BlackByte Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (269)

Sprache

en	240
ru	20
fr	6
de	2
zh	2

Land

us	82
cn	16
ru	10
fr	8
es	4

Akteure

RedLine Stealer	3
Cobalt Strike	3
BlackByte	2
CredStealer	1
TeamTNT	1

Interesse

Typ

Not Defined	94
Content Management System	14
Operating System	14
Cloud Software	10
Firewall Software	8

Hersteller

Not Defined	84
Apple	8
SourceCodester	6
Apache	6
IBM	4

Produkt

Apple macOS	8
ownCloud	4
Perl	4
QEMU	4
MediaTek MT6789	4

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	CTI	EPSS	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Information Disclosure	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02	0.02016	CVE-2007-1192
2	DZCP deV!L`z Clanportal config.php erweiterte Rechte	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.51	0.00943	CVE-2010-0966
3	WoltLab Burning Book addentry.php SQL Injection	7.3	6.8	$0-$5k	$0-$5k	Functional	Unavailable	0.02	0.00804	CVE-2006-5509
4	ownCloud index.php Directory Traversal	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00749	CVE-2014-4929
5	Dahua DHI-HCVR7216A-S3 SmartPSS Auto Login Hash erweiterte Rechte	6.7	6.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	0.00331	CVE-2017-6342
6	Cyr to Lat Plugin SQL Injection	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00050	CVE-2022-4290
7	SourceCodester Food Ordering System PHP File ajax.php erweiterte Rechte	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00307	CVE-2023-24646
8	Linux Kernel capsule-loader.c Pufferüberlauf	4.6	4.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	0.00042	CVE-2022-40307
9	HPE Onboard Administrator Reflected Cross Site Scripting	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00050	CVE-2020-7132
10	Moises Heberle WooCommerce Bookings Calendar Plugin Cross Site Scripting	5.0	4.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00043	CVE-2024-31117
11	Foxit PDF Reader AcroForm Pufferüberlauf	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00000	CVE-2024-30354
12	Tenda AC10 SetStaticRouteCfg fromSetRouteStatic Pufferüberlauf	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00045	CVE-2024-2581
13	MediaTek MT8798 Lk Pufferüberlauf	6.7	6.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	0.00043	CVE-2024-20022
14	Kofax Power PDF PNG File Parser Information Disclosure	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00000	CVE-2024-27336
15	Linux Kernel ASPM pci_set_power_state_locked Denial of Service	4.8	4.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00043	CVE-2024-26605
16	Elementor Plugin erweiterte Rechte	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00000	CVE-2024-24934
17	IBM Security Access Manager Container DSC Server Denial of Service	6.8	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	0.00044	CVE-2023-31006
18	WP Recipe Maker Plugin Cross Site Scripting	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00045	CVE-2024-0382
19	Dahua IPC/SD/NVR/XVR Packet unbekannte Schwachstelle	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00063	CVE-2022-30564
20	PrestaShop blockwishlist SQL Injection	7.7	7.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00741	CVE-2022-31101

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Identifiziert	Typ	Akzeptanz
1	45.9.148.114		BlackByte	15.02.2022	verifiziert	High
2	XXX.XX.X.XX	xxxx.xxxxxxx.xxx	Xxxxxxxxx	29.07.2022	verifiziert	High
3	XXX.XXX.XX.XXX		Xxxxxxxxx	07.07.2023	verifiziert	High

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1006	CWE-22, CWE-425	Path Traversal	prädiktiv	High
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	prädiktiv	High
3	T1059	CWE-94	Argument Injection	prädiktiv	High
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	prädiktiv	High
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
6	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	prädiktiv	High
7	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	prädiktiv	High
8	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	prädiktiv	High
9	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	prädiktiv	High
10	TXXXX	CWE-XX	Xxx Xxxxxxxxx	prädiktiv	High
11	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	prädiktiv	High
12	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
13	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	prädiktiv	High
14	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	prädiktiv	High
15	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
16	TXXXX.XXX	CWE-XXX	Xxxxxxxx	prädiktiv	High
17	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	prädiktiv	High
18	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	prädiktiv	High
19	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	prädiktiv	High
20	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	prädiktiv	High

IOA - Indicator of Attack (92)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	/ajax.php?action=read_msg	prädiktiv	High
2	File	/debug/pprof	prädiktiv	Medium
3	File	/desktop_app/file.ajax.php?action=uploadfile	prädiktiv	High
4	File	/env	prädiktiv	Low
5	File	/fos/admin/ajax.php	prädiktiv	High
6	File	/goform/SetNetControlList	prädiktiv	High
7	File	/goform/SetStaticRouteCfg	prädiktiv	High
8	File	/server-status	prädiktiv	High
9	File	/src/chatbotapp/chatWindow.java	prädiktiv	High
10	File	addentry.php	prädiktiv	Medium
11	File	xxxxx/xxxxxxxxxx_xxxxxxxx.xxx	prädiktiv	High
12	File	xxxxx/xxxxx-xxx-xxxxx-xxxxx.xxx	prädiktiv	High
13	File	xxxxx/xxxxxxx/xxxxxxxxxxxx	prädiktiv	High
14	File	xxxxxxxxxxxx/xxxxx/xxxx/	prädiktiv	High
15	File	xxxxx.xxx	prädiktiv	Medium
16	File	xxx_xx_xxx_xxx.xxx	prädiktiv	High
17	File	xxx.x	prädiktiv	Low
18	File	xxx	prädiktiv	Low
19	File	xxx/xxxxxxxx/xxxx/xxxxxxxx.xx	prädiktiv	High
20	File	xxxx/xxxxxxxxxxxxxxx.xxx	prädiktiv	High
21	File	xxxxxxx/xxxxxxxx/xxx/xxxxxxx-xxxxxx.x	prädiktiv	High
22	File	xxxxxxx/xxx/xxx-xx.x	prädiktiv	High
23	File	xxx_xxxx.x	prädiktiv	Medium
24	File	xxxxx_xxxxxxxx.xxxx	prädiktiv	High
25	File	xxx/xxxxx.xxxxx	prädiktiv	High
26	File	xxxx/xxxxxxxx/xxx&xx=xxxxxxx	prädiktiv	High
27	File	xxxxxxxxxxxxxxxxxxxxxxxxx.xx	prädiktiv	High
28	File	xxxxxx.xxx	prädiktiv	Medium
29	File	xxx/xxxxxx.xxx	prädiktiv	High
30	File	xxxxxxx/xxxxx.xxx.xxx	prädiktiv	High
31	File	xxxxx.xxx	prädiktiv	Medium
32	File	xxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxx	prädiktiv	High
33	File	xx_xxxxx.x	prädiktiv	Medium
34	File	xxxxx_xxxxx.x	prädiktiv	High
35	File	xxxxxx/xxx/xxxxxxxx.x	prädiktiv	High
36	File	xxxx.xxx	prädiktiv	Medium
37	File	xxxxx.xxx	prädiktiv	Medium
38	File	xxxxxxxx.xxx	prädiktiv	Medium
39	File	xxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxx	prädiktiv	High
40	File	xxx_xxxx.xxx	prädiktiv	Medium
41	File	xxxxxxxxxxx-xxxx.xx	prädiktiv	High
42	File	xxxxxxxxx/xxxxx.xxxxx	prädiktiv	High
43	File	xxxxx/xxxxx.xxxxx	prädiktiv	High
44	File	xxxxxxx.x	prädiktiv	Medium
45	File	xxxxxxxx-x.xx	prädiktiv	High
46	File	xxxxxxxxxxxxx.xxx	prädiktiv	High
47	File	xxxxxx-xxxxxx.xxx	prädiktiv	High
48	File	xxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxx	prädiktiv	High
49	File	xxx.x	prädiktiv	Low
50	File	xxxxxxxxxxxxxxxx	prädiktiv	High
51	File	xxxxxxxx_xxxxxx_xxxxx.xxx	prädiktiv	High
52	File	xxx-xxxxxxx-xxx.xx	prädiktiv	High
53	File	xxxxxxx.x	prädiktiv	Medium
54	File	xxx.xxx	prädiktiv	Low
55	File	xx-xxxxx-xxxxxx.xxx	prädiktiv	High
56	File	~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxx	prädiktiv	High
57	Library	xx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxx	prädiktiv	High
58	Library	xxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxx	prädiktiv	High
59	Library	xxxxxxx.xxx	prädiktiv	Medium
60	Library	xxxxx.xxx	prädiktiv	Medium
61	Library	xxxxxxxxxxxxx.xxx)	prädiktiv	High
62	Argument	xxxxxx	prädiktiv	Low
63	Argument	xxx	prädiktiv	Low
64	Argument	xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxx	prädiktiv	High
65	Argument	xxxxxx	prädiktiv	Low
66	Argument	xxxxxxxx	prädiktiv	Medium
67	Argument	x:\xxxxxxx\x	prädiktiv	Medium
68	Argument	xxxxx_xxxx	prädiktiv	Medium
69	Argument	xxxxx_xx	prädiktiv	Medium
70	Argument	xxxxxxxx	prädiktiv	Medium
71	Argument	xxxxxxxxxxxxxxxxx	prädiktiv	High
72	Argument	xxxxxxx	prädiktiv	Low
73	Argument	xxx_xxx	prädiktiv	Low
74	Argument	xxxx	prädiktiv	Low
75	Argument	xxxx_xxxxx	prädiktiv	Medium
76	Argument	xxxxx	prädiktiv	Low
77	Argument	xxxxxx_xxx	prädiktiv	Medium
78	Argument	xxxx	prädiktiv	Low
79	Argument	xx	prädiktiv	Low
80	Argument	xxxxxxx	prädiktiv	Low
81	Argument	xxxx	prädiktiv	Low
82	Argument	xxxx	prädiktiv	Low
83	Argument	xxxxxxx	prädiktiv	Low
84	Argument	x_xxxx	prädiktiv	Low
85	Argument	xxxxxx/xxxxxx_xxxxxx	prädiktiv	High
86	Argument	xxx	prädiktiv	Low
87	Argument	xxxxx	prädiktiv	Low
88	Argument	xxxxxxxxxxx	prädiktiv	Medium
89	Argument	xx	prädiktiv	Low
90	Argument	xxxxxx	prädiktiv	Low
91	Argument	x-xxxxxxxxx-xxxx	prädiktiv	High
92	Input Value	//xxx//xxxxxxx.xxx	prädiktiv	High

Referenzen (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!