Snatch Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en465
de24
fr12
es3
sv1

Country

us99
fr20
ru17
de16
gb9

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1FreeProxy/FreeWeb denial of service3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.03
2WordPress XML-RPC API input validation7.47.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-9065
3GLPI dropdownConnect.php getItemForItemtype injection7.46.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2021-21327
4Exim input validation8.57.9$5k-$25k$0-$5kFunctionalOfficial Fix0.05CVE-2019-10149
5Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.81CVE-2017-0055
6Microsoft Windows Runtime access control7.36.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2019-0570
7tildearrow Furnace FUR to VGM Converter stack-based overflow6.36.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2022-1211
8Microsoft Windows SMB Browser memory corruption5.95.5$5k-$25k$0-$5kHighOfficial Fix0.07CVE-2011-0654
9Huawei AR3200 SCTP Message integer overflow6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2017-15344
10Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
11Adobe Experience Manager cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-9648
12Combodo iTop Essential/iTop Professional Menu Shortcut Name Stored cross site scripting5.24.6$0-$5k$0-$5kNot DefinedOfficial Fix0.09CVE-2020-11696
13VMware ESXi/Fusion/Workstation Shader input validation4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-3958
14Apple macOS AppleUSBNetworking denial of service4.64.4$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-9804
15Grafana OpenTSDB Datasource cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-13430
16Linux Kernel SELinux Subsystem ebitmap_netlbl_import null pointer dereference4.84.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-10711
17ffjpeg jfif.c jfif_decode out-of-bounds read6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-13439
18IBM Data Risk Manager hard-coded password9.99.9$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2020-4429
19Linux Kernel btree.c btree_gc_coalesce input validation4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2020-12771
20Opera Web Browser dwmapi.dll untrusted search path7.87.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2010-5227

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
3TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (182)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%PROGRAMDATA%\WrData\PKGpredictiveHigh
2File/.ssh/authorized_keyspredictiveHigh
3File/assets/components/gallery/connector.phppredictiveHigh
4File/etc/targetpredictiveMedium
5File/exportpredictiveLow
6File/getcfg.phppredictiveMedium
7File/goform/WriteFacMacpredictiveHigh
8File/lists/admin/user.phppredictiveHigh
9File/tmppredictiveLow
10File/uncpath/predictiveMedium
11File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
12File/_vti_pvt/access.cnfpredictiveHigh
13Fileadmin.php3predictiveMedium
14Fileadmin/mobile.phppredictiveHigh
15Fileadmin/themespredictiveMedium
16Fileadministration/comments.phppredictiveHigh
17Fileadmin_hacks_list.phppredictiveHigh
18Fileaffiliate_signup.phppredictiveHigh
19Fileajax.phppredictiveMedium
20Fileamadmin.plpredictiveMedium
21Fileapirest.php/UserpredictiveHigh
22Filexxxx_xxxxxxx.xxx?xxxxxx=xxxxpredictiveHigh
23Filexxxxx.xxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
24Filexxxxxxxxx/xxx_xxxxxxx_xxxxx.xxxpredictiveHigh
25Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
26Filexxxxxxxxxxx_xxxxxx.xxxpredictiveHigh
27Filexxx_xxx.xxpredictiveMedium
28Filexxx_xxxx.xxxpredictiveMedium
29Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
30Filexxxxxxxxx.xxxpredictiveHigh
31Filexxxxx.xx_xxxxxxxxx.xxxpredictiveHigh
32Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
33Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
34Filexxxxx/xxx_xxxxx.xpredictiveHigh
35Filexxxxxxx_xxxx_xxx_xxxx.xxpredictiveHigh
36Filexxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxpredictiveHigh
37Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxx.xxxpredictiveMedium
39Filexxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
40Filexxxxxxx/xx/xxxxxx/xxxxx.xpredictiveHigh
41Filexxxxxxx/xxx/x_xxx.xpredictiveHigh
42Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
43Filex_xxxxxxx/xxxxx.xxxpredictiveHigh
44Filexxx_xxxx.xpredictiveMedium
45Filexxxxx.xxxpredictiveMedium
46Filexxx/xxxx/xxxx.xpredictiveHigh
47Filexxxxxxxx.xxxpredictiveMedium
48Filexxxxx.xxxpredictiveMedium
49Filexx/xxxx/xxxxxxx.xpredictiveHigh
50Filexxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxxxxxx/xxxxxxx_xxxxxxx.xxxpredictiveHigh
51Filexxxxxxxx.xxxpredictiveMedium
52Filexxxx/xxxx/xxxxxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
53Filexxxx_xxxx.xpredictiveMedium
54Filexxxx/predictiveLow
55Filexxxxxx_xxxxx.xpredictiveHigh
56Filexxxxxx_xxx_xxxx.xpredictiveHigh
57Filexxx/xxxxxx.xxxpredictiveHigh
58Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictiveHigh
59Filexxxxx.xxx.xxxpredictiveHigh
60Filexxxxx.xxxpredictiveMedium
61Filexxxxxx.xxxpredictiveMedium
62Filexxx.xpredictiveLow
63Filexxxxxxxxxx.xxxpredictiveHigh
64Filexxxx.xpredictiveLow
65Filexxxxxxxx.xpredictiveMedium
66Filexxxx_xxxxxxx.xxxpredictiveHigh
67Filexxxxxx/xxxxx.xpredictiveHigh
68Filexxxxx/xxx/xxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxxpredictiveHigh
69Filexxxxxxxxxx/xxxx.xpredictiveHigh
70Filexxxxxxxxxxx/xxxxxx.xpredictiveHigh
71Filexxxxxxxxxx/xxxxx/xxxxxxxxxxx.xpredictiveHigh
72Filexxx.xpredictiveLow
73Filexxxxx/xxxx_xxxxxxx/xxxxxxxxx/xxxx.xxxpredictiveHigh
74Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
75Filexxxxxxx/xxxxxxx/xxxxxx_xxx.xpredictiveHigh
76Filexxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
77Filexxx_xxxxx.xxxpredictiveHigh
78Filexxxxxxxxxxxxxx.xxxpredictiveHigh
79Filexxx/xxxx.xxxpredictiveMedium
80Filexxx/xxx/xxx.xpredictiveHigh
81Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxx.xxxpredictiveMedium
83Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
84Filexxxxxx_xxx.xxxpredictiveHigh
85Filexxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
86Filexxxxxxx_xxxx.xxxpredictiveHigh
87Filexxxxxxxx.xxxxx.xxxpredictiveHigh
88Filexxxxxxx.xxxpredictiveMedium
89Filexxxx.xxxpredictiveMedium
90Filexxxxxxx_xxxxxxx_xxxx.xxxpredictiveHigh
91Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxpredictiveHigh
92Filexxxxxxx.xxxpredictiveMedium
93Filexxx.xpredictiveLow
94Filexxxxxxxx.xxxpredictiveMedium
95Filexxxxxx/xxxxx/xxx.xpredictiveHigh
96Filexx_xxx.xxpredictiveMedium
97Filexxxxxx.xxpredictiveMedium
98Filexxxxxxx_xxxx.xxxpredictiveHigh
99Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
100Filexxxxx.xxxpredictiveMedium
101Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
102Filexxx/xxxxxxx.xpredictiveHigh
103Filexxxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
104Filexxxxxxxxxxxxxx.xxxpredictiveHigh
105Filexxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxxpredictiveHigh
106Filexxx.xxxxpredictiveMedium
107Filexxxxxxxxx.xxxpredictiveHigh
108Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveHigh
109Filexx-xx-xxxxxx.xxxpredictiveHigh
110Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
111Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
112Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
113Libraryxxxxxxxx.xxxpredictiveMedium
114Libraryxxxxxx.xxxpredictiveMedium
115Libraryxxx/xxxxxx/xxxxxxxxx/xxxxxx.xpredictiveHigh
116Libraryxxxxxxxxx.xxxpredictiveHigh
117Libraryxxxx.xxxpredictiveMedium
118Libraryxxxxxxxx.xxxpredictiveMedium
119Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
120Libraryxxxxxx.xxxxxxx.xxxxxxxpredictiveHigh
121ArgumentxxxxxxpredictiveLow
122Argumentxxxxxx_xxxxxxpredictiveHigh
123Argumentxxx/xxxpredictiveLow
124ArgumentxxxxxxpredictiveLow
125ArgumentxxxxxxxxpredictiveMedium
126Argumentxxx_xxxxxxpredictiveMedium
127ArgumentxxxpredictiveLow
128ArgumentxxxxxpredictiveLow
129ArgumentxxxxxxxpredictiveLow
130Argumentxxx_xxpredictiveLow
131Argumentxxxxxxx_xxxpredictiveMedium
132ArgumentxxxxxxxpredictiveLow
133ArgumentxxxxxxxxxpredictiveMedium
134Argumentxxxxx_xxxxxxx_xxpredictiveHigh
135ArgumentxxxxxxpredictiveLow
136ArgumentxxxxpredictiveLow
137ArgumentxxxxpredictiveLow
138Argumentxxxx_xxpredictiveLow
139ArgumentxxxpredictiveLow
140Argumentxxxx_xxxxxxpredictiveMedium
141ArgumentxxpredictiveLow
142Argumentxx_xxxxxpredictiveMedium
143Argumentxxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxxpredictiveHigh
144ArgumentxxxxxxxxxxxxxpredictiveHigh
145ArgumentxxxxxxpredictiveLow
146ArgumentxxxxpredictiveLow
147ArgumentxxxxpredictiveLow
148ArgumentxxxpredictiveLow
149Argumentxxx_xxxxxxxpredictiveMedium
150Argumentxxxxxx_xxxxpredictiveMedium
151ArgumentxxxxpredictiveLow
152ArgumentxxxpredictiveLow
153Argumentxxxxxxxxxx_xxxxx/xxxxxpredictiveHigh
154Argumentxxx_xxxxxxxx_x/xxx_xxxxxxxx_xpredictiveHigh
155Argumentxxxxxx/xxxxxxxpredictiveHigh
156ArgumentxxxxxxxpredictiveLow
157ArgumentxxxxpredictiveLow
158ArgumentxxxxpredictiveLow
159ArgumentxxxxxxxxpredictiveMedium
160Argumentxxxx_xxpredictiveLow
161ArgumentxxxxxxpredictiveLow
162Argumentxxxxxxxx_xxpredictiveMedium
163ArgumentxxxxpredictiveLow
164Argumentxxxx_xxxxpredictiveMedium
165Argumentxxxxxxx xxxxxxxxxpredictiveHigh
166ArgumentxxxxxxxpredictiveLow
167ArgumentxxxxxxxxpredictiveMedium
168ArgumentxxxxxxxxxpredictiveMedium
169Argumentxxxxxx_xxpredictiveMedium
170ArgumentxxxxxxpredictiveLow
171Argumentxxxx_xxpredictiveLow
172ArgumentxxxxxxxxxxxpredictiveMedium
173ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
174Argument_xxxxxxxpredictiveMedium
175Input Value!~@##$$%xxxxxxxxxxxpredictiveHigh
176Input Value..predictiveLow
177Input Value//xxx//xxxxxxx.xxxpredictiveHigh
178Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
179Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
180Pattern|xx|predictiveLow
181Network Portxxx/xxxxpredictiveMedium
182Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!