Nobelium Analysis

IOB - Indicator of Behavior (412)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en364
de26
es8
zh6
sv2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us104
ch40
at34
cn28
gb8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Linux Kernel14
Microsoft Windows8
Google Android6
Microsoft Office6
Apple iOS6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2Backdoor.Win32.Tiny.c Service Port 7778 backdoor7.36.4$0-$5k$0-$5kProof-of-ConceptWorkaround0.020.00000
3School Management Software notice-edit.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.00000
4Linux Kernel NILFS File System inode.c security_inode_alloc use after free8.38.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.01404CVE-2022-2978
5Crow HTTP Pipelining use after free8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.02509CVE-2022-38667
6mySCADA myPRO command injection9.29.0$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2022-2234
7GNU Bash Environment Variable variables.c Shellshock os command injection9.89.3$100k and more$0-$5kHighOfficial Fix0.020.96235CVE-2014-6271
8Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.060.07767CVE-2020-1927
9Asus AsusWRT start_apply.htm os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.040.02055CVE-2018-20334
10Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.520.25090CVE-2017-0055
11PRTG Network Monitor login.htm access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.09029CVE-2018-19410
12Apple iOS Telephony memory corruption8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.01018CVE-2017-8248
13Zeus Zeus Web Server memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.35205CVE-2010-0359
14Intel CPU Speculative Execution information disclosure5.45.1$5k-$25k$0-$5kProof-of-ConceptNot Defined0.010.17247CVE-2018-3639
15Apple iTunes WebKit information disclosure6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01955CVE-2018-4117
16Advantech WebAccess SCADA sql injection6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2018-5443
17Advantech WebAccess SCADA path traversal5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2018-5445
18Apache Tomcat FORM Authentication improper authentication6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.07344CVE-2013-2067
19Microsoft Windows Malware Protection Service memory corruption8.87.9$100k and more$0-$5kProof-of-ConceptOfficial Fix0.020.87853CVE-2017-0290
20Xitex Xitex WebContent M1 redirect.do cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.020.01136CVE-2008-1209

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Tomiris

IOC - Indicator of Compromise (26)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (160)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/functions.phppredictiveHigh
2File/cgi-bin/webadminget.cgipredictiveHigh
3File/dashboard/updatelogo.phppredictiveHigh
4File/etc/networkd-dispatcherpredictiveHigh
5File/etc/openshift/server_priv.pempredictiveHigh
6File/etc/shadow.samplepredictiveHigh
7File/guest_auth/cfg/upLoadCfg.phppredictiveHigh
8File/index.phppredictiveMedium
9File/Interface/DevManage/EC.php?cmd=uploadpredictiveHigh
10File/MicroStrategyWS/happyaxis.jsppredictiveHigh
11File/mkshop/Men/profile.phppredictiveHigh
12File/notice-edit.phppredictiveHigh
13File/Noxen-master/users.phppredictiveHigh
14File/opt/teradata/gsctools/bin/t2a.plpredictiveHigh
15File/public/login.htmpredictiveHigh
16File/start_apply.htmpredictiveHigh
17File/uncpath/predictiveMedium
18File/uploadpredictiveLow
19File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxx_xxxxxxx.xxxpredictiveHigh
22Filexxxxx.xxxpredictiveMedium
23Filexxxxx.xxx?xxxx=xxxx-xxxxxpredictiveHigh
24Filexxxxx/xxxxx_xxxxx.xxxpredictiveHigh
25Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxx_xxxxxx.xxxpredictiveHigh
27Filexxxx/xxx/xxxxx/xxxxx_xx.xpredictiveHigh
28Filexxxx-xxxx.xpredictiveMedium
29Filexxxxx-xxx.xpredictiveMedium
30Filexxxxxx.xxxxpredictiveMedium
31Filexxxx.xpredictiveLow
32Filexxxxxxx.xxxpredictiveMedium
33Filexxxxxxxxx.xxxpredictiveHigh
34Filexxxxx.xxxpredictiveMedium
35Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
36Filexx.xpredictiveLow
37Filexxx_xxxxx.xxxpredictiveHigh
38Filexxxxxxx/xxx/xxx/xxx/xxx_xx.xpredictiveHigh
39Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictiveHigh
40Filexxxxxxx/xxxxx/xxx/xxxxxxx/xxxxxxx-xxx.xpredictiveHigh
41Filexxxxxxx/xxxxx/xxx/xxxxx/xxxxx-xxxx.xpredictiveHigh
42Filexxxxxxx/xxx/xxxx/xxxx_xxxx.xpredictiveHigh
43Filexxxxxxx/xxx/xx/xx.xpredictiveHigh
44Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveHigh
45Filexxxxx.xxxpredictiveMedium
46Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxx.xpredictiveLow
48Filexxx/xxxx/xxxx_xxxxxxx.xpredictiveHigh
49Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
50Filexx/xxxxx.xpredictiveMedium
51Filexx/xxxxx/xxxxxxx/xxxxxxxxxxx.xpredictiveHigh
52Filexxxx.xxxpredictiveMedium
53Filexxxxxxxxxx.xxxpredictiveHigh
54Filexxxx_xxxx.xpredictiveMedium
55Filexxxxxxx-xxxxpredictiveMedium
56Filexxx/xxxxxx.xxxpredictiveHigh
57Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
58Filexxxxxxxx/xxxxx/xxxxx/xxxx-xxxxxxx-xxxxxxxxx-xxxxxxx-xxxxx.xxxpredictiveHigh
59Filexxxxx.xxxpredictiveMedium
60Filexxxx.xxxpredictiveMedium
61Filexxxxx.xpredictiveLow
62Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxxxx_xxxx.xpredictiveHigh
64Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
65Filexxxxx.xxxpredictiveMedium
66Filexxxxxx.xxxpredictiveMedium
67Filexxxx.xxxpredictiveMedium
68Filexxxxxxxx/xxxx?xxxxxx=xxpredictiveHigh
69Filexxx/xxxxx.xxxxpredictiveHigh
70Filexxxxxx/xxxxxxxx/xxxxpredictiveHigh
71Filexx_xxxxxxxxxxpredictiveHigh
72Filexxxxxxx.xxxpredictiveMedium
73Filexxxxx_xxxxxxx.xxxpredictiveHigh
74Filexxxxxxxx.xxpredictiveMedium
75Filexxxx.xxxpredictiveMedium
76Filexxxxxx.xpredictiveMedium
77Filexxxxx/xxxxx-xxxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
78Filexxxx.xxxpredictiveMedium
79Filexxxx_xxxxx.xxxxpredictiveHigh
80Filexxxxx_xxxx_xxx.xxxpredictiveHigh
81Filexxx/xxxx.xxxpredictiveMedium
82Filexxxxxx.xpredictiveMedium
83Filexx/xxxxxxxx/xxxxxxpredictiveHigh
84Filexxxx.xxxpredictiveMedium
85Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
86Filexxxxxxxxx.xpredictiveMedium
87Filexxxxxxx.xxxpredictiveMedium
88Filexxxxxxx.xxxpredictiveMedium
89Filexx-xxxxx/xxxxx-xxxx.xxx?xxxxxx=xxxx_xxxxxx_xxxxxxxxpredictiveHigh
90FilexxxxpredictiveLow
91File~/.xxxxxxxpredictiveMedium
92Libraryxxxxxxxx.xxxpredictiveMedium
93Libraryxxx/xxx.xxpredictiveMedium
94Libraryxxx/xxxxxxxxxx.xxxpredictiveHigh
95Libraryxxxxxxx.xpredictiveMedium
96Libraryxxxxxxxx.xxxpredictiveMedium
97Libraryxxxxxxxx.xxxpredictiveMedium
98Libraryxxxxxx.xxxxx.xxxxxxxxpredictiveHigh
99Argument/xpredictiveLow
100ArgumentxxxxpredictiveLow
101ArgumentxxxpredictiveLow
102Argumentxxxxx_xxxxxxxxxpredictiveHigh
103ArgumentxxxxxxxxpredictiveMedium
104ArgumentxxxxpredictiveLow
105ArgumentxxxxxxxxpredictiveMedium
106ArgumentxxxpredictiveLow
107Argumentxxxxxxx-xxxxxxxxxxxpredictiveHigh
108Argumentxxxxxx_xxxx_xxxxxxxxpredictiveHigh
109Argumentxxxx_xxxpredictiveMedium
110Argumentxxxxxx/xxxxxxpredictiveHigh
111Argumentxxxxxx xxpredictiveMedium
112Argumentxxx_xxxx/xxx_xxxxxxxpredictiveHigh
113Argumentxxx_xxxxx_xxxxpredictiveHigh
114Argumentxxxxx xxpredictiveMedium
115ArgumentxxxxxxxxxxxpredictiveMedium
116Argumentxx_xxxxxpredictiveMedium
117ArgumentxxxxpredictiveLow
118ArgumentxxxxxxxxpredictiveMedium
119Argumentxxxx_xxpredictiveLow
120ArgumentxxpredictiveLow
121ArgumentxxpredictiveLow
122ArgumentxxxxxxxxxxpredictiveMedium
123Argumentxxxxxxxx_xxxxxxxx_xpredictiveHigh
124ArgumentxxxpredictiveLow
125Argumentxxxxxxx_xxxpredictiveMedium
126Argumentxxx_xxpredictiveLow
127Argumentxx_xxxx_xxxxpredictiveMedium
128Argumentxxxxxxx[xxxxxx_xxxxx]predictiveHigh
129ArgumentxxxxpredictiveLow
130ArgumentxxxxxxxxpredictiveMedium
131ArgumentxxxxpredictiveLow
132ArgumentxxxpredictiveLow
133ArgumentxxxxxpredictiveLow
134ArgumentxxxxxxxxpredictiveMedium
135ArgumentxxxxxxxpredictiveLow
136Argumentxxxxxx_xxxxpredictiveMedium
137ArgumentxxxxxxpredictiveLow
138ArgumentxxxxxxpredictiveLow
139ArgumentxxxpredictiveLow
140ArgumentxxxxpredictiveLow
141ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
142ArgumentxxxxpredictiveLow
143Argumentxxxxxxxxx_xxxxxpredictiveHigh
144ArgumentxxxpredictiveLow
145ArgumentxxxpredictiveLow
146ArgumentxxxxxxxxpredictiveMedium
147ArgumentxxxxxpredictiveLow
148ArgumentxxxxxxxpredictiveLow
149Argumentxxxxx/xxxxxpredictiveMedium
150Argumentxxxxxxxx/xxxxxxxx/xxxxxxxxxxxpredictiveHigh
151Argument__xxxxxxpredictiveMedium
152Input Value"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
153Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
154Input Value./../../xxx/xxpredictiveHigh
155Input Value/%xxpredictiveLow
156Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
157Input ValuexxxxxxpredictiveLow
158Pattern() {predictiveLow
159Network Portxxx/xxxxpredictiveMedium
160Network Portxxx/x (xxxxxxx)predictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!