NetDooka Analysisinfo

IOB - Indicator of Behavior (127)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en128

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome6
Cisco SD-WAN6
D-Link DVA-28004
D-Link DSL-2888A4
Aruba ClearPass Policy Manager4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Panasonic AiSEG2 Header improper authentication9.29.2$5k-$25k$0-$5kNot DefinedNot Defined0.000600.00CVE-2023-28727
2Panasonic AiSEG2 os command injection8.48.4$5k-$25k$5k-$25kNot DefinedNot Defined0.003320.00CVE-2023-28726
3Aruba ClearPass OnGuard Agent privileges management7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000440.00CVE-2023-25590
4Aruba AOS-CX Network Analytics Engine Privilege Escalation7.77.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.002220.00CVE-2023-1168
5Aruba ClearPass Policy Manager Web-based Management Interface improper authorization7.17.1$5k-$25k$5k-$25kNot DefinedNot Defined0.001040.00CVE-2023-25594
6Netgear Orbi Router RBR750 HTTP Request os command injection8.48.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000890.07CVE-2022-37337
7Hsycms Add Category Module cate.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001800.00CVE-2023-1349
8Sage XRT Business Exchange Add Currencies/Payment Order/Transfer History sql injection7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.000870.03CVE-2022-34324
9TRENDnet TEW755AP wizard_ipv6 stack-based overflow7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.002340.00CVE-2022-46583
10Elvexys StreamX HTML Component path traversal5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000650.05CVE-2022-4778
11Mozilla Thunderbird WebGL use after free6.46.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.003270.00CVE-2022-46880
12Aruba EdgeConnect Enterprise Web Management Interface Privilege Escalation8.08.0$5k-$25k$5k-$25kNot DefinedNot Defined0.001740.00CVE-2022-44533
13Aruba Networks ArubaOS PAPI command injection9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.003410.00CVE-2022-37897
14House Rental System view-property.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.003510.12CVE-2022-4274
15SimplePress Plugin cross site scripting5.65.6$0-$5k$0-$5kNot DefinedNot Defined0.000500.00CVE-2022-4027
16Mozilla Firefox window.print denial of service4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001350.06CVE-2022-42929
17Juniper Junos OS/Junos OS Evolved RPD toctou5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000950.00CVE-2022-22225
18Academy Learning Management System cross site scripting4.84.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002120.04CVE-2022-38553
19Modern Campus Omni CMS login-page sql injection8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.001580.00CVE-2022-40766
20XPDF AcroForm.cc memory corruption5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000510.00CVE-2022-36561

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1195.201.81.165static.165.81.201.195.clients.your-server.deNetDooka04/20/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/ZRMacClone/mac_addr_clonepredictiveHigh
2File/controller/publishHotel.php&amppredictiveHigh
3File/fuelCM/fuel/pages/edit/1?lang=englishpredictiveHigh
4File/interface/main/backup.phppredictiveHigh
5File/view-property.phppredictiveHigh
6File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
7File/xxxx/xxxxxxxx.xxpredictiveHigh
8Filexxx/xxxxx/xxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
9Filexxxxxxxxxx\xxxx.xxxpredictiveHigh
10Filexxxx/xxpredictiveLow
11Filexxxxxxxx/xxxxx-xxxx-xxxxxxxx.xxxpredictiveHigh
12Filexxxxxxxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
14File\xxxxx\xxxxxxxxxxxpredictiveHigh
15ArgumentxxxxpredictiveLow
16ArgumentxxxxxxxxxxxpredictiveMedium
17ArgumentxxxxxxxpredictiveLow
18ArgumentxxxxpredictiveLow
19Argumentxxxxx/xxxxxxxpredictiveHigh
20Argumentxxxxxxx/xxxxxpredictiveHigh
21ArgumentxxxxpredictiveLow
22ArgumentxxxxxxxxpredictiveMedium
23ArgumentxxxxxpredictiveLow
24Argumentxxxxxxxx_xxpredictiveMedium
25Argumentxxxxxx_xxxxpredictiveMedium
26ArgumentxxxxxxxxpredictiveMedium
27ArgumentxxxxxxxxxxpredictiveMedium
28ArgumentxxxxxxpredictiveLow
29ArgumentxxxpredictiveLow
30ArgumentxxxxxxxpredictiveLow
31Argumentxxxxxxxxx_xxxxx_xxxxxxx_xpredictiveHigh
32ArgumentxxxxxpredictiveLow
33ArgumentxxxxxpredictiveLow
34Argumentx-xxxxxxxxx-xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!