RogueRaticate Analysisinfo

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en540
de168
zh162
sv26
es20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android4
Infopop Ultimate Bulletin Board4
WordPress4
WP-ViperGB Plugin2
Business Directory Script2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.038280.00CVE-2007-1192
2MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.014340.13CVE-2007-0354
3Microsoft Exchange Server ChainedSerializationBinder deserialization7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000000.00
4Squid Web Proxy Gopher Gateway null pointer dereference6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.005300.04CVE-2023-46728
5Fortinet FortiOS prof-admin Profile improper authorization7.77.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000890.05CVE-2023-41841
6Oracle Java SE Windows DLL access control8.38.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.001720.00CVE-2018-2942
7WordPress wp-trackback.php sql injection7.36.6$5k-$25k$0-$5kProof-of-ConceptNot Defined0.049420.07CVE-2007-0233
8OpenSSL DH Key dh_check.c DH_check denial of service5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.002380.05CVE-2023-3817
9WordPress wp-trackback.php mb_convert_encoding cryptographic issues5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.047550.05CVE-2009-3622
10Microsoft Office/Office LTSC/OneNote4.54.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000530.00CVE-2023-36769
11DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.028200.10CVE-2010-0966
12LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000000.30
13Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.05CVE-2009-4889
14Safe Exam Browser Clipboard Management information disclosure5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-37742
15JD-WordPress wp-trackback.php privileges management5.35.0$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000000.00
16Matt Wright Matt Wright Guestbook guestbook.pl cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.016810.05CVE-2006-1697
17Icewarp Webclient HTTP POST Request basic Persistent cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000660.04CVE-2010-5338
18Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001680.17CVE-2005-4222
19PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.005540.17CVE-2007-0529
20esoftpro Online Guestbook Pro ogp_show.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.001650.05CVE-2010-4996

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1178.159.37.25free.uaunit.comRogueRaticate10/29/2023verifiedHigh
2XXX.XXX.XX.XXxxxx.xxxxxx.xxxXxxxxxxxxxxxx10/29/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (158)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin-dashboardpredictiveHigh
2File/admin/edit_member.phppredictiveHigh
3File/backend/register.phppredictiveHigh
4File/cgi-binpredictiveMedium
5File/cgi-bin/ExportAllSettings.shpredictiveHigh
6File/forum/away.phppredictiveHigh
7File/include/comm_post.inc.phppredictiveHigh
8File/magnoliaPublic/travel/members/login.htmlpredictiveHigh
9File/members/poster.phppredictiveHigh
10File/register.dopredictiveMedium
11File/secure/EditSubscription.jspapredictiveHigh
12File/spip.phppredictiveMedium
13File/student/project_selection/move_up_project.phppredictiveHigh
14Fileadclick.phppredictiveMedium
15Fileaddentry.phppredictiveMedium
16Fileadmin.cgi/config.cgipredictiveHigh
17Fileadmin.phppredictiveMedium
18Fileadmin/admin.guestbook.phppredictiveHigh
19Fileadmin/admin.phppredictiveHigh
20Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
21Filexxxxx/xxxxx.xxxpredictiveHigh
22Filexxxxxxxxxxxxxx.xxxpredictiveHigh
23Filexxxxxxxx.xxxpredictiveMedium
24Filexxxxxxx.xxpredictiveMedium
25Filexxx/xxx.xxxpredictiveMedium
26Filexxxxx.xxxpredictiveMedium
27Filexxxxxxxxx.xpredictiveMedium
28Filexx-xxxxxxxxx.xxxpredictiveHigh
29Filexxxx_xx.xxpredictiveMedium
30Filexxxxxx_xxxxxxx_xxxxxxx.xxxpredictiveHigh
31Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
32Filexxxxx-xxxxxx-xxxxx-xx.xxpredictiveHigh
33Filexxxxx.xxxpredictiveMedium
34Filexxxxxx.xxxpredictiveMedium
35Filexxxxxx/xx/xx_xxxxx.xpredictiveHigh
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
39Filexxxx.xxxpredictiveMedium
40Filexxx.xxxpredictiveLow
41Filexxxxxx.xxxpredictiveMedium
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxxxx.xxxpredictiveMedium
44Filexxxx.xxxpredictiveMedium
45Filexxxxxxxxx.xxxpredictiveHigh
46Filexxxxxxxxx.xxpredictiveMedium
47Filexxx/xxxxxx.xxxpredictiveHigh
48Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
49Filexxxxx.xxxxpredictiveMedium
50Filexxxxx.xxxpredictiveMedium
51Filexxxx_xx.xxxpredictiveMedium
52Filexxxx.xxxpredictiveMedium
53Filexxxxxx_xxxxxxxxx.xxpredictiveHigh
54Filexxx_xxx_xxxx.xxxpredictiveHigh
55Filexx/xxxxxx.xpredictiveMedium
56Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
57Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
58Filexxx_xxxxx.xxxpredictiveHigh
59Filexxxxxxxxx.xxxpredictiveHigh
60Filexxx_xxxx.xxxpredictiveMedium
61Filexxxxxxx.xxxpredictiveMedium
62Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
63Filexxx_xxxx_xx_xxxxxx.xxxpredictiveHigh
64Filexxxxxxxx.xxxpredictiveMedium
65Filexxxxxxxxxxxx.xxxpredictiveHigh
66Filexxxxxxxxxxx.xxxpredictiveHigh
67Filexxx_xxxxxxxx.xxxpredictiveHigh
68Filexxx_xxx_xxxx_xxx.xxxpredictiveHigh
69Filexxxx.xxxpredictiveMedium
70Filexxxxx.xxxpredictiveMedium
71Filexxxxxxxx.xxxpredictiveMedium
72Filexxxxxxxxxx.xxxpredictiveHigh
73Filexxxxxxxx.xxxpredictiveMedium
74Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
75Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveHigh
76Filexxxxxxxx.xxxpredictiveMedium
77Filexxxxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx/xxxxxx.xxxpredictiveHigh
80Filexxxxxxx-xxxxxxxx.xxxpredictiveHigh
81Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
82Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
83Filexxxxxxxx.xxxxx.xxxpredictiveHigh
84Filexxxx-xxxxx.xxxpredictiveHigh
85Filexxxx-xxxxx.xxxpredictiveHigh
86Filexxxx-xxxxxxxx.xxxpredictiveHigh
87Filexxxxxxxxx.xxxpredictiveHigh
88Filexxxxxxx/xxxxx/predictiveHigh
89Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
90Filexx-xxxxx-xxxxx-xxxxxxxxxxxxx.xxxpredictiveHigh
91Filexx-xxxxxxxxx.xxxpredictiveHigh
92Filexxxx.xxpredictiveLow
93Libraryxxxx/xxx/xxxxxx.xxxpredictiveHigh
94Libraryxxxxxx.xxpredictiveMedium
95Libraryxxxxxxxxxx.xxxpredictiveHigh
96ArgumentxxxxxxxxpredictiveMedium
97ArgumentxxxxxpredictiveLow
98ArgumentxxxxxxpredictiveLow
99ArgumentxxxpredictiveLow
100ArgumentxxxxxxxxxxpredictiveMedium
101ArgumentxxxxxxxpredictiveLow
102Argumentxxxxxx[xxxx]predictiveMedium
103Argumentxxxxxxxxx[x]predictiveMedium
104ArgumentxxxxxxxxpredictiveMedium
105ArgumentxxxxpredictiveLow
106ArgumentxxxxpredictiveLow
107Argumentxxx/xxxxxxxpredictiveMedium
108Argumentxxx_xxxxpredictiveMedium
109ArgumentxxxxxxxpredictiveLow
110ArgumentxxxxxpredictiveLow
111Argumentxx_xxxxx_xxpredictiveMedium
112Argumentxxxxx_xxxpredictiveMedium
113Argumentxxxxx_xx/xxxx_xxxx/xxxxx/xxxxxx/xxxxxxx/xxxxxxpredictiveHigh
114ArgumentxxxxxxxxxpredictiveMedium
115ArgumentxxxxpredictiveLow
116Argumentxx_xxpredictiveLow
117ArgumentxxxxpredictiveLow
118Argumentxxxxx_xxpredictiveMedium
119Argumentxxxxxxxxx/xxxxxxpredictiveHigh
120ArgumentxxxxxxxpredictiveLow
121Argumentxxxxxxx[xxxxx_xxxx]predictiveHigh
122ArgumentxxpredictiveLow
123ArgumentxxxxxpredictiveLow
124Argumentxxx_xxxxxxxxpredictiveMedium
125ArgumentxxxxxxxpredictiveLow
126Argumentxxxxxxxx_xxxpredictiveMedium
127Argumentxxx_xxxx_xxxxxxxpredictiveHigh
128ArgumentxxxxpredictiveLow
129ArgumentxxxxxxxxxxpredictiveMedium
130Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
131ArgumentxxxxpredictiveLow
132ArgumentxxxxxxpredictiveLow
133ArgumentxxxxxxxpredictiveLow
134ArgumentxxxxxxxpredictiveLow
135ArgumentxxxxpredictiveLow
136ArgumentxxxxxxpredictiveLow
137ArgumentxxxxxxxxpredictiveMedium
138ArgumentxxxxxxpredictiveLow
139ArgumentxxxxpredictiveLow
140Argumentxxxxxxx_xxxxx_xxxxpredictiveHigh
141Argumentxx_xxxxpredictiveLow
142ArgumentxxxxxxpredictiveLow
143ArgumentxxxxxpredictiveLow
144ArgumentxxxpredictiveLow
145ArgumentxxxxxpredictiveLow
146ArgumentxxxxxxpredictiveLow
147ArgumentxxxpredictiveLow
148Argumentxx_xxpredictiveLow
149ArgumentxxxpredictiveLow
150ArgumentxxxxxpredictiveLow
151ArgumentxxxxxxxxxpredictiveMedium
152ArgumentxxpredictiveLow
153ArgumentxxxpredictiveLow
154ArgumentxxxxpredictiveLow
155ArgumentxxxxxxxxpredictiveMedium
156Argumentx-xxxxxxxxx-xxxpredictiveHigh
157Argument_xxx[xxxxxxx][xxxxxx]predictiveHigh
158Network Portxxx/xxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!