Pykspa Analysis

IOB - Indicator of Behavior (367)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

es294
en70
sv2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

es310
us42
cn10
ce4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
Apple macOS10
Schneider Electric Modicon M34010
Schneider Electric Modicon Quantum10
Schneider Electric Modicon Premium10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Boa Terminal input validation5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.07197CVE-2009-4496
2polkit pkexec access control8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.080.04106CVE-2021-4034
3Facebook WhatsApp/WhatsApp Business/WhatsApp Desktop Call heap-based overflow7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-24042
4HPE Arcsight Logger Stored cross site scripting5.24.9$5k-$25kCalculatingNot DefinedOfficial Fix0.000.00885CVE-2019-3485
5SnakeYAML YAML File Parser stack-based overflow5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-38752
6Technicolor TC7200.TH2v2 Credentials credentials management7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.040.01055CVE-2018-20393
7Facebook WhatsApp/WhatsApp Business Video Call use after free7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01086CVE-2020-1909
8EmbedThis HTTP Library/Appweb httpLib.c authCondition improper authentication7.77.3$0-$5k$0-$5kHighOfficial Fix0.050.00954CVE-2018-8715
9Zeus Zeus Web Server memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.35205CVE-2010-0359
10SnakeYAML Constructor deserialization8.18.1$0-$5k$0-$5kNot DefinedNot Defined0.180.05634CVE-2022-1471
11Velneo vClient certificate validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.01018CVE-2021-45035
12Zyxel USG/ZyWALL improper authentication9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00885CVE-2022-0342
13Microsoft Exchange Server Remote Code Execution7.36.8$25k-$100k$0-$5kFunctionalOfficial Fix0.000.31092CVE-2021-26857
14Meta WhatsApp/WhatsApp Business Image Blurring heap-based overflow8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2021-24041
15Acme Mini HTTPd Terminal input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.04187CVE-2009-4490
16OpenSSL Stitched Ciphersuite d1_pkt.c SSL_shutdown information disclosure5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.06217CVE-2019-1559
17Zeus Zeus Web Server Admin Server cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2010-0363
18EMC Documentum Content Server access control8.88.4$5k-$25kCalculatingNot DefinedOfficial Fix0.010.01132CVE-2014-4629
19GLPI API sql injection9.08.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.09029CVE-2022-35947
20Fortinet FortiOS/FortiProxy Administrative Interface authentication bypass9.89.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.89292CVE-2022-40684

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (86)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.ssh/authorized_keyspredictiveHigh
2File//etc/RT2870STA.datpredictiveHigh
3File/cgi-bin/wapopenpredictiveHigh
4File/HNAP1predictiveLow
5File/mgmt/tm/util/bashpredictiveHigh
6File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
7File/setSystemAdminpredictiveHigh
8File/updown/upload.cgipredictiveHigh
9File/usr/bin/pkexecpredictiveHigh
10Fileacl.cpredictiveLow
11Filexxxxx.xpredictiveLow
12Filexxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
13Filexxx/xxxxxxxxx/xxxxxxx/xxxxxx-xxxxxx.xxxpredictiveHigh
14Filexxxx-xxxx.xpredictiveMedium
15Filexxxx.xxxpredictiveMedium
16Filexxxxx_xxxxxxxx.xpredictiveHigh
17FilexxxxxpredictiveLow
18Filexxx-xxx/xx_xxxxxx_xxxxxx.xxxpredictiveHigh
19Filexxxxxx.xxxpredictiveMedium
20Filex_xxxxxxpredictiveMedium
21Filexxxxxx_x_x.xxxpredictiveHigh
22Filexxxxx.xpredictiveLow
23Filexxxx_xxx_xxxx.xxxpredictiveHigh
24Filexxxxxxxx.xxxpredictiveMedium
25Filexxx_xxxxxx.xxxpredictiveHigh
26Filexxx/xxxxx.xpredictiveMedium
27Filexxxx.xpredictiveLow
28Filexxxx/xxxpredictiveMedium
29Filexxxx/xxxxxxx.xxxxpredictiveHigh
30Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
31Filexxxxx.xxxpredictiveMedium
32Filexxxxxxx.xpredictiveMedium
33Filexxxxxxxxxx/xxxx.xpredictiveHigh
34Filexxxx.xxxxpredictiveMedium
35Filexxxxxxx.xxxpredictiveMedium
36Filexxxxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxx.xpredictiveMedium
39Filexxxx_xxx_xx.xpredictiveHigh
40Filexxx.xpredictiveLow
41Filexxxxxx.xpredictiveMedium
42Filexxxx-xxxxxx.xpredictiveHigh
43Filexxxxxxxxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
44Filexxx/xx_xxx.xpredictiveMedium
45Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
46Filexxxx.xxxpredictiveMedium
47Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
48Filexxxxxxx.xxxpredictiveMedium
49Filexxxxxxxx.xxxpredictiveMedium
50Filexxxx/xxxx_xxxxxx.xpredictiveHigh
51Libraryxxxx/xxxxxxx.xpredictiveHigh
52LibraryxxxxxxxxxpredictiveMedium
53Libraryxxxxx.xxxpredictiveMedium
54Libraryxxxxxxx.xxxpredictiveMedium
55Argument-xxpredictiveLow
56ArgumentxxxxxxxpredictiveLow
57ArgumentxxxxxxxpredictiveLow
58ArgumentxxxxxxpredictiveLow
59ArgumentxxxxxxxpredictiveLow
60ArgumentxxxxxxxxxxpredictiveMedium
61Argumentxxxx_xxxpredictiveMedium
62ArgumentxxxxxxxxxxxpredictiveMedium
63ArgumentxxxxxxxxxxxpredictiveMedium
64ArgumentxxxxxxxpredictiveLow
65Argumentxxxxxx_xxxxxxxxpredictiveHigh
66ArgumentxxxxxxxxxxpredictiveMedium
67ArgumentxxpredictiveLow
68ArgumentxxpredictiveLow
69ArgumentxxxxxxxxpredictiveMedium
70ArgumentxxxxxxxxxxxxpredictiveMedium
71Argumentxxxxxx_xxxxpredictiveMedium
72Argumentxxxxxx_xxxx_xxxxpredictiveHigh
73ArgumentxxxxxxxxxpredictiveMedium
74ArgumentxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
75Argumentxxxx_xxxxxxpredictiveMedium
76ArgumentxxxxxxxxpredictiveMedium
77Argumentxxxx_xxxxxx_xxxxpredictiveHigh
78ArgumentxxxxpredictiveLow
79ArgumentxxxxxxxxxxxxxpredictiveHigh
80Argumentx-xxxxxxxxx-xxxpredictiveHigh
81Argumentx-xxxx-xxxxxpredictiveMedium
82Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
83Input Value../..predictiveLow
84Input Valuexxxx%xx%xxxxx%xx(xxxxxx%xxxxxx%xxxxxx%xx(xxxxxx(xxxxx(x)))xxxx)%xxxxx%xx%xxxxxx%xx=%xxxxxxpredictiveHigh
85Network Portxxx/xxxxpredictiveMedium
86Network Portxxx/xxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!