Calypso Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (192)

Idioma

en	150
zh	30
de	4
fr	2
it	2

País

us	102
cn	64
gb	6
ru	4
il	2

Actores

Calypso	12
Cobalt Strike	3
RedLine Stealer	2
pupy	1
PlugX	1

Interesar

Escribe

Not Defined	66
Content Management System	22
Operating System	16
Router Operating System	6
Web Browser	4

Proveedor

Not Defined	66
Microsoft	14
DZCP	4
Google	4
Cisco	4

Producto

Microsoft Windows	10
WordPress	6
DZCP deV!L`z Clanportal	4
e-Quick Cart	4
Linux Kernel	4

Vulnerabilidad

#	Vulnerabilidad	Base	Temp	0day	Hoy	Exp	Con	EPSS	CTI	CVE
1	DZCP deV!L`z Clanportal config.php escalada de privilegios	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.06	CVE-2010-0966
2	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgación de información	5.3	5.2	$5k-$25k	Calculador	High	Workaround	0.02016	0.02	CVE-2007-1192
3	Cacti graph_settings.php escalada de privilegios	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01498	0.00	CVE-2014-5261
4	Linux Kernel File Permission sysctl_net.c net_ctl_permissions escalada de privilegios	5.1	4.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00042	0.00	CVE-2013-4270
5	Cacti Utility api_poller.php sql injection	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00422	0.02	CVE-2013-1434
6	cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar directory traversal	6.3	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00079	0.21	CVE-2022-4065
7	Redis Lua escalada de privilegios	6.3	6.3	$0-$5k	$0-$5k	High	Not Defined	0.97135	0.00	CVE-2022-0543
8	Sourcecodester Online Project Time Management System Users.php save_employee sql injection	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00939	0.00	CVE-2022-26293
9	Atlassian JIRA Server/Data Center Dashboard Gadgets Preference Resource escalada de privilegios	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00098	0.00	CVE-2020-36287
10	OpenVPN Access Server LDAP autenticación débil	8.5	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00430	0.04	CVE-2020-8953
11	Navarino Infinity URL divulgación de información	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01867	0.00	CVE-2018-5386
12	jQuery dataType script.js Cross-Domain cross site scripting	5.2	4.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00660	0.05	CVE-2015-9251
13	Craig Patchett Fileseek FileSeek.cgi directory traversal	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04964	0.00	CVE-2002-0611
14	Cacti graph_settings.php sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00346	0.00	CVE-2014-5262
15	Cacti snmp.php escalada de privilegios	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01280	0.00	CVE-2013-1435
16	Microsoft Windows Service Pack 3 escalada de privilegios	5.3	5.1	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00000	0.00
17	Ideal BB.NET forums.aspx cross site scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.00
18	DCP-Portal forums.php sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.00
19	Kayako SupportSuite User Registration cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.00
20	JDOM SAXBuilder denegación de servicio	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00480	0.00	CVE-2021-33813

Campañas (1)

These are the campaigns that can be associated with the actor:

Kazakhstan

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	dirección IP	Hostname	Actor	Campañas	Identified	Escribe	Confianza
1	5.183.178.181		Calypso	Kazakhstan	2022-05-01	verified	Alto
2	5.188.228.53	indppur1.example.com	Calypso	Kazakhstan	2022-05-01	verified	Alto
3	23.227.207.137	23-227-207-137.static.hvvc.us	Calypso		2022-05-01	verified	Alto
4	45.63.96.120	45.63.96.120.vultrusercontent.com	Calypso		2022-05-01	verified	Alto
5	XX.XX.XXX.XXX	xx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxx		2022-05-01	verified	Alto
6	XX.XXX.XXX.XXX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
7	XX.XXX.XXX.XXX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
8	XX.XXX.XXX.XXX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
9	XXX.XX.XX.XX	xxx.xx.xx.xx.xxxxxxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
10	XXX.XX.XXX.XXX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
11	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
12	XXX.XXX.XX.XX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
13	XXX.XXX.XXX.XXX		Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
14	XXX.XX.XXX.XXX	xxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
15	XXX.XXX.XXX.XX	xxxxxxx.xx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
16	XXX.XXX.X.XXX	xxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
17	XXX.XXX.XXX.XXX	xxxxx-xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto
18	XXX.XXX.XXX.XX	xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxx	Xxxxxxxxxx	2022-05-01	verified	Alto

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Clase	Vulnerabilidad	Vector de acceso	Escribe	Confianza
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	Alto
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
3	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	Alto
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
6	TXXXX	CAPEC-95	CWE-XXX	Xxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxx	predictive	Alto
7	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Alto
8	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
9	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
10	TXXXX	CAPEC-	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
11	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
12	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
13	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
14	TXXXX.XXX	CAPEC-133	CWE-XXX	Xxxxxxxx	predictive	Alto
15	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
16	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto
17	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxx Xxxxxx	predictive	Alto

IOA - Indicator of Attack (97)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Clase	Indicator	Escribe	Confianza
1	File	.htaccess	predictive	Medio
2	File	/admin/user/manage/add	predictive	Alto
3	File	/api.php	predictive	Medio
4	File	/export	predictive	Bajo
5	File	/iisadmin	predictive	Medio
6	File	/inc/jquery/uploadify/uploadify.php	predictive	Alto
7	File	/inc/parser/xhtml.php	predictive	Alto
8	File	/includes/lib/detail.php	predictive	Alto
9	File	/MIME/INBOX-MM-1/	predictive	Alto
10	File	/ptms/classes/Users.php	predictive	Alto
11	File	/public/plugins/	predictive	Alto
12	File	/xxxxxxx/xxxxxxxx/xxxx.xxx	predictive	Alto
13	File	/xxxxxxxx/xxxxxxx.xxx	predictive	Alto
14	File	/xxxxxxxx/xxx/xxxxxxxxx.xxx	predictive	Alto
15	File	/xxx-xxx/xxx.xxx	predictive	Alto
16	File	/xxx/xxxxxxxx.xxx	predictive	Alto
17	File	xxxxxxxxxxx.xxx	predictive	Alto
18	File	xxx_xxxxxx.xxx	predictive	Alto
19	File	xxxxxx.xxx	predictive	Medio
20	File	xxx.xxx	predictive	Bajo
21	File	xxxxxxxx_xxxxxxx.xxx	predictive	Alto
22	File	xxx.xxx	predictive	Bajo
23	File	xxxxxxxxxx.xxx	predictive	Alto
24	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Alto
25	File	xxxxxx.xxx	predictive	Medio
26	File	xxxxxxx_xxxxxx.xxx	predictive	Alto
27	File	xxxxxxxx.xxx	predictive	Medio
28	File	xxxxxx.xxxx	predictive	Medio
29	File	xxxxxx.xxx	predictive	Medio
30	File	xxxx.xxx	predictive	Medio
31	File	xxxxx_xxxxxxxx.xxx	predictive	Alto
32	File	xxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxx	predictive	Alto
33	File	xxxxx_xxxxxx.xxx	predictive	Alto
34	File	xxx/xxxxxx.xxx	predictive	Alto
35	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Alto
36	File	xxxxx.xxx	predictive	Medio
37	File	xxxx_xxxxxxxx.xxxx	predictive	Alto
38	File	xxxxxx/xxxxxxxxx.xxx	predictive	Alto
39	File	xxx/xxxx/xx/xxxxxx.xxx	predictive	Alto
40	File	xxx/xxxxxx_xxx.x	predictive	Alto
41	File	xxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxx	predictive	Alto
42	File	xxxxxxxx.xxx	predictive	Medio
43	File	xxxxxxxx_xxxx.xxx	predictive	Alto
44	File	xxxxxxxxxxxx_xxxxxxxx.xxx.xxx	predictive	Alto
45	File	xxxxxx.xx	predictive	Medio
46	File	xxxxxxxxx.xxx	predictive	Alto
47	File	xxxxxxxxxxxx.xxx	predictive	Alto
48	File	xxxxxxxxxxxxxxxx.xxx	predictive	Alto
49	File	xxxxxxxxxxxxxxxxxx.xxxx	predictive	Alto
50	File	xxxx.xxx	predictive	Medio
51	File	xxxx-xxx	predictive	Medio
52	File	xxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxx	predictive	Alto
53	File	xxxxxxxxx.xxx	predictive	Alto
54	File	xxxxxxxxxxx.xxx	predictive	Alto
55	File	xxxxxxx.xxx	predictive	Medio
56	File	xxxxxxxx.xxx	predictive	Medio
57	File	xx-xxxxx.xxx	predictive	Medio
58	Library	xxxxxxx.xxx	predictive	Medio
59	Library	xxx/xxxxxx/xxxxxx.xxx	predictive	Alto
60	Library	xxx/xxx.xxx	predictive	Medio
61	Library	xxxxxx/xxxxxxxxx/xxxxx.xxx	predictive	Alto
62	Argument	xxxx	predictive	Bajo
63	Argument	xxxxxxxx	predictive	Medio
64	Argument	xxxxx	predictive	Bajo
65	Argument	xxx	predictive	Bajo
66	Argument	xxxxxxxx	predictive	Medio
67	Argument	xxxx[xxxx]	predictive	Medio
68	Argument	xxxxx->xxxx	predictive	Medio
69	Argument	xxxx	predictive	Bajo
70	Argument	xxxxxxxx	predictive	Medio
71	Argument	xxxxxx	predictive	Bajo
72	Argument	xxxxxxx[xx_xxx_xxxx]	predictive	Alto
73	Argument	xxxx	predictive	Bajo
74	Argument	xxxx/xxxx	predictive	Medio
75	Argument	xxxx	predictive	Bajo
76	Argument	xx	predictive	Bajo
77	Argument	xxxxxxxxxx	predictive	Medio
78	Argument	xxxxxxx	predictive	Bajo
79	Argument	xxxxxx	predictive	Bajo
80	Argument	xxx_xxxxx	predictive	Medio
81	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	Alto
82	Argument	xxxxxxx	predictive	Bajo
83	Argument	xxxxx	predictive	Bajo
84	Argument	xxxxxxxxxxxxxx	predictive	Alto
85	Argument	xxxxxxxxxx	predictive	Medio
86	Argument	xxx	predictive	Bajo
87	Argument	xxxxxxx_xx	predictive	Medio
88	Argument	xxxxxxxxx	predictive	Medio
89	Argument	xxxxxx	predictive	Bajo
90	Argument	xxxxxxxxx	predictive	Medio
91	Argument	xxx	predictive	Bajo
92	Argument	xxxx	predictive	Bajo
93	Argument	xxxxxxxx	predictive	Medio
94	Argument	xxxxxxxx/xxxxxxxx	predictive	Alto
95	Input Value	;xx xxx.xxx.x.xxx xxxx -x /xxx/xxxx;	predictive	Alto
96	Input Value	??x:\	predictive	Bajo
97	Network Port	xxx/xxxx (xx-xxx)	predictive	Alto

Referencias (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ AnteriorVisión De ConjuntoPróximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!