BlankSlate Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (60)

Sprache

en	34
de	12
ru	6
it	4
zh	2

Land

us	18
de	10
ru	6
it	4
fr	2

Akteure

BlankSlate	4
Cerber	2
Ave Maria	1

Interesse

Typ

Not Defined	16
WordPress Plugin	8
Content Management System	6
Router Operating System	2
Programming Language Software	2

Hersteller

Not Defined	18
Wondershare	6
Dasan	2
DZCP	2
FasterXML	2

Produkt

Wondershare Dr.Fone	4
WordPress	4
Dasan GPON ONT WiFi Router H640X	2
All in One SEO Plugin	2
Views for WPForms Plugin	2

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	CTI	EPSS	CVE
1	DZCP deV!L`z Clanportal config.php erweiterte Rechte	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.54	0.00943	CVE-2010-0966
2	JetBrains PhpStorm idea.log Information Disclosure	3.8	3.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00043	CVE-2022-48435
3	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Information Disclosure	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02	0.02016	CVE-2007-1192
4	Views for WPForms Plugin create_view Cross Site Request Forgery	4.3	4.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	0.00052	CVE-2024-0374
5	All in One SEO Pack Plugin Cross Site Scripting	3.9	3.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06	0.00101	CVE-2023-0585
6	SourceCodester Responsive Ordering System Product_model.php erweiterte Rechte	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00351	CVE-2021-25206
7	WPForms Pro Plugin erweiterte Rechte	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00229	CVE-2022-3574
8	Wondershare Dr.Fone erweiterte Rechte	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00082	CVE-2023-29835
9	All in One SEO Pack Plugin Cross Site Scripting	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.07	0.00076	CVE-2023-0586
10	60IndexPage Parameter file.php erweiterte Rechte	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00063	CVE-2024-0945
11	PuneethReddyHC online-shopping-system product.php SQL Injection	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00180	CVE-2021-43109
12	AffiliateWP Plugin Plugin Activation erweiterte Rechte	5.3	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00045	CVE-2023-4600
13	Wondershare Dr.Fone drfone_setup_full3360.exe erweiterte Rechte	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00067	CVE-2023-27767
14	7-zip 7Z File Parser Pufferüberlauf	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00048	CVE-2023-31102
15	Wondershare Repairit repairit_setup_full5913.exe erweiterte Rechte	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.08	0.00067	CVE-2023-27764
16	Shopizer insert-product-name-here.html Cross Site Scripting	3.5	3.2	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.03	0.00159	CVE-2021-33562
17	All in One SEO Plugin Cross Site Request Forgery	6.2	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	0.00075	CVE-2022-38093
18	Wondershare MobileTrans mobiletrans_setup_full5793.exe erweiterte Rechte	7.0	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	0.00067	CVE-2023-27763
19	MonsterInsights Plugin Title Cross Site Scripting	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00143	CVE-2022-3904
20	Huawei HarmonyOS DUBAI Module Pufferüberlauf	6.6	6.6	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.04	0.00104	CVE-2022-47975

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Identifiziert	Typ	Akzeptanz
1	19.48.17.0		BlankSlate	01.04.2022	verifiziert	High
2	54.68.27.226	ec2-54-68-27-226.us-west-2.compute.amazonaws.com	BlankSlate	01.04.2022	verifiziert	Medium
3	XX.XX.XX.X	xxxxxxx-xxx-xxx-xxx-xxx.xx.xx.xxxx.xxxxxxxxxx.xx	Xxxxxxxxxx	01.04.2022	verifiziert	High
4	XX.XX.XXX.X	xxx.xx-xx-xx-xxx.xx	Xxxxxxxxxx	01.04.2022	verifiziert	High
5	XXX.XX.XXX.XX		Xxxxxxxxxx	01.04.2022	verifiziert	High
6	XXX.XXX.X.XXX	xxx.x.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	01.04.2022	verifiziert	Medium
7	XXX.XXX.XXX.X	xxx.xxxx.xxx.xxxx.xxxxxxx	Xxxxxxxxxx	01.04.2022	verifiziert	High
8	XXX.XXX.XXX.X	xxx.xx-xxx-xxx-xxx.xx	Xxxxxxxxxx	01.04.2022	verifiziert	High
9	XXX.XXX.XXX.X		Xxxxxxxxxx	01.04.2022	verifiziert	High

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1040	CWE-294	Authentication Bypass by Capture-replay	prädiktiv	High
2	T1059	CWE-94	Argument Injection	prädiktiv	High
3	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	prädiktiv	High
4	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
5	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	prädiktiv	High
6	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	prädiktiv	High
7	TXXXX	CWE-XX	Xxx Xxxxxxxxx	prädiktiv	High
8	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	prädiktiv	High
9	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	prädiktiv	High
10	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	prädiktiv	High

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	/cgi-bin/login_action.cgi	prädiktiv	High
2	File	/include/file.php	prädiktiv	High
3	File	123flashchat.php	prädiktiv	High
4	File	cluster.php	prädiktiv	Medium
5	File	data/gbconfiguration.dat	prädiktiv	High
6	File	xxxxxxx.xxx	prädiktiv	Medium
7	File	xxxxxx_xxxxx_xxxxxxxx.xxx	prädiktiv	High
8	File	xxxx.xxx	prädiktiv	Medium
9	File	xxxx.xxx	prädiktiv	Medium
10	File	xxx/xxxxxx.xxx	prädiktiv	High
11	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	prädiktiv	High
12	File	xxxxx.xxx	prädiktiv	Medium
13	File	xxx.x/xxxxxx.x	prädiktiv	High
14	File	xxxxxxxxxxx_xxxxx_xxxxxxxx.xxx	prädiktiv	High
15	File	xxxxxxxxx.xxx	prädiktiv	High
16	File	xxxxxxx.xxx	prädiktiv	Medium
17	File	xxxxxxx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx	prädiktiv	High
18	File	xxxxxxx_xxxxx.xxx	prädiktiv	High
19	File	xxxxxxxx_xxxxx_xxxxxxxx.xxx	prädiktiv	High
20	File	xxxx/xxxx/	prädiktiv	Medium
21	File	xxxxxx_xxx_xxxxx_xxx.xxx	prädiktiv	High
22	Library	xxx.xxx	prädiktiv	Low
23	Argument	xxxxxxxx	prädiktiv	Medium
24	Argument	xxxxxxxx	prädiktiv	Medium
25	Argument	xxxxx_xxxxxxx	prädiktiv	High
26	Argument	xxxx	prädiktiv	Low
27	Argument	xxxxx	prädiktiv	Low
28	Argument	xxxxxx	prädiktiv	Low
29	Argument	xxxx	prädiktiv	Low
30	Argument	xxxx_xxxx	prädiktiv	Medium
31	Argument	xxx	prädiktiv	Low
32	Argument	xxx	prädiktiv	Low
33	Argument	xxxxxxxx/xxxxxxxx	prädiktiv	High
34	Network Port	xxx/xx (xxx)	prädiktiv	Medium

Referenzen (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Do you need the next level of professionalism?

Upgrade your account now!