UNC2596 Analysis

IOB - Indicator of Behavior (98)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en84
fr4
de4
es2
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

SourceCodester Medical Certificate Generator App4
Joomla CMS2
AVTECH IP Camera2
AVTECH NVR2
AVTECH DVR2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.35CVE-2010-0966
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
3Apple Mac OS X Server input validation6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2010-1821
4Wachipi WP Events Calendar Plugin event.php sql injection8.58.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002850.00CVE-2018-5315
5Bartels-schoene ConPresso firma.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.00CVE-2010-2124
6SamTodo dsp_main.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.002540.00CVE-2008-2563
7SonicWALL AntiSpam / EMail Security Appliance MTA Queue Report Module reports_mta_queue_status.html cross site scripting8.07.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.00
8Jetty Login Password.java information disclosure5.65.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002990.04CVE-2017-9735
9Google Chrome Flash Player memory corruption9.99.5$100k and more$5k-$25kNot DefinedOfficial Fix0.006450.07CVE-2012-0724
10QEMU pcie_sriov.c register_vfs buffer overflow5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.05CVE-2024-26327
11AWStats awstats.pl Path information disclosure5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.001830.19CVE-2018-10245
12Apache UIMA DUCC command injection7.17.1$5k-$25k$5k-$25kNot DefinedUnavailable0.001060.03CVE-2023-28935
13e-Quick Cart shoptellafriend.asp cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.04
14e-Quick Cart shoptellafriend.asp sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03
15iamdroppy phoenixcf articles.cfm sql injection6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001480.00CVE-2011-10001
16SourceCodester Online Discussion Forum Site manage_category.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000770.05CVE-2023-3146
17codeprojects Pharmacy Management System Avatar Image add.php unrestricted upload7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001480.05CVE-2023-0918
18Bandmin index.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.011540.05CVE-2003-0416
19AL-Caricatier ss.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptUnavailable0.003580.00CVE-2005-4653
20Tim Rohrer Wordpress Spreadsheet Plugin ss_handler.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.002150.00CVE-2014-8364

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Cuba

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (77)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/supervisor/PwdGrp.cgipredictiveHigh
2File/index.phppredictiveMedium
3File/supervisor/procesa_carga.phppredictiveHigh
4File/wireless/basic.asppredictiveHigh
5Fileaction.phppredictiveMedium
6Fileadd.phppredictiveLow
7Fileadministrator.phppredictiveHigh
8Fileadmin\categories\manage_category.phppredictiveHigh
9Fileagents.phppredictiveMedium
10FileAGENTS/index.phppredictiveHigh
11Fileawstats.plpredictiveMedium
12Filexxxxx.xxxpredictiveMedium
13Filexxxx.xxxpredictiveMedium
14Filexxxx/xxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxx/x-xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxx.xxxpredictiveMedium
19Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
20Filexxx_xxxx.xxxpredictiveMedium
21Filexxxxx.xxxpredictiveMedium
22Filexxxxx.xxxpredictiveMedium
23Filexx/xxx/xxxx_xxxxx.xpredictiveHigh
24Filexxxxxx-xxxx-xxxxxxx.xxxpredictiveHigh
25Filexxxxxx-xxxxxxxxxx-xxxxxxx.xxxpredictiveHigh
26Filexxxxxx.xxxpredictiveMedium
27Filexxxxxx_xxxxxxx.xxxxpredictiveHigh
28Filexxxxx.xxxpredictiveMedium
29Filexxx/xxxxxx.xxxpredictiveHigh
30Filexxxxx.xxxpredictiveMedium
31Filexx/xxx/xxxxx.xxxpredictiveHigh
32Filexxxx.xxxpredictiveMedium
33Filexxxxxxxxx.xxxpredictiveHigh
34Filexxxxx_xxxxx.xxxpredictiveHigh
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
37Filexxxx.xxxpredictiveMedium
38Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
39Filexxxxxxxxx.xxxpredictiveHigh
40Filexxx.xxxpredictiveLow
41Filexx.xxxpredictiveLow
42Filexx_xxxxxxx.xxxpredictiveHigh
43Filexxxx.xxxpredictiveMedium
44Filexxxx_xxx.xxxpredictiveMedium
45Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
46Libraryxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxx.xpredictiveHigh
47Libraryxxxxxxxx.xxxpredictiveMedium
48ArgumentxxxxxxpredictiveLow
49ArgumentxxxxxxxpredictiveLow
50ArgumentxxxxxxxxpredictiveMedium
51ArgumentxxxxxxxxxpredictiveMedium
52Argumentxxxxxx_xxxxxxxx=xxxxxpredictiveHigh
53ArgumentxxxxxxxxpredictiveMedium
54Argumentxxxxxx_xxx_xxpredictiveHigh
55Argumentxxxxx_xxpredictiveMedium
56Argumentxxxx-xxxxxx/xxxx-xxxxxxpredictiveHigh
57Argumentxxxxxxxxx/xxxxxxpredictiveHigh
58ArgumentxxxxpredictiveLow
59ArgumentxxxxxxxxpredictiveMedium
60ArgumentxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxxxxxpredictiveLow
63ArgumentxxxxxxxxpredictiveMedium
64ArgumentxxxxxxxpredictiveLow
65Argumentxxxxxx_xxxpredictiveMedium
66ArgumentxxxxpredictiveLow
67Argumentxx_xxpredictiveLow
68Argumentx/xxxxpredictiveLow
69Argumentxxx_xxxxx/xxxx_xxxxx/xxxx_xxxxxpredictiveHigh
70ArgumentxxxxxxxxpredictiveMedium
71ArgumentxxxxxxxxxxxxxxpredictiveHigh
72ArgumentxxxpredictiveLow
73ArgumentxxxpredictiveLow
74Argumentxxx_xxxxpredictiveMedium
75ArgumentxxxxxxpredictiveLow
76ArgumentxxxxxxxxpredictiveMedium
77Argumentxxxx/xxxxx/xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!