SYK Analysis

IOB - Indicator of Behavior (83)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en72
de6
zh4
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us16
cn10
it8
es8
de6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows6
B&R GateManager 42604
B&R GateManager 92504
HPE Intelligent Management Center4
B&R Industrial Automation APROL2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Apache HTTP Server mod_proxy server-side request forgery7.37.3$5k-$25k$5k-$25kHighNot Defined0.974460.05CVE-2021-40438
2Microsoft Excel memory corruption7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.014920.07CVE-2020-0650
3VMware Spring Boot HTTP Request denial of service5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2023-34055
4bouncycastle Self-Signed Certificate X509LDAPCertStoreSpi.java ldap injection3.93.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000510.00CVE-2023-33201
5Nagios XI POST Request banner_message-ajaxhelper.php sql injection6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.000850.04CVE-2023-40931
6Taokeyun HTTP POST Request Drs.php index sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.00CVE-2024-0480
7Apache ShardingSphere ElasticJob-UI information disclosure3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.190700.00CVE-2022-22733
8phpMyAdmin SQL File cross site scripting4.44.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000530.05CVE-2023-25727
9ZoneMinder HostController.php daemonControl os command injection7.47.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001190.05CVE-2023-26039
10Zoho ManageEngine Recovery Manager Plus Proxy Setting Privilege Escalation5.75.6$0-$5k$0-$5kNot DefinedOfficial Fix0.005070.00CVE-2023-48646
11jeecgboot JimuReport image path traversal7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000620.09CVE-2023-6307
12WP Shortcodes Plugin resource injection4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000500.04CVE-2023-6226
13QDocs Smart School HTTP POST Request sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000770.05CVE-2023-5495
14MongoDB improper authorization6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001090.00CVE-2019-2386
15MongoDB Message Decompressor denial of service5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000870.02CVE-2019-20925
16MongoDB SysV Init Script Kill input validation4.24.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.04CVE-2019-2389
17Job Configuration History Plugin path traversal3.93.9$0-$5k$0-$5kNot DefinedNot Defined0.000460.00CVE-2023-41930
18TEL-STER TelWin SCADA WebInterface information disclosure6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000760.00CVE-2023-0956
19Tongda OA delete_seal.php sql injection6.96.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000660.33CVE-2023-4165
20Autodesk AutoCAD STP File Parser null pointer dereference4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000450.00CVE-2023-41139

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1185.19.85.163SYK07/30/2022verifiedHigh
2XXX.XXX.XX.XXXXxx07/30/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (37)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/syslogpredictiveHigh
2File/course/filterRecords/predictiveHigh
3File/download/imagepredictiveHigh
4File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
5File/see_more_details.phppredictiveHigh
6File/xxx/xxx/xxx/xxxxxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
7Filexxxxx/xxxxx_xxxxx.xxxpredictiveHigh
8Filexxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxxxxxxxxx/xxxxx/xxxxxxxxxx/x/xxx.xxxpredictiveHigh
10Filexxxxx.xxxpredictiveMedium
11Filexxx.xxxpredictiveLow
12Filexxxxxx/xxx.xpredictiveMedium
13Filexxxxxxx.xxxpredictiveMedium
14Filexxxxxxx/xxxxxx/xxxx_xxxxxx/xxxxxxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
15Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
16Filexxxx_xxxxxxx.xxxpredictiveHigh
17Filexxxxx_xxx.xxxpredictiveHigh
18Filexxxxxxxx.xxxpredictiveMedium
19Filexxxx.xxxpredictiveMedium
20Filexxxx-xxxxxx.xpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
23Libraryxxxxxx.xxxpredictiveMedium
24ArgumentxxxxxxpredictiveLow
25ArgumentxxxpredictiveLow
26ArgumentxxxpredictiveLow
27Argumentxxxxxx_xxxpredictiveMedium
28ArgumentxxxxxpredictiveLow
29ArgumentxxpredictiveLow
30ArgumentxxpredictiveLow
31ArgumentxxxxxxxxpredictiveMedium
32ArgumentxxxxpredictiveLow
33Argumentxxxxxxxxxx[x][xxxxx]/xxxxxxxxxx[x][xxxxxxxxxxx]/xxxxxxxxxx[x][xxxxxxxxxxx]predictiveHigh
34ArgumentxxxxxxxxpredictiveMedium
35ArgumentxxxpredictiveLow
36ArgumentxxxxpredictiveLow
37Pattern|xx xx xx|predictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!