Python Analysis

IOB - Indicator of Behavior (46)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en34
zh10
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Jenkins6
Unisoc T6104
Unisoc T6064
Unisoc T7604
Vmware Spring for GraphQL2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.420.00374CVE-2007-0529
2VMware vSphere Replication command injection6.76.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00182CVE-2021-21976
3Oracle MySQL Server InnoDB access control5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00098CVE-2018-3185
4Jenkins Queue authorization5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00054CVE-2021-21670
5NAS4Free exec.php code injection6.36.3$0-$5kCalculatingHighNot Defined0.040.54670CVE-2013-3631
6Acer Quick Access QAAdminAgent.exe untrusted search path6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00096CVE-2019-18670
7Advanced SystemCare Ultimate Driver Monitor_win7_x64.sys input validation7.27.2$0-$5kCalculatingNot DefinedNot Defined0.020.00042CVE-2018-9006
8PeaZip Library dragdropfilesdll.dll uncontrolled search path6.16.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00042CVE-2023-6891
9Microsoft Windows Pragmatic General Multicast Remote Code Execution9.88.9$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00786CVE-2023-36397
10Vmware Spring for GraphQL information disclosure3.53.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.00063CVE-2023-34047
11Jenkins Caption Parameter ExpandableDetailsNote cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00090CVE-2023-43495
12Jenkins Temporary Directory permission7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00055CVE-2023-43496
13Jenkins Stapler Web Framework permission6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.000.00050CVE-2023-43497
14Jenkins MultipartFormDataParser permission6.86.7$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00050CVE-2023-43498
15Jenkins Build Variable permission3.93.9$0-$5k$0-$5kNot DefinedNot Defined0.020.00044CVE-2023-43494
16SHIRASAGI path traversal7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00103CVE-2023-39448
17Artica Pandora FMS File Manager .htaccess unrestricted upload5.55.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00091CVE-2021-36697
18INEX IPX-Manager list.foil.php cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00063CVE-2022-4559
19OTFCC otfccdump+0x6c08a6 heap-based overflow6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.000.00065CVE-2022-35043
20Unisoc S8000 Sensor Driver out-of-bounds write5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00042CVE-2022-39126

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
123.21.126.66ec2-23-21-126-66.compute-1.amazonaws.comPython07/24/2021verifiedMedium
245.79.77.20li1176-20.members.linode.comPython04/13/2022verifiedHigh
354.221.253.252ec2-54-221-253-252.compute-1.amazonaws.comPython07/24/2021verifiedMedium
454.225.66.103ec2-54-225-66-103.compute-1.amazonaws.comPython07/24/2021verifiedMedium
554.225.220.115ec2-54-225-220-115.compute-1.amazonaws.comPython07/24/2021verifiedMedium
6XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
7XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
8XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
9XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
10XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
11XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx07/24/2021verifiedMedium
12XX.XX.XXX.XXxx.xxXxxxxx04/13/2022verifiedHigh
13XXX.XX.X.XXXxxxxx04/13/2022verifiedHigh
14XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
15XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
16XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
17XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
18XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
19XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
20XXX.XXX.XXX.XXXXxxxxx07/24/2021verifiedHigh
21XXX.XX.XXX.XXXxxxxx10/31/2022verifiedHigh
22XXX.XXX.XXX.Xxxx.xxxx.xxxXxxxxx10/31/2022verifiedHigh
23XXX.XXX.XXX.XXxxx.xxxx.xxxXxxxxx10/31/2022verifiedHigh
24XXX.XXX.XXX.XXxxx.xxxx.xxxXxxxxx10/31/2022verifiedHigh
25XXX.XXX.XXX.XXXxxx.xxxx.xxxXxxxxx10/31/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/api/v1/bait/setpredictiveHigh
3File/release-x64/otfccdump+0x6b0b2cpredictiveHigh
4File/xxxxxxx-xxx/xxxxxxxxx+xxxxxxxxpredictiveHigh
5Filexxxx.xxxpredictiveMedium
6Filexxxxx.xxxxpredictiveMedium
7Filexxxxxxxxxxxx.xxxpredictiveHigh
8Filexxxxxxx.xxpredictiveMedium
9Filexxxxxxxxx/xxxxx/xxxxxxxx/xxxx.xxxx.xxxpredictiveHigh
10Libraryxxxxxxxxxxxxxxxx.xxxpredictiveHigh
11Libraryxxxxx.xxxpredictiveMedium
12Libraryxxxxxxx_xxxx_xxx.xxxpredictiveHigh
13Libraryxxxxx.xxxpredictiveMedium
14ArgumentxxxxpredictiveLow
15ArgumentxxxxxxxpredictiveLow

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!