PowerTrick Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

de620
en356
ru6
es6
pl6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

DE: Germany756
ES: Spain242
US: USA2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

PowerTrick2
Sliver1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest (631)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined244
Web Server30
Smartphone Operating System26
Web Browser24
WordPress Plugin24

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined224
Apache46
IBM32
Google28
Microsoft26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apache HTTP Server26
Google Android18
Google Chrome10
Adobe Flash Player8
Magento8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities (20)

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1Free GDPR Consent Solution Plugin Admin Dashboard cross site scripting3.53.4$0-$5k$0-$5kNot definedOfficial fix 0.017020.00CVE-2022-0147
2Traccar GPS Tracking System LDAP Search Filter LDAP injection ldap injection7.56.6$0-$5k$0-$5kNot definedOfficial fix 0.002050.00CVE-2020-5246
3Unreal UnrealIRCd IP Cloaking Feature cloak.c IP address information disclosure5.35.1$0-$5k$0-$5kNot definedOfficial fix 0.005960.00CVE-2004-0679
4Oracle Secure Backup Apache resource management7.57.2$5k-$25k$0-$5kAttackedOfficial fixExpected0.926950.00CVE-2011-3192
5Symantec ASG/ProxySG FTP Proxy WebFTP Mode Stored cross site scripting5.75.4$5k-$25k$0-$5kNot definedOfficial fix 0.002500.00CVE-2018-18370
6versatileBulletinBoard dereferrer.php cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot defined 0.000000.00
7McAfee WebAdvisor Browser Extension Settings access control6.96.9$5k-$25k$5k-$25kNot definedNot defined 0.003810.00CVE-2022-0815
8Hotel Druid SQLite sql injection6.36.1$0-$5k$0-$5kNot definedNot defined 0.100700.00CVE-2021-37832
9cURL/libcURL Referer information disclosure4.84.7$0-$5k$0-$5kNot definedOfficial fix 0.000680.00CVE-2021-22876
10PostgreSQL sql injection5.65.4$0-$5k$0-$5kNot definedOfficial fix 0.003920.00CVE-2021-23214
11Cisco IOS XE H.323 Application Level Gateway protection mechanism4.54.4$25k-$100k$0-$5kNot definedOfficial fix 0.004290.00CVE-2021-1616
12Schneider Electric AP7xxxx/AP8xxx/APDU9xxx URL information disclosure6.16.0$0-$5k$0-$5kNot definedOfficial fix 0.003790.00CVE-2021-22825
13Cisco IOS XR Ethernet Frame resource management6.56.2$5k-$25k$0-$5kNot definedOfficial fix 0.001010.00CVE-2021-34713
14Technicolor TC7337 Backup File backupsettings.conf Credentials insufficiently protected credentials6.46.4$0-$5k$0-$5kNot definedNot defined 0.003600.00CVE-2020-11449
15PhpWiki ldap.php improper authentication9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial fix 0.051280.00CVE-2007-3193
16QuickBox Pro adminuseredit.php cross site scripting3.53.5$0-$5k$0-$5kNot definedNot defined 0.002400.00CVE-2021-45281
17Mahavitaran App URL Parameter information disclosure4.74.7$0-$5k$0-$5kNot definedNot defined 0.002690.00CVE-2020-27414
18Veritas InfoScale Operations Manager GET Parameter listdir.pl cross site scripting3.63.5$0-$5k$0-$5kNot definedOfficial fix 0.002170.00CVE-2022-26483
19Apple iOS/iPadOS FaceTime out-of-bounds7.57.2$25k-$100k$5k-$25kNot definedOfficial fix 0.017470.00CVE-2019-8830
20Apache Traffic Server Request Line input validation5.55.3$5k-$25k$0-$5kNot definedOfficial fix 0.044730.00CVE-2021-44040

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.9.161.246static.246.161.9.5.clients.your-server.dePowerTrick05/31/2021VerifiedVery Low
2XXX.XX.XX.XXxxxxxxxx.xx-xxx-xx-xx.xxxXxxxxxxxxx05/31/2021VerifiedLow

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificationVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22Path TraversalPredictiveHigh
2T1040CAPEC-102CWE-294, CWE-319Authentication Bypass by Capture-replayPredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionsPredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionPredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingPredictiveHigh
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxPredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxPredictiveHigh
8TXXXX.XXXCAPEC-XXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxPredictiveHigh
9TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxPredictiveHigh
10TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxPredictiveHigh
11TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxPredictiveHigh
12TXXXXCAPEC-XCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxPredictiveHigh
13TXXXXCAPEC-XXXCWE-XX, CWE-XXXxx XxxxxxxxxPredictiveHigh
14TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxPredictiveHigh
15TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxPredictiveHigh
16TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxx XxxxxxxxxPredictiveHigh
17TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxPredictiveHigh
18TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxPredictiveHigh
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxPredictiveHigh
20TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxPredictiveHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxPredictiveHigh
22TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxPredictiveHigh

IOA - Indicator of Attack (232)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/config.php?display=disa&view=formPredictiveHigh
2File/apps/acs-commons/content/page-compare.htmlPredictiveHigh
3File/cgi/get_param.cgiPredictiveHigh
4File/edit-db.phpPredictiveMedium
5File/files/passwordPredictiveHigh
6File/guest_auth/cfg/upLoadCfg.phpPredictiveHigh
7File/hocms/classes/Master.php?f=delete_memberPredictiveHigh
8File/lists/admin/PredictiveHigh
9File/phppath/phpPredictiveMedium
10File/services/getFile.cmdPredictiveHigh
11File/sns/classes/Master.php?f=delete_imgPredictiveHigh
12File/usr/bin/pkexecPredictiveHigh
13File/v2/quantum/save-data-upload-big-filePredictiveHigh
14File/var/log/messagesPredictiveHigh
15File/web/jquery/uploader/multi_uploadify.phpPredictiveHigh
16File/webconsole/ControllerPredictiveHigh
17File/wordpress/wp-admin/admin.php?page=weblib-circulation-desk&orderby=title&order=DESCPredictiveHigh
18Fileabook_database.phpPredictiveHigh
19Fileacl/save_user.cgiPredictiveHigh
20Fileadaptive-images-script.phpPredictiveHigh
21Fileadmin/auth.phpPredictiveHigh
22Fileadmin/cgi-bin/listdir.plPredictiveHigh
23Fileadminuseredit.php?usertoedit=XSSPredictiveHigh
24FileAvastSvc.exePredictiveMedium
25Filebackupsettings.confPredictiveHigh
26Filebase/ErrorHandler.phpPredictiveHigh
27Filexxx/xxxx.xPredictiveMedium
28Filexxxx/xxx/PredictiveMedium
29Filexxx-xxx/xxxxx.xxxPredictiveHigh
30Filexxxx_xxxx.xxxPredictiveHigh
31Filexxxxx.xPredictiveLow
32Filexxx.xxxPredictiveLow
33Filexxx.xxx?xxx=xxxxx_xxxxPredictiveHigh
34Filexxxxxx/xxxx.xPredictiveHigh
35Filexxxxxx/xxx.xPredictiveMedium
36Filexxxxxx/xxxx.xPredictiveHigh
37Filexxxxxx\xxx.xPredictiveMedium
38Filexxx.xxxxx.xxxxxxx.xxxxxxxxxxxxxx.xxx.xxxxxxx.xxxxxxxxxxxxxxxxxxPredictiveHigh
39Filexxxxxx/xxxxx/xxxxxxx.xPredictiveHigh
40Filexxxxxxx.xxxPredictiveMedium
41Filexxxxxxx.xxxPredictiveMedium
42Filex_xxxxxxxxxxx.xxxxPredictiveHigh
43Filexxxxx_xxxxxx.xPredictiveHigh
44Filexxxxxxxxxxxx.xxxPredictiveHigh
45Filexxxxxxxxx.xxxPredictiveHigh
46Filexxxxxxxxxx.xxxPredictiveHigh
47Filexxxxxxxxxxx.xxxPredictiveHigh
48Filexxxxxxx/xxx/xxx_xxx.xPredictiveHigh
49Filexxxxx.xxxPredictiveMedium
50Filexxxx/xxxxxxxxxx/xxxx-xxx.xPredictiveHigh
51Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxx.xPredictiveHigh
52Filexxxxxx.xxx.xxxPredictiveHigh
53Filexxxxxxxxxxxxxx.xxxPredictiveHigh
54Filexxxxx.xxxxPredictiveMedium
55Filexxxxxxxx.xPredictiveMedium
56Filexxxxxxxxx.xxxPredictiveHigh
57Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxPredictiveHigh
58Filexxxxxx/xxxxx_xxxxxxx.xxxPredictiveHigh
59Filexxxx/xxx_xxx_xxxxx.xPredictiveHigh
60Filexxxxxx_xxx.xPredictiveMedium
61Filexxxxxx/xxxxxPredictiveMedium
62Filexxxxxxx/xxx_xxxxxxxx.xxxPredictiveHigh
63Filexxxxx.xxxPredictiveMedium
64Filexxxxx.xxx/xxxxx/xxxxxxxxxxxPredictiveHigh
65Filexxxxx.xxx/xxxxxxxx/xxxxxxxx/PredictiveHigh
66Filexxxxx.xxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxPredictiveHigh
67Filexxxxxxxxx\xxxxxx\xxxx_xxxxx_xxxxx.xxxPredictiveHigh
68Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxPredictiveHigh
69Filexxxx_xxx.xxxPredictiveMedium
70Filexxxxxxxxxxx/xxxxx-xxxx/xxxx/xxxx/xxxx-xxxxxxx-xxxxx.xPredictiveHigh
71Filexxxxxxx/xxxxx.xPredictiveHigh
72Filexxxxxxxxx/xxxx-xxxxxxxx.xPredictiveHigh
73Filexxxxxxxxx/xxx.xPredictiveHigh
74Filexxxxxxx.xPredictiveMedium
75Filexxxxxxx/xxxxxxxx.xPredictiveHigh
76Filexxxxxxx.xxxPredictiveMedium
77Filexxxxxx/xxxxxxxxxxx.xxxPredictiveHigh
78Filexxxxxxxx.xxxPredictiveMedium
79Filexxxxxxx/xxxxxxxxxxxxPredictiveHigh
80Filexx_xxxxxx.xxxPredictiveHigh
81Filexxxxxx/xxxxxx_xxxx.xxxPredictiveHigh
82Filexxxx/xxxxxxx/xxxxxxx_xxx.xxxxxxxPredictiveHigh
83Filexxxx/xxxxx/xxxxxxx.xPredictiveHigh
84Filexxx_xxxxx_xxxxx.xPredictiveHigh
85Filexxx.xxxxxx_xxxxPredictiveHigh
86Filexxxx.xPredictiveLow
87Filexxxxx.xxxPredictiveMedium
88Filexxx.xxxxx.xxxPredictiveHigh
89Filexxxxx/_xxxxx.xxPredictiveHigh
90Filexxxxxxxx.xxxPredictiveMedium
91Filexxxxxxxxxxxxxx.xxxPredictiveHigh
92Filexxxxxx.xxxPredictiveMedium
93Filexxxxxxx/xxxxxxxx/xxxxxx-xxxxxx-xx-xx.xPredictiveHigh
94Filexxxxxxxxx/xxxxxxxxx_xxxxxxxx.xxPredictiveHigh
95Filexxxxxxx.xxxPredictiveMedium
96Filexxxxxxx.xxxPredictiveMedium
97Filexxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx_xxxx.xxPredictiveHigh
98Filexxxxxxxx/xx/xxxxxxxxxxPredictiveHigh
99Filexxxxxx.xxPredictiveMedium
100Filexxxx_xxxx.xxxPredictiveHigh
101Filexxxxxxxx.xxxPredictiveMedium
102Filexxxxxxxx.xxxPredictiveMedium
103Filexxxxxxx_xxxxxxx.xxxPredictiveHigh
104Filexxxxxxxx.xxxPredictiveMedium
105Filexxxx/xxxxx/xxxx.xxPredictiveHigh
106Filexxxx_xxxxxxx.xxxPredictiveHigh
107Filexxxxxx.xxxPredictiveMedium
108Filexxxxxxxx-xxxxxx_xxxxx.xxxPredictiveHigh
109Filexxxxxxxxx-xxxxxxxxxxxx-xxx/xxxx/xxxxx-xxxx.xxxPredictiveHigh
110Filexxxxx/xxxx/xxxxx.xPredictiveHigh
111Filexxxxxxxxxx.xxxxPredictiveHigh
112Filexxx_xxxxx.xPredictiveMedium
113Filexxxxxxxxxx.xxxPredictiveHigh
114Filexxxxxx-xxxxxx.xxPredictiveHigh
115Filexxxxxxx/_/xxxxxxxxx/PredictiveHigh
116Filexxxxxxxx.xxxPredictiveMedium
117Filexxxxxx/xxxxxx/xxxx/xxxxxx/xxxxxxxxxxx.xxxPredictiveHigh
118Filexxxxx.xxxPredictiveMedium
119Filexx-xxxxxxx/xxxxxxxPredictiveHigh
120Filexx-xxxxxxxxx.xxxPredictiveHigh
121File\xxx.\xxxxx\xxxxxxxxxxx\xx.xxxPredictiveHigh
122File_x_/xxxx/_x_/xxx/xxxxxx_xxxxxxxxxxxxxPredictiveHigh
123File~/xxxx-xxxxx-xxxxxxx.xxxPredictiveHigh
124Libraryxxxx.xxxPredictiveMedium
125Libraryxxx/xxxxxx.xPredictiveMedium
126Libraryxxx/xx/xxxxxxx.xxPredictiveHigh
127Libraryxxx/xxxxxx.xPredictiveMedium
128Libraryxxx/xxx.xPredictiveMedium
129Libraryxxx/xxxxxxxx/xxxx.xxxPredictiveHigh
130Libraryxxxxxxxx.xxxPredictiveMedium
131Libraryxxxxxx.xxxPredictiveMedium
132Libraryxxxxxxx.xxxPredictiveMedium
133Libraryxxxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxPredictiveHigh
134Libraryxxxxxx.xxxPredictiveMedium
135LibraryxxxxxxPredictiveLow
136Argument$xxxxxxx['xxxxxxxx-xxxxxx-xxxxxxxx']PredictiveHigh
137Argument:$xxxxPredictiveLow
138Argumentx/xPredictiveLow
139ArgumentxxxxxxPredictiveLow
140ArgumentxxxxxPredictiveLow
141ArgumentxxPredictiveLow
142Argumentxxxx_xxxxPredictiveMedium
143Argumentxxxx_xxxxPredictiveMedium
144ArgumentxxxxPredictiveLow
145Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xPredictiveHigh
146Argumentxxxx-xxxxxPredictiveMedium
147Argumentxxxxxxx_xxxxxPredictiveHigh
148Argumentxxxxxxx-xxxxPredictiveMedium
149Argumentxxxxxxxxxxxx$xxxxxxPredictiveHigh
150Argumentxxx_xxxPredictiveLow
151ArgumentxxxxxxPredictiveLow
152ArgumentxxxxxxxxxxxPredictiveMedium
153ArgumentxxxxxxxPredictiveLow
154ArgumentxxxxxPredictiveLow
155Argumentxxxx[xxxxxxx]PredictiveHigh
156ArgumentxxxxxxxPredictiveLow
157ArgumentxxxxPredictiveLow
158ArgumentxxxxxxxxPredictiveMedium
159ArgumentxxxxxxxxPredictiveMedium
160ArgumentxxxxxxxxxxxPredictiveMedium
161Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxPredictiveHigh
162Argumentxxxxxxx/xxxxxxPredictiveHigh
163ArgumentxxxxxPredictiveLow
164ArgumentxxxxxxPredictiveLow
165Argumentxxxx_xxxxxPredictiveMedium
166ArgumentxxxxPredictiveLow
167ArgumentxxxxPredictiveLow
168Argumentxxxx_xxxxxxxPredictiveMedium
169ArgumentxxPredictiveLow
170Argumentxx=PredictiveLow
171ArgumentxxxxxxxxxxxxxxPredictiveHigh
172Argumentxxxxx_xxxPredictiveMedium
173Argumentxxxx_xxx_xxxxxx/xxxx_xxx_xxxxxx/xxxx_xxx_xxxxxx/xxxx_xxx_xxxxxxPredictiveHigh
174ArgumentxxxxxxxPredictiveLow
175ArgumentxxxxPredictiveLow
176ArgumentxxxxxxxxPredictiveMedium
177ArgumentxxxxxxxPredictiveLow
178Argumentxxxxx xxxxPredictiveMedium
179Argumentxxxxxxx/xxxxxx_xxPredictiveHigh
180Argumentxxxx_xxxPredictiveMedium
181Argumentxxxxx_xxxx/xxxxx_xxxxxxxPredictiveHigh
182ArgumentxxxxPredictiveLow
183ArgumentxxxxPredictiveLow
184ArgumentxxxxxxPredictiveLow
185Argumentxxxxx/xxxxxxxPredictiveHigh
186ArgumentxxxxxxxPredictiveLow
187ArgumentxxxxPredictiveLow
188Argumentxxxx xxxxPredictiveMedium
189ArgumentxxxxxxPredictiveLow
190ArgumentxxxxPredictiveLow
191Argumentxxxx_xxPredictiveLow
192ArgumentxxxxxPredictiveLow
193Argumentxxxxx_xxxxxxPredictiveMedium
194Argumentxxxxxxxx_xxPredictiveMedium
195ArgumentxxxxxxxPredictiveLow
196Argumentxxxxxxxx_xxxxxxxxxxxx_xxxxxPredictiveHigh
197ArgumentxxxxPredictiveLow
198Argumentxxxxxxxx_xxxxxPredictiveHigh
199Argumentxxxxxx_xxPredictiveMedium
200Argumentxxxx-xxxxxxxxxxxx-xxxxx-xxPredictiveHigh
201ArgumentxxxPredictiveLow
202Argumentxxxxx_xxPredictiveMedium
203ArgumentxxxPredictiveLow
204ArgumentxxxxxxxxxPredictiveMedium
205ArgumentxxxxxxPredictiveLow
206Argumentxx_xxPredictiveLow
207ArgumentxxxxxxxxPredictiveMedium
208ArgumentxxxxxxxxPredictiveMedium
209ArgumentxxxxxPredictiveLow
210Argumentxxxxx/xxxPredictiveMedium
211ArgumentxxxxxxxxPredictiveMedium
212Argumentxx_xxxxxxxxxxxxx_xxx[xxxxxx][xxxxxxx]PredictiveHigh
213ArgumentxxxxPredictiveLow
214Argumentxxxxxxxxx[xxxxx]PredictiveHigh
215ArgumentxxxPredictiveLow
216ArgumentxxxxxxxxPredictiveMedium
217ArgumentxxxxxxxxPredictiveMedium
218ArgumentxxxxxPredictiveLow
219ArgumentxxxxxPredictiveLow
220ArgumentxxxxxPredictiveLow
221Argumentx-xxxxxxxxx-xxxPredictiveHigh
222Input Value/..PredictiveLow
223Input Value//PredictiveLow
224Input ValuexxxxxxxxPredictiveMedium
225Input Value<xxx>/*.xxxxx/PredictiveHigh
226Input Valuexxxxxx.xxxPredictiveMedium
227Input ValuexxxxxPredictiveLow
228Input Valuex=xPredictiveLow
229Patternxxxx_xxxxxx_xxxxxxxxx.xxx_xxxxxx_xxxxx_xxxxxxxxPredictiveHigh
230Network Portxxx/xx (xxx)PredictiveMedium
231Network Portxxx/xxxPredictiveLow
232Network Portxxx/xxxPredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!