Specter Analysis

IOB - Indicator of Behavior (85)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en82
zh2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us50
tr10
cn8
ru6
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Linux Kernel4
WordPress4
Microsoft Windows4
Google Chrome2
OpenNetAdmin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft Windows cmd.exe privileges management7.36.6$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000000.05
2OpenNetAdmin os command injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.008570.06CVE-2019-25065
3Fortinet FortiMail Webmail Login Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.002230.00CVE-2017-7732
4Drupal Session Data data processing8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.041780.00CVE-2016-3171
5Drupal User Module user_save access control8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.004720.03CVE-2016-3169
6Joomla CMS LDAP Authentication improper authentication5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.009990.00CVE-2014-6632
7Redis redis-cli memory corruption7.16.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.005840.05CVE-2018-12326
8Gwolle Guestbook Plugin ajaxresponse.php code injection7.26.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.845600.00CVE-2015-8351
9OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.18CVE-2016-6210
10Apache Tomcat Client Connection race condition3.13.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002030.06CVE-2021-43980
11Synacor Zimbra Collaboration autoSaveDraft cross site scripting6.26.2$0-$5k$0-$5kNot DefinedNot Defined0.464240.00CVE-2023-34192
12DD-WRT Web Interface cross-site request forgery7.56.9$0-$5k$0-$5kUnprovenNot Defined0.003120.04CVE-2012-6297
13PuTTY Help File input validation6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2019-9896
14woocommerce-catalog-enquiry Plugin unrestricted upload7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.00CVE-2017-18592
15W3 Super Cache Plugin Incomplete Fix CVE-2013-2009 escape output8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.017650.04CVE-2013-2011
16SOGo Blacklist Filter incomplete blacklist4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002400.03CVE-2016-6189
17Microsoft Windows Group Policy privileges management7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001230.00CVE-2020-1317
18Cogentdatahub Cogent DataHub GetPermissions.asp code injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.298010.00CVE-2014-3789
19Web2py information disclosure6.46.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.006260.01CVE-2016-4806
20Web2py Password 7pk security7.77.3$0-$5k$0-$5kNot DefinedOfficial Fix0.008260.00CVE-2016-10321

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (44)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/h/autoSaveDraftpredictiveHigh
2File/tmp/.pk11ipc1predictiveHigh
3File/var/log/nginxpredictiveHigh
4File/webservices/api/v2.phppredictiveHigh
5Fileadm-index.phppredictiveHigh
6Filebase/ErrorHandler.phppredictiveHigh
7Filexxx.xxxpredictiveLow
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxxxx.xxxpredictiveMedium
10Filexxxxxxx/xxx/xx/xxxxxxxxxx.xpredictiveHigh
11Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
12Filexxxxxxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxx/xxxxxx.xxxpredictiveHigh
15Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
16Filexxxxxxxx.xxpredictiveMedium
17Filexxxxxxx.xxxpredictiveMedium
18Filexxxxxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
21Filexxxxxxx.xxxpredictiveMedium
22Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
23Filexxx/xxxxxx.xpredictiveMedium
24Filexxxxx_xxxxx.xxxpredictiveHigh
25Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
26Filexx-xxxxx/xxxx.xxxpredictiveHigh
27Libraryxxxxxx[xxxxxx_xxxxpredictiveHigh
28LibraryxxxxxxxxxpredictiveMedium
29Libraryxxxxx.xxxpredictiveMedium
30Argument-xpredictiveLow
31ArgumentxxxxxxxpredictiveLow
32ArgumentxxxxxxxxpredictiveMedium
33Argumentxxxxxx[xxxxxx_xxxx]predictiveHigh
34ArgumentxxxxpredictiveLow
35ArgumentxxxpredictiveLow
36ArgumentxxpredictiveLow
37ArgumentxxxxxxxxxpredictiveMedium
38ArgumentxxxxxxxxxpredictiveMedium
39ArgumentxxxxxpredictiveLow
40ArgumentxxxxxxxxpredictiveMedium
41Argumentxx_xxxxpredictiveLow
42ArgumentxxxxxxpredictiveLow
43ArgumentxxxxxpredictiveLow
44ArgumentxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!