Wild Neutron Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en905
es23
de18
fr17
zh13

Country

nl999
us1

Actors

Charming Kitten179
LinuxMoose62
APT3634
FIN722
APT2810

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.49CVE-2017-0055
2Cisco Jabber IM XML Parser input validation6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2013-1161
3nginx Log File link following7.87.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2016-1247
4nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined3.64CVE-2020-12440
5Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34530
6Microsoft Windows Event Tracing Privilege Escalation7.36.3$25k-$100k$25k-$100kUnprovenOfficial Fix0.00CVE-2021-34487
7Squid Proxy HTTP Header Host Field Parser access control7.56.9$5k-$25k$0-$5kProof-of-ConceptWorkaround0.00CVE-2012-2213
8Samba receive_smb_raw memory corruption7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2008-1105
9Jabber XML Parser denial of service5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.08CVE-2004-1378
10Microsoft Dynamics 365 Privilege Escalation8.57.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34524
11Francisco Burzi PHP-Nuke Downloads Module viewsdownload sql injection5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2005-0996
12Microsoft Windows Storage Spaces Controller Local Privilege Escalation7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-34536
13Microsoft Windows Cryptographic Primitives Library information disclosure4.94.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-36938
14ProFTPD mod_copy access control8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-12815
15Microsoft Windows MSHTML Platform Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34534
16Linux Kernel pt_chown Command privileges management5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-1999-0720
17Microsoft Windows Digital TV Tuner Device Registration Application Privilege Escalation8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-36927
18Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34533
19Exim input validation8.57.9$5k-$25k$0-$5kFunctionalOfficial Fix0.09CVE-2019-10149
20Microsoft Windows Bluetooth Driver Privilege Escalation8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-34537

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameCampaignsConfidence
146.183.217.132skalli.pereformed.comHigh
264.187.225.23164-187-225-231.quickpacket.comHigh
366.55.133.8966-55-133-89.choopa.netHigh
4XXX.XX.XX.XXXxxx.xxxxxxxxxxxxx.xxx.xxHigh
5XXX.XX.X.XXxxxxxxxx.xxxxxxxxxxx.xxHigh

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (321)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File.travis.ymlMedium
2File/.envLow
3File/admin.phpMedium
4File/admin/config.php?display=disa&view=formHigh
5File/BRS_netgear_success.htmlHigh
6File/category_view.phpHigh
7File/dev/kmemMedium
8File/dev/shmMedium
9File/medical/inventories.phpHigh
10File/monitoringMedium
11File/NAGErrorsMedium
12File/plugins/servlet/audit/resourceHigh
13File/plugins/servlet/project-config/PROJECT/rolesHigh
14File/proc/ioportsHigh
15File/replicationMedium
16File/rest/api/2/user/pickerHigh
17File/RestAPIMedium
18File/rom-0Low
19File/tmpLow
20File/tmp/speedtest_urls.xmlHigh
21File/uncpath/Medium
22File/var/log/nginxHigh
23File/wp-admin/admin.phpHigh
24File14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgiHigh
25Fileabook_database.phpHigh
26Fileaccount.aspMedium
27Fileadmin-ajax.php?action=get_wdtable order[0][dir]High
28Fileadmin/index.phpHigh
29Fileadmin/login.phpHigh
30Fileadmincp.phpMedium
31Fileadmincp.php?app=apps&do=saveHigh
32Fileadmincp.php?app=filesHigh
33Fileadmin\model\catalog\download.phpHigh
34Fileajax/render/widget_phpHigh
35Fileapcupsd.pidMedium
36Fileapi/sms/send-smsHigh
37Filexxx/xx/xxxxxxHigh
38Filexxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxHigh
39Filexxxx/xxxxxxx/xxx/xxxxxx_xxxx.xHigh
40Filexxxxxxxxxxxxxxxx.xxxHigh
41Filexxxx-xxxx.xMedium
42Filexxxx-xxxxxxx.xHigh
43Filexxxx/xxxxxxx.xxxHigh
44Filexxxxx-xxx.xMedium
45Filexxxxxx_xxxx.xxxHigh
46Filexxx_xxxxxxxx.xxxHigh
47Filexxx/xxx.xMedium
48Filex:\xxxxxxxxMedium
49Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxHigh
50Filexxxxxxxx.xxxMedium
51Filexxxxxxxx.xxxMedium
52Filexxxx.xxxMedium
53Filexxx-xxx/xxx_xxxxHigh
54Filexxx-xxx/xxxxxxxx.xxxHigh
55Filexxx-xxx/xxxxMedium
56Filexxx-xxx/xx.xxxHigh
57Filexxx-xxx/xxxx-xxxHigh
58Filexxx/xxxxxxx.xxHigh
59Filexxxx_xxxxxx.xHigh
60Filexxxxx.xx_xxxxxxxxx.xxxHigh
61Filexxxxxx.xxxMedium
62Filexxx.xxxLow
63Filexxx_xxxxxx.xxxHigh
64Filexxxxxxxx/xxxxxxxxxx.xxxxHigh
65Filexxx.xxxLow
66Filexxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
67Filexxxxxx.xxxMedium
68Filexxxxxxxx.xxMedium
69Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
70Filexxxxxxxx/xxxxxxxxxxx.xxxHigh
71Filexxxxxx.xxxMedium
72Filexxxxxxx.xxxMedium
73Filexxxxxx.xxxMedium
74Filexxxxxxxxxxxxx.xxxxHigh
75Filexxxxxxxx.xxxMedium
76Filexxxxxxx/xxx/xxxx/xxxx.xHigh
77Filexxxxxxx/xxxx/xxxx_xxxxxxxxx_xxxxx.xHigh
78Filexxxxxxx_xxxx_xxxxxx_xxxx.xxxHigh
79Filexxxxx.xxxMedium
80Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xHigh
81Filexxx/xxxx/xxx/xxxxx_xxxx.xHigh
82Filexxx/xxxx/xxxx.xHigh
83Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xHigh
84Filexxxxxxxxxxxx.xxxHigh
85Filexxxxxxx.xxxMedium
86Filexxxxxxxxxxx/xxxxx.xxxHigh
87Filexxxxx.xxxMedium
88Filexxx_xxxx.xMedium
89Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxHigh
90Filexx/xxxxxxxxx.xHigh
91Filexx/xxxxx.xMedium
92Filexx.xxxxx.xxxMedium
93Filexxxxx.xxxMedium
94Filexxxxxxxxxx.xxHigh
95Filexxxxxxxxxx.xxxHigh
96Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxHigh
97Filexxxxxxxxxxxxxxxxxxxxx.xxxHigh
98Filexxxxxx_xxxxx_xxxxxxx.xHigh
99Filexxx/xxxxxxxx.xxxHigh
100Filexxx/xxxxxx.xxxHigh
101Filexxxxxxx/xxxxx/xxx_xxxx.xHigh
102Filexxxxxxx/xxxx.xxxHigh
103Filexxxxxxxx/xxxxx-xxxxxxxxx.xxxHigh
104Filexxxxx.xxMedium
105Filexxxxx.xxxMedium
106Filexxxxx.xxx?xx=xxxxxxxx.xxxxxxHigh
107Filexxxxx.xxMedium
108Filexxxxxxx.xxxMedium
109Filexxxxxxxxx/xxxxx/xxx_xxx/xxxx.xxxHigh
110Filexxxxxxxxxx.xxxHigh
111Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxHigh
112Filexxxx.xxxMedium
113Filexxxxx.xxxxxxx.xxxHigh
114Filexxxx_xxxx.xxxHigh
115Filexxx?xxxx.xxxMedium
116Filexxxxxxx.xxxMedium
117Filexxxxx.xxxMedium
118Filexxx/xxxxx-xxx-xxxxxxx.xxxHigh
119Filexxxxxxxxx/xxxxxxx/xxxxx.xxxHigh
120Filexxxxxx.xMedium
121Filexxxxxx/xxx/xxxxxxxx.xHigh
122Filexxxxxx/xxxxx/xxxxx_xxxxxx_xxxxxx.xHigh
123Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxHigh
124Filexxxxxxxxx/xxxxxxxx.xxxHigh
125Filexxxxxx/xxx/xxxxxx_xxxx.xHigh
126Filexxxx.xxxMedium
127Filexxxxx.xxxMedium
128Filexxxxx.xxxMedium
129Filexxxxx.xxxMedium
130Filexxxx.xLow
131Filexxxxxx_xxxxx_xxxxxxx.xHigh
132Filexxxxxxxxxxxxxxxx.xHigh
133Filexxxxxx/xxxxxxxxxxxxx.xxxHigh
134Filexxxxxxx/xxxxxxx/xxx_xxxxxxx.xHigh
135Filexxx_xxxxx.xMedium
136Filexxx_xxxxx_xxxx.xHigh
137Filexxx/xxxxxxxxx/xxxxx_xxxx.xHigh
138Filexxx/xxxxxxxxx/x_xxxxxx.xHigh
139Filexxxxxxxxxxxxxxxxxxxxx.xxxxHigh
140Filexx_xxxxxx_xxxxxxx/xxxx/xxxxxxxxxxx/xxxx.xxxHigh
141Filexxx_xx.xMedium
142Filexxx.xxLow
143Filexxxxxxxxxxxxxxx.xxxHigh
144Filexxxxxxxxx.xxx.xxxHigh
145Filexxx.xxxLow
146Filexxxxxxx.xxxMedium
147Filexxxxxxxxxxxxx.xxxHigh
148Filexxxxxxxxxxxx.xxxHigh
149Filexxxxx.xxxMedium
150Filexxxxxxxx/Medium
151Filexxxx.xxxMedium
152Filexxxxxxxxxx.xxxHigh
153Filexxxxxxx.xxxMedium
154Filexxxxxxxx.xMedium
155Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]High
156Filexxxxxxxx.xxxxxxHigh
157Filexxx_xxxxxx/xxxxxx/xxxxxxxxxxxxHigh
158Filexxxxxxxx.xxxMedium
159Filexxxxxxx.xMedium
160Filexxxxxxxxxx/xxxxxxxxxx_xxxx.xxx?xxxxxx=xxxxxxHigh
161Filexxx_xxxx_xxxxxxxxx.xxHigh
162Filexxx.xLow
163Filexxxxxxxx/xxxxxxxx/xxxxx.xxxHigh
164Filexxxxx.xxxMedium
165Filexxxxx.xxxMedium
166Filexxxx-xxxxxx.xHigh
167Filexxxx.xxxMedium
168Filexxxx_xxxxxxx_xxxxxxxx.xxxHigh
169Filexxxxxxx.xMedium
170Filexxx/xxxxxxx.xHigh
171Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxHigh
172Filexxxx-xxxMedium
173Filexxxxxxxxxx.xMedium
174Filexxxx/xxxx-xxxxxx_xxxx.xxxHigh
175Filexxxxxxxxx.xxxHigh
176Filexxxxxx.xxxMedium
177Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxx.xxxHigh
178Filexxxx/xxxxxxxx/xxxxxxxx.xxxxHigh
179Filexxxxxxxxx.xMedium
180Filexxxxxxxxxxxxxxxxx.xxxHigh
181Filexxxx.xxxMedium
182Filexxxxx/xxxxx.xxHigh
183Filexxxxxx.xxxMedium
184Filexxxxxx/xxxxxxxxxxxxx.xxxHigh
185Filexx-xxxxx/xxxxx-xxxx.xxxHigh
186Filexx-xxxxx/xxxxxxxxx.xxxHigh
187Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxxx-xHigh
188Filexx-xxxxx/xxxx.xxxHigh
189Filexx-xxxxxxx/xxxxxxxHigh
190Filexx-xxxxxxxx/xxxxxxxxx.xxxHigh
191Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxHigh
192Filexx_xxxxxxx.xMedium
193Filexxxxxx.x/xxxxx.x/xxxx.xHigh
194Filexx_xxxx.xxxMedium
195Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxxx.xxxHigh
196Libraryxxxxxxx.xxxMedium
197Libraryxxxxxxxx.xxxMedium
198Libraryxxxxxxxxx.xxxHigh
199Libraryxxxxxxxx.xxxMedium
200Libraryxxx/xxxxxx/xxxxxxxxx/xxxxxx.xHigh
201Libraryxxxxxxxxxx/xxxxxxxx.xHigh
202Libraryxxxxxx.xxxMedium
203Libraryxxxxxxxxxxxxxxxxx.xxxHigh
204Libraryxxx/xxx/xxxx/High
205Libraryxxxxxxx.xxxMedium
206Libraryxxxxxxxx.xxxMedium
207Argument$xxxxLow
208Argument-xLow
209Argument-xLow
210Argumentxxx_xxxxMedium
211Argumentxxxxx_xxxxxxxxHigh
212ArgumentxxxxxxLow
213ArgumentxxxxxxxxxxxxxxHigh
214ArgumentxxxxxxxxMedium
215ArgumentxxxxxxxxxxMedium
216ArgumentxxxLow
217ArgumentxxxxxxxxxxMedium
218ArgumentxxxxxLow
219Argumentxxx_xxLow
220ArgumentxxxLow
221ArgumentxxxLow
222ArgumentxxxxxxxxxxxxxxxHigh
223Argumentxxxxxxx_xxxMedium
224Argumentxxxx_xxLow
225Argumentxxxxxxx-xxxxxxHigh
226ArgumentxxxxxxxLow
227Argumentxxxxxxx_xxxx->xxx($xxxxxxxx)High
228ArgumentxxxxLow
229ArgumentxxxxxxxxxxxMedium
230Argumentxxxxx_xxxMedium
231ArgumentxxxxxxxxxxxMedium
232Argumentxxxxxxxxx->xxxxxxxxxHigh
233ArgumentxxxxxLow
234ArgumentxxxxLow
235ArgumentxxxxxxLow
236ArgumentxxxxxxxxMedium
237ArgumentxxxxxxxLow
238ArgumentxxxxxLow
239ArgumentxxxxxxxxxxMedium
240ArgumentxxxxxxLow
241ArgumentxxxxxxxxxMedium
242ArgumentxxxxxxxxMedium
243ArgumentxxLow
244ArgumentxxxxxxxxxMedium
245ArgumentxxxxxxxxxMedium
246Argumentxxxxxxx_xxxMedium
247ArgumentxxxxxxxxxxxMedium
248ArgumentxxxxxxLow
249ArgumentxxxxxxLow
250Argumentxxxx_xxLow
251Argumentxxxx_xxxxxx_xxxxx/xxxx_xxxxxx_xxxx_xxxxxxHigh
252ArgumentxxxxLow
253Argumentxxxxxxxxx/xxxxxxxxxHigh
254ArgumentxxxLow
255Argumentxx_xxxxLow
256ArgumentxxxLow
257ArgumentxxxxLow
258Argumentxxx_xxxxxxxx_x/xxx_xxxxxxxx_xHigh
259Argumentxxxxxxx/xxxx/xxxxxxxxHigh
260ArgumentxxxxxLow
261Argumentxxxx_xxxxMedium
262ArgumentxxxxxLow
263ArgumentxxxxxxLow
264ArgumentxxxxxxxxMedium
265ArgumentxxxxxxxxMedium
266ArgumentxxxxLow
267ArgumentxxxxxxxxxMedium
268Argumentxxxxxx_xxxxMedium
269Argumentxxxxxxxx_xxxxxHigh
270ArgumentxxxxxxLow
271ArgumentxxxxxxLow
272ArgumentxxxLow
273ArgumentxxxxxLow
274ArgumentxxxxxxxxxxMedium
275ArgumentxxxxLow
276Argumentxxx_xxxxxxMedium
277ArgumentxxxxxxLow
278ArgumentxxxxxxxxMedium
279ArgumentxxxxxxLow
280ArgumentxxxxxxxxxMedium
281ArgumentxxxLow
282ArgumentxxLow
283ArgumentxxxxxxxxxMedium
284ArgumentxxxxxxxxxMedium
285Argumentxxx$xxxLow
286ArgumentxxxLow
287ArgumentxxxLow
288Argumentxxxxx_xxxxxxxxHigh
289ArgumentxxxxLow
290Argumentxxxxxxxx-xxxxxxxxHigh
291Argumentxxxx_xxLow
292ArgumentxxxxLow
293ArgumentxxxLow
294ArgumentxxxxLow
295ArgumentxxxxxxxxMedium
296Argumentxxx_xxxxxxxxxHigh
297Argumentxxxxxxxxxxxx[xxxx]High
298Argumentxxxx->xxxxxxxHigh
299Argumentx-xxxxxxxxx-xxxHigh
300Argumentx-xxxx-xxMedium
301Argument\xxxxxx\Medium
302Argument_xxx_xxxxxxx_xxxxxxx_xxxxxxxxxxxxx_xxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxHigh
303Argument_xxx_xxxxxxxxxxx_High
304Input Value%xxxxxxxx%xxxxxxx%xxx%xx%xx%xxxxxxxx%xxHigh
305Input Value.%xx.../.%xx.../High
306Input Value../Low
307Input Value/../Low
308Input Valuexxx xxxxxxxxMedium
309Input Valuex;xxx=xxxx://xxxxxx.xxx/"; xxxx-xxxxx="xxxxxxx" xxx="High
310Input Valuexxxxxxxxx' xxx 'x'='xHigh
311Input Valuexxx?xxxx.xxxMedium
312Input Valuexxxxxxx/.......//./.......//./High
313Input Valuexxxxxxx_xxxxx.xxxxxxx_xxxxxxxHigh
314Pattern() {Low
315Patternxxxxxxx.xxxMedium
316Network PortxxxxxLow
317Network Portxx xxxxxxx xxx.xx.xx.xxHigh
318Network Portxxx/xx (xxxxxx)High
319Network Portxxx/xxxxMedium
320Network Portxxx/xxxxxMedium
321Network Portxxx xxxxxx xxxxHigh

References (1)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!