Torii Analysis

IOB - Indicator of Behavior (139)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en74
it40
fr18
pl6
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us140

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

GitLab Community Edition8
Linux Kernel8
Google Android6
Apple macOS4
cURL4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.030.01319CVE-2009-2814
2Ghostscript JBIG2 Image jbig2_decode_gray_scale_image memory corruption5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01108CVE-2016-9601
3Apple watchOS WebKit memory corruption7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.02258CVE-2017-7165
4IBM Rational License Key Server Administration/Reporting Tool information disclosure3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00885CVE-2015-5045
5Eaton ELCSoft input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.010.04967CVE-2018-7511
6Mozilla Firefox memory corruption8.07.7$25k-$100k$0-$5kNot DefinedOfficial Fix0.020.02686CVE-2018-5145
7Amazon Music Player input validation7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01850CVE-2018-1169
8GNU binutils libbfd coffgen.c coff_pointerize_aux input validation6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01319CVE-2018-7208
9Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
10MilliScripts register.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.02945CVE-2005-4161
11AlstraSoft AskMe Pro forum_answer.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00000
12Linux Kernel FXSAVE x87 Register cryptographic issues4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.050.01547CVE-2006-1056
13Phorum register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2004-2110
14Expinion.net News Manager Lite comment_add.asp cross site scripting4.33.8$0-$5k$0-$5kUnprovenOfficial Fix0.010.03129CVE-2004-1845
15Symantec Altiris Notification Server ActiveX Control AeXNSPkgDLLib.dll DownloadAndInstall memory corruption7.37.3$5k-$25k$0-$5kHighNot Defined0.070.78170CVE-2009-3028
16Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00000
17GetSimple CMS index.php Reflected cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00000CVE-2017-1000057
18libxls MULRK Record xls_preparseWorkSheet integer overflow7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01156CVE-2017-12109
19GNOME libsoup memory corruption8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.06729CVE-2017-2885
20Netwide Assembler nasm.c assemble_file integer overflow5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.010.00954CVE-2018-10316

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (48)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/index.phppredictiveHigh
2File/cgi-bin/cgiServer.exxpredictiveHigh
3Fileadd_vhost.phppredictiveHigh
4Fileadv2.php?action=modifypredictiveHigh
5Fileasm/float.cpredictiveMedium
6Fileasm/nasm.cpredictiveMedium
7Filexxxxxx/xxx.xpredictiveMedium
8Filexxxxxx/xxxx.xpredictiveHigh
9Filexxxxxxx.xpredictiveMedium
10Filexxxxxxx_xxx.xxxpredictiveHigh
11Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
12Filexxxxxxx/xxx/xxx/xxx/xxx_xx.xpredictiveHigh
13Filexxx.xpredictiveLow
14Filexxxxxx-xxxxxxx.xxpredictiveHigh
15Filexxxx.xxxpredictiveMedium
16Filexxxxx_xxxxxx.xxxpredictiveHigh
17Filexxxxxxxxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxxx.xpredictiveLow
20Filexxxxx.xpredictiveLow
21Filexxxxxxxxxxx.xxpredictiveHigh
22Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
23Filexxxx/xxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxxxx.xxxxxpredictiveHigh
24Filexxxx/xxxxxxxxxx.xpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxxxx/xxxxx.xxx/xxxxpredictiveHigh
27Filexxxxxx/xxxxx.xxx/xxxx/xxxxxxxxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
28Filexxxxxxxx.xxxpredictiveMedium
29Filexxxxxx.xxpredictiveMedium
30Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
31Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
32Libraryxxxxxxxxxxxxx.xxxpredictiveHigh
33Libraryxx/xxxxx/xxxxxx_xxxxxx.xpredictiveHigh
34Libraryxxxxxxx_xxxx_xxx.xxxpredictiveHigh
35Libraryxxxxxxx_xxx.xxxpredictiveHigh
36Argument%xpredictiveLow
37ArgumentxxxxxxxxxxpredictiveMedium
38Argumentxxxxx_xxxpredictiveMedium
39Argumentxxxx_xxxxxpredictiveMedium
40ArgumentxxpredictiveLow
41Argumentx/xx/xxxpredictiveMedium
42ArgumentxxxxxxxxpredictiveMedium
43ArgumentxxxxpredictiveLow
44Argumentxxx_xxpredictiveLow
45ArgumentxxxpredictiveLow
46ArgumentxxxpredictiveLow
47Argument_xxxxxxxxxpredictiveMedium
48Network PortxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!