Qrypter Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (123)

Langue

en	124

De campagne

us	84
cn	4

Acteurs

Adwind	1
Qrypter	1
Remcos	1

Intérêt

Taper

Not Defined	54
Firewall Software	18
Content Management System	8
Document Reader Software	6
Cloud Software	6

Fournisseur

Not Defined	44
Cisco	18
Adobe	6
2daybiz	6
Trevor Mckay	6

Produit

Cisco ASA 5580	18
Adobe Acrobat Reader	6
Trevor Mckay Cumin	6
Drupal	4
condor	4

Vulnérabilités

#	Vulnérabilité	Base	Temp	0day	Aujourd'hui	Exp	Con	EPSS	CTI	CVE
1	auth0.js Password divulgation de l'information	3.8	3.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00063	0.00	CVE-2020-5263
2	LearnDash Plugin sql injection	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00138	0.02	CVE-2020-6009
3	cPanel Script elévation de privilèges	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00000	0.03
4	WordPress Multisite API ms-functions.php chiffrement faible	7.4	7.2	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00657	0.00	CVE-2017-5493
5	D-Link DWR-932B Telnet/SSH Service authentification faible	9.8	9.6	$5k-$25k	$0-$5k	Not Defined	Workaround	0.51004	0.01	CVE-2016-10177
6	JetBrains Space Password Authentication authentification faible	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00309	0.00	CVE-2020-11796
7	PrestaShop AdminFeatures Page Reflected cross site scripting	4.1	3.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00066	0.00	CVE-2020-5269
8	PrestaShop Product Attributes Page elévation de privilèges	4.1	3.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00071	0.00	CVE-2020-5288
9	IBM Maximo Asset Management Web UI cross site scripting	4.7	4.7	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00050	0.00	CVE-2019-4749
10	OpenMRS login.htm elévation de privilèges	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00105	0.00	CVE-2020-5728
11	IBM MQ divulgation de l'information	3.8	3.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00042	0.03	CVE-2020-4338
12	Schneider Electric TriStation 1131 divulgation de l'information	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00171	0.00	CVE-2020-7483
13	Google Android rw_t2t_ndef.cc rw_t2t_extract_default_locks_info buffer overflow	8.5	8.2	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00102	0.00	CVE-2020-0071
14	IBM UrbanCode Deploy Permission divulgation de l'information	3.1	3.1	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00050	0.04	CVE-2020-4260
15	ClearPass Stored cross site scripting	3.6	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00054	0.04	CVE-2020-7110
16	LG Mobile Device GPS vulnérabilité inconnue	5.5	5.5	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00044	0.00	CVE-2019-20784
17	IBM MQ Error dénie de service	4.8	4.8	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00084	0.00	CVE-2019-4762
18	Netgear WAC510 Stored cross site scripting	4.9	4.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00055	0.00	CVE-2019-20742
19	iCatch DVR elévation de privilèges	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00104	0.03	CVE-2020-10514
20	Cisco UCS Director/UCS Director Express for Big Data REST API elévation de privilèges	8.5	8.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.96918	0.00	CVE-2020-3250

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adresse IP	Hostname	Acteur	Campagnes	Identified	Taper	Confiance
1	178.175.138.211	178-175-138-211.static.as43289.net	Qrypter		31/05/2021	verified	Élevé

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnérabilités	Vecteur d'accès	Taper	Confiance
1	T1006	CWE-22	Path Traversal	predictive	Élevé
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Élevé
3	T1059	CWE-94	Argument Injection	predictive	Élevé
4	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Élevé
5	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Élevé
6	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Élevé
7	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Élevé
8	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Élevé
9	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Élevé
10	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Élevé
11	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Élevé

IOA - Indicator of Attack (40)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Taper	Confiance
1	File	/ajax/GetInheritedProperties	predictive	Élevé
2	File	/MicroStrategyWS/happyaxis.jsp	predictive	Élevé
3	File	/web/google_analytics.php	predictive	Élevé
4	File	customize.php	predictive	Élevé
5	File	customprofile.php	predictive	Élevé
6	File	editAccount.html	predictive	Élevé
7	File	xxxxxxxxxxxxx.xxx	predictive	Élevé
8	File	xxxxxxxxxxxx.xxx	predictive	Élevé
9	File	xxx/xxxxxx.xxx	predictive	Élevé
10	File	xxxxx.xxx	predictive	Moyen
11	File	xxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxx	predictive	Élevé
12	File	xxxx_xxxx.xxx	predictive	Élevé
13	File	xxxxxx.x	predictive	Moyen
14	File	xxxxx.xxx	predictive	Moyen
15	File	xxxxx.xxx	predictive	Moyen
16	File	xxxxxx.xxx	predictive	Moyen
17	File	xxxxxxx.xxx	predictive	Moyen
18	File	xx_xxx_xxxx.xx	predictive	Élevé
19	File	xxxx-xxxxxx-xxx.xxx	predictive	Élevé
20	File	xxxxxxxx.xxx	predictive	Moyen
21	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	Élevé
22	File	xx-xxxxxxxx/xx-xxxxxxxxx.xxx	predictive	Élevé
23	Argument	xxx	predictive	Faible
24	Argument	xxxxxxxx	predictive	Moyen
25	Argument	xxxx_xx	predictive	Faible
26	Argument	xxxxxxxxxxx	predictive	Moyen
27	Argument	xxxxx	predictive	Faible
28	Argument	xx	predictive	Faible
29	Argument	xx_xxxxxxx	predictive	Moyen
30	Argument	xxxxxxxx	predictive	Moyen
31	Argument	xxxxx	predictive	Faible
32	Argument	xxxxxxxx	predictive	Moyen
33	Argument	xxxxxxxx	predictive	Moyen
34	Argument	xxxxxxxxxxx	predictive	Moyen
35	Argument	xxx	predictive	Faible
36	Argument	xxxxx	predictive	Faible
37	Argument	xxxxxxxxxx	predictive	Moyen
38	Argument	xxxxxxxx	predictive	Moyen
39	Argument	xxxx	predictive	Faible
40	Input Value	xxxx	predictive	Faible

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrécédentAperçuSuivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!