Generickdz Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (152)

Idioma

en	118
de	14
es	4
ru	4
zh	4

País

us	90
ca	16
de	8
gb	6
cn	6

Actores

Generickdz	7
GandCrab	4
Glupteba	4
Cobalt Strike	2
IcedID	2

Interesar

Escribe

Not Defined	44
Operating System	8
Programming Language Software	6
WordPress Plugin	6
Forum Software	6

Proveedor

Not Defined	46
Microsoft	12
IBM	4
Devellion	2
Gempar	2

Producto

Microsoft Windows	4
OpenSSH	4
Devellion CubeCart	2
Gempar Script Toko Online	2
IBM Power 5	2

Vulnerabilidad

#	Vulnerabilidad	Base	Temp	0day	Hoy	Exp	Con	CTI	EPSS	CVE
1	All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.00501	CVE-2004-2175
2	Phplinkdirectory PHP Link Directory conf_users_edit.php cross site request forgery	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00526	CVE-2011-0643
3	OpenSSH Authentication Username divulgación de información	5.3	4.8	$5k-$25k	$0-$5k	High	Official Fix	0.00	0.10737	CVE-2016-6210
4	212cafe 212cafeboard view.php sql injection	7.3	7.1	$0-$5k	Calculador	High	Unavailable	0.08	0.00064	CVE-2008-4713
5	Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog escalada de privilegios	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.06887	CVE-2019-17364
6	Petwant PF-103/Petalk AI libcommon.so processCommandSetMac escalada de privilegios	9.8	9.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.04	0.06887	CVE-2019-16737
7	Apple macOS Login Window escalada de privilegios	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.05	0.00055	CVE-2021-30702
8	Microsoft IIS cross site scripting	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00548	CVE-2017-0055
9	PhotoPost PHP Pro showproduct.php sql injection	9.8	9.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.00276	CVE-2004-0250
10	Floosietek FTGate desbordamiento de búfer	10.0	9.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.23839	CVE-2005-3640
11	Aboleo.net Portmon escalada de privilegios	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	0.00042	CVE-2003-0448
12	Sun MySQL MS DOS Device Name denegación de servicio	7.5	7.1	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.03	0.07050	CVE-2005-0799
13	PHP Link Directory Administration Page index.html cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.44	0.00374	CVE-2007-0529
14	BitTorrent uTorrent Bencoding Parser escalada de privilegios	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.00867	CVE-2020-8437
15	MDaemon Webmail cross site scripting	5.4	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	0.00070	CVE-2019-8983
16	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgación de información	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02	0.02016	CVE-2007-1192
17	Synology DiskStation Manager Change Password escalada de privilegios	7.1	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.00068	CVE-2018-8916
18	Webmin Package Updates Module update.cgi escalada de privilegios	8.8	8.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.06	0.13230	CVE-2019-12840
19	Totolink LR1200GB Web Interface cstecgi.cgi loginAuth desbordamiento de búfer	9.8	9.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00045	CVE-2024-1783
20	PHP unserialize desbordamiento de búfer	8.5	8.2	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	0.19757	CVE-2015-6834

IOC - Indicator of Compromise (70)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	dirección IP	Hostname	Actor	Identified	Escribe	Confianza
1	5.9.72.48	cpanelbk.pcready.me	Generickdz	2022-05-05	verified	Alto
2	12.167.151.118		Generickdz	2022-05-05	verified	Alto
3	23.12.144.134	a23-12-144-134.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
4	23.12.144.141	a23-12-144-141.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
5	23.207.202.8	a23-207-202-8.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
6	23.207.202.25	a23-207-202-25.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
7	23.207.202.50	a23-207-202-50.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
8	23.207.202.61	a23-207-202-61.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
9	23.221.227.169	a23-221-227-169.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
10	23.221.227.172	a23-221-227-172.deploy.static.akamaitechnologies.com	Generickdz	2023-10-02	verified	Alto
11	37.1.193.43	1.1.1.1	Generickdz	2022-05-05	verified	Alto
12	40.112.72.205		Generickdz	2022-05-05	verified	Alto
13	43.230.143.219		Generickdz	2022-04-08	verified	Alto
14	43.231.4.7		Generickdz	2022-05-05	verified	Alto
15	XX.XX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
16	XX.XXX.XX.XX	xxxxxxxx.xx-xx-xxx-xx.xx	Xxxxxxxxxx	2022-05-04	verified	Alto
17	XX.X.XXX.XX	xxx-xx-x-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Medio
18	XX.XX.X.XXX		Xxxxxxxxxx	2022-05-05	verified	Alto
19	XX.XX.XX.XX		Xxxxxxxxxx	2022-04-12	verified	Alto
20	XX.XXX.XXX.XX	xx-xx-xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
21	XX.XXX.XXX.XXX		Xxxxxxxxxx	2022-05-04	verified	Alto
22	XX.XX.XXX.XX	xxxxx.xxxxxxx.xx	Xxxxxxxxxx	2022-04-08	verified	Alto
23	XX.XXX.XXX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
24	XX.XXX.XX.XXX		Xxxxxxxxxx	2022-04-12	verified	Alto
25	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
26	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
27	XX.XXX.XX.XXX	xxx.xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
28	XX.XXX.XX.XX	xx.xxxxx.xxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
29	XX.XX.XX.XX	xxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxxx	2022-05-05	verified	Alto
30	XX.XXX.XXX.XX	xxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxx	2022-04-08	verified	Alto
31	XX.XXX.XX.XXX	xxxxx.xxxxxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
32	XX.XXX.XXX.XXX	xxxxxxx.xxxxxxxxx.xx	Xxxxxxxxxx	2022-04-08	verified	Alto
33	XX.XXX.XXX.XXX		Xxxxxxxxxx	2022-04-08	verified	Alto
34	XXX.XX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
35	XXX.XX.XX.XXX		Xxxxxxxxxx	2022-05-05	verified	Alto
36	XXX.XX.XXX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
37	XXX.XX.XXX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
38	XXX.XX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
39	XXX.XX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
40	XXX.XXX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
41	XXX.XXX.XXX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	2023-10-02	verified	Alto
42	XXX.XXX.XXX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	2023-10-02	verified	Alto
43	XXX.XX.XXX.XXX		Xxxxxxxxxx	2022-04-08	verified	Alto
44	XXX.X.XXX.XXX		Xxxxxxxxxx	2022-05-05	verified	Alto
45	XXX.X.XXX.XX		Xxxxxxxxxx	2022-04-08	verified	Alto
46	XXX.XXX.XX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
47	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
48	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxxxx	2022-05-05	verified	Alto
49	XXX.XXX.XX.XX	xxxxxxxxx-xx-xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
50	XXX.XXX.XX.XXX	xxxxxxxxx-xxx-xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
51	XXX.XXX.X.XXX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
52	XXX.XXX.X.XXX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
53	XXX.XXX.XXX.XXX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
54	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
55	XXX.XXX.XX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
56	XXX.XXX.XX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
57	XXX.XX.XXX.XX	xxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
58	XXX.XX.XX.XXX	xxx-xxxxxx.xxxxxx-xx-xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
59	XXX.XXX.XXX.XX		Xxxxxxxxxx	2022-05-05	verified	Alto
60	XXX.XX.XX.XXX	xxxxxxxx.xxxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	2022-04-08	verified	Alto
61	XXX.X.XX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	2023-10-02	verified	Alto
62	XXX.X.XX.XXX	xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxxxx	2023-10-02	verified	Alto
63	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
64	XXX.XX.XXX.XXX		Xxxxxxxxxx	2022-05-05	verified	Alto
65	XXX.XX.XXX.XXX	xxx.xxxxxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
66	XXX.XX.XXX.X	xx-xxx.xxx	Xxxxxxxxxx	2022-05-04	verified	Alto
67	XXX.XXX.XX.XX		Xxxxxxxxxx	2022-05-04	verified	Alto
68	XXX.XXX.XX.XX	xxx-xx-xxxx.xxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
69	XXX.XXX.XXX.XX	xxxxxxxxxx.xxxxxxxxxxxxxx.xxx	Xxxxxxxxxx	2022-05-05	verified	Alto
70	XXX.XXX.XXX.XXX		Xxxxxxxxxx	2022-05-05	verified	Alto

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidad	Vector de acceso	Escribe	Confianza
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
3	T1059	CWE-94	Argument Injection	predictive	Alto
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
6	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
7	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
8	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
9	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
10	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
11	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
12	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
13	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
14	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto
15	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Alto
16	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Clase	Indicator	Escribe	Confianza
1	File	/admin/departments/view_department.php	predictive	Alto
2	File	/aux	predictive	Bajo
3	File	/cgi-bin/cstecgi.cgi	predictive	Alto
4	File	/etc/sudoers	predictive	Medio
5	File	/items/view_item.php	predictive	Alto
6	File	/pages/processlogin.php	predictive	Alto
7	File	/uncpath/	predictive	Medio
8	File	/way4acs/enroll	predictive	Alto
9	File	admin/conf_users_edit.php	predictive	Alto
10	File	xxxxxxxxxxxx.xxx	predictive	Alto
11	File	xxx.xxx	predictive	Bajo
12	File	xxxxxxxx.xxx	predictive	Medio
13	File	xxxxxxxxxxxx.xxx	predictive	Alto
14	File	xxxxxxxx/xxxxxxxxxx.xxxx	predictive	Alto
15	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Alto
16	File	xxxxxx.xxx	predictive	Medio
17	File	xxxx.xxx	predictive	Medio
18	File	xxxxxxxxxxx/xxxxx.xxx	predictive	Alto
19	File	xxxxxxxxxxxxxxxx.xxx	predictive	Alto
20	File	xxxxxxx.xxx	predictive	Medio
21	File	xxxxxxxxxx.xxx	predictive	Alto
22	File	xxxxx.xxxx	predictive	Medio
23	File	xxxxx.xxx	predictive	Medio
24	File	xxxxx.xxx?x=/xxxx/xxxxxxxx	predictive	Alto
25	File	xxxxx/xxxxxxxx.x	predictive	Alto
26	File	xxxxxxxxx.xx	predictive	Medio
27	File	xxxxx.xxx	predictive	Medio
28	File	xxxx.xxx	predictive	Medio
29	File	xxxx_xxxx.xxx	predictive	Alto
30	File	xxx.xx	predictive	Bajo
31	File	xxxxxxx_xxx_xxxxx_xxxxxx.xxxx	predictive	Alto
32	File	xxxx_xxxxxxxxx.xxx	predictive	Alto
33	File	xxxx-xxxxxx.x	predictive	Alto
34	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	Alto
35	File	xxxxxxxxxxx.xxx	predictive	Alto
36	File	xxxxxx.xxx	predictive	Medio
37	File	xxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxx	predictive	Alto
38	File	xxxx.xxx	predictive	Medio
39	File	xxxxxxxx.xxx	predictive	Medio
40	File	xx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxx	predictive	Alto
41	File	xxxxxx.xxx	predictive	Medio
42	File	~/xxx/xxxx-xxxxxxxxx.xxx	predictive	Alto
43	Argument	-x/-x	predictive	Bajo
44	Argument	xxx	predictive	Bajo
45	Argument	xxxxxxxx	predictive	Medio
46	Argument	xxxxx	predictive	Bajo
47	Argument	xxx_xx	predictive	Bajo
48	Argument	xx_xx	predictive	Bajo
49	Argument	xxxx	predictive	Bajo
50	Argument	xxxx_xxxxxx	predictive	Medio
51	Argument	xxxxx	predictive	Bajo
52	Argument	xxxxxxxx	predictive	Medio
53	Argument	xxxx_xxxxxxxx_xxxx	predictive	Alto
54	Argument	xxxx_xxxx	predictive	Medio
55	Argument	xx	predictive	Bajo
56	Argument	xxxxxxx_xxx	predictive	Medio
57	Argument	xxxx_xx	predictive	Bajo
58	Argument	xxxx	predictive	Bajo
59	Argument	xxxxx	predictive	Bajo
60	Argument	xxxxx	predictive	Bajo
61	Argument	xxxxxxxx	predictive	Medio
62	Argument	xxx	predictive	Bajo
63	Argument	xxx	predictive	Bajo
64	Argument	xxxxxxxxxxxxxxxx	predictive	Alto
65	Argument	xxx	predictive	Bajo
66	Argument	xxxx	predictive	Bajo
67	Input Value	.%xx.../.%xx.../	predictive	Alto
68	Input Value	xxxx://xxx.xxxxxxx.xxx/xxxxxxxx.xxx?xxxxxxxxxxx=xxx	predictive	Alto

Referencias (8)

The following list contains external sources which discuss the actor and the associated activities:

◂ AnteriorVisión De ConjuntoPróximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!