Novter Analysis

IOB - Indicator of Behavior (770)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

pl482
en198
zh56
ru16
de8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

pl482
cn118
us74
ru24
pt6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress8
Apple macOS8
Microsoft Windows8
Microsoft IIS6
Strapi4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Hiox India Guest Book gb.php memory corruption7.36.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000.07133CVE-2007-1998
2Visual Form Builder Plugin csv injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00307CVE-2022-0142
3jax guestbook jax_guestbook.php cross site scripting4.34.2$0-$5kCalculatingHighUnavailable0.020.00297CVE-2005-4879
4Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.080.00169CVE-2005-4222
5ASPjar ASPjar Guestbook login.asp sql injection5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00312CVE-2005-0423
6DM Guestbook admin.guestbook.php path traversal7.36.9$0-$5kCalculatingProof-of-ConceptNot Defined0.000.05748CVE-2007-5821
7Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
8Qt-cute QuickTalk guestbook qtg_msg_view.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.000.00269CVE-2007-3538
9Professional Home Page Tools Professional Home Page Tools Guestbook delcookie.php unknown vulnerability5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000.00381CVE-2006-3837
10XAMPP Apache Distribution cds.php cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00230CVE-2005-1077
11Papoo guestbook.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00000
12AN Guestbook sign1.php cross site scripting4.34.1$0-$5k$0-$5kHighOfficial Fix0.030.00254CVE-2009-0424
13FAC Guestbook information disclosure9.89.5$0-$5kCalculatingHighUnavailable0.040.01073CVE-2007-2101
14AFGB AFGB GUESTBOOK add.php file inclusion7.36.7$0-$5k$0-$5kProof-of-ConceptUnavailable0.000.18556CVE-2006-5307
15SignKorn Guestbook preview.php privileges management5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000
16episodex episodex guestbook default.asp cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00197CVE-2005-1684
17Planetmoon Guestbook passwd.txt Password access control5.35.3$0-$5kCalculatingNot DefinedNot Defined0.000.01784CVE-2003-1541
18MPM Guestbook cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00706CVE-2003-1182
19MPC SoftWeb Guestbook insertguest.asp cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000
20Big Sam Guestbook bigsam_guestbook.php denial of service3.33.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00000

IOC - Indicator of Compromise (68)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.88.24.27Novter02/19/2022verifiedHigh
22.58.80.150Novter02/19/2022verifiedHigh
32.196.217.25Novter02/19/2022verifiedHigh
43.128.83.132ec2-3-128-83-132.us-east-2.compute.amazonaws.comNovter02/19/2022verifiedMedium
55.61.40.95Novter02/19/2022verifiedHigh
65.61.42.103Novter02/19/2022verifiedHigh
75.61.42.111box.invfx.euNovter02/19/2022verifiedHigh
85.61.42.116Novter02/19/2022verifiedHigh
95.61.48.155Novter02/19/2022verifiedHigh
105.61.48.156192.64.119.156Novter02/19/2022verifiedHigh
116.217.158.104Novter02/19/2022verifiedHigh
127.130.244.4Novter02/19/2022verifiedHigh
1313.158.242.227Novter02/19/2022verifiedHigh
1420.56.162.154Novter02/19/2022verifiedHigh
15XX.XX.XXX.XXXxxxxx02/19/2022verifiedHigh
16XX.XXX.XX.XXXxxxxx02/19/2022verifiedHigh
17XX.XXX.XX.XXXXxxxxx02/19/2022verifiedHigh
18XX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh
19XX.XX.XX.XXXxxx.xx.xx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedMedium
20XX.X.XXX.XXXXxxxxx02/19/2022verifiedHigh
21XX.XXX.X.XXxxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
22XX.XXX.XX.XXXxxxxx02/19/2022verifiedHigh
23XX.XX.XXX.XXXxxxxx02/19/2022verifiedHigh
24XX.XXX.XXX.XXXxxxxx02/19/2022verifiedHigh
25XX.XXX.X.XXXxxxxx02/19/2022verifiedHigh
26XX.XX.XX.XXXxx-xx-xx-xxx-xxxxxx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
27XX.XX.XX.XXXXxxxxx02/19/2022verifiedHigh
28XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxxxxxxx.xxxxxx.xxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
29XX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh
30XX.XX.XX.XXXxxxxx02/19/2022verifiedHigh
31XX.XX.XXX.XXx-xx-xx-xxx-xx.xxxx.xx.xxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
32XX.XX.XXX.XXXxxxxxxxxxxx-xxx-x-xx-xxx.xxx-xx.xxx.xxxxxxx.xxXxxxxx02/19/2022verifiedHigh
33XX.XX.XXX.Xxxxxx-xx-xxx-x.xxxxx.xxx-xxx.xxXxxxxx02/19/2022verifiedHigh
34XX.XXX.XX.XXxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
35XX.XXX.XX.XXxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
36XX.XXX.XX.XXxxxx.xxxxxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
37XX.XX.XXX.XXXxxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxxxx.xxxxxxxx-xx.xxXxxxxx02/19/2022verifiedHigh
38XX.XX.X.XXXXxxxxx02/19/2022verifiedHigh
39XXX.XX.XXX.XXxxxx-xxx-xx-xxx-xx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
40XXX.XXX.X.XXXxxxxx02/19/2022verifiedHigh
41XXX.XXX.XX.XXxxxxxxxxxxxxxxxxxxxx.xxxxx.xxxXxxxxx02/19/2022verifiedHigh
42XXX.XXX.XXX.XXxxxxxxxxxxxxxxxxxxxx.xxxxx.xxxXxxxxx02/19/2022verifiedHigh
43XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
44XXX.XXX.XX.XXXXxxxxx02/19/2022verifiedHigh
45XXX.XXX.XX.XXXxxxxx02/19/2022verifiedHigh
46XXX.XXX.XX.XXXXxxxxx02/19/2022verifiedHigh
47XXX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh
48XXX.XX.XX.XXxxxx-xxx-xxx.xx-xxxxxxxx.xxXxxxxx02/19/2022verifiedHigh
49XXX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh
50XXX.XX.X.XXXXxxxxx02/19/2022verifiedHigh
51XXX.XX.XX.XXxxxxx02/19/2022verifiedHigh
52XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxx.xxxxxx.xxx.xxXxxxxx02/19/2022verifiedHigh
53XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
54XXX.XXX.XXX.XXXxxxxx02/19/2022verifiedHigh
55XXX.XX.XX.XXXXxxxxx02/19/2022verifiedHigh
56XXX.XXX.XX.XXxx-xx-xxx-xxx.xxxxxxx.xxx.xxXxxxxx02/19/2022verifiedHigh
57XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
58XXX.X.XXX.XXXxxxxxxxxx.xxxx-xxxxx.xxXxxxxx02/19/2022verifiedHigh
59XXX.XXX.XXX.XXxxxxxx.xxxxxxxxxx.xxxXxxxxx02/19/2022verifiedHigh
60XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
61XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
62XXX.XXX.XXX.XXXxxxxx02/19/2022verifiedHigh
63XXX.XX.XXX.XXXXxxxxx02/19/2022verifiedHigh
64XXX.XXX.XX.XXXxxx.xx.xxx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxx02/19/2022verifiedHigh
65XXX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh
66XXX.XX.XX.XXXxxxxx02/19/2022verifiedHigh
67XXX.XX.XX.XXxxxxx02/19/2022verifiedHigh
68XXX.XXX.XXX.XXXXxxxxx02/19/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (194)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/adfs/lspredictiveMedium
3File/carbon/mediation_secure_vault/properties/ajaxprocessor.jsppredictiveHigh
4File/cgi-bin/wlogin.cgipredictiveHigh
5File/fos/admin/index.php?page=menupredictiveHigh
6File/getcfg.phppredictiveMedium
7File/Home/debit_credit_ppredictiveHigh
8File/index.php/weblinks-categoriespredictiveHigh
9File/iwguestbook/admin/messages_edit.asppredictiveHigh
10File/login/index.phppredictiveHigh
11File/odfs/classes/Master.php?f=delete_teampredictiveHigh
12File/public/plugins/predictiveHigh
13File/scripts/iisadmin/bdir.htrpredictiveHigh
14File/usr/bin/pkexecpredictiveHigh
15File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
16Fileadd.phppredictiveLow
17Fileadmin.cgi/config.cgipredictiveHigh
18Fileadmin.phppredictiveMedium
19Fileadmin/admin.guestbook.phppredictiveHigh
20Fileadmin/auth.phppredictiveHigh
21Fileadmin/backupdb.phppredictiveHigh
22Fileadmin/login.asppredictiveHigh
23Fileadmin/preview.phppredictiveHigh
24Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
25Filexxxxxxx_xxxx_xxxxxxx_xxxxxx_xxx.xpredictiveHigh
26Filexxxx.xxpredictiveLow
27Filexxxxxxxxxxxx.xxxpredictiveHigh
28Filexxxx/xxxx_xxx.xxxpredictiveHigh
29Filexxxxxx_xxxxxxxxx.xxxpredictiveHigh
30Filexxxxxx/xxxxxxx/xxxx/xxxxxxx/xxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
31Filexxx.xxxpredictiveLow
32Filexxxxxxx.xxxxpredictiveMedium
33Filexxx-xxx/xxxxxpredictiveHigh
34Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
36Filexxxxxxx/xxxx/xxxxxx/xxxxxx.xpredictiveHigh
37Filexxxxx-xxxxxxx.xxxpredictiveHigh
38Filex_xxxxxxpredictiveMedium
39Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
40Filexx/xx.xxxpredictiveMedium
41Filexxxxxxx.xxxpredictiveMedium
42Filexxxxxxxxx.xxxpredictiveHigh
43Filexxxxxxx/xxx/xxx/xxxxx.xpredictiveHigh
44Filexxxx.xxxpredictiveMedium
45Filexxxxx.xxxpredictiveMedium
46Filexxx/xxxx/xxxx.xpredictiveHigh
47Filexxxxxxx.xxxpredictiveMedium
48Filexxxxx/xxxxxx.xxxpredictiveHigh
49Filexxxx_xxxxxx_xxxxxxx.xxxpredictiveHigh
50Filexx_xxxxxxxpredictiveMedium
51Filexxxxx/xxxxx_xxxxx_xpredictiveHigh
52Filexxxxxxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
53Filexx.xxxpredictiveLow
54Filexxxxx.xxxpredictiveMedium
55Filexxxxxx/xxxxxxxxpredictiveHigh
56Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
57Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
58Filexxxxxxxxx.xxxpredictiveHigh
59Filexxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxxx/xxxxxxxxx.xxx.xxxpredictiveHigh
61Filexxxxxxxxxxxx.xxxpredictiveHigh
62Filexxxxxxxxx.xxxpredictiveHigh
63Filexxxx/xx/xxxxxxxxxx.xxxpredictiveHigh
64Filexxxxxxxx.xxxpredictiveMedium
65Filexxxxxxxxx.xxpredictiveMedium
66Filexxx/xxxxxx.xxxpredictiveHigh
67Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
68Filexxxxxxx/xxxxxxx/xxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
69Filexxxxxxxx/xxxxxxxxx.xxxxx.xxxpredictiveHigh
70Filexxxxxxxx/xxxxxx/xxxx/xxxxx.xxx.xxxpredictiveHigh
71Filexxxxx.xxxpredictiveMedium
72Filexxxxxxxxxxx.xxxpredictiveHigh
73Filexxxxxxxx/xxx_xxxx_xxxx.xpredictiveHigh
74Filexxx/xxxxxxxx.xxxpredictiveHigh
75Filexxx_xxxxxxxxx.xxxpredictiveHigh
76Filexxx.x/xxxxxx.xpredictiveHigh
77Filexxx.xpredictiveLow
78Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
79Filexxxxx.xxxpredictiveMedium
80Filexxx_xxxxxx.xpredictiveMedium
81Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
82Filexxx/xxxx/xxxxxx.xpredictiveHigh
83Filexxxxxxx_xxxx.xxxpredictiveHigh
84Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
85Filexxx_xxxx.xxxpredictiveMedium
86Filexxxx-xxxx_xxxxxxx.xxpredictiveHigh
87Filexxxxxxx.xxxpredictiveMedium
88Filexxxxxxxxxxx.xxxpredictiveHigh
89Filexxxxxxxxxxxx.xxxpredictiveHigh
90Filexxxxxx.xxxpredictiveMedium
91Filexxxxxxx\xxx_xxxxxx.xxxpredictiveHigh
92Filexxx_xxx_xxxx.xxxpredictiveHigh
93Filexx.xxxpredictiveLow
94Filexxxxxx/xxx/xx/xxx.xxpredictiveHigh
95Filexxxxxxxxx.xxxxpredictiveHigh
96Filexxxxxx.xxxpredictiveMedium
97Filexxxx_xxxxx.xxxpredictiveHigh
98Filexxxxxxxxxxxx.xxxpredictiveHigh
99Filexxxxxx/xxxxx.xxxpredictiveHigh
100Filexxxxxxxxx.xxxpredictiveHigh
101Filexx_xxxxx_xxxx.xxxpredictiveHigh
102Filexxxx-xxx/predictiveMedium
103Filexxxxx.xxxpredictiveMedium
104Filexxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
105Filexxxxx.xxxpredictiveMedium
106Filexxxxxx_xxx.xxxpredictiveHigh
107Filexxxxxxx.xxxxpredictiveMedium
108Filexxxxxx.xxxpredictiveMedium
109Filexxxxxxxxxx.xxxxpredictiveHigh
110Filexx-xxxxx/xxxx.xxxpredictiveHigh
111Filexx-xxxxx.xxxpredictiveMedium
112Filexxxxxx.xxxpredictiveMedium
113Filexxxxxxxxxxxxx.xxxpredictiveHigh
114Library/xxxxx/xxxxxxxx/xxxxxxx.xxxpredictiveHigh
115Libraryxxx/xxxx/xxxxx.xxxpredictiveHigh
116Libraryxxxxxx-xx/xxx/xxx-xxxxxx-xxxxx-xx.xxxpredictiveHigh
117Libraryxxxxxxx.xxx.xx.xxxpredictiveHigh
118Libraryxxxxxx.xxxpredictiveMedium
119Libraryxxx/xxx/xxxx/predictiveHigh
120Argumentxx/xxpredictiveLow
121ArgumentxxxxxxxpredictiveLow
122ArgumentxxxxxxxxpredictiveMedium
123ArgumentxxxxxpredictiveLow
124ArgumentxxxxxpredictiveLow
125ArgumentxxxxxxxxxxxxxpredictiveHigh
126ArgumentxxxxxxxxpredictiveMedium
127ArgumentxxxpredictiveLow
128ArgumentxxxxxxxpredictiveLow
129ArgumentxxxxxxxxxxxxxpredictiveHigh
130ArgumentxxxxxxpredictiveLow
131ArgumentxxxxxxxpredictiveLow
132ArgumentxxxxxxxxpredictiveMedium
133Argumentxxxxxxx_xxxx_xxx_xxxxxxpredictiveHigh
134ArgumentxxxxxpredictiveLow
135Argumentxxx_xxxxpredictiveMedium
136ArgumentxxxxxxxpredictiveLow
137Argumentxxxx_xxxxx_xxxxpredictiveHigh
138ArgumentxxxxpredictiveLow
139ArgumentxxxxxxxxpredictiveMedium
140Argumentxx_xxpredictiveLow
141Argumentxx_xxxxpredictiveLow
142ArgumentxxpredictiveLow
143Argumentx_xxxxxxxpredictiveMedium
144ArgumentxxxxpredictiveLow
145ArgumentxxxxxpredictiveLow
146ArgumentxxpredictiveLow
147ArgumentxxxxxpredictiveLow
148ArgumentxxxxxpredictiveLow
149ArgumentxxxpredictiveLow
150Argumentxxx_xxxpredictiveLow
151ArgumentxxxxxpredictiveLow
152Argumentxxxxxxx_xxxxpredictiveMedium
153ArgumentxxxxxxpredictiveLow
154ArgumentxxxpredictiveLow
155ArgumentxxxxxxpredictiveLow
156ArgumentxxxxxxxpredictiveLow
157ArgumentxxxxxxxxxpredictiveMedium
158Argumentxxx_xxpredictiveLow
159ArgumentxxxxpredictiveLow
160Argumentxx_xxpredictiveLow
161ArgumentxxxxxxpredictiveLow
162ArgumentxxxxxpredictiveLow
163ArgumentxxxxpredictiveLow
164Argumentxxxx[xx]predictiveMedium
165Argumentxxxxx_xxxx_xxxxpredictiveHigh
166ArgumentxxxxxxpredictiveLow
167Argumentxxx-xxxxxxpredictiveMedium
168Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
169Argumentxxxxxx_xxxxxxpredictiveHigh
170Argumentxxxxxx_xxxxxpredictiveMedium
171Argumentxxxxxx_xxxxpredictiveMedium
172ArgumentxxxxxxxxpredictiveMedium
173ArgumentxxxxpredictiveLow
174Argumentxxxx_xxpredictiveLow
175ArgumentxxxpredictiveLow
176ArgumentxxxxxpredictiveLow
177ArgumentxxxxxxxpredictiveLow
178ArgumentxxxxxpredictiveLow
179ArgumentxxxxxxxxxpredictiveMedium
180ArgumentxxxxxxxxxxxpredictiveMedium
181ArgumentxxxxxxpredictiveLow
182ArgumentxxxxxxxxpredictiveMedium
183Argumentxxx:xxxxpredictiveMedium
184Argumentxxxxx/xxxxxxpredictiveMedium
185Argumentxxx_xxx_xxxxxxxx_xxxpredictiveHigh
186Argumentx_xxxxxxxxpredictiveMedium
187Input Valuex%xx%xx%xxxxxxx%xxxxxxxx%xxxxxxxxxx%xxxxxx%xx%xxxxxxx_xxxxx%xx%xx--%xx%xxpredictiveHigh
188Input Valuex+xxxxx+xxxxxx+x,xxxxxxx,xxxxxxxxxxx+xxxx+xxxxx#predictiveHigh
189Input Value<?xxx xxxxxx($_xxx['x']); ?>predictiveHigh
190Input Value??x:\predictiveLow
191Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
192Network Portxxx/xx (xxx)predictiveMedium
193Network Portxxx/xxxxpredictiveMedium
194Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!