Qrypter Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (123)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en124

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us82
cn4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Adwind1
Qrypter1
Remcos1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined46
Firewall Software16
Content Management System6
E-Commerce Management Software4
Application Server Software4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined40
Cisco18
Trevor Mckay6
Apache6
2daybiz6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Cisco ASA 558016
Trevor Mckay Cumin6
PrestaShop4
Apache Tomcat4
condor4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1auth0.js Password insufficiently protected credentials3.83.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000630.00CVE-2020-5263
2LearnDash Plugin sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.001380.02CVE-2020-6009
3cPanel Script privileges management5.34.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.03
4WordPress Multisite API ms-functions.php cryptographic issues7.47.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.006570.00CVE-2017-5493
5D-Link DWR-932B Telnet/SSH Service hard-coded credentials9.89.6$5k-$25k$0-$5kNot DefinedWorkaround0.510040.01CVE-2016-10177
6JetBrains Space Password Authentication improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.003090.00CVE-2020-11796
7PrestaShop AdminFeatures Page Reflected cross site scripting4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2020-5269
8PrestaShop Product Attributes Page access control4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.00CVE-2020-5288
9IBM Maximo Asset Management Web UI cross site scripting4.74.7$5k-$25k$0-$5kNot DefinedNot Defined0.000500.00CVE-2019-4749
10OpenMRS login.htm input validation5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001050.00CVE-2020-5728
11IBM MQ information disclosure3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.000420.03CVE-2020-4338
12Schneider Electric TriStation 1131 information disclosure6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001710.00CVE-2020-7483
13Google Android rw_t2t_ndef.cc rw_t2t_extract_default_locks_info out-of-bounds write8.58.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001020.00CVE-2020-0071
14IBM UrbanCode Deploy Permission information disclosure3.13.1$5k-$25k$0-$5kNot DefinedNot Defined0.000500.04CVE-2020-4260
15ClearPass Stored cross site scripting3.63.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.04CVE-2020-7110
16LG Mobile Device GPS unknown vulnerability5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000440.00CVE-2019-20784
17IBM MQ Error denial of service4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.000840.00CVE-2019-4762
18Netgear WAC510 Stored cross site scripting4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2019-20742
19iCatch DVR command injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001040.03CVE-2020-10514
20Cisco UCS Director/UCS Director Express for Big Data REST API input validation8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.967560.00CVE-2020-3250

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1178.175.138.211178-175-138-211.static.as43289.netQrypter05/31/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCAPEC-136CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
9TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
11TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (40)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ajax/GetInheritedPropertiespredictiveHigh
2File/MicroStrategyWS/happyaxis.jsppredictiveHigh
3File/web/google_analytics.phppredictiveHigh
4Filecustomize.phppredictiveHigh
5Filecustomprofile.phppredictiveHigh
6FileeditAccount.htmlpredictiveHigh
7Filexxxxxxxxxxxxx.xxxpredictiveHigh
8Filexxxxxxxxxxxx.xxxpredictiveHigh
9Filexxx/xxxxxx.xxxpredictiveHigh
10Filexxxxx.xxxpredictiveMedium
11Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
12Filexxxx_xxxx.xxxpredictiveHigh
13Filexxxxxx.xpredictiveMedium
14Filexxxxx.xxxpredictiveMedium
15Filexxxxx.xxxpredictiveMedium
16Filexxxxxx.xxxpredictiveMedium
17Filexxxxxxx.xxxpredictiveMedium
18Filexx_xxx_xxxx.xxpredictiveHigh
19Filexxxx-xxxxxx-xxx.xxxpredictiveHigh
20Filexxxxxxxx.xxxpredictiveMedium
21Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
22Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveHigh
23ArgumentxxxpredictiveLow
24ArgumentxxxxxxxxpredictiveMedium
25Argumentxxxx_xxpredictiveLow
26ArgumentxxxxxxxxxxxpredictiveMedium
27ArgumentxxxxxpredictiveLow
28ArgumentxxpredictiveLow
29Argumentxx_xxxxxxxpredictiveMedium
30ArgumentxxxxxxxxpredictiveMedium
31ArgumentxxxxxpredictiveLow
32ArgumentxxxxxxxxpredictiveMedium
33ArgumentxxxxxxxxpredictiveMedium
34ArgumentxxxxxxxxxxxpredictiveMedium
35ArgumentxxxpredictiveLow
36ArgumentxxxxxpredictiveLow
37ArgumentxxxxxxxxxxpredictiveMedium
38ArgumentxxxxxxxxpredictiveMedium
39ArgumentxxxxpredictiveLow
40Input ValuexxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!