Sysrv Analysisinfo

IOB - Indicator of Behavior (158)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en126
ru14
ja10
fr4
zh2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Joomla CMS8
OnePlug CMS6
Netgear RAX2004
Apache HTTP Server4
WP Super Cache Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Apple iOS ImageIO null pointer dereference6.46.3$25k-$100k$0-$5kNot DefinedOfficial Fix0.035330.03CVE-2016-1811
2gopeak MasterLab HTTP POST Request Framework.php sqlInject sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001860.00CVE-2023-7145
3Grafana plugins path traversal6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.975220.04CVE-2021-43798
4CKFinder File Name unrestricted upload7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.001550.07CVE-2019-15862
5PHPMailer Phar Deserialization addAttachment deserialization5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.010580.07CVE-2020-36326
6Apple iOS CommonCrypto information disclosure5.45.3$25k-$100k$0-$5kNot DefinedOfficial Fix0.001810.00CVE-2016-1802
7Fortinet FortiOS sslvpnd heap-based overflow9.89.7$0-$5k$0-$5kHighOfficial Fix0.274180.05CVE-2022-42475
8Fortinet FortiOS/FortiProxy FortiGate SSL-VPN heap-based overflow9.89.7$100k and more$25k-$100kHighOfficial Fix0.097160.03CVE-2023-27997
9WordPress AdServe adclick.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.001770.20CVE-2008-0507
10Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.57
11ASP Portal add_edit_cat.asp sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.009830.00CVE-2006-1353
12MyBatis Plus sql injection8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001660.03CVE-2023-25330
13Zabbix Application Server Privilege Escalation4.74.6$0-$5k$0-$5kNot DefinedNot Defined0.003730.04CVE-2021-46088
14Grafana Labs Permission improper authentication9.08.8$0-$5k$0-$5kHighOfficial Fix0.910200.00CVE-2021-39226
15Duo Network Gateway Log log file4.94.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2020-3483
16Linux Kernel af_packet.c packet_set_ring memory corruption6.56.4$0-$5k$0-$5kHighOfficial Fix0.000880.00CVE-2017-7308
17Biscom Secure File Transfer code injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.021800.00CVE-2020-8796
18Oracle Siebel CRM Siebel Core - Server Infrastructure information disclosure5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001940.00CVE-2021-2368
19studio-42 elfinder phar File Remote Code Execution5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.022840.00CVE-2021-23394
20shell-quote Windows Drive Letter exec os command injection5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.005550.03CVE-2021-42740

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
131.42.177.123scalemany.comSysrv07/27/2022verifiedMedium
231.210.20.120Sysrv07/27/2022verifiedMedium
3XX.XXX.XX.XXXXxxxx07/27/2022verifiedMedium
4XX.XXX.XXX.XXXxxxx07/27/2022verifiedMedium
5XXX.XXX.XXX.XXxxx-xxxx.xxxxx--xxxxxxx.xxxXxxxx07/27/2022verifiedMedium
6XXX.XX.XXX.XXXxxxx07/27/2022verifiedMedium
7XXX.XXX.XXX.XXXxxxx07/27/2022verifiedMedium
8XXX.XX.XX.XXXxxxx07/27/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (81)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/contenttemppredictiveHigh
2File/htdocs/upnpinc/gena.phppredictiveHigh
3File/lab.htmlpredictiveMedium
4File/member/picture/albumpredictiveHigh
5File/products/details.asppredictiveHigh
6File/public/plugins/predictiveHigh
7File/services/details.asppredictiveHigh
8File/vendorpredictiveLow
9Fileadclick.phppredictiveMedium
10Fileadd_edit_cat.asppredictiveHigh
11Filexxxxx.xxxpredictiveMedium
12Filexxxxx/xxxxxx.xxxxxxxxx_xxxxx.xxxpredictiveHigh
13Filexxxxxxx.xxxpredictiveMedium
14Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
15Filexxx/xxxx/xxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxxx.xxx.xxxpredictiveHigh
19Filexxxxxxxx.xxx.xxxpredictiveHigh
20Filexxxxxxxxxxxxx.xxxxxpredictiveHigh
21Filexxx/xxxx.xpredictiveMedium
22Filexxx/xxxxxx.xxxpredictiveHigh
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxxx/xxxx_xxxxxxxxxx.xxxpredictiveHigh
25Filexxxx_xxxx.xxxpredictiveHigh
26Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
27Filexxx/xxxxxx/xx_xxxxxx.xpredictiveHigh
28Filexxxx.xxxpredictiveMedium
29Filexxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxxx/xxxxxxx.xxxpredictiveHigh
32Filexxxxxxxx.xxxpredictiveMedium
33Filexxxxxxxx.xxxpredictiveMedium
34Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
35Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
36Filexxxx_xxxxx.xxxxpredictiveHigh
37Filexxxxx_xxxx_xxx.xxxpredictiveHigh
38Filexxxxx_xxxxx.xxxpredictiveHigh
39Filexxx.xxxpredictiveLow
40Filexxxxxxxx.xxxpredictiveMedium
41Filexxxxxxx.xxxpredictiveMedium
42Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
43Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
44File\xxx\xxxxxxxx\xxxxxxxx\xxxxxxxx.xxxpredictiveHigh
45Libraryxxx_xxxxxx.xxxpredictiveHigh
46Libraryxxxxxx[xxxxxx_xxxxpredictiveHigh
47Libraryxxxxxxxxx/xxx/xxxxxxxxxx/xxxx/xxxxx/xxxxxxx.xxxxx.xxxpredictiveHigh
48ArgumentxxxxxxxxpredictiveMedium
49Argumentxxxxx_xxxxpredictiveMedium
50Argumentxxx_xxxpredictiveLow
51Argumentxxx_xxpredictiveLow
52Argumentxxxx_xxpredictiveLow
53Argumentxxxxxx[xxxxxx_xxxx]predictiveHigh
54ArgumentxxxxxxxxxxxxpredictiveMedium
55ArgumentxxxxxxxxpredictiveMedium
56ArgumentxxxxpredictiveLow
57ArgumentxxpredictiveLow
58ArgumentxxxxxxxxxpredictiveMedium
59ArgumentxxxpredictiveLow
60Argumentxxx_xxxxxxx_xxxpredictiveHigh
61Argumentxxxxxxx xxxxpredictiveMedium
62Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
63ArgumentxxxxpredictiveLow
64Argumentxxxxxx_xxxxxx[xxxxxx_xxxx]predictiveHigh
65ArgumentxxxpredictiveLow
66Argumentxxxxxxx_xxpredictiveMedium
67ArgumentxxxpredictiveLow
68ArgumentxxxxxxxxxxxpredictiveMedium
69Argumentxxxxxx_xxxxpredictiveMedium
70ArgumentxxxxxxpredictiveLow
71Argumentxxxxxxx_xxpredictiveMedium
72ArgumentxxxxpredictiveLow
73Argumentxxxxxxx xxxxxxxpredictiveHigh
74ArgumentxxxpredictiveLow
75Argumentxxxxxxxxx_xxxxxpredictiveHigh
76ArgumentxxxxxxxpredictiveLow
77ArgumentxxxxxpredictiveLow
78ArgumentxxxxpredictiveLow
79Argumentxxxxxxxx/xxxxxxxx/xxxxxxxxxxxpredictiveHigh
80Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
81Input Value..predictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!