RATicate Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en32
de10
fr3
es3
pl3

Country

us42
gb3
fr3
hu1
se1

Actors

RATicate51

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.09CVE-2004-2175
2PhotoPost PHP Pro showproduct.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.09CVE-2004-0250
3MDaemon Webmail cross site scripting5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2019-8983
4Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.49CVE-2017-0055
5OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.15CVE-2016-6210
6Synology DiskStation Manager Change Password password recovery7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2018-8916
7BitTorrent uTorrent Bencoding Parser input validation6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2020-8437
8Gallarific PHP Photo Gallery script gallery.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.08CVE-2011-0519
9Popup Maker Plugin do_action authorization8.27.8$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-17574
10FreeBSD geli cryptographic issues4.43.9$5k-$25k$0-$5kUnprovenOfficial Fix0.04CVE-2012-4578
11BusyBox Terminal lineedit.c add_match code injection7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-16544
12thttpd WebService information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.05
1310Web Photo Gallery plugin Filemanager model.php sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2019-14313
14SonicWALL AntiSpam / EMail Security Appliance MTA Queue Report Module reports_mta_queue_status.html cross site scriting8.07.6$0-$5k$0-$5kNot DefinedOfficial Fix0.06
15Sagemcom F@st 5260 WPA Mode 7pk security5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2019-9555
16Google Android MediaTek Driver access control7.27.2$25k-$100k$25k-$100kNot DefinedNot Defined0.00CVE-2016-6782
17PHPChain cat.php cross site scriting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2007-2669
18phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.15CVE-2019-6798
19Exim Expansion data processing9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-13917
20Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.77CVE-2014-4078

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameCampaignsConfidence
179.134.225.11High
279.134.225.97High

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegesHigh
3T1211CWE-2547PK Security FeaturesHigh
4TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxHigh

IOA - Indicator of Attack (20)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/uncpath/Medium
2Filecat.phpLow
3Filedetail.phpMedium
4Filexxxxxxxxxxx/xxxxx.xxxHigh
5Filexxxxxxx.xxxMedium
6Filexxxxx/xxxxxxxx.xHigh
7Filexxx.xxLow
8Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxHigh
9Filexxxx_xxxxxxxxx.xxxHigh
10Filexxxx_xxxxxxx_xxxxxxxx.xxxHigh
11Filexxxxxxxxxxx.xxxHigh
12Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxHigh
13ArgumentxxxLow
14ArgumentxxxxxLow
15Argumentxxx_xxLow
16ArgumentxxxxxxxxMedium
17ArgumentxxLow
18Argumentxxxx_xxLow
19ArgumentxxxxxLow
20ArgumentxxxxxxxxMedium

References (1)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!