PakistanChatMessenger Analysis

IOB - Indicator of Behavior (230)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en226
ru2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us176
nl4
ru4
gb4
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple Mac OS X14
Apple iOS14
WordPress10
Adobe Flash Player8
IBM Lotus Connections8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Synacor Zimbra Webmail Subsystem upload unrestricted upload6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.03917CVE-2020-12846
2IBM HTTP Server memory corruption6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.05302CVE-2015-4947
3WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.01974CVE-2017-5611
4Dot Tech Smart Campus System findUser information disclosure5.45.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00885CVE-2022-4280
5S-CMS Contact Information Page cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.280.00885CVE-2022-4377
6SourceCodester Canteen Management System categories.php builtin_echo cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00885CVE-2022-4252
7Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-bounds4.34.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01034CVE-2022-3435
8Mozilla Thunderbird Reader Mode access control6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.01018CVE-2022-29912
9Microsoft Windows TCP/IP Remote Code Execution9.88.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.090.22240CVE-2022-34718
10Varnish Cache/Enterprise HTTP1 Connection request smuggling6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01018CVE-2022-23959
11dmitrylitvinov Uploading SVG, WEBP and ICO Files Plugin unrestricted upload5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-36285
12Microsoft Exchange Server Privilege Escalation8.47.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.020.01150CVE-2022-24477
13Microsoft Exchange Server Privilege Escalation8.47.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.01150CVE-2022-21980
14Microsoft Exchange information disclosure4.74.4$5k-$25k$0-$5kUnprovenOfficial Fix0.060.01150CVE-2022-21979
15Microsoft Exchange Server Privilege Escalation8.78.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.090.01150CVE-2022-24516
16SourceCodester Wedding Hall Booking System Profile Page cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00885CVE-2022-2691
17Apple macOS Kernel out-of-bounds3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01018CVE-2022-32817
18Kyberna ky2help Meine Links sql injection5.04.4$0-$5k$0-$5kUnprovenOfficial Fix0.000.01232CVE-2006-3541
19Atahualpa Theme cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedUnavailable0.050.00885CVE-2017-20088
20Hindu Matrimonial Script countrymanagement.php privileges management7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00885CVE-2017-20069

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (100)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/countrymanagement.phppredictiveHigh
2File/administration/settings_registration.phppredictiveHigh
3File/ajax-files/postComment.phppredictiveHigh
4File/categorypage.phppredictiveHigh
5File/home.phppredictiveMedium
6File/list_temp_photo_pin_upload.phppredictiveHigh
7File/nova/bin/detnetpredictiveHigh
8File/searchpin.phppredictiveHigh
9File/service/uploadpredictiveHigh
10File/services/Card/findUserpredictiveHigh
11File/show_group_members.phppredictiveHigh
12File/sqfs/bin/sccdpredictiveHigh
13File/whbs/?page=manage_accountpredictiveHigh
14Filexxxxx/xxxxxxx.xxxpredictiveHigh
15Filexxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxx/xxx_xxxxxx.xpredictiveHigh
18Filexxxxxxxxxx.xxxpredictiveHigh
19Filexxxxxxxxxx/xxxxxxx.xxxxpredictiveHigh
20Filexxxxxx/xxxx.xpredictiveHigh
21Filexxxxxx/xxx.xpredictiveMedium
22Filexxx.xxx.xxxxpredictiveMedium
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxx/xxxxx/xxxxxxx.xpredictiveHigh
25Filexxxx_xxx.xxxpredictiveMedium
26Filexxxx.xxxpredictiveMedium
27Filexxxx_xxxxxxxx_xxxxxxxxx.xpredictiveHigh
28Filexxxxxxxxx.xxxpredictiveHigh
29Filexxx_xxxx.xxxpredictiveMedium
30Filexxxxxx/xxxxx_xxxx_xxxxxxxpredictiveHigh
31Filexxxxxxxxxxx.xpredictiveHigh
32Filexxxxxx_xxxxxxx.xxxxpredictiveHigh
33Filexxxxxxxxxxxx.xxxpredictiveHigh
34Filexxx/xxxxx/xxxxx.xxxx.xxxpredictiveHigh
35Filexxxxx.xxxpredictiveMedium
36Filex_xxxxxxxx_xxxxxpredictiveHigh
37Filexxxxxxxxxx/xxxx.xpredictiveHigh
38Filexxxxxxx/xxxxxxx.xpredictiveHigh
39Filexxxxxxxxxx.xxxpredictiveHigh
40Filexxxxxxxxxxxxxx.xxxpredictiveHigh
41Filexxxxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
42Filexx.xxxxxxxxxx.xxxxpredictiveHigh
43Filexxx/xxxx/xxx_xxxxxxxxx.xpredictiveHigh
44Filexxxx.xxxpredictiveMedium
45Filexxxxxx.xxxpredictiveMedium
46Filexxxxxxxx.xpredictiveMedium
47Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
48Filexxxxx.xpredictiveLow
49Filexx_xxxxxx.xxxpredictiveHigh
50Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveHigh
51Filexx-xxxxx/xxxxxx-xxxx.xxxpredictiveHigh
52Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
53Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
54Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveHigh
55Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
56Filexx-xxxx.xxxpredictiveMedium
57Filexxxx/xxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
58Libraryxxxxxxxx/xxxxxxx/xxx.xxxpredictiveHigh
59Libraryxxxxxxxxxx.xxxpredictiveHigh
60Libraryxxx/xxxxx.xxxpredictiveHigh
61Libraryxxx/xxxxxx.xxxpredictiveHigh
62Libraryxxx/xxxxxxxx.xxpredictiveHigh
63Libraryxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
64Libraryxxxx/xxxxxxxxxxxx/xxxxx/xxxxx.xxpredictiveHigh
65ArgumentxxxxxxxpredictiveLow
66ArgumentxxxpredictiveLow
67Argumentxxxxxxx/xxxxxxpredictiveHigh
68Argumentxxxxxxxxx=xxxxpredictiveHigh
69ArgumentxxxpredictiveLow
70Argumentx_xxxpredictiveLow
71ArgumentxxxxxxpredictiveLow
72ArgumentxxxxpredictiveLow
73ArgumentxxxxxxxxpredictiveMedium
74Argumentxxxxx_xxxxpredictiveMedium
75Argumentxx_xxxxxxxxpredictiveMedium
76ArgumentxxxpredictiveLow
77ArgumentxxpredictiveLow
78Argumentx_xxxxxxxxpredictiveMedium
79ArgumentxxxxxxxxpredictiveMedium
80Argumentxxxx x xxxxpredictiveMedium
81ArgumentxxxxpredictiveLow
82Argumentxxxx/xxxxxxxpredictiveMedium
83ArgumentxxxxxxpredictiveLow
84ArgumentxxxxpredictiveLow
85ArgumentxxxpredictiveLow
86ArgumentxxxxxxxxxxxxpredictiveMedium
87Argumentxxxxxxx_xxxpredictiveMedium
88Argumentxxx_xxxxpredictiveMedium
89ArgumentxxxxxpredictiveLow
90ArgumentxxxxpredictiveLow
91ArgumentxxxxxpredictiveLow
92ArgumentxxxxxpredictiveLow
93Input Value"><xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveHigh
94Input Value'"--></xxxxx></xxxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
95Input Value' xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxxxx_xxxx xxxxx xx x)x) xxx 'xxxx'='xxxxpredictiveHigh
96Input Value' xx 'x'='xpredictiveMedium
97Input Value../predictiveLow
98Input Value<xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveHigh
99Network Portxxx/xxxxxpredictiveMedium
100Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!