Shiz Analysis

IOB - Indicator of Behavior (167)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en130
de34
zh2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de34
us20
cn6
ir2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

PHP8
Dnsmasq8
Linux Kernel6
Google Android6
Microsoft IIS4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1D-Link DIR-846 QoS POST deserialization8.88.5$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-6580
2SourceCodester Online Exam System GET Parameter updateCourse.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.05CVE-2023-2642
3SourceCodester Online Internship Management System POST Parameter login.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.14CVE-2023-2641
4OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment memory leak6.06.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001530.10CVE-2023-2618
5OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeByteSegment null pointer dereference5.65.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.001770.14CVE-2023-2617
6SourceCodester Online Reviewer System GET Parameter user-update.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.005830.04CVE-2023-2596
7SourceCodester Billing Management System POST Parameter ajax_service.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.005830.04CVE-2023-2595
8SourceCodester Food Ordering Management System Registration sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002430.05CVE-2023-2594
9SourceCodester Multi Language Hotel Management Software POST Parameter ajax.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001010.05CVE-2023-2565
10jja8 NewBingGoGo cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000810.19CVE-2023-2560
11External Media without Import Plugin external-media-without-import.php print_media_new_panel cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000970.05CVE-2017-20183
12SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.05CVE-2023-2619
13PHP-Login POST Parameter class.loginscript.php checkLogin sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001440.05CVE-2016-15031
14Dnsmasq Pending Request security check4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.005360.03CVE-2020-25686
15Linux Kernel start_cpsch initialization5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.00CVE-2021-47551
16Linux Kernel i40e_dbg_dump_desc null pointer dereference5.75.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.04CVE-2021-47501
17Campcodes Legal Case Management System case-type cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.05CVE-2024-4724
18RRJ Nueva Ecija Engineer Online Portal Quiz add_quiz.php cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000510.00CVE-2024-0190
19Apache ActiveMQ deserialization7.57.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.001720.05CVE-2022-41678
20D-Link DIR-846 HNAP1 Privilege Escalation8.07.9$5k-$25k$5k-$25kNot DefinedNot Defined0.010400.00CVE-2023-33735

IOC - Indicator of Compromise (36)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
113.107.21.200Shiz11/06/2021verifiedMedium
213.107.22.200Shiz11/06/2021verifiedMedium
323.56.9.181a23-56-9-181.deploy.static.akamaitechnologies.comShiz11/06/2021verifiedMedium
423.253.126.58Shiz11/06/2021verifiedMedium
527.86.106.68mx01.au.comShiz05/11/2022verifiedMedium
635.229.93.4646.93.229.35.bc.googleusercontent.comShiz04/14/2022verifiedMedium
735.231.151.77.151.231.35.bc.googleusercontent.comShiz11/06/2021verifiedMedium
845.33.2.79li956-79.members.linode.comShiz11/06/2021verifiedMedium
9XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
10XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
11XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
12XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
13XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
14XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxXxxx11/06/2021verifiedMedium
15XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
16XX.XX.XXX.XXXxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
17XX.XX.XXX.XXxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
18XX.XX.XXX.XXXXxxx06/25/2022verifiedMedium
19XX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
20XXX.XXX.XXX.XXxxxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxx05/06/2022verifiedMedium
21XXX.XXX.XXX.XXXXxxx11/06/2021verifiedMedium
22XXX.XXX.XX.XXXx-xxxx.xx-xxxxxx.xxxXxxx11/06/2021verifiedMedium
23XXX.XX.XX.XXXxxx11/06/2021verifiedMedium
24XXX.XX.XX.XXXxxx11/06/2021verifiedMedium
25XXX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
26XXX.XXX.XXX.XXXXxxx05/06/2022verifiedMedium
27XXX.X.XXX.XXxxxxxx.xx.xxx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx05/11/2022verifiedMedium
28XXX.XX.XXX.XXXxxx05/06/2022verifiedMedium
29XXX.XXX.XXX.XXxxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxx02/20/2023verifiedMedium
30XXX.XX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxx11/06/2021verifiedMedium
31XXX.XXX.XX.XXXXxxx04/14/2022verifiedMedium
32XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxx04/14/2022verifiedMedium
33XXX.XX.XXX.XXXXxxx05/06/2022verifiedMedium
34XXX.XX.XXX.XXXxxx05/06/2022verifiedMedium
35XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx11/06/2021verifiedMedium
36XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxx04/14/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (133)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.htpasswdpredictiveMedium
2File/admin/budget/manage_budget.phppredictiveHigh
3File/admin/case-typepredictiveHigh
4File/admin/edit_subject.phppredictiveHigh
5File/admin/save_teacher.phppredictiveHigh
6File/admin/service.phppredictiveHigh
7File/api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequestpredictiveHigh
8File/building/backmgr/urlpage/mobileurl/configfile/jx2_config.inipredictiveHigh
9File/cas/logoutpredictiveMedium
10File/cgi-bin/nasset.cgipredictiveHigh
11File/changeimage.phppredictiveHigh
12File/dosen/datapredictiveMedium
13File/HNAP1predictiveLow
14File/HNAP1/predictiveLow
15File/index.php/weblinks-categoriespredictiveHigh
16File/jurusan/datapredictiveHigh
17File/xxxxx/xxxxpredictiveMedium
18File/xxxxxxxxxx/xxxxpredictiveHigh
19File/xxx/xxxxx?xxxxx=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&xxxxx=xxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
20File/xxxxxxxxx/xxxxpredictiveHigh
21File/xxxx/xxxxx-xx-x/predictiveHigh
22File/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
23File/xxxxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxxx/xxxxx/xxxx-xxxxxx.xxxpredictiveHigh
24File/xxxx_xxxxx.xxx?xxxxxxxxx=xxxxxxxpredictiveHigh
25File/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxxpredictiveHigh
26File/xxxxxxx/predictiveMedium
27File/xx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
28Filexxx_xxxx.xxxpredictiveMedium
29Filexxxxx/predictiveLow
30Filexxxxx/?xxxx=xxxxxxxxxx/xxxxxx_xxxxxxxxpredictiveHigh
31Filexxxxx/xxxxx.xxxpredictiveHigh
32Filexxxxx/xxxxxxxx_xxxxx_xxxx.xxxpredictiveHigh
33Filexxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
34Filexxxxx_xxx.xxx?xxxxxx=xxxpredictiveHigh
35Filexxxx.xxxpredictiveMedium
36Filexxxx_xxxxxxx.xxxpredictiveHigh
37Filexxxx/xxx/xx.xpredictiveHigh
38Filex:\xxxxxxxx.xxxpredictiveHigh
39Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictiveHigh
40Filexxx.xpredictiveLow
41Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxxxpredictiveHigh
42Filexxxxx.xxxpredictiveMedium
43Filexxxxxxxx.xxxpredictiveMedium
44Filexxxxxxxxxx_xxxxxx.xxxpredictiveHigh
45Filexxxxxxxxxxxxx.xxxpredictiveHigh
46Filexxxxxxxx-xxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
47Filexxxxxxxxxxxx.xxxpredictiveHigh
48Filexx_xxxxxxx.xxxpredictiveHigh
49Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
51Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
52Filexxx/xxxxxx.xxxpredictiveHigh
53Filexxxxx.xxx?x=xxxxxxxxpredictiveHigh
54Filexxxxx/xxxx.xxxpredictiveHigh
55Filexxxxxx.xxpredictiveMedium
56Filexxxxx/xxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictiveHigh
57Filexxx_xxxx.xxxpredictiveMedium
58Filexxxxxx_xxxxxxx.xxxpredictiveHigh
59Filexxxxxx.xpredictiveMedium
60Filexxxxxx/xxxxxxx/xxxxxxx_xxx_xxxxxx_xxxxxx.xxxpredictiveHigh
61Filexxxxxxxx.xxxpredictiveMedium
62Filexxxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
63Filexxxxxxx.xpredictiveMedium
64Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
65Filexxxxxxx_xxxxxxxxxxxxx.xxxpredictiveHigh
66Filexxxx_xxxx.xxxpredictiveHigh
67Filexxxxxx_xxxx.xxxpredictiveHigh
68Filexxxxxxxx.xxxpredictiveMedium
69Filexxxxx.xxxpredictiveMedium
70Filexxxxx/xxxx_xxxx.xxxpredictiveHigh
71Filexxxx_xxxxxx.xxxpredictiveHigh
72Filexxxxxx.xxxpredictiveMedium
73Filexxxxxxx.xxxxpredictiveMedium
74Filexxxx.xxpredictiveLow
75Library/xxxxxxxxxx.xxx.xxxpredictiveHigh
76Libraryxxx/xxxxxxxx.xxxpredictiveHigh
77Libraryxxxxx.xxxpredictiveMedium
78Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
79Argumentxxxxxxxx_xxxxpredictiveHigh
80ArgumentxxxxxxxxpredictiveMedium
81ArgumentxxxxxxpredictiveLow
82ArgumentxxxxxxxxpredictiveMedium
83Argumentxxxx_xxxx_xxxxpredictiveHigh
84ArgumentxxxxxxxxxxpredictiveMedium
85Argumentxx_xxpredictiveLow
86Argumentxxxxxx_xxpredictiveMedium
87Argumentxxxx_xxpredictiveLow
88Argumentxxxxxxx[x][xxxx]predictiveHigh
89Argumentxxxxxxxxx_xxxxpredictiveHigh
90Argumentxxxx_xxxxxxxxpredictiveHigh
91ArgumentxxxxxpredictiveLow
92Argumentxxxx_xxxxxxx_xxxxpredictiveHigh
93ArgumentxxxxxxxxpredictiveMedium
94ArgumentxxxxxxpredictiveLow
95Argumentxxxxxxxx/xxxxxxx/xxxxxxxpredictiveHigh
96ArgumentxxpredictiveLow
97ArgumentxxxxxpredictiveLow
98ArgumentxxxxxxxpredictiveLow
99ArgumentxxxxxxxxxxpredictiveMedium
100ArgumentxxxxpredictiveLow
101ArgumentxxxxxxpredictiveLow
102ArgumentxxxxxxpredictiveLow
103Argumentxxx_xxxxxxxxpredictiveMedium
104ArgumentxxxxpredictiveLow
105Argumentxxxxxxxxxxxxxxxxxx:xxxxxxxxxxxxxxxxpredictiveHigh
106ArgumentxxxxxxxxpredictiveMedium
107Argumentxxxx xxxxx/xxxx xxxxxxxxxxxpredictiveHigh
108ArgumentxxxxxxxpredictiveLow
109ArgumentxxxxxxxpredictiveLow
110Argumentxxxx/xxxxpredictiveMedium
111ArgumentxxxxpredictiveLow
112Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveHigh
113ArgumentxxxxxxpredictiveLow
114Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictiveHigh
115ArgumentxxxpredictiveLow
116Argumentxxx/xxxxx/xxxxx/xxxxxx/xxxx-xxxxpredictiveHigh
117ArgumentxxxxxxxxpredictiveMedium
118Argumentxxxxxxxx-xxxx-xxpredictiveHigh
119Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
120Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
121Argumentxxxx_xxpredictiveLow
122Input Value-xpredictiveLow
123Input Valuex%xx%xx%xxxxxxx%xxxxxxxx%xxxxxxxxxx%xxxxxx%xx%xxxxxxx_xxxxx%xx%xx--%xx%xxpredictiveHigh
124Input ValuexxxxxxpredictiveLow
125Input Value</xxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
126Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
127Input ValuexxxxxpredictiveLow
128Input ValuexxxxxxpredictiveLow
129Input Valuexxxxxxxxxx:xxxxxxxxxpredictiveHigh
130Pattern|xx|predictiveLow
131Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
132Network Portxxx/xxxxxpredictiveMedium
133Network Portxxx xxxxxx xxxxpredictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!