xmrig.pe Analysis

IOB - Indicator of Behavior (123)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en82
zh22
ru6
pl4
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us68
cn20
ir4
gb2
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows4
Tenda W30E4
Qualcomm Snapdragon Auto4
Qualcomm Snapdragon Consumer Electronics Connectiv ...4
Qualcomm Snapdragon Consumer IOT4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.620.04187CVE-2010-0966
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
3Cisco Wireless LAN Controller 802.11v input validation5.85.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00954CVE-2017-12275
4LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.980.00000
5Cisco Wireless LAN Controller ANQP memory corruption5.24.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00954CVE-2017-12282
6Webmin access control7.37.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.78818CVE-2022-0824
7Atlassian Jira Server/Jira Data Center Mobile Plugin server-side request forgery6.46.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.11752CVE-2022-26135
8SPIP spip.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.630.01018CVE-2022-28959
9Jetty Login Password.java information disclosure5.65.5$0-$5k$0-$5kNot DefinedOfficial Fix0.040.03779CVE-2017-9735
10FileRun index.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.020.01213CVE-2007-2469
11I-O DATA DEVICE LAN DISK Connect memory corruption6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2017-10875
12Cisco Wireless LAN Controller SNMP resource management5.35.0$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01061CVE-2017-12278
13D-Link DIR-850L LAN Traffic input validation5.95.9$0-$5k$5k-$25kNot DefinedNot Defined0.050.01055CVE-2017-14430
14Tenda W30E editUserName stack-based overflow6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.080.00885CVE-2022-45508
15Traefik debug log file4.54.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00890CVE-2022-23469
16Tenda W30E delFileName command injection7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.060.02055CVE-2022-45506
17HPE iMC PLAT JSF Expression Language input validation7.77.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.04894CVE-2017-12489
18YJCMS user_edit.html information disclosure7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.050.00885CVE-2022-45276
19Zoom Client for Meetings/Rooms for Conference Room code injection5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2022-28766
20ManyDesigns Portofino WarFileLauncher.java createTempDir temp file2.62.5$0-$5k$0-$5kNot DefinedOfficial Fix0.090.01669CVE-2022-3952

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Log4Shell

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (41)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.ssh/authorized_keyspredictiveHigh
2File/forum/away.phppredictiveHigh
3File/goform/delFileNamepredictiveHigh
4File/goform/editUserNamepredictiveHigh
5File/index/user/upload_img.htmlpredictiveHigh
6File/xxxxx/xxxx/xxxx_xxxx.xxxxpredictiveHigh
7File/xxxx.xxxpredictiveMedium
8File/xxxxxxx/predictiveMedium
9Filexxxxx.xxxpredictiveMedium
10Filexxxxxxxx.xxxpredictiveMedium
11Filexxxxxx/xxxxxx/xxx_xxxx.xpredictiveHigh
12Filex_xxxxxxpredictiveMedium
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxx.xxxpredictiveMedium
15Filexxx/xxxxxx.xxxpredictiveHigh
16Filexxxxx.xxxpredictiveMedium
17Filexxxx.xxxpredictiveMedium
18Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
19Filexxxxx.xxxpredictiveMedium
20Filexxx_xxxxx_xxxxx.xpredictiveHigh
21Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
22Filexxxxxxxx.xxxpredictiveMedium
23Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
24Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
25Argumentxxx_xxxpredictiveLow
26ArgumentxxxxxxxxpredictiveMedium
27ArgumentxxxxxxxpredictiveLow
28Argumentxxxxxxx-xxxx/xxxxxxx-xxxxxxxx-xxxxxxxxpredictiveHigh
29Argumentxx_xxxxx_xxpredictiveMedium
30ArgumentxxxpredictiveLow
31ArgumentxxxxpredictiveLow
32ArgumentxxxxxxxxxxxpredictiveMedium
33Argumentxxxx/xxx/xxx_xxpredictiveHigh
34ArgumentxxxxxxxxpredictiveMedium
35Argumentxxx_xxxxxxxxxxxpredictiveHigh
36ArgumentxxxxxxpredictiveLow
37Argumentxxx_xxxxxxxpredictiveMedium
38ArgumentxxxpredictiveLow
39ArgumentxxxxxxxxpredictiveMedium
40Input Value../predictiveLow
41Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!