Outlaw Kit Analysisinfo

IOB - Indicator of Behavior (270)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en248
ru22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

mooSocial mooDating8
Apple macOS6
Linux Kernel6
Google Chrome4
Hitachi Ucosminexus Application Server Standard4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection7.57.2$0-$5k$0-$5kProof-of-ConceptWorkaround0.766860.02CVE-2024-7120
2Netgear WN604 Web Interface downloadFile.php information disclosure5.35.1$5k-$25k$0-$5kProof-of-ConceptWorkaround0.000650.04CVE-2024-6646
3Dahua DHI-HCVR7216A-S3 SmartPSS Auto Login Hash access control6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.003410.05CVE-2017-6342
4Cyr to Lat Plugin sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000910.00CVE-2022-4290
5HPE Onboard Administrator Reflected cross site scripting4.44.4$5k-$25k$0-$5kNot DefinedNot Defined0.000500.04CVE-2020-7132
6osCommerce all-products cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000650.08CVE-2024-4348
7D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injection8.18.1$5k-$25k$0-$5kHighWorkaround0.937410.13CVE-2024-3273
8Byzoro Smart S210 Management Platform uploadfile.php unrestricted upload7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.037720.07CVE-2024-0939
9TVT DVR TD-2104TS-CL queryDevInfo information disclosure5.35.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.005050.08CVE-2024-7339
10Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.382060.18CVE-2023-5222
11Wavlink WN579X3 Ping Test adm.cgi injection6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.699870.02CVE-2023-3380
12Hikvision Intercom Broadcasting System ping.php os command injection7.57.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.921180.24CVE-2023-6895
13mooSocial mooDating URL ajax_invite cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.009840.20CVE-2023-3845
14PHP Jabbers Bus Reservation System index.php cross site scripting4.94.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.010590.06CVE-2023-4111
15DedeCMS select_templets.php path traversal4.64.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.061770.02CVE-2023-2059
16PHP Jabbers Taxi Booking index.php cross site scripting4.94.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.031700.06CVE-2023-4116
17PlayTube Redirect information disclosure5.45.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.697180.04CVE-2023-4714
18mooSocial mooDating URL view cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.009840.04CVE-2023-3848
19Academy LMS GET Parameter filter sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.214400.02CVE-2023-4974
20mooSocial mooDating URL pages cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.009840.09CVE-2023-3846

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.9.148.125Outlaw Kit02/11/2020verifiedLow
2XX.X.XXX.XXXXxxxxx Xxx02/11/2020verifiedLow
3XXX.XXX.XXX.XXxxxxx Xxx02/11/2020verifiedLow
4XXX.XXX.XXX.XXXXxxxxx Xxx02/11/2020verifiedLow

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-28, CWE-425Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-XXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-XCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxpredictiveHigh
19TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
22TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (128)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/academy/tutor/filterpredictiveHigh
2File/admin/suppliers/view_details.phppredictiveHigh
3File/ajax.php?action=read_msgpredictiveHigh
4File/api/authentication/loginpredictiveHigh
5File/api/sys/loginpredictiveHigh
6File/api/sys/set_passwdpredictiveHigh
7File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictiveHigh
8File/cas/logoutpredictiveMedium
9File/catalog/all-productspredictiveHigh
10File/cgi-bin/adm.cgipredictiveHigh
11File/cgi-bin/nas_sharing.cgipredictiveHigh
12File/cgi-bin/vitogate.cgipredictiveHigh
13File/debug/pprofpredictiveMedium
14File/desktop_app/file.ajax.php?action=uploadfilepredictiveHigh
15File/downloadFile.phppredictiveHigh
16File/xxxx/xxxxxxxxxxx_xxxxxxxxx?xxxxxxxxxxxx=xxxxpredictiveHigh
17File/xxxpredictiveLow
18File/xxxx-x-xxxxxpredictiveHigh
19File/xxxxxxxpredictiveMedium
20File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
21File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
22File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
23File/xxxxx.xxxpredictiveMedium
24File/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
25File/xxxxxpredictiveLow
26File/xxx/xxxx.xxxpredictiveHigh
27File/xxxxxxxxxxxxpredictiveHigh
28File/xxx/xxxxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
29File/xxxx/xxxxxxxxxx.xxxpredictiveHigh
30File/xxxxxpredictiveLow
31File/xxxxx/xxxxpredictiveMedium
32Filexxx-xxxxxx-xxxx.xxxpredictiveHigh
33Filexxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
34Filexxxxx/xxxxx-xxx-xxxxx-xxxxx.xxxpredictiveHigh
35Filexxxxx/xxxxxxx/xxxxxxxxxxxxpredictiveHigh
36Filexxxxxxxxxxxx/xxxxx/xxxx/predictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexxx_xx_xxx_xxx.xxxpredictiveHigh
39Filexxx.xpredictiveLow
40FilexxxpredictiveLow
41Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
42Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
43Filexxx_xxxx.xpredictiveMedium
44Filexxx/xxxxx.xxxxxpredictiveHigh
45Filexxxx/xxxxxxxx/xxx&xx=xxxxxxxpredictiveHigh
46Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
47Filexxxxxxx_xxx.xxxxpredictiveHigh
48Filexxxxxx.xxxpredictiveMedium
49Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
50Filexx_xxxxx.xpredictiveMedium
51Filexxxxx_xxxxx.xpredictiveHigh
52Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
53Filexxxx.xxxpredictiveMedium
54Filexxxxx.xxxpredictiveMedium
55Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
56Filexxxxxxxx.xxxpredictiveMedium
57Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
58Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
59Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
60Filexxxxx/xxxxx.xxxxxpredictiveHigh
61Filexxxxxxx.xpredictiveMedium
62Filexxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxxx-xxxxxxx.xxxpredictiveHigh
64Filexxxxxx-xxxxxx.xxxpredictiveHigh
65Filexxxxxxxxx.xxxpredictiveHigh
66Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
67Filexxx/xxxx.xpredictiveMedium
68Filexxx.xpredictiveLow
69FilexxxxxxxxxxxxxxxxpredictiveHigh
70Filexxx-xxxxxxx-xxx.xxpredictiveHigh
71Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
72Filexxxxxxx.xpredictiveMedium
73Filexxx.xxxpredictiveLow
74Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
75File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
76Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
77Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
78Libraryxxxxxxx.xxxpredictiveMedium
79Libraryxxxxx.xxxpredictiveMedium
80Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
81ArgumentxxxxxxpredictiveLow
82ArgumentxxxxxxpredictiveLow
83ArgumentxxxpredictiveLow
84Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
85ArgumentxxxxxxpredictiveLow
86Argumentx:\xxxxxxx\xpredictiveMedium
87Argumentxxxxx_xxxxpredictiveMedium
88ArgumentxxxpredictiveLow
89Argumentxxxxx_xxpredictiveMedium
90ArgumentxxxxxxxxpredictiveMedium
91ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
92Argumentxxx_xxxpredictiveLow
93ArgumentxxxxpredictiveLow
94ArgumentxxxxpredictiveLow
95Argumentxxxx_xxxxxpredictiveMedium
96Argumentxxxx_xxxxxxpredictiveMedium
97Argumentxxxxxx_xxxpredictiveMedium
98ArgumentxxxxpredictiveLow
99ArgumentxxpredictiveLow
100ArgumentxxxxxpredictiveLow
101ArgumentxxxxxpredictiveLow
102Argumentxxxxx/xxxxxx_xxpredictiveHigh
103ArgumentxxxxxxxpredictiveLow
104Argumentxxxxxxxx[xx]predictiveMedium
105ArgumentxxxxpredictiveLow
106ArgumentxxxxpredictiveLow
107ArgumentxxxxxxpredictiveLow
108Argumentxxxxx_xxx/xxxxx_xxxpredictiveHigh
109ArgumentxxxxxxxpredictiveLow
110Argumentx_xxxxpredictiveLow
111Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
112ArgumentxxxxxxxxxxpredictiveMedium
113ArgumentxxxxxxpredictiveLow
114Argumentxxxxxxx_xxpredictiveMedium
115ArgumentxxxpredictiveLow
116ArgumentxxxxxpredictiveLow
117ArgumentxxxxxxpredictiveLow
118ArgumentxxxxxxxxpredictiveMedium
119ArgumentxxxxxxxxxxxpredictiveMedium
120ArgumentxxpredictiveLow
121ArgumentxxxxxxpredictiveLow
122ArgumentxxxpredictiveLow
123ArgumentxxxxxxpredictiveLow
124Argumentx-xxxxxxxxx-xxxxpredictiveHigh
125Input Value"><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
126Input Value//xxx//xxxxxxx.xxxpredictiveHigh
127Input ValuexxxxxxpredictiveLow
128Input Valuexxxxxxx -xxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!