SparklingGoblin Analysis

IOB - Indicator of Behavior (21)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en10
es6
pl2
sv2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Geeklog Media Gallery2
EmpireCMS2
SoftEther VPN Server2
RoundCube Webmail2
Microsoft Power BI Report Server2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft Exchange Server Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.14336CVE-2023-32031
2IBM WebSphere Application Server Sequence code injection9.29.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00224CVE-2023-23477
3EmpireCMS AdClass.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00172CVE-2022-28585
4Veritas NetBackup denial of service6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00073CVE-2022-36984
5Geeklog Media Gallery ftpmedia.php file inclusion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.13486CVE-2007-2706
6Qt-cute QuickTalk guestbook qtg_msg_view.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.030.00210CVE-2007-3538
7GitLab Community Edition/Enterprise Edition ipynb File cross site scripting6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00089CVE-2021-39906
8Microsoft Power BI Report Server Privilege Escalation7.06.1$5k-$25k$0-$5kUnprovenOfficial Fix0.020.01237CVE-2021-31984
9Laravel Image Upload ValidatesAttributes.php unrestricted upload5.55.1$0-$5k$0-$5kNot DefinedOfficial Fix0.070.01231CVE-2021-43617
10Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.050.00189CVE-2020-1927
11Request Tracker File Upload cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00107CVE-2016-6127
12RoundCube Webmail Password Plugin access control7.56.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00338CVE-2017-8114
13Gallarific PHP Photo Gallery script gallery.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00068CVE-2011-0519
14SoftEther VPN Server See.sys Kernel 7pk security6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00044CVE-2019-11868
15Typecho write-post.php cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00057CVE-2017-16230
16D-Link DNS-345 Cookie improper authentication8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00561CVE-2014-7857
17Zoho ManageEngine ServiceDesk Plus FileDownload.jsp path traversal5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00655CVE-2011-2757
18Wired Community Software WWWThreads register.php sql injection6.56.2$0-$5k$0-$5kProof-of-ConceptUnavailable0.020.00471CVE-2006-1958
19Russcom Network Loginphp register.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.020.00677CVE-2006-2160
20Discuz UCenter Home shop.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.000.00064CVE-2010-4912

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • SideWalk

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (18)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1FileAdClass.phppredictiveMedium
2Fileadmin/write-post.phppredictiveHigh
3FileFileDownload.jsppredictiveHigh
4Filexxxxxxx.xxxpredictiveMedium
5Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
6Filexxxxx/xxxxxxxx.xxxpredictiveHigh
7Filexxx_xxx_xxxx.xxxpredictiveHigh
8Filexxxxxxxx.xxxpredictiveMedium
9Filexxxx.xxxpredictiveMedium
10Filexxxx-xxxxxxxx.xxxpredictiveHigh
11Libraryxxx.xxxpredictiveLow
12ArgumentxxxpredictiveLow
13ArgumentxxxxxxxxpredictiveMedium
14ArgumentxxpredictiveLow
15ArgumentxxxxxxxxpredictiveMedium
16ArgumentxxxxxxpredictiveLow
17ArgumentxxxxxpredictiveLow
18Argument_xx_xxxx[xxxx_xxxx]predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!