Wocao Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en992
de6
sv1
fr1

Country

us59
ru2
de2
sv1

Actors

Black KingDom1000

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Qibosoft cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2020-20946
2HDF5 H5Dchunk.c H5D__create_chunk_file_map_hyper stack-based overflow3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-45833
3gif2apng stack-based overflow5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2021-45908
4Google Chrome Task Manager heap-based overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2022-0310
5vec-const Crate memory corruption5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-45680
6loguru code injection3.83.7$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2022-0329
7Google Android GBoard permissions7.87.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2021-39622
8GPAC vrml_route.c gf_sg_destroy_routes null pointer dereference3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-46311
9Google Chrome Service Worker API Remote Code Execution6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2022-0305
10mruby null pointer dereference5.05.0$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-4188
11Google Chrome Blink Remote Code Execution6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2022-0113
12Google Android events.cpp inotify_cb out-of-bounds write5.35.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2021-39632
13livehelperchat information exposure4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-4177
14IBM i Web UI cross site scripting5.25.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-38876
15EU Technical Specifications for Digital COVID Certificates Certificate certificate validation5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-40855
16D-Link DIR-2640 Quagga Service hard-coded credentials9.89.5$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2021-20132
17GPAC _fseeko denial of service3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-46042
18Netgear Genie Installer access control8.88.5$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2021-20172
19D-Link DIR-2640 Quagga Service path traversal6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2021-20134
20nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined2.22CVE-2020-12440

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Wocao

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (173)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/admin/index.php?lfj=friendlink&action=addHigh
2File/admin/login.phpHigh
3File/ajax_crudMedium
4File/api/ZRMacClone/mac_addr_cloneHigh
5File/base/ecma-helpers-string.cHigh
6File/cms/ajax.phpHigh
7File/core/table/queryHigh
8File/debug/pprofMedium
9File/dev/ionMedium
10File/ecma/operations/ecma-objects.cHigh
11File/GetCopiedFileHigh
12File/hdf5/src/H5Dchunk.cHigh
13File/hdf5/src/H5Fint.cHigh
14File/include/web_check.phpHigh
15File/jerry-core/ecma/base/ecma-literal-storage.cHigh
16File/jerry-core/ecma/builtin-objects/ecma-builtin-date-prototype.cHigh
17File/jerry-core/parser/js/js-parser-expr.cHigh
18File/leave_system/classes/Login.phpHigh
19File/member/post.php?job=postnew&step=postHigh
20File/xxxxxxx-xxx/_xxxxxxxxxxxHigh
21File/xxxxxx/xxxxxxxxxxx.xxxHigh
22File/xxxxx/xxxx.xxxHigh
23File/xxxx/xxx/xxxxxxxHigh
24File/xxxx/Low
25File/xxxxxx/xx/xx-xxxxxx-xxx.xHigh
26File/xx/xxxxxxxxxx.xxxxHigh
27File/xxxx/xxxxxxxxxx/x.x/xxxxxxxx/xxxxxxHigh
28File/xxxxLow
29File/xxxxxxxxxxxx/xxx/High
30File/xxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
31File/xxx/xxx/xxxxxxHigh
32File/xxx/xxxxx/xxx/xxx.xxxHigh
33Filexxxxxxx.xxxMedium
34Filexxxxx.xxxMedium
35Filexxxxx/xxxxxxxxxxxxxx.xxxHigh
36Filexx.xxxxLow
37Filexxxx_xxxxx.xxxHigh
38Filexxxxxxxxxxxxxxx.xxxHigh
39Filexxx.xxLow
40Filexxx/xxxxx/xxxxxxx/xxxx-xxx-xxxxxxx-xxxxxx.xxxHigh
41Filexxx/xxxxxxx.xHigh
42Filexxxx_xxxx_xx.xxHigh
43Filexxxxx/xxxxxxxxxxxxxxxxx.xxxxHigh
44Filexxxxxxxxx.xxxHigh
45Filexxxxxxx.xxxMedium
46Filexxx.xxxLow
47Filexxxxxx.xxxMedium
48Filexxxxxx/xxxxxxxxxxx.xxHigh
49Filexxxxxxxxx.xxxHigh
50Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxHigh
51Filexxxxxxx.xxxMedium
52Filexxxxxxxxx.xxxHigh
53Filexxxxxxx.xxxMedium
54Filexxxxxx/xxxxxx/xxxxxxxxxx.xxxHigh
55Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxHigh
56Filexxxxxx.xxxMedium
57Filexxxxxxxx-xxxxxx.xxHigh
58Filexxxxxxxxxxxxx.xHigh
59Filexx/xxxxxxxxx.xHigh
60Filexxxxxxxxx.xxxHigh
61Filexxxx_xxxxxxx.xHigh
62Filexxxx_xxxx.xMedium
63Filexxxxxxx.xMedium
64Filexxxxx/xxx/xxxxxx/xxxxxx/xxxxxx.xHigh
65Filexxxx_xx.xMedium
66Filexxxx/xxx/xxxxxxxx.xHigh
67Filexxxx_xxxxxxxxHigh
68Filexxxxx.xxxMedium
69Filexxxxxxxx.xMedium
70Filexx_xxx.xMedium
71Filexxx_xxxxxx_xxxxxx.xxHigh
72Filexxxxxxxxx/xxxx-xxxxxxxx.xHigh
73Filexxxxxxxxx.xxxHigh
74Filexxxxx.xxxMedium
75Filexxxxx_xxxxxxxxxxxxHigh
76Filexxxxx.xLow
77Filexxxxx/xxxxxxxxx/xxxxxxxxHigh
78Filexxxxxxx.xxxMedium
79Filexxxxxxxxxxxxxxxxxxxxx.xxxxHigh
80Filexxxxxx.xxxMedium
81Filexxxxxxxx.xxxMedium
82Filexxxxxxxxxxxx.xxxHigh
83Filexxxxxxxx.xxMedium
84Filexxxxx/xxxxx.xHigh
85Filexxxxx-xxxxxxxx-xxxxxxxxx.xxxHigh
86Filexxx-xxxxxx.xMedium
87Filexxxxxxxx.xxxMedium
88Filexxxxxx/xxxxxxxxxxxxxxHigh
89Filexxxxxxxxxx/xxxx_xxxxxxxxxx.xHigh
90Filexxxxxxxxxx/xxxx_xxxxx.xHigh
91Filexxxxx_xxxxxxx/xxxxx_xxxx.xHigh
92Filexxxxxxxxxxxxxxx.xxxxHigh
93Filexxxxxxxxxxxxxxxxxxxx.xxxHigh
94Filexxxxxxxxx.xxxHigh
95Filexxx/xxxxxxxx/xxxxx/xxxxx_xxxxx.xHigh
96Filexxx/xxxxxxxx.xHigh
97Filexxx/xxxxxxx.xHigh
98Filexxx/xxxxxxx.xHigh
99Filexxx/xxxxxxxxxxxxx.xHigh
100Filexxx/xxxxxxx.xHigh
101Filexxx/xxxxx.xMedium
102Filexxx/xxxxxxxxx.xHigh
103Filexxx_xxx_xxxx.xHigh
104Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxHigh
105Filexxxxxx\xxxxxxx\xxxxx\xxxxxxx.xxxHigh
106Filexxxxxxxxxxxxx.xxHigh
107Filexxxxxxxx.xxxxHigh
108Filexxxx/xxxx.xMedium
109Filexxxx/xxxxxx.xHigh
110Filexx-xxxxxxx/xxxxxxxHigh
111Filexxxxxxxx.xMedium
112Filexx/xxxxxxx/xxxxxxx.xHigh
113Filexx/xxxxxxx/xxxxxxxxxx.xHigh
114Filexx_xxxxx.xxxMedium
115Filexxxx.xxxMedium
116File\xxx\xxxxxxxxxxxxxxxx.xxxxHigh
117Libraryxxx/xxx-xxxxxxxxxx.xxxHigh
118Libraryxxx/xxxxxxxx.xxHigh
119Libraryxxxxxx.xxMedium
120Libraryxxxxxxxxxx.xxxHigh
121Libraryxxxxxxxxxx.xxxHigh
122Argument$_xxxxxxx['xxx_xxxxxx']High
123Argumentxxx_xxxLow
124Argumentxxxxxx-xx/x-xxxxxxxxx-xxxHigh
125ArgumentxxxxxxxxMedium
126Argumentxxxx_xxxxMedium
127ArgumentxxxxxxxxxxxMedium
128ArgumentxxxLow
129ArgumentxxxxxLow
130Argumentxxxxx/xxxxxxxxHigh
131ArgumentxxxxxLow
132ArgumentxxxxLow
133ArgumentxxxxxxxxxxMedium
134Argumentxxxxx_xxxx/xxxx_xxxx/xxxxxHigh
135ArgumentxxxxxxxxMedium
136Argumentxxxxxxxx/xxxxx/xxxxxxxHigh
137Argumentxxxxxxxx/xxxxxxxxHigh
138ArgumentxxxxLow
139ArgumentxxLow
140Argumentxxxx_xxxx/xxxxx_xxxxHigh
141ArgumentxxxxxxxxxMedium
142ArgumentxxxxxxxxMedium
143ArgumentxxxxxxLow
144ArgumentxxxxxxxLow
145ArgumentxxxxxxLow
146Argumentx_xxxxxxxxxMedium
147ArgumentxxxxLow
148Argumentxxxx/xxxxxxxMedium
149ArgumentxxxxxxxLow
150ArgumentxxxxLow
151ArgumentxxxxxxxxMedium
152ArgumentxxxxxxxxxxxxxxxHigh
153Argumentxx_xxxLow
154Argumentxxx_xxxxxxx_xxxxx_xxxxHigh
155ArgumentxxxxxxLow
156Argumentxxxxxx/xxxxxx_xxxxxxHigh
157Argumentxxxxxx_xxxxMedium
158Argumentxxx-xxxxxxxxxx-xxxxHigh
159ArgumentxxxLow
160Argumentxxxxxxxx-xxxx-xxxxHigh
161ArgumentxxxLow
162ArgumentxxxxxxLow
163ArgumentxxxxxxLow
164ArgumentxxxxxxxxMedium
165Argumentxxxxxxxx/xxxxxxHigh
166Argumentxxxxxxxx/xxxxxxxxHigh
167ArgumentxxxLow
168ArgumentxxxLow
169Argumentxxxxx_xxxxxxx_xxxxxxxx_xxHigh
170ArgumentxxxxxxxxMedium
171Argumentxxxxxxxx/xxxxxxxxHigh
172Argumentxxx_xxxxxx_xxxxHigh
173Argumentxxx xxx xxx/xxxxxxx xxxxHigh

References (1)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!