Sugar Analysis

IOB - Indicator of Behavior (355)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en348
de4
fr2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us24
es18
ch2
ar2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows16
Kaspersky Internet Security10
Kaspersky Total Security10
Kaspersky Security Cloud10
Kaspersky Anti-Virus8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2thecodingmachine Gotenberg html server-side request forgery5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00885CVE-2021-23345
3ALEOS API memory corruption4.13.9$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00885CVE-2019-11848
4VMware Tools VM3DMP Driver denial of service6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2021-21997
5Synology Download Station server-side request forgery4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2021-34811
6Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.110.07767CVE-2020-1927
7Cisco Jabber resource management6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2021-1570
8Wibu CodeMeter Runtime Runtime Server denial of service5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01213CVE-2021-20094
9LaikeTui ZIP Archive unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.010.01055CVE-2021-34128
10IBM Resilient SOAR inadequate encryption2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2021-20567
11Tianocore EDK2 Private Key IpSecDxe.efi Privilege Escalation5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2021-28213
12Samsung Account SettingWebView access control3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2021-25403
13Samsung Smart Phone SecSettings permission5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2021-25393
14Huawei Smart Phone App access control5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00885CVE-2021-22334
15Chiyu BF-430/BF-431/BF-450M man.cgi cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.020.05944CVE-2021-31250
16Linux Kernel UDP Port deadlock4.03.8$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01282CVE-2001-1400
17Huawei Smart Phone missing authentication4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2021-22316
18Nextcloud Server Lookup insertion of sensitive information into sent data2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00890CVE-2021-32653
19RebornCore ObjectInputStream.readObject deserialization6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.05634CVE-2021-33790
20Red Hat Ansible Tower OAuth2 Authentication improper authentication6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2020-10709

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
182.146.53.237docker-05.yarperspektiva.ruSugarverifiedHigh
2XXX.XX.XXX.XXXXxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (110)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/$({curlpredictiveMedium
2File/+CSCOE+/logon.htmlpredictiveHigh
3File/bfd/pef.cpredictiveMedium
4File/cms/print.phppredictiveHigh
5File/convert/htmlpredictiveHigh
6File/device/device=140/tab=wifi/viewpredictiveHigh
7File/doorgets/app/requests/user/emailingRequest.phppredictiveHigh
8File/etc/passwdpredictiveMedium
9File/one/getpassword.phppredictiveHigh
10File/oscommerce/admin/administrators.phppredictiveHigh
11File/public/admin.phppredictiveHigh
12File/restapi/v1/certificates/FFM-SSLInspectpredictiveHigh
13File/xxx/xxxxx-xxxxxxxx/xxxxx-xxxxxxx-xxxxpredictiveHigh
14File/xxx/xxxx/xxpredictiveMedium
15File/xxx/xxxx.xxxpredictiveHigh
16File/_xxxx/xxxxxxx/predictiveHigh
17Filexxxxx/xxxxxx-xxxxxxxx.xxxpredictiveHigh
18Filexxxxxxx/xxxxxx.xxx?xx=xxxxxxxxpredictiveHigh
19Filexxxxxx.xxxpredictiveMedium
20Filexxxxxx_xxxxxxxx.xxxpredictiveHigh
21Filexxxxxxxx.xxxpredictiveMedium
22Filexxx-xxx/xxxxxxxxxpredictiveHigh
23Filexxxxx-xx-xxxxxx-xxxxx.xxxpredictiveHigh
24Filexxx.xxxxpredictiveMedium
25Filexxx.xxxpredictiveLow
26Filexxxxxxxxxx/xxxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
27Filexxxx/xxxxx-xxxxxx.xxxpredictiveHigh
28Filexxxx/xxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
29Filexxxxx_xxxxxxx.xpredictiveHigh
30Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
31Filexxx/xxxxxx/xxxxxx/xxxxxxxxxxx/xxx.xxxpredictiveHigh
32Filexxxxxxxx?xxxx=xxxxxpredictiveHigh
33Filexxxxxxxxxx.xxxpredictiveHigh
34Filexxxxxx\xxxxx.xxxxxxx_xxxxxxx.xxxpredictiveHigh
35Filexxxx-xxxxx.xpredictiveMedium
36Filexxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxx_xxx.xpredictiveHigh
38Filexxx_xxxx.xxxpredictiveMedium
39Filexxxx/xxx_xxx_xxxxx.xpredictiveHigh
40Filexxxxxxxx/xxxxxxxx/xxxxxx/xxxxxxxx/xxxxx/xxxxx-xxxxxxx.xxxpredictiveHigh
41Filexxxxx.xxpredictiveMedium
42Filexxxxx.xxxpredictiveMedium
43Filexxxxx.xxx/xxxxx/xxxxxpredictiveHigh
44Filexxxxx.xxx?xxxxxx=xxxxxx&xxxxxx=xxxpredictiveHigh
45Filexxxxxxxx.xxxpredictiveMedium
46Filexxxx-xxxxxx-xxxxxxxxx.xxxpredictiveHigh
47Filexxxx/xxxxxxx/xxxxxxxx.xxxx.xxxpredictiveHigh
48Filexxxxx.xxxpredictiveMedium
49Filexxxxx.xxxpredictiveMedium
50Filexxx.xxxpredictiveLow
51Filexx-xxxxx/xxxx.xxxpredictiveHigh
52Filexxxxxxx_xxxxx.xxxpredictiveHigh
53Filexx/xxx.xpredictiveMedium
54Filexxx/xxx_xxxxx/xx_xxxxx.xpredictiveHigh
55Filexxxx_xxxx.xpredictiveMedium
56Filexxxxxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxx.xxxpredictiveMedium
58Filexxxxxxxxxxxxx.xpredictiveHigh
59Filexxxxxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxxxxxxx.xxxpredictiveHigh
61Filexxxxxxxxxxxxx.xxxpredictiveHigh
62Filexxxxxx/xxxxxx.xxxpredictiveHigh
63Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
64Filexxxx.xpredictiveLow
65Filexxxx_xxx.xxxpredictiveMedium
66Filexxxxxx.xxpredictiveMedium
67Filexxxxx_xxx_xxxxxxx.xpredictiveHigh
68Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
69Filexxxxxx.xxxpredictiveMedium
70Filexxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
71Filexxx_xxxxxx.xpredictiveMedium
72Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveHigh
73Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
74Libraryxxxxxxxxxx.xxxpredictiveHigh
75Argument.xxxxxpredictiveLow
76Argumentxxxxxx[xxxx]predictiveMedium
77ArgumentxxxxxxxpredictiveLow
78Argumentxxxx_xxpredictiveLow
79Argumentxxx_xxpredictiveLow
80Argumentxxxxxx xxxxpredictiveMedium
81ArgumentxxxpredictiveLow
82Argumentxxxxxx['xxxx']predictiveHigh
83ArgumentxxxxxxxxpredictiveMedium
84ArgumentxxxxxxpredictiveLow
85ArgumentxxxxxxpredictiveLow
86Argumentxxxx_xxxxpredictiveMedium
87ArgumentxxxxxpredictiveLow
88ArgumentxxpredictiveLow
89ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
90ArgumentxxxpredictiveLow
91ArgumentxxxxpredictiveLow
92ArgumentxxxxxxxpredictiveLow
93ArgumentxxxxxxxxpredictiveMedium
94Argumentxxxx_xxpredictiveLow
95Argumentxxx_xxxxxx_xxx_xxxxxx_xxxxxxxpredictiveHigh
96Argumentxxxxxx_xxxpredictiveMedium
97ArgumentxxxpredictiveLow
98ArgumentxxxpredictiveLow
99ArgumentxxxxxxpredictiveLow
100ArgumentxxxxxxxxxpredictiveMedium
101ArgumentxxxxpredictiveLow
102ArgumentxxxxxxxxpredictiveMedium
103ArgumentxxxxpredictiveLow
104Argument_xxx_xxxxxxx_xxxxx_xxxxxxxxxx_xxxxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxpredictiveHigh
105Input Value%x/%xpredictiveLow
106Input Value../xxxxx.xxxxpredictiveHigh
107Input ValuexxxxpredictiveLow
108Input Value===predictiveLow
109Network PortxxxxpredictiveLow
110Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!