OnePercent Analysis

IOB - Indicator of Behavior (186)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en154
sv14
de8
it6
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us128
ru16
sv14
ir12
it6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows6
MediaWiki6
OpenSSH4
WordPress4
Exim4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.070.02016CVE-2007-1192
2Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.01673CVE-2004-1386
3WPS Hide Login Plugin Secret Login Page options.php access control6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.070.03563CVE-2021-24917
4Apple Mac OS X TCP/IP Stack denial of service5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.03667CVE-2004-0171
5MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable1.090.02982CVE-2007-0354
6Zipato Zipabox Smart Home Controller information disclosure6.46.4$0-$5kCalculatingNot DefinedNot Defined0.000.00423CVE-2018-15125
7Samsung SCX-6x55X Syncthru Web Service source code4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.030.00102CVE-2021-42913
8DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.570.00954CVE-2010-0966
9OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.370.10737CVE-2016-6210
10Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.310.00568CVE-2017-0055
11Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.510.00817CVE-2014-4078
12PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.580.01639CVE-2007-1287
13PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.08985CVE-2006-0996
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined3.710.00000CVE-2020-12440
15Google Android Linkify.java addLinks access control7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.090.00098CVE-2019-2003
16Adobe Magento Mage-Messages Cookie cross site scripting2.42.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00187CVE-2021-28556
17GitHub Enterprise Server GraphQL API authorization8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00073CVE-2022-23739
18Mitsubishi Electric Factory Automation path traversal7.37.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00700CVE-2020-14523
19TP-Link WR886N httpd Service PingIframeRpm.htm buffer overflow5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00069CVE-2021-44864
20Microsoft Windows Runtime Remote Code Execution8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.030.58153CVE-2022-21971

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (69)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/downloadpredictiveMedium
3File/forum/away.phppredictiveHigh
4File/port_3480/data_requestpredictiveHigh
5File/uncpath/predictiveMedium
6File/userRpm/PingIframeRpm.htmpredictiveHigh
7File/wp-admin/options.phppredictiveHigh
8Fileadclick.phppredictiveMedium
9Filexxx_xxxxxxx.xxxpredictiveHigh
10Filexxxxx/xxxxx.xxx?x=xx_xxx&x=xxxxx&x=xxxxx&x=xxxxx_xxxx_xxxxxxx&xxxxx=xxxx&xxxxx=xpredictiveHigh
11Filexxx.xxxpredictiveLow
12Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
13Filexxxx-xxxx.xpredictiveMedium
14Filexxxxxxxxxxx.xxxpredictiveHigh
15Filexxx.xxxpredictiveLow
16Filexxxxxxxxx-xxxxxxx.xxxpredictiveHigh
17Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxx.xpredictiveLow
19Filexxxxxxx/xxx/xxx/xxx_xxxx.xpredictiveHigh
20Filexxxxx.xxxpredictiveMedium
21Filexxxx.xxxpredictiveMedium
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
24Filexxxxxxx.xxxxpredictiveMedium
25Filexxxxx.xxxpredictiveMedium
26FilexxxxpredictiveLow
27Filexxxx.xxxpredictiveMedium
28Filexxxxxxx.xxxpredictiveMedium
29Filexxxxxxx_xxxxxx.xxxpredictiveHigh
30Filexxxxxxxx.xxpredictiveMedium
31Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
32Filexxxxx.xxxpredictiveMedium
33Filexxxxxx.xxxpredictiveMedium
34Filexxxxxxxxxxxx.xxxpredictiveHigh
35Filexxxx-xxxxxxxx.xxxpredictiveHigh
36Filexxxxxx.xxxpredictiveMedium
37Filexxxxxx.xxxpredictiveMedium
38Filexxxxxx.xxxpredictiveMedium
39Filexxxxx/xxxxxxxxpredictiveHigh
40Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
41Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveHigh
42Filexx-xxxxxxxxx.xxxpredictiveHigh
43Libraryxxxxxxxxxxxx.xxxpredictiveHigh
44Libraryxxx/xxx.xpredictiveMedium
45Libraryxxx/xxx.xpredictiveMedium
46Libraryxxxxxxx.xxxpredictiveMedium
47Argumentxxxxx_xxxxxxxxpredictiveHigh
48ArgumentxxxxxxxxpredictiveMedium
49ArgumentxxxxxpredictiveLow
50ArgumentxxxpredictiveLow
51ArgumentxxxxxxxxpredictiveMedium
52ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
53ArgumentxxxxpredictiveLow
54Argumentxxxxxxxxx xxxxpredictiveHigh
55ArgumentxxxxxxpredictiveLow
56ArgumentxxxxpredictiveLow
57ArgumentxxxxxxxxxpredictiveMedium
58ArgumentxxpredictiveLow
59ArgumentxxxxpredictiveLow
60ArgumentxxxxxxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62Argumentxxxx_xxxxpredictiveMedium
63ArgumentxxxpredictiveLow
64Argumentxxxxxx_xxxxpredictiveMedium
65Argumentxx_xxpredictiveLow
66Argumentxxxxx_xxpredictiveMedium
67Argumentxxxxxxxx/xxxxpredictiveHigh
68ArgumentxxxxxpredictiveLow
69Network Portxxx/xxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!