Packrat Analysis

IOB - Indicator of Behavior (62)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en40
pt16
es6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Office8
Google Android4
tcpdump2
NVIDIA Video Driver2
Cybozu Office2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1OpenSSL Non-prime Moduli BN_mod_sqrt infinite loop6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.35455CVE-2022-0778
2Ietf MD5 cryptographic issues5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.12567CVE-2004-2761
3HP Integrated Lights-Out IPMI Protocol credentials management8.28.0$5k-$25k$0-$5kHighWorkaround0.050.78312CVE-2013-4786
4VMware ESXi Host Client Stored cross site scripting5.24.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2017-4940
5Sun Solaris Authentication improper authentication9.89.6$5k-$25k$0-$5kHighWorkaround0.020.76615CVE-1999-0502
6TP-LINK TL-WR840N buffer overflow5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2022-26642
7HP Intelligent Management Center tftpserver.exe input validation10.09.5$25k-$100k$0-$5kNot DefinedOfficial Fix0.010.25143CVE-2011-1853
8Microsoft Windows SMB Processor EducatedScholar resource management7.37.0$5k-$25k$0-$5kHighOfficial Fix0.030.88004CVE-2009-3103
9avahi socket.c resource management5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.04358CVE-2011-1002
10OpenSSL EC information disclosure3.13.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01537CVE-2021-4160
11Linux Kernel KVM authorization7.67.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00950CVE-2021-3653
12Fortinet FortiMail path traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-24013
13Fortinet FortiMail Identity-Based Encryption Service missing encryption4.03.8$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-26099
14Microsoft Windows Common Log File System Driver Privilege Escalation8.37.3$100k and more$5k-$25kUnprovenOfficial Fix0.020.01178CVE-2021-31954
15DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.06790CVE-2007-1167
16NVIDIA Video Driver nvhost_job.c memory corruption7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix2.200.00950CVE-2016-6915
17Nextcloud Server Calendar/Addressbook information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2017-0895
18Corega CG-WLR300NX cross site scripting3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.050.00890CVE-2016-7810
19IBM InfoSphere Information Server Memory Dump memory corruption3.83.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2017-1495
20Mozilla Firefox CSP 7pk security6.46.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.050.01537CVE-2017-7803

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileapi/sms_check.phppredictiveHigh
2Fileavahi-core/socket.cpredictiveHigh
3Filechmextract.cpredictiveMedium
4Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
5Filexxxxx.xxxpredictiveMedium
6Filexxxxxx_xxx.xpredictiveMedium
7Filexxxxx-xxx.xpredictiveMedium
8Filexxxxxxxxxx.xxxpredictiveHigh
9Libraryxxxxxxxx.xxxpredictiveMedium
10ArgumentxxxxpredictiveLow
11Argumentxxx_xxxpredictiveLow
12ArgumentxxxxxpredictiveLow
13ArgumentxxxxxxxxpredictiveMedium
14ArgumentxxxxxxxxpredictiveMedium
15ArgumentxxxxpredictiveLow
16Argumentx_xx_xxxxxxxxxxxxxxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!