Packrat Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en36
es7

Country

es7
cl4
us3
br2
ru1

Actors

Packrat43

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1OpenSSL EC information disclosure3.13.0$5k-$25k$0-$5kNot DefinedOfficial Fix7.18CVE-2021-4160
2Sun Solaris Solaris Management Console memory corruption9.99.4$25k-$100k$5k-$25kProof-of-ConceptNot Defined0.05CVE-2007-3094
3IBM API Connect input validation6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.08CVE-2018-1779
4Novell NetWare FTP Server input validation4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2002-2433
5Opera Web Browser Address Bar input validation5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2010-4044
6Kingsoft Webshield memory corruption8.47.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2010-2031
7Adobe Flash Player code injection10.09.0$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2010-2163
8Oracle Peoplesoft And Jdedwards Product Suite unknown vulnerability5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2010-3521
9Microsoft Visio mfc71enu.dll Remote Code Execution9.89.3$25k-$100k$0-$5kProof-of-ConceptNot Defined0.17CVE-2010-3148
10PHP unserialize use after free7.36.4$25k-$100k$0-$5kUnprovenOfficial Fix0.00
11WampServer wampapache/wampmysqld access control6.46.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2016-10031
12Microsoft Edge input validation5.04.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2018-8383
13Microsoft Office memory corruption7.87.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-0134
14Microsoft Office memory corruption7.97.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2016-7277
15Microsoft Office memory corruption7.57.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.03CVE-2016-0052
16Microsoft Office memory corruption7.87.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2016-7228
17Microsoft Office memory corruption8.07.6$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2016-0198
18Microsoft Office memory corruption6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2016-7193
19Zoho ManageEngine ADSelfService Plus User Account input validation5.34.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.08CVE-2010-3272
20Google Android Kernel Networking Subsystem data processing9.89.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.08CVE-2016-7117

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79Cross Site ScriptingHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegesHigh
3T1211CWE-2547PK Security FeaturesHigh
4TXXXXCWE-XXXXxxxxxxx XxxxxxxxxxxHigh
5TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxHigh

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Fileapi/sms_check.phpHigh
2Filechmextract.cMedium
3Fileinc/filebrowser/browser.phpHigh
4Filexxxxx.xxxMedium
5Filexxxxxx_xxx.xMedium
6Filexxxxx-xxx.xMedium
7Libraryxxxxxxxx.xxxMedium
8ArgumentxxxxLow
9Argumentxxx_xxxLow
10ArgumentxxxxxLow
11ArgumentxxxxxxxxMedium
12ArgumentxxxxLow

References (1)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!