Ribaj تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (42)

اللغة

en	40
fr	2

البلد

fr	2

الفاعلين

Ribaj	1
Dealply	1

الاهتمام

النوع

Content Management System	8
Not Defined	6
Groupware Software	4
Forum Software	2
Database Administration Software	2

المجهز

Not Defined	26
VMware	4
D-Link	2
Palo Alto	2
Zend	2

منتج

phpBB	2
phpMyAdmin	2
VMware Zimbra Collaboration Suite	2
D-Link DIR Router	2
Fastly CDN Module	2

الثغرات

#	الثغرة	Base	Temp	0day	اليوم	ق�	معالجة	CTI	EPSS	CVE
1	PHP _pdo_pqsql_error تلف الذاكرة	7.5	7.2	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00	0.00000
2	VMware Zimbra Collection Suite Web Application توثيق ضعيف	5.4	4.9	$5k-$25k	جاري الحساب	Proof-of-Concept	Official Fix	0.04	0.00133	CVE-2013-5119
3	VMware Zimbra Collaboration Suite Ajx%20TemplateMsg.js.zgz اجتياز الدليل	5.3	5.3	$5k-$25k	$0-$5k	High	Not Defined	0.05	0.97337	CVE-2013-7091
4	VMware Zimbra aspell.php سكربتات مشتركة	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	0.02855	CVE-2013-1938
5	PHP الحرمان من الخدمة	3.7	3.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00000
6	D-Link DIR Router _show_info.php تجاوز الصلاحيات	5.4	5.1	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00000
7	Zend Framework Configuration File application.ini الكشف عن المعلومات	9.8	9.0	$25k-$100k	$0-$5k	Proof-of-Concept	Workaround	0.00	0.00000
8	SquirrelMail Request Path الكشف عن المعلومات	5.3	5.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02	0.00000
9	WordPress edit-tags.php تجاوز الصلاحيات	6.5	5.9	$25k-$100k	جاري الحساب	Proof-of-Concept	Official Fix	0.00	0.00000
10	phpMyAdmin Error Message view_create.php CREATE سكربتات مشتركة	5.5	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00064	CVE-2013-3742
11	phpMyAdmin tbl_chart.js سكربتات مشتركة	6.1	5.8	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00101	CVE-2013-4997
12	cPanel WHM LogMeIn توثيق ضعيف	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00000
13	Palo Alto PAN-OS import.certificate.php توثيق ضعيف	4.4	4.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00000
14	PHP OBJECT parse_iso_intervals.c DateInterval تلف الذاكرة	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.58972	CVE-2013-6712
15	WordPress Credentials options-writing.php تجاوز الصلاحيات	8.1	7.7	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.00	0.00000
16	MediaWiki Deleted Page ApiQueryLogEvents.php الكشف عن المعلومات	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00	0.00381	CVE-2013-6472
17	phpBB Exception الحرمان من الخدمة	5.3	4.7	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00	0.00000
18	Drupal Taxonomy Module تجاوز الصلاحيات	5.3	4.6	$0-$5k	$0-$5k	Unproven	Official Fix	0.02	0.00188	CVE-2014-1476
19	Trend Micro OfficeScan Proxy.php تجاوز الصلاحيات	8.5	8.5	$5k-$25k	جاري الحساب	High	Not Defined	0.02	0.64708	CVE-2017-11394
20	Trend Micro OfficeScan Proxy.php تجاوز الصلاحيات	8.5	8.5	$5k-$25k	جاري الحساب	High	Not Defined	0.00	0.12944	CVE-2017-11393

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	عنوان بروتوكول الإنترنت	Hostname	ممثل	Identified	النوع	الثقة
1	46.4.111.124	static.124.111.4.46.clients.your-server.de	Ribaj	12/04/2022	verified	عالي
2	XX.XXX.XXX.XX	xxxx.xx-xx-xxx-xxx.xx	Xxxxx	12/04/2022	verified	عالي
3	XX.XXX.XXX.XXX	xxxxx.xx-xx-xxx-xxx.xx	Xxxxx	12/04/2022	verified	عالي
4	XXX.XX.XX.XXX	xxx.xxxxxxx.xx	Xxxxx	12/04/2022	verified	عالي

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	الثغرات	متجه الوصول	النوع	الثقة
1	T1006	CWE-22	Path Traversal	predictive	عالي
2	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	عالي
3	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	عالي
4	TXXXX	CWE-XXX	Xxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxx	predictive	عالي
5	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	عالي
6	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	عالي
7	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	عالي
8	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	عالي
9	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	عالي

IOA - Indicator of Attack (45)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	الفئة	Indicator	النوع	الثقة
1	File	/configs/application.ini	predictive	عالي
2	File	/ossim/report/wizard_email.php	predictive	عالي
3	File	admin/editadgroup.php	predictive	عالي
4	File	adminpanel/modules/pro/inc/ajax.php	predictive	عالي
5	File	dapur\apps\app_config\sys_config.php	predictive	عالي
6	File	edit-tags.php	predictive	عالي
7	File	xxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxx	predictive	عالي
8	File	xxx/xxxx/xxx/xxxxx_xxx_xxxxxxxxx.x	predictive	عالي
9	File	xxxxxxxxxxx.xxx	predictive	عالي
10	File	xxxxxx.xxxxxxxxxxx.xxx	predictive	عالي
11	File	xxxxxxxx/xxx/xxxxxxxxxxxxxxxxx.xxx	predictive	عالي
12	File	xxxxxx/xxxxx_xxxxx/xxx_xxxxxx_xxxxx.xxx	predictive	عالي
13	File	xxxxxx\xxxx_xxx\xxxxx\xxxxxxxx.xxx	predictive	عالي
14	File	xxx_xxxxx_xxxx.x	predictive	عالي
15	File	xxxxxx.xxx	predictive	متوسط
16	File	xxxxx.xxx	predictive	متوسط
17	File	xxx/xxxxxxx/xxxxxx/xxxx/xxxxx/xxxxxxx/xxxxxx/xxxxx/xxx%xxxxxxxxxxxxx.xx.xxx	predictive	عالي
18	File	xxxxxxxxx.xxx	predictive	عالي
19	File	xxx/xxx/xxxxxx.xxx	predictive	عالي
20	File	xxxxxxxx.xxx	predictive	متوسط
21	File	xxx_xxxxx.xx	predictive	متوسط
22	File	xxxxxxx.xxx	predictive	متوسط
23	File	xxxxxxxxxxx.xxx	predictive	عالي
24	File	xxxx_xxxxxx.xxx	predictive	عالي
25	File	xx-xxxxx/xxxxxxx-xxxxxxx.xxx	predictive	عالي
26	File	_xxxx_xxxx.xxx	predictive	عالي
27	Library	xxx/xxxxx.xxx.xxx	predictive	عالي
28	Argument	$_xxx['xxx_xxxxx']	predictive	عالي
29	Argument	$_xxx['xxxxxxx']	predictive	عالي
30	Argument	xxxxx	predictive	واطئ
31	Argument	xxxxxxxxxx	predictive	متوسط
32	Argument	xxxxxxx	predictive	واطئ
33	Argument	xxxxx_xxxx	predictive	متوسط
34	Argument	xxxxxx	predictive	واطئ
35	Argument	xxxxxxx_xxxx	predictive	متوسط
36	Argument	xxxxxxx_xxxx	predictive	متوسط
37	Argument	xxxxxx_xx	predictive	متوسط
38	Argument	xxxxxxxxxxx	predictive	متوسط
39	Argument	xxxx_xxxx	predictive	متوسط
40	Argument	xxxx	predictive	واطئ
41	Argument	xxxx	predictive	واطئ
42	Argument	xx	predictive	واطئ
43	Argument	xxxxxxxxxxxxx	predictive	عالي
44	Argument	xx_xxxx_xxxxx	predictive	عالي
45	Argument	_xx_xxxx_xxxxxxx/_xx_xxxxxxxx_xxxx_xxxxxxx	predictive	عالي

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي ▸نظرة عامة◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!