NaturalFreshMall Analysis

IOB - Indicator of Behavior (18)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en16
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us16
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress4
Thomas R. Pasawicz HyperBook Guestbook2
Jupyter Server2
Google Go2
WordPress User Activation Email Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1WordPress wp_die information disclosure4.54.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000930.03CVE-2021-39200
2polkit pkexec access control8.88.6$0-$5k$0-$5kHighWorkaround0.000460.04CVE-2021-4034
3Jupyter Server API information exposure4.04.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000610.04CVE-2023-49080
4Laravel deserialization6.36.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.001560.08CVE-2022-2886
5glib pkexec information disclosure5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.00CVE-2021-3800
6WordPress Object injection5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.004320.00CVE-2022-21663
7Linux Kernel ptrace.c access control7.87.6$5k-$25k$0-$5kHighOfficial Fix0.000520.00CVE-2019-13272
8Linux Kernel futex.c futex_requeue integer overflow5.55.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000640.00CVE-2018-6927
9Linux Kernel i2c-core-smbus.c i2c_smbus_xfer_emulated out-of-bounds write6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2017-18551
10WordPress User Activation Email Plugin user-activation-email.php cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000740.00CVE-2021-38325
11EyouCms URL saveRemote server-side request forgery5.04.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.003390.00CVE-2021-39497
12Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
13Google Go IP Address net.ParseCIDR access control7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.002260.06CVE-2021-29923
14IBM Rational ClearQuest ActiveX Control cqole.dll memory corruption10.09.5$25k-$100k$0-$5kHighOfficial Fix0.960980.05CVE-2012-0708
15OpenCart Divido Plugin sql injection6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.018000.00CVE-2018-11231

IOC - Indicator of Compromise (112)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
123.106.125.64NaturalFreshMall02/11/2022verifiedHigh
245.72.18.133begrudgingly.househelpdirect.comNaturalFreshMall02/11/2022verifiedHigh
345.72.18.234libertie.househelpdirect.comNaturalFreshMall02/11/2022verifiedHigh
445.72.18.236shindy.househelpdirect.comNaturalFreshMall02/11/2022verifiedHigh
545.72.31.112NaturalFreshMall02/11/2022verifiedHigh
645.72.85.178NaturalFreshMall02/11/2022verifiedHigh
745.72.86.142NaturalFreshMall02/11/2022verifiedHigh
845.72.86.201NaturalFreshMall02/11/2022verifiedHigh
945.72.112.143nydodefdsw.pottspsychic.siteNaturalFreshMall02/11/2022verifiedHigh
10132.255.135.51NaturalFreshMall02/11/2022verifiedHigh
11132.255.135.230NaturalFreshMall02/11/2022verifiedHigh
12138.36.92.216NaturalFreshMall02/11/2022verifiedHigh
13138.36.92.253NaturalFreshMall02/11/2022verifiedHigh
14138.36.93.206NaturalFreshMall02/11/2022verifiedHigh
15138.36.94.2NaturalFreshMall02/11/2022verifiedHigh
16138.36.94.59NaturalFreshMall02/11/2022verifiedHigh
17138.36.94.224NaturalFreshMall02/11/2022verifiedHigh
18138.36.94.241NaturalFreshMall02/11/2022verifiedHigh
19138.94.216.131NaturalFreshMall02/11/2022verifiedHigh
20138.94.216.172NaturalFreshMall02/11/2022verifiedHigh
21138.94.216.186NaturalFreshMall02/11/2022verifiedHigh
22138.94.216.230NaturalFreshMall02/11/2022verifiedHigh
23141.193.20.147unit-achat.endeasier.comNaturalFreshMall02/11/2022verifiedHigh
24XXX.XXX.XXX.XXxxxxxxxxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
25XXX.XXX.XXX.XXxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
26XXX.XXX.XXX.XXXxxxxxxxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
27XXX.XXX.XXX.XXXxxxxxxxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
28XXX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
29XXX.XXX.XXX.XXxxxxxxxxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
30XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
31XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
32XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
33XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
34XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
35XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
36XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
37XXX.XXX.XX.XXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
38XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
39XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
40XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
41XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
42XXX.XXX.XX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
43XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
44XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
45XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
46XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
47XXX.XXX.XXX.XXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
48XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
49XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
50XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx10/23/2023verifiedHigh
51XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
52XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
53XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
54XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
55XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
56XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
57XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
58XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
59XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
60XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
61XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
62XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
63XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
64XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx10/23/2023verifiedHigh
65XXX.XXX.XX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
66XXX.X.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
67XXX.XX.X.XXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
68XXX.XX.X.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
69XXX.XX.X.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
70XXX.XX.X.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
71XXX.XXX.XXX.XXXxxxxxxxx.xxxxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
72XXX.XXX.XX.XXXxxxxxx.xxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
73XXX.XXX.XX.XXXxxxxxxxxxxx.xxxxxx.xxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
74XXX.XXX.XX.XXXxxxxxxxxx.xxxxx.xx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
75XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
76XXX.XXX.XX.Xxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
77XXX.XXX.XX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
78XXX.XXX.XX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
79XXX.XXX.XX.XXXxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
80XXX.XXX.XX.XXxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
81XXX.XXX.XX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
82XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
83XXX.XXX.XXX.XXxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
84XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
85XXX.XXX.XXX.XXxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
86XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
87XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
88XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
89XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
90XXX.XXX.XXX.XXxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
91XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
92XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
93XXX.XXX.XXX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
94XXX.XXX.XXX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
95XXX.XXX.XXX.XXxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
96XXX.XXX.XXX.XXxxxx.xxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
97XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
98XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
99XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
100XXX.XXX.XXX.XXxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
101XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
102XXX.XXX.XXX.XXxxxx.xxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
103XXX.XXX.XXX.XXXxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
104XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
105XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
106XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
107XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
108XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
109XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
110XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
111XXX.XXX.XXX.XXXXxxxxxxxxxxxxxxx02/11/2022verifiedHigh
112XXX.XXX.XXX.XXXxxx-xxx.xxx.xxx.xxx.xxxxxx.xxxXxxxxxxxxxxxxxxx02/11/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
2TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
3TXXXXCAPEC-19CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/usr/bin/pkexecpredictiveHigh
2Filedata/gbconfiguration.datpredictiveHigh
3Filexxxxxxx/xxx/xxx-xxxx-xxxxx.xpredictiveHigh
4Filexxxxxx/xxxxx.xpredictiveHigh
5Filexxxxxx/xxxxxx.xpredictiveHigh
6File~/xxxx-xxxxxxxxxx-xxxxx.xxxpredictiveHigh
7Libraryxxxxx.xxxpredictiveMedium
8Argumentxxx-xxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!