Shellbot Analysis

IOB - Indicator of Behavior (353)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en202
es122
it8
de8
fr6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

es124
us42
it8
fr4
ru4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows8
Qualcomm Snapdragon Compute8
Qualcomm Snapdragon Connectivity8
Qualcomm Snapdragon Consumer IOT8
Qualcomm Snapdragon Industrial IOT8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.330.00943CVE-2010-0966
3Fortinet FortiOS Endpoint Monitor Persistent cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00000
4IBM TRIRIGA Application Platform Error Message information disclosure5.35.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00107CVE-2020-4277
5IBM Security Secret Server URL Parameter information disclosure3.73.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00063CVE-2021-20582
6Ultimate PHP Board UPB users.dat Password input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00226CVE-2002-2322
7Microsoft Windows Netlogon input validation7.57.4$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.01121CVE-2016-3228
8Cisco Unified Communications Manager Mobile/Remote Access Services input validation5.45.4$5k-$25k$0-$5kNot DefinedNot Defined0.020.00095CVE-2015-6410
9Magnolia CMS Edit Contact cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.020.00069CVE-2022-33098
10Tongda OA 2017 delete.php sql injection6.76.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00079CVE-2023-5285
11SourceCodester Engineers Online Portal remove_inbox_message.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.00077CVE-2023-5281
12Caphyon Advanced Installer WinSxS DLL uncontrolled search path7.87.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00042CVE-2022-4956
13ZZZCMS Database Backup File save.php restore permission7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00061CVE-2023-5263
14Tongda OA 2017 delete.php sql injection6.96.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.00077CVE-2023-5261
15SourceCodester Online Computer and Laptop Store Master.php register sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.120.00063CVE-2023-5373
16Xinhu RockOA Password password recovery5.45.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00054CVE-2023-5296
17yasm nasm-pp.c if_condition null pointer dereference4.54.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00057CVE-2021-33460
18Multi-Vendor Online Groceries Management System view_product.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00255CVE-2022-26632
19Linux Kernel KVM memory corruption5.55.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000.00042CVE-2021-22543
20vBulletin XMLRPC API breadcrumbs_create.php sql injection6.36.3$0-$5k$0-$5kHighUnavailable0.020.00102CVE-2014-2022

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • CVE-2020-17496

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.phppredictiveLow
2File/admin/save.phppredictiveHigh
3File/cgi-bin/web_index.cgi?lang=en&src=AwSystem.html&ertqVvnKV4TjU9VtpredictiveHigh
4File/chetc/shutdownpredictiveHigh
5File/etc/networkd-dispatcherpredictiveHigh
6File/integrations.jsonpredictiveHigh
7File/nav_bar_action.phppredictiveHigh
8File/nova/bin/traceroutepredictiveHigh
9File/photo/include/blog/article.phppredictiveHigh
10File/products/view_product.phppredictiveHigh
11File/purchase_order/classes/Master.php?f=delete_itempredictiveHigh
12File/rapi/read_urlpredictiveHigh
13File/var/adm/btmppredictiveHigh
14Fileactions/authenticate.phppredictiveHigh
15Filexxxxx.xxxpredictiveMedium
16Filexxxxx/xxxxxxxxx.xxxpredictiveHigh
17Filexxxxx/xxxxx.xxx/xxxxxxxx/xxxxxxpredictiveHigh
18Filexxx_xxxxxx_xxxxxx.xxxpredictiveHigh
19Filexxx.xxx?x=xxxxxxxx&x=xxxxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxxxx.xxxpredictiveHigh
22Filexxxxxxxxxxx_xxxxxx.xxxpredictiveHigh
23Filexxxx_xxxx.xxpredictiveMedium
24Filexxxxxx_xxxx.xxxpredictiveHigh
25Filexxxxxxxxx.xxpredictiveMedium
26Filexxxxxxxx.xpredictiveMedium
27FilexxxxxxxpredictiveLow
28Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
29Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
30Filexxx.xxxxxxxxxx.xxxxxxxxxxx.xxxxxxxxxxxxpredictiveHigh
31Filexxxxxx.xxxpredictiveMedium
32Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxxxxxx.xxxxpredictiveHigh
34Filexxx.xpredictiveLow
35Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
36Filexxxxxxx/xx/xxxxxx/xxxxx_xxxxx_xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
37Filexxxxxxx/xx/xxxxxxx/xxxxxxxxxxx/xxxxxx.xxxpredictiveHigh
38Filexxxxxxxxxxxxx.xxxxxpredictiveHigh
39Filexxx.xxxpredictiveLow
40Filexxx/xxxxxx.xxxpredictiveHigh
41Filexxx/xxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxx/xxxxxxx_xxxx/xxxxxx.xxxpredictiveHigh
43Filexxxxxxxxxxxx.xxxpredictiveHigh
44Filexxxxx.xpredictiveLow
45Filexxxxxxxxx.xxpredictiveMedium
46Filexxxxxxxxxx/xxxxxxxpredictiveHigh
47Filexxxxxx.xxxpredictiveMedium
48FilexxxxxxxxxpredictiveMedium
49Filexxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxx.xxxpredictiveMedium
51Filexxxxxxx/xxxxxxxx/xxxx/xxxx-xx.xpredictiveHigh
52Filexxx_xxxxx.xxxx/xxx_xxxxxxxx.xxxxpredictiveHigh
53Filexxx/xxxx/xxx.xpredictiveHigh
54Filexxx.xxxpredictiveLow
55Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
56Filexxxxxxx.xxxpredictiveMedium
57Filexxxxxx_xxxxx_xxxxxxx.xxxpredictiveHigh
58Filexxxxxxx.xxpredictiveMedium
59Filexxxxx\xxxx.xxxpredictiveHigh
60Filexxxx-xxx/xxxxxxxx.xxxpredictiveHigh
61Filexxxxxx_xxxx.xxxpredictiveHigh
62Filexxxxxx-xxxx.xpredictiveHigh
63Filexxxxxxxxxxxxxxxxxxx?xxxxxx=xxxxxxxxxxxxxxxxxxxpredictiveHigh
64Filexxxxx.xxxpredictiveMedium
65Filexxxxx.xxxpredictiveMedium
66Filexxxxxxxxxx.xxxxpredictiveHigh
67Filexxxxxxx.xxxpredictiveMedium
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxxxxx.xxxpredictiveHigh
70Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
71Library/xxx/xxx/xxx_xx-xxxxx-xxx/xxxxxxx.xx.xpredictiveHigh
72Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
73Libraryxxxxxxxxx.xxxpredictiveHigh
74Libraryxxx/xxxx/xxxxxx.xpredictiveHigh
75Libraryxxxxxx_xxx.xxxpredictiveHigh
76Libraryxxxxxx.xxxpredictiveMedium
77Libraryxxxxxxxx.xxxpredictiveMedium
78Argument-xpredictiveLow
79Argumentxxxxx/xxxxxpredictiveMedium
80ArgumentxxxxxxpredictiveLow
81Argumentxxx::xxxxxxx::xxxxxx/xxx::xxxxxxx::xxxxxxxxxxpredictiveHigh
82ArgumentxxxxpredictiveLow
83ArgumentxxxxxxxxpredictiveMedium
84Argumentxxxxxx/xxxxxxxxxx/xxxxpredictiveHigh
85ArgumentxxxxxxxxxxxxpredictiveMedium
86Argumentxxxxxxxx/xxxxxxpredictiveHigh
87ArgumentxxxxxxxxxxxxxxxpredictiveHigh
88ArgumentxxxxxxxxxpredictiveMedium
89Argumentxxxxxx_xxxxxxpredictiveHigh
90ArgumentxxxxxxxxxxxxpredictiveMedium
91Argumentxx_xxx_xxxxxpredictiveMedium
92ArgumentxxxxxpredictiveLow
93Argumentxxxxxxxxxx_xxpredictiveHigh
94ArgumentxxxxpredictiveLow
95ArgumentxxxxxxxxpredictiveMedium
96ArgumentxxxxpredictiveLow
97ArgumentxxxpredictiveLow
98ArgumentxxxpredictiveLow
99ArgumentxxxxpredictiveLow
100ArgumentxxpredictiveLow
101ArgumentxxxxxpredictiveLow
102ArgumentxxxxpredictiveLow
103Argumentxxxxxxxx_xxxpredictiveMedium
104ArgumentxxxpredictiveLow
105Argumentxxxx/xxxxxxxxxxxpredictiveHigh
106Argumentxxx xxxxxpredictiveMedium
107Argumentxxxxxxxxxxxxxxx/xxxx_xxxxpredictiveHigh
108ArgumentxxxxxxxxpredictiveMedium
109ArgumentxxxxxxpredictiveLow
110ArgumentxxxxxxxpredictiveLow
111ArgumentxxxxxpredictiveLow
112Argumentxxxxxxxxxxx_xxpredictiveHigh
113Argumentxxxxxx_xxxxpredictiveMedium
114Argumentxxxxxx$xxxpredictiveMedium
115ArgumentxxxxxxxxxxxxpredictiveMedium
116ArgumentxxxxxxxxpredictiveMedium
117ArgumentxxxxxpredictiveLow
118ArgumentxxxxpredictiveLow
119ArgumentxxxxxxxxpredictiveMedium
120ArgumentxxxxxpredictiveLow
121Input Valuex%xxxxx%xxx*x*x%xxx%xxxxx%xxxxx%xxxxxpredictiveHigh
122Network Portxxx xxxx/xxxx/xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!