SideCopy Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en816
pt64
zh48
de14
ru14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

nl864
pt60
us34
fr2
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows98
Linux Kernel26
Apache HTTP Server20
Google Android18
Google Chrome16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.090.00241CVE-2020-12440
2Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00246CVE-2014-8572
3Microsoft Windows WPAD access control8.07.9$25k-$100k$0-$5kHighOfficial Fix0.030.92124CVE-2016-3213
4Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.03069CVE-2021-34530
5Microsoft Windows Event Tracing Privilege Escalation7.36.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00043CVE-2021-34487
6Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
7Cisco Secure Email and Web Manager Web-based Management Interface improper authentication9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00337CVE-2022-20798
8nginx Log File link following7.87.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00092CVE-2016-1247
9Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.070.00258CVE-2020-1927
10Microsoft .NET Core/Visual Studio denial of service6.45.5$5k-$25k$0-$5kUnprovenOfficial Fix0.070.00179CVE-2021-26423
11Microsoft Windows TCP/IP Stack Privilege Escalation9.98.6$100k and more$5k-$25kUnprovenOfficial Fix0.030.02183CVE-2021-26424
12Microsoft Windows Event Tracing Privilege Escalation8.37.3$100k and more$5k-$25kUnprovenOfficial Fix0.000.00044CVE-2021-26425
13Microsoft Windows Bluetooth Driver Privilege Escalation8.37.3$100k and more$5k-$25kUnprovenOfficial Fix0.000.00043CVE-2021-34537
14Microsoft Dynamics 365 Privilege Escalation8.57.4$25k-$100k$0-$5kUnprovenOfficial Fix0.000.00736CVE-2021-34524
15Microsoft Windows Storage Spaces Controller Local Privilege Escalation7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00043CVE-2021-34536
16Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.03069CVE-2021-34533
17Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00894CVE-2021-36926
18Microsoft ASP.NET Core/Visual Studio information disclosure4.94.3$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00043CVE-2021-34532
19Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.00894CVE-2021-36933
20Microsoft Windows Remote Desktop Client Remote Code Execution8.87.9$100k and more$5k-$25kProof-of-ConceptOfficial Fix0.020.05252CVE-2021-34535

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (243)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.travis.ymlpredictiveMedium
2File/.envpredictiveLow
3File/admin.phppredictiveMedium
4File/admin/?page=inmates/view_inmatepredictiveHigh
5File/admin/subnets/ripe-query.phppredictiveHigh
6File/apply.cgipredictiveMedium
7File/core/conditions/AbstractWrapper.javapredictiveHigh
8File/debug/pprofpredictiveMedium
9File/defaultui/player/modern.htmlpredictiveHigh
10File/dvcset/sysset/set.cgipredictiveHigh
11File/edit-db.phppredictiveMedium
12File/exportpredictiveLow
13File/file?action=download&filepredictiveHigh
14File/forum/away.phppredictiveHigh
15File/goform/aspFormpredictiveHigh
16File/hardwarepredictiveMedium
17File/installers/common.shpredictiveHigh
18File/librarian/bookdetails.phppredictiveHigh
19File/medical/inventories.phppredictiveHigh
20File/monitoringpredictiveMedium
21File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
22File/plugin/LiveChat/getChat.json.phppredictiveHigh
23File/plugins/servlet/audit/resourcepredictiveHigh
24File/plugins/servlet/project-config/PROJECT/rolespredictiveHigh
25File/procpredictiveLow
26File/replicationpredictiveMedium
27File/RestAPIpredictiveMedium
28File/tmp/zarafa-vacation-*predictiveHigh
29File/xxxxxxx/predictiveMedium
30File/xxxxxxpredictiveLow
31File/xxxx/xxxxxx.xxx?xxx=xpredictiveHigh
32File/xxx/xxx/xxxxxpredictiveHigh
33File/xxx/xxx/xxxxxxxx.xxxpredictiveHigh
34File/xxxxxx/xxxxxx.xxxxpredictiveHigh
35File/xxxxxxxx_xxxxx/xxxxxxx/xxxxxx.xxx?x=xxxxxx_xxxxxpredictiveHigh
36File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictiveHigh
37Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
38Filexxxxxxx.xxxpredictiveMedium
39Filexxxxxxx.xxxpredictiveMedium
40Filexxx.xxxpredictiveLow
41Filexxxxxxx.xxxpredictiveMedium
42Filexxx/xxx/xxxx-xxxpredictiveHigh
43Filexxxxx.xxxpredictiveMedium
44Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
45Filexxxx/xxxxxxx/xxx/xxxxxx_xxxx.xpredictiveHigh
46Filexxxx-xxxx.xpredictiveMedium
47Filexxxx/xxxxxxx.xxxpredictiveHigh
48Filex/xxxxxx/xxxxx.xxxpredictiveHigh
49Filex:\xxxxxxx xxxxx\xxxxxx xxxxx\xxx\xxxxxxx.xxxpredictiveHigh
50Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveHigh
51Filexxx-xxx/xx.xxxpredictiveHigh
52Filexxx/xxxxxxx.xxpredictiveHigh
53Filexxxxx.xxxpredictiveMedium
54Filexxxxxx.xxxpredictiveMedium
55Filexxx_xxxxxx.xxxpredictiveHigh
56Filexxx.xxxpredictiveLow
57Filexxxxxxx.xxxpredictiveMedium
58Filexxxxxx.xxxpredictiveMedium
59Filexxxxxxxx.xxpredictiveMedium
60Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
61Filex_xxxxxxpredictiveMedium
62Filexxxxxxx.xxxpredictiveMedium
63Filexxxx_xxxxxx.xxxpredictiveHigh
64Filexxxxxxx/xxxxx/xxxxxx.xpredictiveHigh
65Filexxxxxxx/xxx/xxxxxxx/xxxx.xpredictiveHigh
66Filexxxx_xxxxx.xxxpredictiveHigh
67Filexxxxxxxxxxx.xxxpredictiveHigh
68Filexxx/xxxxxxxx/xxxx.xpredictiveHigh
69Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xpredictiveHigh
70Filexxxxxxxx.xpredictiveMedium
71Filexx/xxxxxxxxx.xpredictiveHigh
72Filexx/xxxxx.xpredictiveMedium
73Filexx/xxxxx/xxxxxxx.xpredictiveHigh
74Filexxxxx.xxxpredictiveMedium
75Filexxxxxx.xxxpredictiveMedium
76Filexxxxxxxxxx.xxpredictiveHigh
77Filexxxxxxxxxxxxx.xxxxpredictiveHigh
78Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
79Filexxxxx-xxxxx.xpredictiveHigh
80Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
81Filexxxxx-xxxxxxxxxx.xpredictiveHigh
82Filexxx/xxxxxx.xxxpredictiveHigh
83Filexxxxx.xxxpredictiveMedium
84Filexxxxx:/xxxxxxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
85Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
86Filexxxx_xxxx.xxxpredictiveHigh
87Filexxxx_xxxx.xxxpredictiveHigh
88Filexxxx_xxxxxx.xxpredictiveHigh
89Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
90Filexxxxxx/xxxxx/xxxxx_xxxxxx_xxxxxx.xpredictiveHigh
91Filexxxxxxx/xx_xxx.xpredictiveHigh
92Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
93Filexxxx.xxxpredictiveMedium
94Filexxxxx.xxxpredictiveMedium
95Filexxxxx.xxxpredictiveMedium
96Filexxxxx/predictiveLow
97Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
98Filexxxxxxxxxx/xxx.xpredictiveHigh
99Filexxxx.xpredictiveLow
100Filexxxx.xxxpredictiveMedium
101Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
102Filexxxxxxxxxxxxxxxx.xpredictiveHigh
103Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
104Filexxx/xxxxxxxxx/x_xxxxxx.xpredictiveHigh
105Filexxxx.xxxpredictiveMedium
106Filexxx_xxxxxxx.xpredictiveHigh
107Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
108Filexxx_xx.xpredictiveMedium
109Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
110Filexxxx_xxxxxx.xpredictiveHigh
111Filexxxxxxxxx.xxx.xxxpredictiveHigh
112Filexxxxxxx.xxxpredictiveMedium
113Filexxxxxxxx.xxxxpredictiveHigh
114Filexxxxxxxxxxxxx.xxxxpredictiveHigh
115Filexxxxxx.xpredictiveMedium
116Filexxxxxxxxxxxxx.xxxpredictiveHigh
117Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
118Filexxxxxxxx.xxxpredictiveMedium
119Filexxxxxxx.xxxpredictiveMedium
120Filexxxxx.xxxpredictiveMedium
121Filexxxxxxxx.xxxpredictiveMedium
122Filexxxxxxx.xpredictiveMedium
123Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveHigh
124Filexxxx_xxx_xx.xpredictiveHigh
125Filexx_xxx.xpredictiveMedium
126Filexxxxxx.xpredictiveMedium
127Filexxxxx.xxxpredictiveMedium
128Filexxxx-xxxxxx.xpredictiveHigh
129Filexxxxxxx.xpredictiveMedium
130Filexxx/xxx_xxxxx.xpredictiveHigh
131Filexxxxxxx.xxxpredictiveMedium
132Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
133Filexxx_xxx.xpredictiveMedium
134Filexxxx-xxxxx.xxxpredictiveHigh
135Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
136Filexxxx.xxxxxxxxx.xxxpredictiveHigh
137Filexxxx_xxxx.xxxpredictiveHigh
138Filexxxxxx.xxxpredictiveMedium
139Filexxx.xxxpredictiveLow
140Filexxx.xxxxxxpredictiveMedium
141Filexxxxxx/xx/xxxx.xxxpredictiveHigh
142Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
143Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxpredictiveHigh
144Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
145Filexx/xx/xxxxxpredictiveMedium
146Filexx_xxxxxxx.xpredictiveMedium
147File_xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
148File~/xxxx/xxx/xxxxxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
149Libraryxxxxx/xxxxxxxxx/xxxx.xxxxxxxxx.xxxpredictiveHigh
150Libraryxxxxxxxxxx/xxxxxxxx.xpredictiveHigh
151Libraryxxxxxxxx.xxxpredictiveMedium
152Libraryxxxxxxxxx.xxxpredictiveHigh
153Libraryxxxxxxxx.xxxpredictiveMedium
154Libraryxxxxxx.xxx.xxx.xxxpredictiveHigh
155Libraryxxxxxxxx.xxxpredictiveMedium
156Libraryxxxxx.xxxpredictiveMedium
157Libraryxxxxxxxx.xxxpredictiveMedium
158Libraryxxxxxxxx.xxxpredictiveMedium
159Argument-xpredictiveLow
160Argumentxxxxx.xxxxxxxxpredictiveHigh
161Argumentxxxxxx_xxxxpredictiveMedium
162ArgumentxxxxxxxxpredictiveMedium
163ArgumentxxxpredictiveLow
164ArgumentxxxxxpredictiveLow
165Argumentxxx_xxpredictiveLow
166Argumentxxxx_xxpredictiveLow
167ArgumentxxxxxxpredictiveLow
168Argumentxxxxxxx xxxxpredictiveMedium
169ArgumentxxxxxxxxxxpredictiveMedium
170ArgumentxxxxxxxpredictiveLow
171Argumentxxxxxxx_xxxx->xxx($xxxxxxxx)predictiveHigh
172ArgumentxxxxxpredictiveLow
173Argumentxxxxxx_xxxxpredictiveMedium
174ArgumentxxxxxxxpredictiveLow
175Argumentxxxx_xxpredictiveLow
176ArgumentxxxxpredictiveLow
177ArgumentxxxxxxxxpredictiveMedium
178ArgumentxxpredictiveLow
179ArgumentxxpredictiveLow
180ArgumentxxxxxxxxxxxxxxpredictiveHigh
181ArgumentxxxxxxxpredictiveLow
182Argumentxxxxx[xxxxx][xx]predictiveHigh
183Argumentxxxx_xxxxxx_xxxxpredictiveHigh
184Argumentxxxx x xxxxpredictiveMedium
185Argumentxxxxxxxxx/xxxxxxxxxpredictiveHigh
186ArgumentxxxxpredictiveLow
187ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
188ArgumentxxpredictiveLow
189Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
190Argumentxxxxx/xxxxxxpredictiveMedium
191ArgumentxxxxpredictiveLow
192ArgumentxxxxxxxxpredictiveMedium
193ArgumentxxxxxxxxpredictiveMedium
194ArgumentxxxxxxxxpredictiveMedium
195ArgumentxxxxxxxxxpredictiveMedium
196Argumentxxx_xxxpredictiveLow
197ArgumentxxxxxxxxxxxxxpredictiveHigh
198ArgumentxxxxxxpredictiveLow
199ArgumentxxxxxxxpredictiveLow
200Argumentxx_xxxxxxx_xxxxxxxpredictiveHigh
201ArgumentxxxxxxxxxxxxxpredictiveHigh
202ArgumentxxxxxpredictiveLow
203Argumentxxxxxxx_xxxpredictiveMedium
204ArgumentxxxxpredictiveLow
205ArgumentxxxxxxxxxxxxxpredictiveHigh
206ArgumentxxxxxxxpredictiveLow
207ArgumentxxxxxxpredictiveLow
208Argumentxxxxxxxx_xxxxxpredictiveHigh
209ArgumentxxxxxxxxxxxxpredictiveMedium
210ArgumentxxxxxxpredictiveLow
211ArgumentxxxxxpredictiveLow
212ArgumentxxxpredictiveLow
213Argumentxxx/xxxxxxxpredictiveMedium
214ArgumentxxxxxxpredictiveLow
215ArgumentxxxpredictiveLow
216Argumentxxxxxxxx-xxxxxxxxpredictiveHigh
217ArgumentxxxxxxxxxxxxxxpredictiveHigh
218ArgumentxxxpredictiveLow
219ArgumentxxxxpredictiveLow
220ArgumentxxxxxxxxpredictiveMedium
221ArgumentxxxxxxxpredictiveLow
222Argumentxxxx->xxxxxxxpredictiveHigh
223Argumentx-xxxxxxxxx-xxxpredictiveHigh
224ArgumentxxxpredictiveLow
225Argument_xxx_xxxxxxx_xxxxxxx_xxxxxxxxxxxxx_xxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxpredictiveHigh
226Argument_xxx_xxxxxxxxxxx_predictiveHigh
227Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
228Input Value.%xx.../.%xx.../predictiveHigh
229Input Value//predictiveLow
230Input Valuexxx xxxxxxxxpredictiveMedium
231Input Valuex%xx%xxxxx%xxx=x%xxxxxxx%xxxxxxxx%xxx,xxxx(),x,x,x,x,x,x,x,x,xxxxxxxx(),x,x,x,x,x,x,x,x,x,x,x,x,x--+predictiveHigh
232Input ValuexxxxxxxxpredictiveMedium
233Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
234Input ValuexxxxxpredictiveLow
235Input Valuexxxxxxx_xxxxx.xxxxxxx_xxxxxxxpredictiveHigh
236Input Value\xpredictiveLow
237Input Value….//predictiveLow
238Pattern|xx|predictiveLow
239Network PortxxxxxpredictiveLow
240Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
241Network Portxxxxx xxx-xxx, xxxpredictiveHigh
242Network Portxxx/xx (xxxxxx)predictiveHigh
243Network Portxxx xxxxxx xxxxpredictiveHigh

References (6)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!