Panda Analysis

IOB - Indicator of Behavior (393)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en348
zh40
de4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us290
cn84
ir8
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Oracle Database Server36
Microsoft Windows32
Cisco IOS XE8
PRTG Network Monitor8
Qualcomm Snapdragon Compute6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2021-43943
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.660.04187CVE-2010-0966
3Citrix Gateway request smuggling7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00954CVE-2020-10111
4F5 BIG-IP Advanced WAF Appliance Mode Restrictions integrity check7.97.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.090.00885CVE-2022-25946
5vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.160.01136CVE-2015-1419
6OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.440.49183CVE-2016-6210
7Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.250.25090CVE-2017-0055
8SmarterTools SmarterMail path traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.10289CVE-2019-7213
9Joomla CMS sql injection7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.040.00986CVE-2013-1453
10Microsoft Windows Hyper-V input validation8.48.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.02349CVE-2019-0620
11Thomson Reuters Desktop Extensions Service Port 6677 ThomsonReuters.Desktop.Service.exe path traversal9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.020.05365CVE-2019-8385
12ZK Framework AuUploader information disclosure5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.030.16531CVE-2022-36537
13Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.160.01319CVE-2009-2814
14parse-server Apple Game Center Authentication Adapter improper authentication6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.090.00885CVE-2022-24901
15SpringBlade DAO/DTO list sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2020-16165
16Microsoft Azure Sphere information disclosure3.33.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.01150CVE-2021-26428
17AnyShare Cloud path traversal4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.050.00885CVE-2020-8996
18Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
19JForum Login input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.050.01055CVE-2012-5338
20Apache HTTP Server mod_proxy_uwsgi buffer overflow8.58.5$25k-$100k$5k-$25kNot DefinedNot Defined0.030.07767CVE-2020-11984

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (127)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/predictiveLow
2File/api/adduserspredictiveHigh
3File/api/blade-log/api/listpredictiveHigh
4File/cgi-bin/editBookmarkpredictiveHigh
5File/cgi-bin/system_mgr.cgipredictiveHigh
6File/client/api/json/v2/nfareports/compareReportpredictiveHigh
7File/dede/file_manage_control.phppredictiveHigh
8File/etc/services/DEVICE.TIME.phppredictiveHigh
9File/horde/imp/search.phppredictiveHigh
10File/index.phppredictiveMedium
11File/netflow/jspui/selectDevice.jsppredictiveHigh
12File/public/login.htmpredictiveHigh
13File/public/login.htm?errormsg=&loginurl=%22%3E%3Csvg%20onload=prompt%28/XSS/%29%3EpredictiveHigh
14File/reports/rwservletpredictiveHigh
15File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
16File/xxxxxx.xxx?xxxxxxxxxx=%xx%xx%xxxxx%xxxxxxxx=xxxxxx%xx/xxx/%xx%xxpredictiveHigh
17File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
18File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
19File/xxx_xxxxxxx.xxxpredictiveHigh
20File/xxxpredictiveLow
21File/xxx/xxx/.xxxpredictiveHigh
22File/xxxxxxx/predictiveMedium
23File/xx/xxxxxxx/xxxx-xxxx-xxxxxx-xxx-xxxxpredictiveHigh
24File/xxxxxxxxxx_xxxxxxx.xxxpredictiveHigh
25Filexxxxxxx.xxxpredictiveMedium
26Filexxx_xxxxxxxx.xxxpredictiveHigh
27Filexxxxx/xxxxxx/xxxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
28Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
29Filexxxx/xxxxxxx.xxxpredictiveHigh
30Filexxxxx_xxxxxx.xxxpredictiveHigh
31Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxx_xxxx/xxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
33Filexxxxxxx.xxpredictiveMedium
34Filexxxxxxxx_xxxxxxx.xxxpredictiveHigh
35Filexxx-xxx/xxxxxxxxxx.xxpredictiveHigh
36Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
37Filexxx\xxxxxxxx\xxxxx\xxxxxx\xxx\xxxxxxxxxx.xxxxpredictiveHigh
38Filexxxxxxxxxx.xxxpredictiveHigh
39Filexxxxxx/xx_xxx.xpredictiveHigh
40Filexxxxxx/xxxxxxx.xxpredictiveHigh
41Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
42Filexxx_xxxxxx_xxxx_xxxxxx.xpredictiveHigh
43Filexx_xxxxxxx.xxxpredictiveHigh
44Filexx_xxxxxxx.xxxpredictiveHigh
45Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
46Filexxxxx_xxxxxxxx.xxxpredictiveHigh
47Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
48Filexxx/xxxxxx.xxxpredictiveHigh
49Filexxxxx.xxxpredictiveMedium
50Filexxxxx.xxxxpredictiveMedium
51Filexxxxx.xxxpredictiveMedium
52Filexxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxx/predictiveHigh
53Filexxxxxxxxxxx/xxxxxxxxxxx.xpredictiveHigh
54Filexxxxx/xxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
55Filexxxxx.xxxpredictiveMedium
56Filexxxxxxxx.xxxpredictiveMedium
57Filexxx_xxxxx.xxxpredictiveHigh
58Filexxxxx_xxxx.xxxpredictiveHigh
59Filexxx/xxx/xxx.xpredictiveHigh
60Filexxxx.xxxpredictiveMedium
61Filexxxxxxxxx.xxxpredictiveHigh
62Filexxxxxxxxxxx.xxpredictiveHigh
63Filexxxxx-xxx.xpredictiveMedium
64Filexxxxxxx.xxx?xxxxx=xxx_xxxxxxxxpredictiveHigh
65Filexxxxx.xxxpredictiveMedium
66Filexxxx-xxxxxxx-xxx.xxpredictiveHigh
67Filexxxx.xxxpredictiveMedium
68Filexxx_xxxx.xpredictiveMedium
69Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
70Filexxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
71Filexxxx.xxxpredictiveMedium
72Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
73Filexxxxxx.xxxpredictiveMedium
74Filexxxxxx.xxxpredictiveMedium
75Filexxx/xxxxx/xxxxx/xxxxx.xxxpredictiveHigh
76Filexxx_xxxxxxx.xxxpredictiveHigh
77Filexxxxxxxxxxxxxx.xxxxxxx.xxxxxxx.xxxpredictiveHigh
78Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveHigh
79Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
80Libraryxxxxxx.xxxpredictiveMedium
81Argument$xxxxxxpredictiveLow
82ArgumentxxxxpredictiveLow
83Argumentxxx_xxxpredictiveLow
84Argumentxxx/xxxxpredictiveMedium
85Argumentxxxx_xxxx_xxpredictiveMedium
86ArgumentxxxxxxxxpredictiveMedium
87ArgumentxxpredictiveLow
88Argumentxxx_xxpredictiveLow
89ArgumentxxxxxxpredictiveLow
90ArgumentxxxxxxpredictiveLow
91ArgumentxxxxxxxxpredictiveMedium
92Argumentxxxxxxxxx->xxxxxxxxxpredictiveHigh
93ArgumentxxxxpredictiveLow
94ArgumentxxxxxxxpredictiveLow
95ArgumentxxxxxxxxpredictiveMedium
96ArgumentxxxxxxxxpredictiveMedium
97Argumentxxxxxxxxxx_xxxx_xxxxxxpredictiveHigh
98ArgumentxxxxpredictiveLow
99ArgumentxxxxxxxxxpredictiveMedium
100Argumentxxxx_xxxxxxpredictiveMedium
101ArgumentxxpredictiveLow
102ArgumentxxxpredictiveLow
103ArgumentxxxxxpredictiveLow
104ArgumentxxxpredictiveLow
105Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
106Argumentxxxxxx/xxxxxxx/xxxx_xxxx/xxxxxxx/xxxxpredictiveHigh
107ArgumentxxxxxxxxxxxpredictiveMedium
108Argumentxxx_xxxxxxxpredictiveMedium
109Argumentxxxxxx xxxxxxpredictiveHigh
110ArgumentxxxxxxxxxxxpredictiveMedium
111Argumentxxxxx/xxxxxpredictiveMedium
112ArgumentxxxxxxxxpredictiveMedium
113Argumentxxxxx_xxxx_xxxxpredictiveHigh
114ArgumentxxxxxxxxxpredictiveMedium
115ArgumentxxxxxxxxxxpredictiveMedium
116ArgumentxxpredictiveLow
117Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictiveHigh
118Argumentxxxxxx/xxxxxpredictiveMedium
119ArgumentxxxxpredictiveLow
120ArgumentxxxxxxxpredictiveLow
121Argumentx-xxxxxxxxx-xxxpredictiveHigh
122Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
123Input Value/xxx/xxxxxxpredictiveMedium
124Input Value/xxx/xxxxxxpredictiveMedium
125Input ValuexxxxxxpredictiveLow
126Input Value…/.predictiveLow
127Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!