argumentxxxxxxxxx/xxx-xxxxxxpredictiveHigh
143ArgumentxxxxxpredictiveLow
144ArgumentxxxxxxxxpredictiveMedium
145ArgumentxxxxxxxxpredictiveMedium
146Argumentxxxxxx_xxxpredictiveMedium
147Argumentxxxxxx_xxxxxxpredictiveHigh
148Argumentxxxx_xxxxxxxxpredictiveHigh
149ArgumentxxpredictiveLow
150Argumentxx_xxxxx_xxxxxxxxxxpredictiveHigh
151ArgumentxxxxpredictiveLow
152Argumentxx-xpredictiveLow
153ArgumentxxxxxpredictiveLow
154ArgumentxxxxxpredictiveLow
155ArgumentxxxxxxpredictiveLow
156Argumentx_xxxxpredictiveLow
157ArgumentxxxxxxxxxxpredictiveMedium
158ArgumentxxxxxxxxxpredictiveMedium
159ArgumentxxxxxxxxxxxpredictiveMedium
160Argumentx_xx_x_xpredictiveMedium
161ArgumentxxxxxpredictiveLow
162Argumentxxxxx_xxxxxxpredictiveMedium
163ArgumentxxxxxxxxpredictiveMedium
164Argumentxxxxxx_xxxxpredictiveMedium
165ArgumentxxxpredictiveLow
166ArgumentxxxxxxxxxxxxpredictiveMedium
167Argumentxxxxxx/xxxxxx/xxxpredictiveHigh
168ArgumentxxxxxxxpredictiveLow
169Argumentxxxxxxx/xx/xxxxxxxxxxx/xxxx_xxpredictiveHigh
170ArgumentxxxxxxxxpredictiveMedium
171Argumentxxxxxx_xxxxpredictiveMedium
172ArgumentxxxpredictiveLow
173Argumentxxxx_xxxxxxxxpredictiveHigh
174Argumentxxxxxx xxxxx xxpredictiveHigh
175Argumentxxxxxx xxxxxxxpredictiveHigh
176ArgumentxxxxxxxxxxpredictiveMedium
177ArgumentxxxxxxxxxxxpredictiveMedium
178ArgumentxxxxxpredictiveLow
179ArgumentxxxpredictiveLow
180ArgumentxxxpredictiveLow
181Argumentxxxx-xxxxxpredictiveMedium
182ArgumentxxxxxxxxpredictiveMedium
183Input Value..predictiveLow
184Input Value../predictiveLow
185Input Value/../predictiveLow
186Input Valuexxx.xxxx.%xxx.%xxxpredictiveHigh
187Input ValuexxxxxxxxpredictiveMedium
188Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
189Input Value{"x":(xxxxxxxx(){xxxxxxx(x)})()}predictiveHigh
190Pattern|xx|xx|xx|predictiveMedium
191Pattern|xx xx xx xx xx|predictiveHigh
192Network Portxxx xxxxxpredictiveMedium
193Network Portxxxxxxxxxx xxxxxxxpredictiveHigh
194Network Portxxx/xxxxpredictiveMedium
195Network Portxxx/xxxxpredictiveMedium
196Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!