Python Analysis

IOB - Indicator of Behavior (36)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en30
zh6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OTFCC4
Unisoc T6104
Unisoc T6064
Unisoc T7604
HTC One2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.520.01213CVE-2007-0529
2VMware vSphere Replication command injection6.76.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.080.01156CVE-2021-21976
3Oracle MySQL Server InnoDB access control5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01104CVE-2018-3185
4Jenkins Queue authorization5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2021-21670
5NAS4Free exec.php code injection6.36.3$0-$5k$0-$5kHighNot Defined0.040.72066CVE-2013-3631
6Acer Quick Access QAAdminAgent.exe untrusted search path6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2019-18670
7Advanced SystemCare Ultimate Driver Monitor_win7_x64.sys input validation7.27.2$0-$5kCalculatingNot DefinedNot Defined0.020.00885CVE-2018-9006
8INEX IPX-Manager list.foil.php cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00954CVE-2022-4559
9OTFCC otfccdump+0x6c08a6 heap-based overflow6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2022-35043
10Unisoc S8000 Sensor Driver out-of-bounds write5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2022-39126
11Unisoc S8000 Sensor Driver integer overflow5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2022-39105
12OTFCC otfccdump+0x6b0b2c heap-based overflow6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2022-35048
13seccome Ehoney set sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.09029CVE-2022-3732
14AnyDesk Portable Mode gcapi.dll uncontrolled search path6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.180.00885CVE-2020-35483
15INSMA Wifi Mini Spy 1080P HD Security IP Camera SD Card recdata.db unrestricted upload5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.030.01036CVE-2020-19642
16HTC One/Sense Mail Client certificate validation4.84.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.340.00885CVE-2013-10001
17Ubi Uplay PC Installation access control8.47.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.01832CVE-2014-5453
18phpMyAdmin Setup cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2022-23808
19eGeeTouch 3rd Generation Travel Padlock App Pairing cleartext transmission2.02.0$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2021-44518
20Microsoft Excel Security Feature Macro 7pk security5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.090.06416CVE-2017-11877

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/v1/bait/setpredictiveHigh
2File/release-x64/otfccdump+0x6b0b2cpredictiveHigh
3File/xxxxxxx-xxx/xxxxxxxxx+xxxxxxxxpredictiveHigh
4Filexxxx.xxxpredictiveMedium
5Filexxxxx.xxxxpredictiveMedium
6Filexxxxxxxxxxxx.xxxpredictiveHigh
7Filexxxxxxx.xxpredictiveMedium
8Filexxxxxxxxx/xxxxx/xxxxxxxx/xxxx.xxxx.xxxpredictiveHigh
9Libraryxxxxx.xxxpredictiveMedium
10Libraryxxxxxxx_xxxx_xxx.xxxpredictiveHigh
11Libraryxxxxx.xxxpredictiveMedium
12ArgumentxxxxpredictiveLow
13ArgumentxxxxxxxpredictiveLow

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!