Vollgar Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (56)

Sprache

en	48
zh	8

Land

us	46
cn	10

Akteure

Vollgar	5
PlugX	1
Mirai	1
Purple Fox	1
Cobalt Strike	1

Interesse

Typ

Not Defined	20
Smartwatch Operating System	6
WordPress Plugin	4
Mail Server Software	4
Cloud Software	4

Hersteller

Not Defined	16
Apple	8
Alt-N	4
Measuresoft	2
TP-LINK	2

Produkt

Apple watchOS	6
Alt-N MDaemon	4
Measuresoft ScadaPro Server	2
Measuresoft ScadaPro Client	2
Emag Marketplace Connector Plugin	2

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	EPSS	CTI	CVE
1	All in One SEO Best WordPress SEO Plugin Import/Export erweiterte Rechte	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00092	0.04	CVE-2021-24307
2	Odoo Database Anonymization Privilege Escalation	5.6	5.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00214	0.05	CVE-2017-10803
3	Libbitcoin Explorer Milk Sad schwache Verschlüsselung	5.3	5.3	$0-$5k	$0-$5k	High	Not Defined	0.00116	0.04	CVE-2023-39910
4	tagDiv Composer Plugin Facebook Login schwache Authentisierung	7.7	7.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00373	0.01	CVE-2022-3477
5	Trend Micro Apex One Information Disclosure	7.6	7.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.00	CVE-2022-44649
6	Sophos Mobile Managed On-Premises XML erweiterte Rechte	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.41283	0.00	CVE-2022-3980
7	iPXE TLS tls.c tls_new_ciphertext Information Disclosure	3.2	3.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00048	0.09	CVE-2022-4087
8	Dolibarr SQL Injection	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00137	0.03	CVE-2022-4093
9	nginx erweiterte Rechte	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	2.78	CVE-2020-12440
10	Insyde Kernel UEFI Variable Pufferüberlauf	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00065	0.00	CVE-2022-35897
11	Trend Micro Apex One Change Prevention Service Pufferüberlauf	7.6	7.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.00	CVE-2022-44650
12	Atlassian Bitbucket Server and Data Center Environment Variable erweiterte Rechte	7.4	7.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.61094	0.02	CVE-2022-43781
13	Trend Micro Apex One Security Agent Race Condition	7.5	7.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.00	CVE-2022-44651
14	LG SmartShare erweiterte Rechte	7.0	7.0	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00054	0.04	CVE-2022-45422
15	WP-Polls Plugin HTTP Header erweiterte Rechte	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00060	0.04	CVE-2022-1581
16	Apple watchOS ImageIO Information Disclosure	5.4	5.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00754	0.03	CVE-2016-3619
17	D-Link G integrated Access Device4 Web Interface login.asp erweiterte Rechte	5.7	5.7	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00124	0.02	CVE-2022-36785
18	Trend Micro Apex One erweiterte Rechte	8.3	8.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.00	CVE-2022-44652
19	Trend Micro Apex One Security Agent Directory Traversal	8.3	8.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00048	0.00	CVE-2022-44653
20	Apple tvOS ImageIO Information Disclosure	5.4	5.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00754	0.00	CVE-2016-3619

IOC - Indicator of Compromise (21)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Identifiziert	Typ	Akzeptanz
1	1.23.82.72		Vollgar	02.04.2020	verifiziert	High
2	2.2.82.64		Vollgar	02.04.2020	verifiziert	High
3	2.12.51.56	arennes-655-1-148-56.w2-12.abo.wanadoo.fr	Vollgar	02.04.2020	verifiziert	High
4	3.95.29.25	ec2-3-95-29-25.compute-1.amazonaws.com	Vollgar	02.04.2020	verifiziert	Medium
5	4.96.46.65		Vollgar	02.04.2020	verifiziert	High
6	XX.X.XX.X		Xxxxxxx	02.04.2020	verifiziert	High
7	XX.XX.XX.XX		Xxxxxxx	02.04.2020	verifiziert	High
8	XX.XXX.XXX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
9	XX.XXX.XXX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
10	XX.XX.XX.X		Xxxxxxx	02.04.2020	verifiziert	High
11	XXX.XX.XXX.XX		Xxxxxxx	13.02.2022	verifiziert	High
12	XXX.XXX.XX.X	xxxxxx.xxxxxxxx.xxx	Xxxxxxx	13.02.2022	verifiziert	High
13	XXX.XXX.XX.XX		Xxxxxxx	13.02.2022	verifiziert	High
14	XXX.XXX.XX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
15	XXX.XXX.XX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
16	XXX.XX.XXX.X		Xxxxxxx	13.02.2022	verifiziert	High
17	XXX.XXX.X.XXX		Xxxxxxx	13.02.2022	verifiziert	High
18	XXX.XXX.XX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
19	XXX.XX.XX.XXX		Xxxxxxx	13.02.2022	verifiziert	High
20	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxx	13.02.2022	verifiziert	High
21	XXX.XXX.XXX.XXX		Xxxxxxx	02.04.2020	verifiziert	High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1006	CWE-21, CWE-22	Path Traversal	prädiktiv	High
2	T1059	CWE-94	Argument Injection	prädiktiv	High
3	T1059.007	CWE-79	Cross Site Scripting	prädiktiv	High
4	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
5	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	prädiktiv	High
6	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	prädiktiv	High
7	TXXXX	CWE-XX	Xxx Xxxxxxxxx	prädiktiv	High
8	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	prädiktiv	High
9	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	prädiktiv	High
10	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	prädiktiv	High
11	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	prädiktiv	High
12	TXXXX.XXX	CWE-XXX, CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	prädiktiv	High

IOA - Indicator of Attack (25)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	/rest/api/2/user/picker	prädiktiv	High
2	File	/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php	prädiktiv	High
3	File	afr.php	prädiktiv	Low
4	File	data/gbconfiguration.dat	prädiktiv	High
5	File	xxxx.xxx	prädiktiv	Medium
6	File	xxx/xxxxxx.xxx	prädiktiv	High
7	File	xxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxx	prädiktiv	High
8	File	xxx/xxx.x	prädiktiv	Medium
9	File	xxxxx.xxx	prädiktiv	Medium
10	File	xxx.xxx	prädiktiv	Low
11	File	xxx/xxx/xxx.x	prädiktiv	High
12	File	xxxxxx.xxx	prädiktiv	Medium
13	Library	xxx/xx.xxx	prädiktiv	Medium
14	Library	xxxxxxx/xxxxxxx/xxxxxx/xxx/xxxxx.xxxxxxx.xxx	prädiktiv	High
15	Argument	xxxxxxxx	prädiktiv	Medium
16	Argument	xxxxx	prädiktiv	Low
17	Argument	xxxxx	prädiktiv	Low
18	Argument	xx	prädiktiv	Low
19	Argument	xxx_xxx	prädiktiv	Low
20	Argument	xxxx	prädiktiv	Low
21	Argument	xxxxxx_xxxx	prädiktiv	Medium
22	Argument	xxxx	prädiktiv	Low
23	Argument	xxx	prädiktiv	Low
24	Argument	xxx	prädiktiv	Low
25	Argument	xxxxxxxx	prädiktiv	Medium

Referenzen (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!