Toddler Analysis

IOB - Indicator of Behavior (299)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en266
de10
fr8
zh8
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us84
gb62
ru14
de10
fr8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
Google Android12
GitLab Community Edition8
GitLab Enterprise Edition8
Microsoft Office6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.610.04187CVE-2010-0966
2DGLogik DGLux Server IoT API permission8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01156CVE-2019-1010009
3Gitblit path traversal6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-31268
4V-Zug Combi-Steam MSLQ Password Storage MD5 improper authentication7.46.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00885CVE-2019-17216
5Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.030.00986CVE-2008-4879
6Schneider Electric BMXNOR0200H Ethernet-Serial RTU Module Access Control authorization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.070.01440CVE-2019-6810
7Google Android WiFi Driver out-of-bounds write6.56.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.040.01036CVE-2019-9270
8IBM Business Automation Workflow Web UI cross site scripting4.74.7$5k-$25k$0-$5kNot DefinedNot Defined0.040.00885CVE-2019-4149
9NVIDIA CUDA Toolkit NVJPEG Library out-of-bounds write6.66.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01036CVE-2020-5991
10RoundCube sql injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01108CVE-2021-44026
11Gitblit Config User Service Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2022-31267
12MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.670.02800CVE-2007-0354
13Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.64728CVE-2022-1040
14vu Mass Mailer Login Page redir.asp sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.180.01139CVE-2007-6138
15Google Android Kernel Scheduler information disclosure5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.00890CVE-2014-9903
16FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.180.01213CVE-2008-5928
17SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgery5.85.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.090.00885CVE-2022-3121
18SourceCodester Guest Management System myform.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.00885CVE-2022-2811
19SourceCodester Simple and Nice Shopping Cart Script login.php cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00885CVE-2022-2814
20SourceCodester Guest Management System cleartext storage5.45.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2022-2813

IOC - Indicator of Compromise (49)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
18.211.4.133ToddlerverifiedHigh
223.111.204.17ToddlerverifiedHigh
334.65.156.127127.156.65.34.bc.googleusercontent.comToddlerverifiedMedium
434.65.191.100100.191.65.34.bc.googleusercontent.comToddlerverifiedMedium
534.65.255.168168.255.65.34.bc.googleusercontent.comToddlerverifiedMedium
634.89.87.8888.87.89.34.bc.googleusercontent.comToddlerverifiedMedium
734.91.161.169169.161.91.34.bc.googleusercontent.comToddlerverifiedMedium
834.95.129.3333.129.95.34.bc.googleusercontent.comToddlerverifiedMedium
934.95.187.117117.187.95.34.bc.googleusercontent.comToddlerverifiedMedium
1034.95.238.127127.238.95.34.bc.googleusercontent.comToddlerverifiedMedium
11XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
12XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
13XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
14XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
15XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
16XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
17XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
18XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
19XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
20XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
21XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
22XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
23XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
24XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
25XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
26XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
27XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
28XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
29XX.XX.XX.XXXxxxxxxverifiedHigh
30XX.XXX.XXX.XXXxxxxxxverifiedHigh
31XX.XXX.XX.XXXXxxxxxxverifiedHigh
32XX.XX.XXX.XXXxxxxxxverifiedHigh
33XX.XX.XXX.XXXXxxxxxxverifiedHigh
34XX.XXX.XXX.XXXxxxxxxverifiedHigh
35XX.XXX.XXX.XXXXxxxxxxverifiedHigh
36XX.XXX.XXX.XXXXxxxxxxverifiedHigh
37XX.XXX.XX.XXXxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxverifiedHigh
38XX.XXX.X.XXXXxxxxxxverifiedHigh
39XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedMedium
40XXX.XXX.XX.XXXXxxxxxxverifiedHigh
41XXX.XXX.XXX.XXXxxxxxxverifiedHigh
42XXX.XX.XX.XXXxxxxxxx.xxxxXxxxxxxverifiedHigh
43XXX.XXX.XX.XXXxxxxx.xxxxXxxxxxxverifiedHigh
44XXX.XXX.XXX.XXXxxxxxxverifiedHigh
45XXX.XXX.XXX.XXXxxxxxxverifiedHigh
46XXX.XXX.XXX.XXXxxxxxxverifiedHigh
47XXX.XXX.XXX.XXxxxx-xxx-xxx-xxx-xx.xxxxxx-xx-xxxxxx.xxXxxxxxxverifiedHigh
48XXX.XXX.XX.XXXXxxxxxxverifiedHigh
49XXX.XXX.XX.XXXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (164)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/addQuestion.phppredictiveHigh
2File/admin/addemployee.phppredictiveHigh
3File/admin/conferences/get-all-status/predictiveHigh
4File/admin/conferences/list/predictiveHigh
5File/admin/grouppredictiveMedium
6File/admin/group/list/predictiveHigh
7File/admin/lab.phppredictiveHigh
8File/appLms/ajax.server.phppredictiveHigh
9File/as/authorization.oauth2predictiveHigh
10File/cgi-bin/editBookmarkpredictiveHigh
11File/getImagepredictiveMedium
12File/guestmanagement/front.phppredictiveHigh
13File/horde/imp/search.phppredictiveHigh
14File/login.phppredictiveMedium
15File/LogoStore/search.phppredictiveHigh
16File/manage-apartment.phppredictiveHigh
17File/mics/j_spring_security_checkpredictiveHigh
18File/mkshope/login.phppredictiveHigh
19File/resources//../predictiveHigh
20File/sitemagic/index.phppredictiveHigh
21File/xxxxxxx/predictiveMedium
22File/xxxxxxxxxx.xxxpredictiveHigh
23File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
24File/xx/?xxxxx_xx=x&xxxxx_xx_xxxxxx=xxxxxxx&x=xxxxxxxx&xxxxx=x&xxxxx_xxxxx=x&xxxxxx=xxxxxxxxxx&xx=xpredictiveHigh
25Filexxxxx_xxxxxxx.xxxpredictiveHigh
26Filexx_xxxxxxxxxx.xxxpredictiveHigh
27Filexxxxx_xxx.xxxpredictiveHigh
28Filexxxxxxx_xxxxxxx.xxxpredictiveHigh
29Filexxxxx.xxxpredictiveMedium
30Filex:\xxxpredictiveLow
31Filex:\xxxxxxx xxxxx\xxxxxxxxx xxx xxxxxx\xxxxxxxxx.xxxpredictiveHigh
32Filexxxxxxxx.xxxpredictiveMedium
33Filexxx-xxx/xx.xxxpredictiveHigh
34Filexxxx/xxxxx.xxxxxxxxpredictiveHigh
35Filexxxx/xxx/xxxx.xxpredictiveHigh
36Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
37Filexxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxxxx-xxxxxxxx.xxxpredictiveHigh
39Filexxxx-xxxxxxx.xxxpredictiveHigh
40Filexxxxx.xxxpredictiveMedium
41Filexxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
42Filexxxxxx/xxxxxxxpredictiveHigh
43Filexxxx.xxxpredictiveMedium
44Filexxx/xxxxxx.xxxpredictiveHigh
45Filexxx/xxxxxxxxx_xxxxxx.xxxpredictiveHigh
46Filexxxxx.xxxpredictiveMedium
47FilexxxxxxxxxxpredictiveMedium
48Filexxxx_xxxx.xxxpredictiveHigh
49Filexxx.xxxpredictiveLow
50Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
51Filexxxxxxxxxx/xxxx.xpredictiveHigh
52Filexxxxxxxxxx/xxxxxxxxxxx.xpredictiveHigh
53Filexxxxx.xxxpredictiveMedium
54Filexxxxxx.xxxpredictiveMedium
55Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
56Filexxx/xxxxxxx/xxxxxxxxx.xpredictiveHigh
57Filexxxx_xxxxxx.xxxpredictiveHigh
58Filexxxxxx.xpredictiveMedium
59Filexxxxxxx.xxxpredictiveMedium
60Filexxxx.xxxpredictiveMedium
61Filexxxxx.xxxpredictiveMedium
62Filexxxxxxx.xxxpredictiveMedium
63Filexxxxxxx.xxx?xx=xxx_xxxxxxxxpredictiveHigh
64Filexxxx.xxxpredictiveMedium
65Filexxxxxxxx._xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxx.xxxpredictiveMedium
68Filexxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx_xxxxxx.xxxpredictiveHigh
69Filexxxx/xxxx/xxxxxxxpredictiveHigh
70Filexxxxxx.xxxpredictiveMedium
71Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
72Filexxxxxxxxxxx.xxxpredictiveHigh
73Filexxxxxxx.xxxpredictiveMedium
74Filexxxxx.xxxpredictiveMedium
75Filex_/xxx/xxx/xxxxxxxxxpredictiveHigh
76Filexxxx-xxxxxxxx.xxxpredictiveHigh
77Filexxxxx/xxxxx_xxxxx.xxx / xxxxx.xxxpredictiveHigh
78Filexxx_xxxxxx.xxxpredictiveHigh
79Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
80Filexxxxxxxxx.xpredictiveMedium
81Filexxxxx.xxxxpredictiveMedium
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxxxx-xxxx.xxxpredictiveHigh
84Filexxxxxxxxx.xxxpredictiveHigh
85Libraryxxxx/xxxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
86Libraryxxxx/xxx/xxxxxx/xx-xxxxx-xxxxxx.xxxpredictiveHigh
87Libraryxxxxxx.xxxpredictiveMedium
88Libraryxxxxxxx.xxx/xxxxxx.xxxpredictiveHigh
89Argument$xxxxpredictiveLow
90ArgumentxxxxxxpredictiveLow
91Argumentxxxxxxxxx xxxxxxpredictiveHigh
92Argumentxxxxxxx_xxpredictiveMedium
93ArgumentxxxxxxxxpredictiveMedium
94ArgumentxxxxxxpredictiveLow
95ArgumentxxxpredictiveLow
96Argumentxxx_xxpredictiveLow
97Argumentxxxxxxx_xxxxx_xxpredictiveHigh
98ArgumentxxxxxxxxxpredictiveMedium
99Argumentxxxxxx/xxxxpredictiveMedium
100Argumentxxxx_xxpredictiveLow
101ArgumentxxxxxxxxxxpredictiveMedium
102Argumentxxxxx/xxxxxxxxpredictiveHigh
103ArgumentxxxxxxpredictiveLow
104ArgumentxxxxxxxxxxxpredictiveMedium
105ArgumentxxxpredictiveLow
106ArgumentxxxxxxxxpredictiveMedium
107ArgumentxxxxxxxxpredictiveMedium
108Argumentxxxxxx_xxxxxxpredictiveHigh
109ArgumentxxxxxxpredictiveLow
110ArgumentxxpredictiveLow
111Argumentx_xxxxxxxxpredictiveMedium
112Argumentxxxx[]predictiveLow
113ArgumentxxxxxxpredictiveLow
114ArgumentxxxpredictiveLow
115ArgumentxxxxpredictiveLow
116ArgumentxxxxxpredictiveLow
117ArgumentxxxxxxxxpredictiveMedium
118ArgumentxxxxxxxxpredictiveMedium
119Argumentxxxx_xxxxxpredictiveMedium
120ArgumentxxxxxpredictiveLow
121ArgumentxxxxxxxxpredictiveMedium
122ArgumentxxxxpredictiveLow
123Argumentxxxxxxxx_xxxpredictiveMedium
124ArgumentxxxpredictiveLow
125ArgumentxxxpredictiveLow
126ArgumentxxxxxxpredictiveLow
127Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
128ArgumentxxxxxxxpredictiveLow
129ArgumentxxxxxxpredictiveLow
130Argumentxxxxx_xxxxxxpredictiveMedium
131ArgumentxxxpredictiveLow
132Argumentxxxx_xxxxpredictiveMedium
133ArgumentxxxxpredictiveLow
134Argumentxxxxxxx/xxxxxxxx/xxxxxxxxxxxpredictiveHigh
135ArgumentxxxpredictiveLow
136ArgumentxxxxxxpredictiveLow
137ArgumentxxxxxxxxpredictiveMedium
138Argumentxxxxxxxx/xxxxpredictiveHigh
139Argumentxxxx_xxxxxpredictiveMedium
140ArgumentxxpredictiveLow
141ArgumentxxxxxxxxpredictiveMedium
142ArgumentxxxxxxxxpredictiveMedium
143Argumentxxxxxxxxxxx[xxxx_xxxx]predictiveHigh
144Input Value"><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
145Input Value'"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
146Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxxpredictiveHigh
147Input Value' xx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x)-- xxxxpredictiveHigh
148Input Value(xxxxxxxxx(xxxx,xxxxxx(xxxx,xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx),xxxx))predictiveHigh
149Input Value/'-xxxxx(xxxxxxxx.xxxxxx)-'x/x/x/predictiveHigh
150Input Value/../predictiveLow
151Input Value/../../../../../../../../../../../../xxx/xxxxxxpredictiveHigh
152Input Valuex' xxxxx xxx xxxxxx xxxx,xxxx,xxxx,xxxx,xxxx,xxxxxx(xxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxx),xxxx,xxxx,xxxx,xxxx#predictiveHigh
153Input Valuex'||(xxxxxx xxxxxxxxxx xxxxx xxxx=xxxx xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x))||'predictiveHigh
154Input Value<xxx xxx=x xxxxxxx=xxxxx`x`>predictiveHigh
155Input Value<xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
156Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
157Input Valuexxxxx%xx%xx%xxxxx.xxxxxxx.xxx%xxxx&%xx%xx%xxxxxxxx%xxxxxxx(x)%xx%xxxxxxxx%xxpredictiveHigh
158Input ValuexxxxxxxxxxxxxxxxxxxpredictiveHigh
159Input Valuexxxx' xxxxx xxx xxxxxx xxxxxx(xxxxxx('xxxxx','xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'),'xxxxx'),xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx,xxxx-- xxxx&xxxxxx=predictiveHigh
160Input Value\xxx../../../../xxx/xxxxxxpredictiveHigh
161Pattern() {predictiveLow
162Pattern/xxxxxxxxxxx.xxxpredictiveHigh
163Patternx|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|.|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|predictiveHigh
164Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!