Nokoyawa Analysisinfo

IOB - Indicator of Behavior (112)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en88
zh10
ru6
es2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows10
WordPress4
Joomla CMS4
Microsoft Exchange Server4
Citrix ADC2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.014700.14CVE-2010-0966
2MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.75CVE-2007-0354
3Microsoft Windows TCP/IP Remote Code Execution9.88.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.247440.03CVE-2022-34718
4Microsoft Windows Kernel Cryptography Driver cng.sys CfgAdtpFormatPropertyBlock buffer overflow7.97.7$25k-$100k$25k-$100kHighOfficial Fix0.365330.04CVE-2020-17087
5Microsoft Windows Netlogon Zerologon privileges management8.48.3$25k-$100k$0-$5kHighOfficial Fix0.524110.04CVE-2020-1472
6Microsoft Windows Event Logging Service denial of service4.34.0$5k-$25k$0-$5kUnprovenOfficial Fix0.002180.03CVE-2022-37981
7FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.11CVE-2008-5928
8Microsoft Exchange Server Privilege Escalation9.08.7$25k-$100k$5k-$25kHighOfficial Fix0.011740.00CVE-2022-41080
9PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003990.06CVE-2007-0529
10AVTECH AVM1203 command injection9.59.3$0-$5k$0-$5kHighNot Defined0.277890.08CVE-2024-7029
11CakePHP offset sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001860.02CVE-2023-22727
12Adminer/AdminerEvo HTTP Redirect resource consumption5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.02CVE-2023-45196
13AdminerEvo Plugin unrestricted upload8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000910.08CVE-2023-45197
14Liferay Portal CE JSON Payload deserialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.016190.08CVE-2019-16891
15Apple macOS App permission7.77.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.04CVE-2024-27848
16Oracle PeopleSoft Enterprise PeopleTools PeopleSoft CDA cross site scripting6.15.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.001540.03CVE-2020-7656
17jQuery Property extend Pollution cross site scripting6.66.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.024320.08CVE-2019-11358
18jQuery dataType script.js Cross-Domain cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.006600.03CVE-2015-9251
19jQuery jQuery(strInput) cross site scripting5.25.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.008230.03CVE-2012-6708
20jQuery html cross site scripting6.25.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.023020.14CVE-2020-11023

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Nokoyawa

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (53)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/homeaction.phppredictiveHigh
3File/librarian/bookdetails.phppredictiveHigh
4File/modules/projects/vw_files.phppredictiveHigh
5File/out.phppredictiveMedium
6Fileadclick.phppredictiveMedium
7Fileadmin.phppredictiveMedium
8Filexxxxx.xxxxxxx.xxxx.xxxpredictiveHigh
9Filexxxxx/xxxxxx/xxxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
10Filexx_xxxxx_xxxxx.xxxpredictiveHigh
11Filexxx-xxx/xxxxxxx.xxpredictiveHigh
12Filexxxxx-xx-xxxx-xxxxx.xxxpredictiveHigh
13Filexxxxx.xxxpredictiveMedium
14Filexxx.xxxpredictiveLow
15Filexxxxx.xxxpredictiveMedium
16Filexxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxxx.xxxpredictiveMedium
18Filexxxxxxx.xxxpredictiveMedium
19Filexxxx.xxxpredictiveMedium
20Filexxx/xxxxxx.xxxpredictiveHigh
21Filexxxxx.xxxxpredictiveMedium
22Filexxxxxxx.xxxpredictiveMedium
23Filexxxxxxxxx.xxx.xxxpredictiveHigh
24Filexxxxx.xxxpredictiveMedium
25Filexxxxxxxx.xxxpredictiveMedium
26Filexxxxxx.xxpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
29Filexx-xxxxx/xxxx.xxx?xxxx_xxxx=xxxxxpredictiveHigh
30File~/xxxxx.xxxpredictiveMedium
31Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
32ArgumentxxxxpredictiveLow
33ArgumentxxxpredictiveLow
34ArgumentxxxxxxpredictiveLow
35ArgumentxxxxxxxxpredictiveMedium
36Argumentxxx_xxxpredictiveLow
37ArgumentxxxxxxxxxxpredictiveMedium
38Argumentxxx_xxpredictiveLow
39Argumentxxxxxxxxx_xxxpredictiveHigh
40ArgumentxxxxxxpredictiveLow
41Argumentxxxx_xxxxxpredictiveMedium
42Argumentxxxxxxxx[xxxx_xxx]predictiveHigh
43ArgumentxxxxxpredictiveLow
44ArgumentxxxxxxxxpredictiveMedium
45ArgumentxxxxpredictiveLow
46ArgumentxxpredictiveLow
47ArgumentxxpredictiveLow
48ArgumentxxxxxxxpredictiveLow
49ArgumentxxxxpredictiveLow
50ArgumentxxxxxxxxxpredictiveMedium
51Argumentxxxxx_xxxx_xxxxpredictiveHigh
52ArgumentxxxxxxxxpredictiveMedium
53Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!