Retefe Analysis

IOB - Indicator of Behavior (170)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en120
sv24
ru20
jp4
pt2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ru82
us44
cn6
jp4
vn2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress6
FreeBSD6
gnuboard54
Linux Kernel4
Traefik4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2Htmly Blog Post cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00950CVE-2022-25022
3Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.990.00000
4WordPress Private Post information disclosure4.94.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2021-39203
5HP Router/Switch SNMP information disclosure3.73.4$5k-$25kCalculatingProof-of-ConceptOfficial Fix0.000.01815CVE-2012-3268
6vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.240.00885CVE-2018-6200
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.720.02800CVE-2007-0354
8Hscripts PHP File Browser Script index.php path traversal5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2018-16549
9Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.430.29797CVE-2014-4078
10ISC BIND DS Record resume_dslookup assertion7.57.0$5k-$25k$0-$5kFunctionalOfficial Fix0.020.00885CVE-2022-0667
11Django Template Language information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01018CVE-2021-45116
12Video Downloader for TikTok Plugin server-side request forgery5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2020-24142
13Microsoft Windows Win32k Privilege Escalation8.37.7$100k and more$0-$5kFunctionalOfficial Fix0.050.09099CVE-2021-40449
14Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.380.25090CVE-2017-0055
15Sphinx missing authentication7.47.2$0-$5kCalculatingNot DefinedWorkaround0.010.01108CVE-2019-14511
16vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.130.01136CVE-2015-1419
17Sterc Google Analytics Dashboard for MODX Internal Search widget.analytics.tpl cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.160.01108CVE-2017-20155
18Ovidentia index.php sql injection6.36.1$0-$5k$0-$5kHighUnavailable0.000.01232CVE-2008-4423
19DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.640.04187CVE-2010-0966
20Linux Kernel Thread Local Storage tls.c access control4.03.5$5k-$25k$0-$5kUnprovenOfficial Fix0.050.01547CVE-2014-8133

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (70)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/config.php?display=disa&view=formpredictiveHigh
2File/index.phppredictiveMedium
3File/members/view_member.phppredictiveHigh
4File/owa/auth/logon.aspxpredictiveHigh
5File/SSOPOST/metaAlias/%realm%/idpv2predictiveHigh
6File/uncpath/predictiveMedium
7Fileadclick.phppredictiveMedium
8Fileadmin/modules/master_file/rda_cmc.php?keywordspredictiveHigh
9Filebbs/faq.phppredictiveMedium
10Filexxxxxx.xxxpredictiveMedium
11Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
12Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
13Filexx.xxxpredictiveLow
14Filexxxxxxx/xxxxx/xxxxxxxx/xxxxxpredictiveHigh
15Filexxxxx.xxxpredictiveMedium
16Filexxxxxxx.xxxpredictiveMedium
17Filexxx/xxxx/xxxx.xpredictiveHigh
18Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
19Filexxxx.xxxpredictiveMedium
20Filexxxxxxx.xxxxxx.xxxpredictiveHigh
21Filexxxxx.xxxxpredictiveMedium
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxxxx.xxxpredictiveMedium
24Filexxxxxxxx/xx/xxxx.xxpredictiveHigh
25Filexx.xxxpredictiveLow
26Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
27Filexxxxxxxxxxx.xxxpredictiveHigh
28Filexxxxxxxxxx_xxxxxxx.xxxpredictiveHigh
29Filexxx/xxxxxpredictiveMedium
30Filexxxxxx_xxxxxxxxxx_xxxxx.xxxpredictiveHigh
31Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
32Filexxxx.xxxpredictiveMedium
33Filexxxxx.xxxpredictiveMedium
34Filexxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxx.xpredictiveLow
37Filexxxxxxxx/xxxxxxxxpredictiveHigh
38Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
39LibraryxxxxxxxxxpredictiveMedium
40ArgumentxxxxxxxxpredictiveMedium
41ArgumentxxxxxxxpredictiveLow
42ArgumentxxxxpredictiveLow
43Argumentxx_xxpredictiveLow
44ArgumentxxxxxxpredictiveLow
45ArgumentxxxxxxpredictiveLow
46ArgumentxxxxxxpredictiveLow
47ArgumentxxxxpredictiveLow
48ArgumentxxxxpredictiveLow
49ArgumentxxpredictiveLow
50ArgumentxxxxpredictiveLow
51ArgumentxxxpredictiveLow
52Argumentxxx-xx-xxxxxxxx-xxxxxpredictiveHigh
53ArgumentxxxxxxxpredictiveLow
54ArgumentxxxxxxxxpredictiveMedium
55ArgumentxxxxpredictiveLow
56ArgumentxxxxxxxpredictiveLow
57Argumentxxxxxxx_xxpredictiveMedium
58ArgumentxxxxxxpredictiveLow
59ArgumentxxxxxxxxxxxpredictiveMedium
60Argumentxxx:xxxpredictiveLow
61ArgumentxxxpredictiveLow
62Argumentxxxxx/xxxxxxxxxxxpredictiveHigh
63ArgumentxxxpredictiveLow
64ArgumentxxxpredictiveLow
65ArgumentxxxxxxxxpredictiveMedium
66Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveHigh
67Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
68Input Value../predictiveLow
69Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
70Network Portxxx/xxx (xxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!