Stolen Pencil Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (178)

Idioma

en	152
de	10
ru	4
sv	4
es	4

País

us	122
ir	8
sv	4
gb	2
de	2

Actores

Stolen Pencil	5
Ave Maria	1
AsyncRAT	1
Vjw0rm	1
RedLine Stealer	1

Interesar

Escribe

Not Defined	64
Content Management System	22
Web Browser	4
Multimedia Processing Software	4
Groupware Software	4

Proveedor

Not Defined	56
Microsoft	10
SourceCodester	8
Google	4
VMware	4

Producto

myPHPNuke	4
FFmpeg	4
DCP-Portal	4
ChurchInfo	2
Tilde CMS	2

Vulnerabilidad

#	Vulnerabilidad	Base	Temp	0day	Hoy	Exp	Con	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgación de información	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	DZCP deV!L`z Clanportal config.php escalada de privilegios	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.07	CVE-2010-0966
3	Revive Adserver lg.php Redirect	5.8	5.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00922	0.04	CVE-2021-22873
4	DZCP deV!L`z Clanportal browser.php divulgación de información	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02733	0.89	CVE-2007-1167
5	Wuzhicms group.php sql injection	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00172	0.02	CVE-2022-27431
6	phpPgAds/phpAdsNew lib-sessions.inc.php sql injection	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.00
7	LionWiki index.php escalada de privilegios	6.9	6.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01572	0.00	CVE-2020-27191
8	E-theni URL aff_liste_langue.php escalada de privilegios	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03405	0.00	CVE-2003-1256
9	PHPSurveyor dumplabel.php sql injection	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.00
10	PHP-Nuke Kleinanzeigen module modules.php sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00100	0.00	CVE-2008-3512
11	ZeeBuddy editadgroup.php sql injection	8.5	8.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00285	0.00	CVE-2017-15976
12	DCP-Portal golink.php sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.02
13	baigo CMS opt_base.inc.php escalada de privilegios	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01293	0.00	CVE-2019-9227
14	SourceCodester Online Boat Reservation System POST Parameter login.php cross site scripting	4.4	4.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00131	0.00	CVE-2023-1030
15	Xoops userinfo.php sql injection	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00316	0.00	CVE-2002-0216
16	VMware ESXi VMX escalada de privilegios	7.2	6.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00044	0.03	CVE-2021-22042
17	Apache Log4j Lookup denegación de servicio	6.4	6.1	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.96625	0.04	CVE-2021-45105
18	Fast C++ CSV Parser csv.h trim_chars desbordamiento de búfer	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00659	0.00	CVE-2018-13421
19	October CMS cross site request forgery	6.5	6.3	$0-$5k	$0-$5k	Functional	Official Fix	0.00196	0.00	CVE-2017-16244
20	automad FileController.php import escalada de privilegios	7.1	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00061	0.07	CVE-2023-7037

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	dirección IP	Hostname	Actor	Identified	Escribe	Confianza
1	1.3.4.1		Stolen Pencil	2018-12-09	verified	Alto
2	2.2.6.5		Stolen Pencil	2018-12-09	verified	Alto
3	5.196.169.223	ip223.ip-5-196-169.eu	Stolen Pencil	2020-12-20	verified	Alto
4	XX.XXX.XXX.XXX	xxxxxxxxxxxxxxxxxxxxx.xxx	Xxxxxx Xxxxxx	2020-12-20	verified	Alto
5	XX.XXX.XXX.X		Xxxxxx Xxxxxx	2020-12-20	verified	Alto
6	XXX.XXX.XXX.XX	xxxxxxxxxxxxxxxxxxxxxx.xx	Xxxxxx Xxxxxx	2020-12-20	verified	Alto
7	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxx Xxxxxx	2020-12-20	verified	Alto
8	XXX.XXX.XXX.XXX	xx-xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxx.xxx	Xxxxxx Xxxxxx	2020-12-20	verified	Alto
9	XXX.XX.XX.XXX		Xxxxxx Xxxxxx	2020-12-20	verified	Alto
10	XXX.XX.XXX.XXX	xx-xxx-xx-xxx-xxx.xxxx.xxxxxxxxx.xxx	Xxxxxx Xxxxxx	2020-12-20	verified	Alto
11	XXX.XXX.XXX.XXX		Xxxxxx Xxxxxx	2020-12-20	verified	Alto

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidad	Vector de acceso	Escribe	Confianza
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1059	CWE-94	Argument Injection	predictive	Alto
3	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
4	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
5	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
6	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
7	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
8	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
9	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
10	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
11	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
12	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto
13	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxx	predictive	Alto

IOA - Indicator of Attack (135)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Clase	Indicator	Escribe	Confianza
1	File	/admin/api/admin/articles/	predictive	Alto
2	File	/admin/photo.php	predictive	Alto
3	File	/admin/transactions/track_shipment.php	predictive	Alto
4	File	/api/browserextension/UpdatePassword/	predictive	Alto
5	File	/boat/login.php	predictive	Alto
6	File	/book-services.php	predictive	Alto
7	File	/coreframe/app/member/admin/group.php	predictive	Alto
8	File	/forum/away.php	predictive	Alto
9	File	/home/courses	predictive	Alto
10	File	/horde/util/go.php	predictive	Alto
11	File	/owa/auth/logon.aspx	predictive	Alto
12	File	/secure/EditSubscription.jspa	predictive	Alto
13	File	/systemrw/	predictive	Medio
14	File	/tmp/supp_log	predictive	Alto
15	File	?r=recruit/bgchecks/export&checkids=x	predictive	Alto
16	File	account.php	predictive	Medio
17	File	ActivityStarter.java	predictive	Alto
18	File	admin/content.php	predictive	Alto
19	File	xxxxx/xxxxxxxxxxx.xxx	predictive	Alto
20	File	xxxxx/xxxxx.xxx	predictive	Alto
21	File	xxxxx/xxxx.xxx	predictive	Alto
22	File	xxxxx\xxxxxxx\xxxxx.xxx#xxxx_xxxx	predictive	Alto
23	File	xxxxxxxx_xxx_xxxxxxx.xxx	predictive	Alto
24	File	xxxxxxxx_xxxxxx_xxxxxxx.xxx	predictive	Alto
25	File	xxx_xxxxx_xxxxxx.xxx	predictive	Alto
26	File	xxx-xxxxx/xxxxxxxx-xxx	predictive	Alto
27	File	xx_xxxxxxxxxx.xxx	predictive	Alto
28	File	xxxxxxx.xxx	predictive	Medio
29	File	xxx/xxx.xxx	predictive	Medio
30	File	xxxxxxxx.xxx	predictive	Medio
31	File	xxxxx.xxx	predictive	Medio
32	File	xxxxxx.xxx	predictive	Medio
33	File	xxxxx_xxxxxx.xxx	predictive	Alto
34	File	xxxxxxx_xxx.xxx	predictive	Alto
35	File	xxx.x	predictive	Bajo
36	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Alto
37	File	xxxxx.xxx	predictive	Medio
38	File	xxxxxx.xxx	predictive	Medio
39	File	xxxxxx.xxx	predictive	Medio
40	File	xxxxxx.xxx	predictive	Medio
41	File	xxxxxxx.xxx	predictive	Medio
42	File	xxxxxxxxxxxxxxx.xxx	predictive	Alto
43	File	xxxxxxxxx.xxx	predictive	Alto
44	File	xxxxxxxxxxxxxx.xxx	predictive	Alto
45	File	xxxx.xxx	predictive	Medio
46	File	xxxxxx.xxx	predictive	Medio
47	File	xxx/xxxxxx.xxx	predictive	Alto
48	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Alto
49	File	xxxxx.xxx	predictive	Medio
50	File	xxx/xxx_xxx_xx.xxxx	predictive	Alto
51	File	xxxxxxxxx/xxxxxxx/xxxxx.xxx	predictive	Alto
52	File	xxxxx.xxx	predictive	Medio
53	File	xxxxx/xxx/xxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxx	predictive	Alto
54	File	xxxxx.xxx	predictive	Medio
55	File	xx.xxx	predictive	Bajo
56	File	xxxxxx.xxx	predictive	Medio
57	File	xxxx/xxxx_x_xxxxxx/xxxx.xxx	predictive	Alto
58	File	xxxxxxx.xxx	predictive	Medio
59	File	xxxxxxx/xxxxxxx/xxxxx/xxxxxxx.xxx	predictive	Alto
60	File	xxx_xxxx.xxx	predictive	Medio
61	File	xxx_xxxx.xxx.xxx	predictive	Alto
62	File	xxx-xxx/xxxxxxxxx.xxx	predictive	Alto
63	File	xxxxx.xxx	predictive	Medio
64	File	xxxxxxx/xxxx.xxx	predictive	Alto
65	File	xxxxxxxx.xxx	predictive	Medio
66	File	xxxxxxx_xxxxxxx.xxx	predictive	Alto
67	File	xxxxxxxxxxxxx.xxx	predictive	Alto
68	File	xxxxxxxx.xxx	predictive	Medio
69	File	xxxxxxxxxx.xxx	predictive	Alto
70	File	xxxxxxx-xxxxxxx.xxx	predictive	Alto
71	File	xxx/xxxx/xxxxxxxxxxx/xxxxx/xxxxx.xxx	predictive	Alto
72	File	xxxx/xxxx.xxx	predictive	Alto
73	File	xxxxxxxx.xxx	predictive	Medio
74	File	xxxx_xxxx_xxxxxxx.xxx	predictive	Alto
75	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	Alto
76	File	xxx.xxx	predictive	Bajo
77	File	xxxxxxxxxxx-xxxxxx/xxx/xxxxxxxxxx/xxxx.xxx	predictive	Alto
78	File	xxxxxxxx/xxxxxxx.xxxx	predictive	Alto
79	File	xx-xxxxx/xxxxx.xxx	predictive	Alto
80	File	xxxxxxx.xxxx	predictive	Medio
81	Library	xxxxx.xxx	predictive	Medio
82	Library	xxx-xxxxxxxx.xxx.xxx	predictive	Alto
83	Argument	/xxx/xxxxxxxxxxx/xxxxxx/xx_xxxxxxxxxx.xxx?xxx=<xxxxx-xxx>/xxxxxxxx=x/xxxxxxx	predictive	Alto
84	Argument	xxxxxx:/xxxxxxxx:/xxxxxxxxxxxxxx:	predictive	Alto
85	Argument	xxxxxxxx	predictive	Medio
86	Argument	xxxxxxxxx	predictive	Medio
87	Argument	xx_xxxxx	predictive	Medio
88	Argument	xx_xxxx_xxxx	predictive	Medio
89	Argument	xxxxx_xxx	predictive	Medio
90	Argument	xxxxxxxx	predictive	Medio
91	Argument	xxxxxxx	predictive	Bajo
92	Argument	xxxx	predictive	Bajo
93	Argument	xxxxxxxxxxxx	predictive	Medio
94	Argument	xxxx/xxxxxx/xxx	predictive	Alto
95	Argument	xxxxxxx	predictive	Bajo
96	Argument	xxxxxxx xxxx	predictive	Medio
97	Argument	xxxxxxxx	predictive	Medio
98	Argument	xxxxx_xx	predictive	Medio
99	Argument	xx	predictive	Bajo
100	Argument	xxxx	predictive	Bajo
101	Argument	xx_xx	predictive	Bajo
102	Argument	xx	predictive	Bajo
103	Argument	xxxxxxx	predictive	Bajo
104	Argument	xxxxxxx	predictive	Bajo
105	Argument	xx	predictive	Bajo
106	Argument	xx	predictive	Bajo
107	Argument	xxxxxxxxx	predictive	Medio
108	Argument	xxxx_xxxx	predictive	Medio
109	Argument	xxxxxx	predictive	Bajo
110	Argument	xxx_xxxx_x/xxx_xxxx_x	predictive	Alto
111	Argument	xxx	predictive	Bajo
112	Argument	xx_xxxx	predictive	Bajo
113	Argument	xxxxxxx	predictive	Bajo
114	Argument	xxx_xx	predictive	Bajo
115	Argument	xxxxx[x][xxx]	predictive	Alto
116	Argument	xxx	predictive	Bajo
117	Argument	xxxxxx	predictive	Bajo
118	Argument	xxxxxxxxxx	predictive	Medio
119	Argument	xxxxxxxxx	predictive	Medio
120	Argument	xxx	predictive	Bajo
121	Argument	xxx_xxxx	predictive	Medio
122	Argument	xxx_xxxxxxx	predictive	Medio
123	Argument	xxxxxxxxx	predictive	Medio
124	Argument	xxx	predictive	Bajo
125	Argument	xxxxx	predictive	Bajo
126	Argument	xxxx_xx	predictive	Bajo
127	Argument	xxxxxx_xx	predictive	Medio
128	Argument	xxxxx	predictive	Bajo
129	Argument	xxxxx	predictive	Bajo
130	Argument	xxx	predictive	Bajo
131	Argument	xx	predictive	Bajo
132	Argument	xxx	predictive	Bajo
133	Argument	xxxxxxxx	predictive	Medio
134	Argument	_xxxxxxx	predictive	Medio
135	Input Value	%xx	predictive	Bajo

Referencias (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you need the next level of professionalism?

Upgrade your account now!