NetWalker Analysis

IOB - Indicator of Behavior (339)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en236
fr66
it10
de8
es6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us204
fr66
ru14
ch8
co6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows16
Google Chrome10
BigTree CMS8
Linux Kernel6
Oracle GlassFish Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft Windows improper authentication6.56.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.020.02397CVE-2004-0540
2SourceCodester Library Management System index.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00114CVE-2022-2492
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
4Tiki Wiki CMS Groupware tiki-edit_wiki_section.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.090.00110CVE-2010-4240
5Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.050.01194CVE-2004-1386
6Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.040.00548CVE-2017-0055
7Apple M1 Register s3_5_c15_c10_1 M1RACLES access control8.88.8$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00000CVE-2021-30747
8Microsoft SQL Server Remote Code Execution7.37.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00186CVE-2023-23384
9WordPress admin-ajax.php sql injection7.37.3$25k-$100k$0-$5kHighOfficial Fix0.020.05147CVE-2007-2821
10phpMyAdmin grab_globals.lib.php path traversal4.84.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.040.02334CVE-2005-3299
11Francisco Burzi PHP-Nuke Downloads Module viewsdownload sql injection5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00187CVE-2005-0996
12Apple macOS WebKit memory corruption6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00218CVE-2021-1844
13Laravel Framework Illuminate PendingCommand.php __destruct deserialization8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.020.01269CVE-2019-9081
14Ecommerce Online Store Kit shop.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.03763CVE-2004-0300
15freeciv os command injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00412CVE-2010-2445
16Samba smb.conf samrchangepassword privileges management6.36.0$0-$5k$0-$5kHighOfficial Fix0.020.75074CVE-2007-2447
17BestXsoftware Best Free Keylogger syscrb.exe untrusted search path6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00060CVE-2018-18519
18Trapeze TransitMaster GetSubscriber information disclosure6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00168CVE-2017-14943
19Jenkins workspaceCleanup permission5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00254CVE-2017-2611
20WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00318CVE-2017-5611

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (187)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/admin/ajax/file-browser/upload/predictiveHigh
3File/admin/api/theme-edit/predictiveHigh
4File/apply_noauth.cgipredictiveHigh
5File/cgi-bin/wapopenpredictiveHigh
6File/cgi-bin/wlogin.cgipredictiveHigh
7File/config.cgi?webminpredictiveHigh
8File/core/feeds/custom.phppredictiveHigh
9File/home/masterConsolepredictiveHigh
10File/index.phppredictiveMedium
11File/lib/predictiveLow
12File/manage/emailrichment/userlist.php?CUSTOMER_ID_INNER=1predictiveHigh
13File/phppath/phppredictiveMedium
14File/public/login.htmpredictiveHigh
15File/public_main_modul.phppredictiveHigh
16File/rom-0predictiveLow
17File/uncpath/predictiveMedium
18File/usr/bin/pkexecpredictiveHigh
19File/var/run/beaker/container_file/predictiveHigh
20File/wireless/basic.asppredictiveHigh
21File/wireless/guestnetwork.asppredictiveHigh
22File/wordpress/wp-admin/options-general.phppredictiveHigh
23File/xxxxxxxxxxxxxxxxpredictiveHigh
24Filex.x.x\xxxxxx.xxxpredictiveHigh
25Filexxxxx.xxx/xxxxx-x.x.xxx/xxxxxxx.xxx/xxxx.xxxpredictiveHigh
26Filexxxx/xxxpredictiveMedium
27Filexxxxxxxxxx_xxxxxxxxxx.xxxpredictiveHigh
28Filexxxxxxx.xxxpredictiveMedium
29Filexxxxx-xxxx.xxxpredictiveHigh
30Filexxxxx/xxx_xxxxxxx.xxxpredictiveHigh
31Filexxxxx/xxxxxxx_xxxxxx.xxxpredictiveHigh
32Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
33Filexxxxxx.xxxpredictiveMedium
34Filexxxx.xxxpredictiveMedium
35Filexxxxx-xxx.xpredictiveMedium
36Filexxxxxxx.xxpredictiveMedium
37Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
38Filexxx/xxxxxxx.xxpredictiveHigh
39Filexxxxx.xx_xxxxxxxxx.xxxpredictiveHigh
40Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
41Filexxxx/xxxxx/xxxxxxx/xxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
42Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
43Filexxxxx.xxxpredictiveMedium
44Filexxxxxxxx/xxxxxxx_xxxxxxx.xxxpredictiveHigh
45Filexxxxxxxx.xxxpredictiveMedium
46Filexxx_xxxx.xpredictiveMedium
47Filexxxxxxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
48Filexx/xxxxx/xxxxxxx.xpredictiveHigh
49Filexxx_xxxx.xxxpredictiveMedium
50Filexx_xxxxxxx.xpredictiveMedium
51Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
52Filexxx/xxxxxx/xxxxxxx.xpredictiveHigh
53Filexx_xxxxxxx.xpredictiveMedium
54Filexxxxx_xxxxxx.xxxpredictiveHigh
55Filexxx/xxxxxx.xxxpredictiveHigh
56Filexxxxxxx.xxxpredictiveMedium
57Filexxxxxxx/xxxxx/xxx_xxxx.xpredictiveHigh
58Filexxxxxxxx/xxxxx/xxxxx/xxxx-xxxxxxx-xxxxxxxxx-xxxxxxx-xxxxx.xxxpredictiveHigh
59Filexxxxx.xxpredictiveMedium
60Filexxxxx.xxxpredictiveMedium
61Filexxxxx.xxxpredictiveMedium
62Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
63Filexxxxxxxxxxxx.xxxpredictiveHigh
64Filexxxx_xxxx.xxxpredictiveHigh
65Filex_xxxxxx.xxxpredictiveMedium
66Filexxxxxx/xxxxxx.xpredictiveHigh
67Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxx_xxxxx_xxx.xxxpredictiveHigh
70Filexxxxxxxxxxxxxxxx.xxxx/xxxxxxxxxxxxxpredictiveHigh
71Filexxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
72Filexxxxxxxx.xxpredictiveMedium
73Filexxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
74Filexxx_xxxxx_xxxx.xpredictiveHigh
75Filexxx.xpredictiveLow
76Filexxxxxxxxxxxxxx.xxxpredictiveHigh
77Filexxxxxxx.xxxpredictiveMedium
78Filexxxxxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx.xxxpredictiveMedium
80Filexxxxxxxxxx.xxxpredictiveHigh
81Filexxxxx.xxxxpredictiveMedium
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxxxxxx.xxxpredictiveMedium
84Filexxxxxxxx.xxxpredictiveMedium
85Filexxxxxx_xxxxxx.xxxpredictiveHigh
86Filexxxxxx.xxxxpredictiveMedium
87Filexxxxxx_xxxx.xxxpredictiveHigh
88Filexxxx.xxxpredictiveMedium
89Filexxxx/xxxxx.xxx/xxxxx/xxxxx/xxxxxxpredictiveHigh
90Filexxx.xxxxpredictiveMedium
91Filexxx/xxxxxxx/xxxxxxx/xxxxxxxxx.xxpredictiveHigh
92Filexxx/xxxxx.xxpredictiveMedium
93Filexxxxxxx-xxxxxxxx.xxxpredictiveHigh
94Filexxxxxxx.xxxpredictiveMedium
95Filexxx/xxxxx/xxxxxx.xxx?xxxxxxx=xxxxxxxpredictiveHigh
96Filexxxx-xxxxxxxx.xxxpredictiveHigh
97Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
98Filexxx-xxxxxxx.xpredictiveHigh
99Filexx_xxxxx.xxxxpredictiveHigh
100Filexxxxxx.xxxpredictiveMedium
101Filexxxx.xxxxpredictiveMedium
102Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveHigh
103Filexxxxxxxx.xxxpredictiveMedium
104Filexxxxxxxxxx/xxx/xxx_xxxxx.xxxpredictiveHigh
105Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxx_xxxxxx_xxxxxxpredictiveHigh
106Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
107Filexxxxxxx/xxxxxx/xxxxx.xxxpredictiveHigh
108Filexxxx.xxpredictiveLow
109Filexxxx/xxx.xpredictiveMedium
110Library/xxx/xxx/xxxpredictiveMedium
111Libraryxxxxxxx.xxxpredictiveMedium
112Libraryxxxxxxxx.xxxpredictiveMedium
113Argument$xxxx["xx"]predictiveMedium
114Argument$_xxxxxx['xxx_xxxx']predictiveHigh
115Argument-xpredictiveLow
116Argument.xxx.x.x.x.x.x.xx.x.x.x.x.x.x.x.x.x.x.xpredictiveHigh
117Argumentxx/xxpredictiveLow
118ArgumentxxxxxxxpredictiveLow
119Argumentxxx_xxxxpredictiveMedium
120ArgumentxxxxxxxxpredictiveMedium
121ArgumentxxxxpredictiveLow
122Argumentxxxxx_xxpredictiveMedium
123ArgumentxxxpredictiveLow
124ArgumentxxxxxxxxxxxxxxxpredictiveHigh
125ArgumentxxxxxpredictiveLow
126Argumentxxxxxxx_xxxpredictiveMedium
127Argumentxxxx_xxpredictiveLow
128ArgumentxxxxxxxpredictiveLow
129Argumentxxxx_xxxxxpredictiveMedium
130ArgumentxxxxxxpredictiveLow
131ArgumentxxxxxxpredictiveLow
132Argumentxxxx/xxxxpredictiveMedium
133ArgumentxxxxpredictiveLow
134Argumentxxxxxx_xxx_xxpredictiveHigh
135Argumentxxxxxxxx_xxpredictiveMedium
136Argumentxxxxx_xxpredictiveMedium
137ArgumentxxxxxxpredictiveLow
138ArgumentxxxxxpredictiveLow
139ArgumentxxxxxxxxxxpredictiveMedium
140Argumentxxx_xxxxx_xxpredictiveMedium
141Argumentxxxxxxx[xx_xxx_xxxx]predictiveHigh
142ArgumentxxxxxxxxpredictiveMedium
143ArgumentxxxxpredictiveLow
144Argumentxxxxxxx/xxxxxxxxxxxpredictiveHigh
145ArgumentxxxxpredictiveLow
146ArgumentxxpredictiveLow
147Argumentxxx/xxxxpredictiveMedium
148ArgumentxxxxpredictiveLow
149ArgumentxxxxpredictiveLow
150ArgumentxxxpredictiveLow
151ArgumentxxxpredictiveLow
152ArgumentxxxxxxpredictiveLow
153ArgumentxxxpredictiveLow
154ArgumentxxxxpredictiveLow
155ArgumentxxxxxxxpredictiveLow
156ArgumentxxxxpredictiveLow
157ArgumentxxxxxxxxpredictiveMedium
158ArgumentxxxxxxxxpredictiveMedium
159Argumentxxxx_xxxpredictiveMedium
160ArgumentxxxxxxxxpredictiveMedium
161ArgumentxxxxxpredictiveLow
162ArgumentxxxxxpredictiveLow
163ArgumentxxxxxxpredictiveLow
164ArgumentxxxpredictiveLow
165ArgumentxxxxxxxxxxxxpredictiveMedium
166ArgumentxxxxxpredictiveLow
167Argumentxx_xxxxpredictiveLow
168ArgumentxxxxxxxxxpredictiveMedium
169ArgumentxxxxpredictiveLow
170Argumentxxxx/xxxx/xxxpredictiveHigh
171ArgumentxxxxxxpredictiveLow
172ArgumentxxxxxxpredictiveLow
173ArgumentxxxxxxxxpredictiveMedium
174Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
175Argumentxxxxxxxxxxxxxx)predictiveHigh
176Argumentxxxxxxxxxxxx_xxxxpredictiveHigh
177Argumentxxxxxx/xxxxxx/xxxx/xxxxpredictiveHigh
178Input Value"><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
179Input Value-x/xxxxxxxxxxpredictiveHigh
180Input Value../predictiveLow
181Input Value../..predictiveLow
182Input Value;[xxxxxxx]predictiveMedium
183Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
184Input Valuexxxxxxxxxx:/*predictiveHigh
185Network Portxxxx xxxxpredictiveMedium
186Network Portxxx/xxxxpredictiveMedium
187Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!