Qjwmonkey Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

Zeitverlauf

Sprache

en20

Land

Akteure

Qjwmonkey1

Aktivitäten

Interesse

Zeitverlauf

Typ

Not Defined14
Router Operating System2
Multimedia Player Software2

Hersteller

National Sleep Research Resource2
Ubiquiti2
IBOS2
TRENDnet2
Not Defined2

Produkt

National Sleep Research Resource sleepdata.org2
Ubiquiti EdgeRouter X2
IBOS OA2
TRENDnet TEW-811DRU2
60IndexPage2

Schwachstellen

#SchwachstelleBaseTemp0dayHeuteAusMasCTIEPSSCVE
1PHPGurukul Online Notes Sharing System profile.php Cross Site Request Forgery4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.150.00052CVE-2023-7052
2Mozilla Firefox Pufferüberlauf6.36.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.030.00618CVE-2016-5290
3Home Clean Services Management System login.php SQL Injection4.74.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.120.00098CVE-2022-1838
4IBOS OA trash&op=del SQL Injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00063CVE-2023-4849
5XiaoBingBy TeaCMS upload Privilege Escalation7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.090.00126CVE-2023-1398
6OTRS Email Denial of Service6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00086CVE-2022-39052
760IndexPage Parameter index.php erweiterte Rechte8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00063CVE-2024-0946
8Axiomatic Bento4 Incomplete Fix CVE-2019-13238 Denial of Service5.04.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00085CVE-2022-3807
9SourceCodester Apartment Visitor Management System index.php SQL Injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00170CVE-2022-2677
10Microsoft IIS 4.0 und 5.x Fehlermeldungen Cross Site Scripting4.24.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.03911CVE-2003-0223
11Ubiquiti EdgeRouter X Web Management Interface erweiterte Rechte7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00073CVE-2023-2373
12National Sleep Research Resource sleepdata.org Cross Site Scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00079CVE-2022-4525
13WeBankPartners WeCube Plugin Database Execution Page Cross Site Scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000.00066CVE-2022-37787
14SourceCodester Online Tours & Travels Management System expense_report.php SQL Injection4.74.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00078CVE-2023-0534
15SourceCodester Free Hospital Management System for Small Practices login.php SQL Injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00077CVE-2023-4180
16SourceCodester Company Website CMS Cookie site-settings.php erweiterte Rechte7.06.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00053CVE-2022-2702
17SourceCodester Online Tours & Travels Management System s.php SQL Injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00126CVE-2023-0561
18TRENDnet TEW-811DRU Web Management Interface wan.asp Pufferüberlauf6.56.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00133CVE-2023-0637

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-AdresseHostnameAkteurKampagnenIdentifiziertTypAkzeptanz
136.99.227.233Qjwmonkey14.04.2022verifiziertHigh
239.108.27.173Qjwmonkey14.04.2022verifiziertHigh
3XX.XX.XXX.XXXxxxxxxxx14.04.2022verifiziertHigh
4XX.XXX.XX.XXXxxxxxxxx22.07.2021verifiziertHigh
5XX.XXX.XX.XXXxxxxxxxx22.07.2021verifiziertHigh
6XXX.XX.XXX.XXXXxxxxxxxx22.07.2021verifiziertHigh
7XXX.XX.XX.XXXXxxxxxxxx22.07.2021verifiziertHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSchwachstellenZugriffsartTypAkzeptanz
1T1006CWE-24Path TraversalprädiktivHigh
2TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxprädiktivHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxprädiktivHigh
4TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxprädiktivHigh
5TXXXXCWE-XXXxx XxxxxxxxxprädiktivHigh

IOA - Indicator of Attack (22)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasseIndicatorTypAkzeptanz
1File/admin/uploadprädiktivHigh
2File/apply/index.phpprädiktivHigh
3File/user/profile.phpprädiktivHigh
4File/xxxx/x.xxxprädiktivMedium
5File/xx/xxxxx.xxxprädiktivHigh
6File?x=xxxx/xxxxxxxxx/xxxxx&xx=xxxprädiktivHigh
7Filexxxxx/xxxxxxx_xxxxxx.xxxprädiktivHigh
8Filexxxxx/xxxxx.xxxprädiktivHigh
9Filexxxxx.xxxprädiktivMedium
10Filexxxx-xxxxxxxx.xxxprädiktivHigh
11Filexxx.xxxprädiktivLow
12Argumentxxx-xxprädiktivLow
13ArgumentxxxxprädiktivLow
14ArgumentxxprädiktivLow
15ArgumentxxxxprädiktivLow
16Argumentxx_xxxxprädiktivLow
17ArgumentxxxprädiktivLow
18Argumentxxxxxxxxx/xxxxxxxxxxxxprädiktivHigh
19ArgumentxxxxxxxxprädiktivMedium
20Argumentx-xxxxxxxxx-xxxprädiktivHigh
21Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxxprädiktivHigh
22Input Valuexxxxx%'/**/xxx/**/(xxxxxx/**/xxxx/**/xxxx/**/(xxxxxx(xxxxx(x)))xxxx)/**/xxx/**/'xxxx%'='xxxxprädiktivHigh

Referenzen (3)

The following list contains external sources which discuss the actor and the associated activities:

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!