Shadowbrokers Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (8)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Glupteba1
Ramnit1
Darkkomet1
Shadowbrokers1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined6
Project Management Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Byzoro2
Not Defined2
Sourcecodehero2
Campcodes2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Byzoro Smart S85F Management Platform2
centreon2
Sourcecodehero ERP System Project2
Campcodes Online Thesis Archiving System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Totolink LR1200GB Web Interface cstecgi.cgi loginAuth stack-based overflow9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.05CVE-2024-1783
2Byzoro Smart S85F Management Platform unrestricted upload7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002250.20CVE-2023-4121
3Byzoro Smart S85F Management Platform importhtml.php command injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.006680.05CVE-2023-4120
4Campcodes Online Thesis Archiving System view_department.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.05CVE-2023-2144
5centreon Contact Groups Form formContactGroup.php sql injection6.35.8$0-$5k$0-$5kNot DefinedOfficial Fix0.002160.05CVE-2022-3827
6Sourcecodehero ERP System Project processlogin.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001700.07CVE-2022-3118
7Daimler Mercedes Comand Navigation Route Calculation data processing6.26.2$0-$5k$0-$5kFunctionalUnavailable0.000630.05CVE-2018-18070
8Daimler Mercedes Me App Certificate Pinning information disclosure6.05.9$0-$5k$0-$5kHighOfficial Fix0.002680.05CVE-2018-18071

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
169.55.1.30Shadowbrokers04/13/2022verifiedMedium
269.55.1.36Shadowbrokers04/13/2022verifiedMedium
369.55.1.37Shadowbrokers04/13/2022verifiedMedium
469.55.1.100Shadowbrokers04/13/2022verifiedMedium
569.55.1.146Shadowbrokers04/13/2022verifiedMedium
6XX.XX.X.XXXXxxxxxxxxxxxx04/13/2022verifiedMedium
7XX.XX.X.XXXXxxxxxxxxxxxx04/13/2022verifiedMedium
8XX.XX.X.XXXXxxxxxxxxxxxx04/13/2022verifiedMedium
9XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
10XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
11XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
12XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
13XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
14XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
15XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
16XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
17XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
18XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
19XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
20XX.XX.X.XXXxxx-xxxx.xxxxxxx.xxxXxxxxxxxxxxxx04/13/2022verifiedMedium
21XX.XX.X.XXXxxxxxxxxxxxx04/13/2022verifiedMedium
22XX.XX.X.XXXxxxxxxxxxxxx04/13/2022verifiedMedium
23XX.XX.X.XXXxxxxxxxxxxxx04/13/2022verifiedMedium
24XX.XX.X.XXXxxxxxxxxxxxx04/13/2022verifiedMedium
25XX.XX.X.XXXxxxxxxxxxxxx04/13/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1202CAPEC-136CWE-77Command Shell in Externally Accessible DirectorypredictiveHigh
2TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
3TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/departments/view_department.phppredictiveHigh
2File/cgi-bin/cstecgi.cgipredictiveHigh
3File/xxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
4Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
5Filexxxxxxxxxx.xxxpredictiveHigh
6Argumentxx_xxpredictiveLow
7Argumentxxxx_xxxxxxpredictiveMedium
8Argumentxxxx_xxxxpredictiveMedium
9ArgumentxxpredictiveLow
10ArgumentxxxpredictiveLow
11ArgumentxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!