SharpPanda Analysis

IOB - Indicator of Behavior (143)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en106
zh30
it4
jp2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

PHP6
Palo Alto PAN-OS6
SeaCMS4
D-Link DAP-13504
Oracle WebLogic Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2vu Mass Mailer Login Page redir.asp sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002710.09CVE-2007-6138
3PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.089850.04CVE-2006-0996
4vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001060.09CVE-2018-6200
5Cisco ASA Version information disclosure5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.002880.04CVE-2014-3398
6Apache HTTP Server mod_ssl ap_hook_process_connection null pointer dereference7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.011660.04CVE-2017-3169
7PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.017440.04CVE-2007-1287
8Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.47
9WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.008040.03CVE-2006-5509
10Linux Foundation Xen EFLAGS Register SYSENTER input validation6.25.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000620.05CVE-2013-1917
11AXIS 2110 Network Camera editcgi.cgi path traversal5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.014920.04CVE-2004-2426
12Juniper Networks Session Smart Router authentication bypass9.99.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000910.04CVE-2024-2973
13Check Point Quantum Gateway/Spark Gateway/CloudGuard Network Remote Access VPN information disclosure6.46.4$0-$5k$0-$5kHighNot Defined0.945040.04CVE-2024-24919
14Fortinet FortiOS SSL-VPN out-of-bounds write9.89.6$25k-$100k$25k-$100kHighOfficial Fix0.018420.21CVE-2024-21762
15Synology DiskStation Manager SliceUpload imageSelector.cgi access control6.56.2$0-$5k$0-$5kHighOfficial Fix0.973310.00CVE-2013-6955
16Hestia Control Panel Domain Name Privilege Escalation5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.001390.00CVE-2021-27231
17Bitrix Site Manager redirect.php link following5.34.7$0-$5k$0-$5kUnprovenUnavailable0.001130.04CVE-2008-2052
18PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003990.21CVE-2007-0529
19Moodle server-side request forgery6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000880.00CVE-2023-35133
20Extreme Networks ExtremeWireless Aerohive HiveOS/IQ Engine NetConfig UI Administrative Interface code injection8.88.8$0-$5k$0-$5kNot DefinedNot Defined0.835260.00CVE-2020-16152

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • G20 Nations

IOC - Indicator of Compromise (14)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (60)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/system_mgr.cgipredictiveHigh
2File/data/config.ftp.phppredictiveHigh
3File/forum/away.phppredictiveHigh
4File/modules/profile/index.phppredictiveHigh
5File/out.phppredictiveMedium
6File/tmppredictiveLow
7File/uncpath/predictiveMedium
8Filexxxxxxx.xxxpredictiveMedium
9Filexxxxxxxx.xxxpredictiveMedium
10Filexxxxx_xxxxx.xxxpredictiveHigh
11Filexxxx-xxxxxxx.xpredictiveHigh
12Filexxxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxxpredictiveHigh
13Filexxx-xxx/xxxxxx.xxxpredictiveHigh
14Filexxxxxxx.xxxpredictiveMedium
15Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx.xxxxx.xxxpredictiveHigh
17Filexxxxxxx.xxxpredictiveMedium
18Filexxxx.xxxpredictiveMedium
19Filexxx_xxxx.xpredictiveMedium
20Filexxxx.xxxpredictiveMedium
21Filexxxx_xxxxx.xpredictiveMedium
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxxxx.xxxxpredictiveMedium
24Filexxxxx.xxxpredictiveMedium
25Filexxx-xxx.xxxx.xxpredictiveHigh
26Filexxxxx.xxxpredictiveMedium
27Filexxxxxxxx.xxxpredictiveMedium
28Filexxxxxxxxxx.xxxpredictiveHigh
29Filexxxxxxxxx-xxxx-xxxxxx.xxxpredictiveHigh
30Filexxx.xxxpredictiveLow
31Filexxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
32Libraryxxxxxxxx.xxxpredictiveMedium
33Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
34Libraryxxxxxxxxxxx.xxxpredictiveHigh
35Argument--xxxxxx/--xxxxxxxxpredictiveHigh
36ArgumentxxxxxxpredictiveLow
37Argumentxxxxxx/xxxx/xxxx/xxxxx/xxxxxx/x_xxxxxxx/x_xxxxxxxx/x_xxxxxxx/x_xxxxxpredictiveHigh
38Argumentxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
39ArgumentxxxxxxxxxxxpredictiveMedium
40Argumentxxx_xxxxx_xxxxpredictiveHigh
41ArgumentxxxxxxxxpredictiveMedium
42ArgumentxxxxxxxpredictiveLow
43ArgumentxxxxxxpredictiveLow
44ArgumentxxxxpredictiveLow
45ArgumentxxxxpredictiveLow
46ArgumentxxxxxxxxpredictiveMedium
47ArgumentxxpredictiveLow
48ArgumentxxpredictiveLow
49ArgumentxxxxxxpredictiveLow
50ArgumentxxxxxxxxpredictiveMedium
51ArgumentxxxxpredictiveLow
52ArgumentxxxxxxxpredictiveLow
53Argumentxxxx_xxpredictiveLow
54ArgumentxxxpredictiveLow
55ArgumentxxxpredictiveLow
56ArgumentxxxxxxxxpredictiveMedium
57Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
58Input Value../predictiveLow
59Input Valuex' xx x=x--predictiveMedium
60Network Portxxx xxxxxx xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!