PYSA Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en998
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Insteon Hub26
Google Chrome24
Microsoft Windows12
Juniper Junos OS10
Multics8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Centos Panel 7 HTTP Request index.php Remote Code Execution6.36.0$0-$5k$0-$5kHighOfficial Fix0.320.30745CVE-2022-44877
2EXFO BV-10 Performance Endpoint Unit improper authentication9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-39184
3Linksys WUMC710 httpd setNTP.cgi do_setNTP os command injection7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.260.00890CVE-2022-43971
4Linksys WRT54GL httpd apply.cgi Check_TSSI os command injection7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.260.02199CVE-2022-43973
5SAUTER Controls Nova 200/Nova 220/BACnetstac missing authentication9.89.8$0-$5k$0-$5kNot DefinedUnavailable0.030.01086CVE-2023-0052
6Linksys WRT54GL upnp soap_action null pointer dereference6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.190.00954CVE-2022-43972
7InHand InRouter 302/InRouter 615 MQTT random values9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2023-22601
8Linksys WRT54GL httpd apply.cgi Start_EPI buffer overflow7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.350.00890CVE-2022-43970
9EXFO BV-10 Performance Endpoint Unit hard-coded credentials9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-39185
10SAP Bank Account Management Manage Banks information disclosure3.23.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.080.00885CVE-2023-0023
11InHand InRouter 302/InRouter 615 access control9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2023-22600
12Nuxeo REST API cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.01689CVE-2021-32828
13Google Chrome Cart use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00885CVE-2023-0134
14SourceCodester Theme Park Ticketing System manage_user.php information disclosure4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000.01055CVE-2022-40049
15Daimler Mercedes XENTRY Retail Data Storage API Request reboot denial of service5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01055CVE-2023-23590
16Google Chrome permission6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.01055CVE-2023-0133
17Google Chrome Network Service heap-based overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00885CVE-2023-0129
18Multi Step Form Plugin cross site scripting2.42.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2022-4196
19SAP NetWeaver AS for Java access control8.38.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2023-0017
20SourceCodester Online Food Ordering System view_prod.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.280.05372CVE-2023-0303

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (27)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22, CWE-29, CWE-35Pathname TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79Cross Site ScriptingpredictiveHigh
6T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
11TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
13TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
19TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
22TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
23TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
24TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
25TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
26TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh
27TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (212)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/ajax.php?action=delete_transactionpredictiveHigh
2File/admin/ajax.php?action=delete_userpredictiveHigh
3File/admin/ajax.php?action=save_windowpredictiveHigh
4File/admin/manage_user.phppredictiveHigh
5File/app/dao/CustomerDAO.phppredictiveHigh
6File/apply.cgipredictiveMedium
7File/apps/app_user/sys_user.phppredictiveHigh
8File/config/api/v1/rebootpredictiveHigh
9File/data/apppredictiveMedium
10File/etc/shadowpredictiveMedium
11File/foodpredictiveLow
12File/forum/away.phppredictiveHigh
13File/hss/classes/Users.php?f=deletepredictiveHigh
14File/index/user/user_edit.htmlpredictiveHigh
15File/login/index.phppredictiveHigh
16File/opt/Citrix/ICAClient/util/ctxwebhelperpredictiveHigh
17File/rest/api/2/user/pickerpredictiveHigh
18File/setNTP.cgipredictiveMedium
19File/tpts/manage_user.phppredictiveHigh
20File/usr/etc/restore0.9predictiveHigh
21File/VerAyaripredictiveMedium
22Fileadclick.phppredictiveMedium
23FileAddAppNetworksFragment.javapredictiveHigh
24Fileadd_contestant.phppredictiveHigh
25Fileadmin/import/class-import-settings.phppredictiveHigh
26Filexxxxx/xxxxxx_xxxx.xxxpredictiveHigh
27Filexxxxx/xxxx-xxxxx.xxxpredictiveHigh
28Filexxxxx_xxxxx.xxxpredictiveHigh
29Filexxxxxxxx.xxxpredictiveMedium
30Filexxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
31Filexxx/xxxxxxxxxxx/xxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
32Filexxx/xxxxxxxxxxx/xxxxxxxx/xxxxxxxxx_xxxxxxxxxx.xxpredictiveHigh
33Filexxx/xxxxxxxxxxx/xxxxx_xxxxxxxxxx.xxpredictiveHigh
34Filexxx/xxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxxxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
36Filexxxxx.xxxpredictiveMedium
37Filexxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
38Filexxx/xxxxxxx.xpredictiveHigh
39Filexxxx.xxx.xxxpredictiveMedium
40Filexxxxxxx/xxxx/xxxxx.xxxxx.xxxpredictiveHigh
41Filexxxxxxxxxx.xxxxpredictiveHigh
42Filexxxx_xxx.xxpredictiveMedium
43Filexxxxxx-xxxxxxxx.xxxpredictiveHigh
44Filexxxxxx/xxxx/xxxxxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxx/xxxxxxx/xxxxxxxpredictiveHigh
46Filexxxxxxx/xxxxxx.xxxpredictiveHigh
47Filexxxxx.xxxpredictiveMedium
48FilexxxpredictiveLow
49Filexxxxxx/xxx.xpredictiveMedium
50Filexxxxxx/xxxxxxxxxxxx/xxx_xxxxxxxxx_xxxxxxxx_x_x.xxpredictiveHigh
51Filexxxxxxxxxxxxx.xxxpredictiveHigh
52Filexxxx/xx-xxxxxxx.xxxpredictiveHigh
53Filexx/xxx/xxxxxxxxxx.xxpredictiveHigh
54Filexxx_xxxx/xxxxxx_xxxx/xxxxxxxx/xxx.xxxpredictiveHigh
55Filexxxxxxx/xxx/xxxxxxxx/xxxxx_xxxx.xpredictiveHigh
56Filexxxxx.xxxpredictiveMedium
57Filexxx/xxxx_xxxxpredictiveHigh
58Filexxxxxxx-xxxx.xxxpredictiveHigh
59FilexxxpredictiveLow
60Filexx/xxxxxxx/xxxxxx.xpredictiveHigh
61Filexxx/xxxxxx_xxx.xpredictiveHigh
62Filexxxxxxxxx/xxxx.xxxpredictiveHigh
63Filexxxx.xxxpredictiveMedium
64Filexxxxxx/xxxxxxxxxxxxxx/xxxxx/xxxxxxx/xxxxxx.xxpredictiveHigh
65Filexxxxxxxxx.xxpredictiveMedium
66Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
67Filexxxxxx.xxxpredictiveMedium
68Filexxxx-xxxxxx.xxpredictiveHigh
69Filexxx/xxxxxx.xxxpredictiveHigh
70Filexxx/xxxxx.xxxpredictiveHigh
71Filexxxxx.xxpredictiveMedium
72Filexxxxx.xxxpredictiveMedium
73Filexxxx_xxxxxxx.xxxpredictiveHigh
74Filexxxxxxx/xxx/xxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
75Filexx/xxxxxxxxxxx.xxpredictiveHigh
76Filexxxxx_xxxxx.xxxpredictiveHigh
77Filexxxxxx/xxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
78Filexxxx_xxx.xpredictiveMedium
79Filexxxxxx_xxxx_xxxxxxx.xxxpredictiveHigh
80Filexxx/xxxxxx_xxx/xxxxxx_xxxx/xxxxxxx.xxpredictiveHigh
81Filexxx/xxxxxxxx.xxpredictiveHigh
82Filexxx/xxxxxxx/xxxx/xxxxxxx_xxxx.xxpredictiveHigh
83Filexxx/xxxxxxx/xxxxxx.xxpredictiveHigh
84Filexxx/xxxxxxx.xxpredictiveHigh
85Filexxxxxxxxxxx/xxxxxx.xpredictiveHigh
86Filexxx/xxxx/xxxx/xxxxxx/xxxx.xxxpredictiveHigh
87Filexxxxxxx/xxxxxx/xxx/xxxxx/xxxxxx/xxxxxxx.xxxxpredictiveHigh
88Filexxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxx/xxxxx/xxxxx.xxpredictiveHigh
89Filexxx_xxx/__xxxx__.xxpredictiveHigh
90Filexxxxxxxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
91Filexxxxxxx.xpredictiveMedium
92Filexxxxxxxxxx.xxpredictiveHigh
93Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
94Filexxxxxxxx.xxxx/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxpredictiveHigh
95Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveHigh
96Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
97Filexxxx/xxxxxxx/xxxxxxxx.xxxpredictiveHigh
98Filexxxxxxxxxxx.xxpredictiveHigh
99Filexxxxxxx/xxxxxx/xx.xxxxx/xxxxxxxx.xxpredictiveHigh
100Filexxxxxxx.xpredictiveMedium
101Filexxxxxxx.xxxpredictiveMedium
102Filexxxxxxx.xxxpredictiveMedium
103Filexxxxxxxxxx/xxxxxxxx.xxpredictiveHigh
104Filexxxxxx_xxxx/xxx_xxxxxxx/xxx_xxxxxxx_xxx.xxxpredictiveHigh
105Filexxxxxxxx-xxxx/xxxxxxxx/xxxxx.xxpredictiveHigh
106Filexxxxxxx.xxxpredictiveMedium
107Filexxxxxx_xxxxxx.xxxpredictiveHigh
108Filexxxxxx/xxxx.xxpredictiveHigh
109Filexxxxxxxxxx_xxxxpredictiveHigh
110Filexxxxxxx/xxxxxx.xxpredictiveHigh
111Filexxxxxx.xxpredictiveMedium
112Filexxxxxx.xxxpredictiveMedium
113Filexxxxxxxxx.xxxpredictiveHigh
114Filexxxxxx_xxxx.xxxpredictiveHigh
115Filexxx/xxxxxxxxxx.xxxpredictiveHigh
116Filexxx/xxxxxxxx.xxpredictiveHigh
117Filexxx/xxxx/xx/xxx/xxxxxxxx/xxx/xxxxxxxxxx.xxxxpredictiveHigh
118Filexxx/xxxx/xxxx/xx/xxxxxxx/xxxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
119Filexxx/xxxxx/xxxxx.xxxpredictiveHigh
120Filexxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx.xxpredictiveHigh
121Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
122Filexxxxxxxxx/xxxxx.xxx.xxxpredictiveHigh
123Filexxxx.xxxxpredictiveMedium
124Filexxxxx.xxxpredictiveMedium
125Filexxx/xxxx/xxxxpredictiveHigh
126Filexxxx_xxxx.xxxpredictiveHigh
127Filexxxxxxx/xxx/xxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
128Filexx.xxxpredictiveLow
129Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
130Filexxxxxxxxxxxx/xxx.xxxpredictiveHigh
131Filexxxxxxxxxxx.xxxxpredictiveHigh
132Filexxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxxx/xxxxxxxxx/xx/xxxxxxxxxxxxxxx.xxpredictiveHigh
133File\xxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
134File_xxxxx.xxxpredictiveMedium
135File~/xxx_xxxx/predictiveMedium
136Library/xxxxxxxxxxxxx/xxx/xxxxx.xxx/xxxxxxxxxxxpredictiveHigh
137Library/xxx/xxx/xxxx/x.xxxpredictiveHigh
138Libraryxxxxx.xxxpredictiveMedium
139Libraryxxxxx/xxxx/xxx_xxxxx/xxxx/xxxxx_xxxx.xxxpredictiveHigh
140Libraryxxxx.xxxpredictiveMedium
141Libraryxxx/xxxxxxxxxx/xxxxx/xxxxxx.xxxpredictiveHigh
142LibraryxxxxxxxxxxpredictiveMedium
143Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHigh
144Libraryxxxxxxxx.xxxpredictiveMedium
145Libraryxxx/xxxxxxx.xxxxxx.xxx/xxx/xxxxxxxxxxxxx.xxpredictiveHigh
146Libraryxxxxxx.xxxpredictiveMedium
147Argument$_xxx['xxx']/$_xxx['xxxx'].predictiveHigh
148Argument$_xxxx['xxxx']/$_xxxx[xxxxx]predictiveHigh
149Argument-xxxxx-xxxxpredictiveMedium
150Argument-xpredictiveLow
151Argumentxxx_xxxxxxxxxxpredictiveHigh
152ArgumentxxxxxxxxxpredictiveMedium
153ArgumentxxxxxxxxpredictiveMedium
154ArgumentxxxxxxxpredictiveLow
155ArgumentxxxxxxxxxxpredictiveMedium
156ArgumentxxxxxxpredictiveLow
157ArgumentxxxxpredictiveLow
158ArgumentxxxxxpredictiveLow
159ArgumentxxxxxpredictiveLow
160ArgumentxxxxxxxxpredictiveMedium
161Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
162ArgumentxxxxxxxxpredictiveMedium
163ArgumentxxxxxxxxxxpredictiveMedium
164ArgumentxxpredictiveLow
165ArgumentxxxxxxxxxxpredictiveMedium
166ArgumentxxxxxxxxxxxxxxpredictiveHigh
167ArgumentxxxxxpredictiveLow
168ArgumentxxxxxxpredictiveLow
169ArgumentxxxxxxxpredictiveLow
170Argumentxxxxxxx/xxxxxxxxxxxxpredictiveHigh
171ArgumentxxxxxxxxpredictiveMedium
172ArgumentxxxxpredictiveLow
173Argumentxxxxx/xxxxx_xxxxxxxx/xxxxpredictiveHigh
174Argumentxxxx xxxxxpredictiveMedium
175ArgumentxxxxpredictiveLow
176ArgumentxxxxpredictiveLow
177ArgumentxxxxxxxxpredictiveMedium
178Argumentxxxx_xxxxpredictiveMedium
179ArgumentxxxxxxxpredictiveLow
180ArgumentxxxpredictiveLow
181ArgumentxxxxxxxxxxxxpredictiveMedium
182ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
183ArgumentxxxpredictiveLow
184ArgumentxxxxxxxxxpredictiveMedium
185Argumentxxxx_xxxxxxpredictiveMedium
186ArgumentxxxpredictiveLow
187ArgumentxxxxxxxxxxxxxxpredictiveHigh
188ArgumentxxxpredictiveLow
189ArgumentxxxxxxxxxxxxpredictiveMedium
190ArgumentxxxxxxxpredictiveLow
191ArgumentxxxpredictiveLow
192Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
193Argumentxxxxxxxx_xxpredictiveMedium
194Argumentxxx_xxxxxxxx_xxpredictiveHigh
195Argumentxxxx_xxxxxx/xxxxxx/xxxxxxpredictiveHigh
196Argumentxxxxxx/xxxxxxxxx/xxxxxxxpredictiveHigh
197ArgumentxxxxxxxpredictiveLow
198ArgumentxxxxpredictiveLow
199ArgumentxxxpredictiveLow
200ArgumentxxxxxxxxxpredictiveMedium
201ArgumentxxxpredictiveLow
202ArgumentxxxpredictiveLow
203Argumentxxxx/xxxxpredictiveMedium
204ArgumentxxxxxxxxpredictiveMedium
205Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
206Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxx/xxxx_xxxx/xxxxxxx/xxxxxpredictiveHigh
207ArgumentxxxxxpredictiveLow
208ArgumentxxxxpredictiveLow
209Argument_xxxxxpredictiveLow
210Input Value%xxxxxxxx%xxxxxxx(x)%xx/xxxxxx%xxpredictiveHigh
211Input Value%xx%xx%xx;xxxxxxx%xx%xx;/*predictiveHigh
212Network PortxxxxpredictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!