Sagent Analysis

IOB - Indicator of Behavior (409)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en372
de24
es12
sv2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us348
de26
co10
es6
ca4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android32
Adobe Experience Manager12
Foxit Reader8
Enghouse Web Chat6
PuTTY6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Omron CX-One CX-Programmer Password Storage information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2015-0988
2Oracle Java SE/JRE SunToolkit rt.jar setAccessible privileges management9.89.4$100k and more$0-$5kHighOfficial Fix0.000.92021CVE-2012-4681
3D-Link DIR-636L NCC Service improper authentication9.39.1$5k-$25k$0-$5kHighOfficial Fix0.000.82639CVE-2015-1187
4Google Chrome Prerendering privileges management5.65.4$100k and more$0-$5kNot DefinedOfficial Fix0.000.02686CVE-2013-2887
5Google Android APK Package Signature cryptographic issues8.17.3$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.020.03934CVE-2013-4787
6LG Optimus G E973 HiddenMenu User access control4.44.2$25k-$100k$0-$5kProof-of-ConceptNot Defined0.020.00954CVE-2013-3666
7Apple iOS Locking code injection4.03.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.020.11270CVE-2013-0912
8Belkin WeMo Distribution Feed cryptographic issues5.34.6$0-$5kCalculatingUnprovenOfficial Fix0.030.00885CVE-2013-6950
9Microsoft Internet Explorer Event resource management6.35.9$25k-$100k$0-$5kHighOfficial Fix0.060.89830CVE-2010-0249
10OpenSSL TLS/DTLS Heartbeat t1_lib.c dtls1_process_heartbeat memory corruption7.57.0$25k-$100k$0-$5kHighOfficial Fix0.030.96076CVE-2014-0160
11Microsoft Windows Kerberos KDC EsikmoRoll access control8.87.9$25k-$100k$0-$5kHighOfficial Fix0.000.77867CVE-2014-6324
12Mozilla Bugzilla Account Creation access control5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.020.03779CVE-2014-1572
13OpenX adclick.php redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.400.01213CVE-2014-2230
14LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.260.00000
15SourceCodester Microfinance Management System addcustomerHandler.php cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00885CVE-2022-1081
16Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.140.00000
17Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.490.25090CVE-2017-0055
18ThinkPHP Driver.class.php parseOrder sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2018-18546
19Linux Kernel hsr_device.c hsr_dev_finalize release of resource6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.01108CVE-2019-16995
20Cisco Unified Contact Center Express Web Server input validation6.76.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2019-15259

IOC - Indicator of Compromise (64)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
18.249.225.254SagentverifiedHigh
28.253.45.248SagentverifiedHigh
38.253.131.111SagentverifiedHigh
48.253.131.120SagentverifiedHigh
513.32.202.80server-13-32-202-80.iad66.r.cloudfront.netSagentverifiedHigh
623.199.71.185a23-199-71-185.deploy.static.akamaitechnologies.comSagentverifiedHigh
723.199.71.200a23-199-71-200.deploy.static.akamaitechnologies.comSagentverifiedHigh
837.187.11.160ns315812.ip-37-187-11.euSagentverifiedHigh
943.229.62.186rocket-cheese.bnr.laSagentverifiedHigh
1043.229.84.164mail.intelligence.com.sgSagentverifiedHigh
1165.99.252.200hv3svg038.neubox.netSagentverifiedHigh
1267.217.34.70ek.hosting-mexico.netSagentverifiedHigh
1368.66.224.4az1-sr1.supercp.comSagentverifiedHigh
14XX.XX.XX.XXXXxxxxxverifiedHigh
15XX.XX.XX.XXXXxxxxxverifiedHigh
16XX.XXX.XXX.XXxx.xxxxxxxxxx.xxxXxxxxxverifiedHigh
17XX.XX.XXX.XXXxxxxxxxx-xx-xx-xxx-xxx.xxxxx.xxxxXxxxxxverifiedHigh
18XX.XX.XXX.XXxxxxxxxxxxxxxx-xxx-x-x-xx.xxx-xx.xxx.xxxxxxx.xxXxxxxxverifiedHigh
19XX.XX.XXX.XXXxxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
20XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxx.xxx.xxxxxxx.xxXxxxxxverifiedHigh
21XX.XXX.XXX.XXxx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
22XX.XXX.XXX.Xxxx.xxx-xxxxxxxxx.xxxXxxxxxverifiedHigh
23XX.XXX.XXX.XXXxxxxxxxxxxxx.xxx.xxXxxxxxverifiedHigh
24XXX.XX.XX.XXXxxxxxverifiedHigh
25XXX.XX.XXX.XXXXxxxxxverifiedHigh
26XXX.XXX.XX.XXXXxxxxxverifiedHigh
27XXX.XXX.XXX.XXXxxxxxverifiedHigh
28XXX.XXX.XXX.XXXXxxxxxverifiedHigh
29XXX.X.X.XXXXxxxxxverifiedHigh
30XXX.X.X.XXXxxxx.xxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
31XXX.XX.XX.XXXXxxxxxverifiedHigh
32XXX.XX.XX.XXXXxxxxxverifiedHigh
33XXX.XXX.XXX.XXXxxxxx.xxxxxxxxx.xxxXxxxxxverifiedHigh
34XXX.XXX.XX.XXxx.xx.xxx.xxx-xxx.xxxxxxxxxxx.xxxXxxxxxverifiedHigh
35XXX.XX.XX.XXXxxx-xx-xx-xxx.xxxxxx.xxx.xxx.xxx.xxXxxxxxverifiedHigh
36XXX.XXX.XXX.XXXxxxxxx.xxx-xxxxxxxxx-xx.xxxXxxxxxverifiedHigh
37XXX.XXX.XX.XXXxx.xxxxxxxx.xxxXxxxxxverifiedHigh
38XXX.XX.XX.XXxxxxxxxx.xxxxxxxxx.xxXxxxxxverifiedHigh
39XXX.XXX.X.XXXXxxxxxverifiedHigh
40XXX.XXX.XX.XXXXxxxxxverifiedHigh
41XXX.XXX.XXX.XXXXxxxxxverifiedHigh
42XXX.XXX.XXX.XXXXxxxxxverifiedHigh
43XXX.XXX.XXX.XXXXxxxxxverifiedHigh
44XXX.XXX.XXX.XXXXxxxxxverifiedHigh
45XXX.XXX.XX.XXXXxxxxxverifiedHigh
46XXX.XX.XXX.XXxxxx-xxx-xxx-xxx-xxx.xx.xxx.xx.xxxXxxxxxverifiedHigh
47XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
48XXX.XX.XX.XXXxxxx-xxx-xx-xx-xxx.xxxxxxxxxxxx.xxXxxxxxverifiedHigh
49XXX.XXX.XXX.XXXxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxx.xxxXxxxxxverifiedHigh
50XXX.XX.XX.XXXxxxxxx.xxx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxverifiedHigh
51XXX.X.XX.XXXxxxxxx-xxxxxxxxxx-x-xx-xxx.xxx.xxx.xxXxxxxxverifiedHigh
52XXX.X.XXX.XXxxxxxx.xxxxxxxxxxxxxxx.xxx.xxXxxxxxverifiedHigh
53XXX.XXX.XX.XXXXxxxxxverifiedHigh
54XXX.XXX.XXX.XXXXxxxxxverifiedHigh
55XXX.XX.XX.Xxxxxxxxx.xxxXxxxxxverifiedHigh
56XXX.XX.XX.XXXXxxxxxverifiedHigh
57XXX.XXX.XXX.XXxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxverifiedHigh
58XXX.XXX.XX.XXXXxxxxxverifiedHigh
59XXX.XX.XX.XXXxxxx.xxx.xxx.xxXxxxxxverifiedHigh
60XXX.XX.XXX.XXXxxxxxx.xxxxxxxx.xxxXxxxxxverifiedHigh
61XXX.XXX.XXX.XXxxxxxxxx-xxx-xxx-xx.xxxxxxx.xxx.xxXxxxxxverifiedHigh
62XXX.XXX.XXX.XXxxxx.xxxxx.xxxXxxxxxverifiedHigh
63XXX.XXX.XXX.XXxxxx.xxxxx.xxxXxxxxxverifiedHigh
64XXX.XXX.XXX.XXXXxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (159)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/dev/dri/card1predictiveHigh
3File/forum/away.phppredictiveHigh
4File/integrations.jsonpredictiveHigh
5File/login/bin/set_parampredictiveHigh
6File/mims/app/addcustomerHandler.phppredictiveHigh
7File/nidp/app/loginpredictiveHigh
8File/scripts/unlock_tasks.phppredictiveHigh
9File/uncpath/predictiveMedium
10File/webconsole/APIControllerpredictiveHigh
11File1.user.phppredictiveMedium
12Fileadclick.phppredictiveMedium
13Fileadmin.jcomments.phppredictiveHigh
14Fileadmin/batch_manager_unit.phppredictiveHigh
15Fileadmin/index.phppredictiveHigh
16Fileadmin/user.php?form=update_f&user_namepredictiveHigh
17Fileadmincp.phppredictiveMedium
18FileajaxServerSettingsChk.phppredictiveHigh
19Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxx_xxxxxxx.xxxxx.xxxpredictiveHigh
20Filexxx/xxxxxx/xxxxxxx/xxxxx/xxxxxxx_xxxxx.xxxxx.xxxpredictiveHigh
21Filexxxxxx/xx/xxxxxx.xxxxxxxxxx.xxxxxxx.xxpredictiveHigh
22Filexx-xxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
23Filexxxxxxxxx.xxxpredictiveHigh
24Filexxxxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxxx.xpredictiveMedium
26Filexxxxxxxxxx.xxxpredictiveHigh
27Filexxxxxx.xxxpredictiveMedium
28Filexxxxxxxxxxxxx.xxxxpredictiveHigh
29Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
30Filexxxxxx/xxxxxxxpredictiveHigh
31Filexxxxxx/xxxxxx/xxx_xxxx.xpredictiveHigh
32Filexxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
34Filexxxxxxx.xxxpredictiveMedium
35Filexxxxxx_xxxxxxx.xxxpredictiveHigh
36Filexxx_xxxxxx_xxxx_xxxxxx.xpredictiveHigh
37Filexxxxxx.xxxpredictiveMedium
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxxxxxxx.xxxpredictiveHigh
40Filexxxxxxxxx_xxxxxx.xxxpredictiveHigh
41Filexxxxxxxxx_xxxx.xxxpredictiveHigh
42Filexxxx.xxxpredictiveMedium
43Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
44Filexxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
45Filexxxxxx.xxxpredictiveMedium
46Filexxx_xxxx.xpredictiveMedium
47Filexxxxxxxxxx/xxxxxxx.xxxxpredictiveHigh
48Filexxxx.xxxpredictiveMedium
49Filexxx/xxxxxxxxx-xxxxx.xxxpredictiveHigh
50Filexxx/xxxxxx.xxxpredictiveHigh
51Filexxxxxxxx/xxx/xxx_xxxxxxx.xxxpredictiveHigh
52Filexxxxx.xxxpredictiveMedium
53Filexxxx.xxxpredictiveMedium
54Filexxxx.xxxxxxpredictiveMedium
55Filexxxxx.xxxxx.xxxx.xxxxx.xxxxxxxxxxxx.xxxxxxxxxxxpredictiveHigh
56Filexxx/xxxpredictiveLow
57Filexxxxx_xxxxx_xxxx.xpredictiveHigh
58Filexx.xxxpredictiveLow
59Filexxxxxxxx.xxxpredictiveMedium
60Filexxxxxxx.xxxpredictiveMedium
61Filexxxxxxxxxx/xxx.xpredictiveHigh
62Filexxxxxxx_xxxxxxxxx_xxxxx.xpredictiveHigh
63Filexxxxxx_xxxxxxxx_xxxxxxxxxxx.xpredictiveHigh
64Filexxxxxxx/xxxxxxxx_xxxxx.xxxpredictiveHigh
65Filexxxxxxx/xxxxx/xx/xxxxxx.xxxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxxxxxxx.xxxpredictiveHigh
68Filexxxxx_x.xxpredictiveMedium
69Filexxxxxx.xxxpredictiveMedium
70Filexxx/xxx/xxx_xxxxxx.xpredictiveHigh
71Filexxx/xxxx/xxx.xpredictiveHigh
72Filexxx_xxx_xxx.xxpredictiveHigh
73Filexxx/xxxx/xxxxx/xxxxxxx.xxpredictiveHigh
74Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
75Filexxxxx/xxxxxxx/predictiveHigh
76Filexxxxxxxxx.xxxpredictiveHigh
77Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxx.xxxpredictiveMedium
79Filexxxxx_xxxxxxxx_xx.xxpredictiveHigh
80Filexxxxxxxxxx.xpredictiveMedium
81Filexxxxxxxx.xxxpredictiveMedium
82Filexxx_xxxx.xpredictiveMedium
83Filexx.xxxpredictiveLow
84Filexx_xxx.xxpredictiveMedium
85Filexxxxxx.xxxx.xxxpredictiveHigh
86Filexxxxxxxxxxx_xxxxx.xxxpredictiveHigh
87Filexxxxxxxx_xxxxxxxxxxxxx_xxxxx.xxxpredictiveHigh
88Filexxxx-xxxx-xxxx.xpredictiveHigh
89Filexxxx/xxxxpredictiveMedium
90Filexxxxx/predictiveLow
91Filexxxxxx.xxxpredictiveMedium
92Filexxxx.xpredictiveLow
93Filexxx_xxxxxxxx.xxxpredictiveHigh
94FilexxxxxxxxxpredictiveMedium
95Filexxxxxx.xxxpredictiveMedium
96File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
97Libraryxxxxxx.xxxpredictiveMedium
98Libraryxxxxxx.xxxxxxxxx.xxxxxxx.xxxxx_xxxxx.xxxpredictiveHigh
99Libraryxxxxxxxxx.xxxxx.xxxxx.xxxxxx.xxxxxx.xxxxxxxx.xxxpredictiveHigh
100Libraryxxx/xxxxxxx.xxpredictiveHigh
101Libraryxxxxxx.xxxpredictiveMedium
102Libraryxxxxxxx.xxxpredictiveMedium
103Libraryxxx/xx_xxx.xpredictiveMedium
104Libraryxxxx.xxxpredictiveMedium
105Argumentxxxxxx-xxxxxxxxpredictiveHigh
106ArgumentxxxxxpredictiveLow
107ArgumentxxxxxxxxxpredictiveMedium
108ArgumentxxxxxpredictiveLow
109ArgumentxxxxxxxxpredictiveMedium
110Argumentxxxx/xxxxxx/xxxxxx/xxxx/xxxxxxx/xxxxxxxxxpredictiveHigh
111ArgumentxxxxxxxxxxpredictiveMedium
112ArgumentxxxxxxxpredictiveLow
113ArgumentxxxxxxpredictiveLow
114ArgumentxxxpredictiveLow
115ArgumentxxxxxxxxxxpredictiveMedium
116ArgumentxxxxxpredictiveLow
117Argumentxx_xxxxpredictiveLow
118ArgumentxxxxpredictiveLow
119Argumentxxxx_xxxx_xxpredictiveMedium
120Argumentxxxxxxx_xxxpredictiveMedium
121ArgumentxxxxxxxxxpredictiveMedium
122Argumentxxxxxxxxxx_xxxxpredictiveHigh
123ArgumentxxxxpredictiveLow
124Argumentxxxxx_xxxxpredictiveMedium
125Argumentxxxxx_xxxx/xxxxxx_xxxx/xxxxxxxpredictiveHigh
126ArgumentxxpredictiveLow
127ArgumentxxxxpredictiveLow
128ArgumentxxpredictiveLow
129Argumentxxxxx[xxxxx][xx]predictiveHigh
130Argumentxxxx_xxpredictiveLow
131ArgumentxxxpredictiveLow
132ArgumentxxxxpredictiveLow
133Argumentxxxx xxxxpredictiveMedium
134ArgumentxxxxpredictiveLow
135ArgumentxxxxxpredictiveLow
136ArgumentxxxxxpredictiveLow
137ArgumentxxxxpredictiveLow
138ArgumentxxxxxpredictiveLow
139ArgumentxxxxxxxxxpredictiveMedium
140ArgumentxxxxxxxxpredictiveMedium
141ArgumentxxxxxxxxpredictiveMedium
142ArgumentxxxxxxxxxpredictiveMedium
143ArgumentxxxxxxpredictiveLow
144ArgumentxxxxxxxxxpredictiveMedium
145ArgumentxxxxpredictiveLow
146ArgumentxxxxpredictiveLow
147ArgumentxxxxxpredictiveLow
148ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
149ArgumentxxxpredictiveLow
150ArgumentxxxxxxxxpredictiveMedium
151Argumentxxxxxxxx/xxxx xxxx/xxxxxpredictiveHigh
152Argumentxxxxxxxxxxxxxxxxxx=xxxx:/xxxxxxxxx:xxxx/xxxxxxxxxxxxx/predictiveHigh
153Argumentx-xxxxxxxxx-xxxpredictiveHigh
154Argumentx-xxxxxxxxx-xxxpredictiveHigh
155Argumentxxx_xxxxxx/xxx_xxxxxxxxpredictiveHigh
156ArgumentxxxxpredictiveLow
157Input Value/%xx/predictiveLow
158Pattern|xx xx xx|predictiveMedium
159Network Portxxx/xxxpredictiveLow

References (8)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!