Handymanny Analisi

IOB - Indicator of Behavior (86)

Sequenza temporale

Linguaggio

en76
ru6
sv2
fr2

Nazione

us24
ru16
me10
pl4
cn2

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

FFmpeg4
Netmaker2
ThinkPHP2
Email Subscribers 2
Newsletters2

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash rivelazione di un 'informazione5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2Linux Kernel Netfilter nf_conntrack_irc.c nf_conntrack_irc Remote Code Execution6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00207CVE-2022-2663
3systemd unit-name.c alloca denial of service6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00044CVE-2021-33910
4Citrix NetScaler ADC/NetScaler Gateway escalazione di privilegi9.89.6$25k-$100k$5k-$25kHighOfficial Fix0.000.91186CVE-2023-3519
5HoYoVerse Genshin Impact Anti-Cheat Driver Function Call mhyprot2.sys Privilege Escalation7.77.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00177CVE-2020-36603
6SourceCodester Free and Open Source Inventory Management System edit_product.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00061CVE-2023-7155
7Totolink X2000R Gh formPasswordSetup buffer overflow7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00082CVE-2023-51135
8Netmaker DNS crittografia debole6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00060CVE-2023-32077
9code-projects Water Billing System addbill.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00063CVE-2023-7097
10Gordon Böhme and Antonio Leutsch Structured Content wpsc Plugin cross site scripting5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00045CVE-2023-49820
11Manage Notification E-mails Plugin escalazione di privilegi6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.050.00052CVE-2023-6496
12Unisoc S8000 Wifi Service buffer overflow5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00042CVE-2022-48464
13Unisoc S8000 Telephony Service rivelazione di un 'informazione4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00042CVE-2023-42715
14Apache DolphinScheduler rivelazione di un 'informazione5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00056CVE-2023-48796
15Concrete CMS File Creation Mkdir escalazione di privilegi8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00068CVE-2023-48648
16FFmpeg evc_ps.c ref_pic_list_struct buffer overflow6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00140CVE-2023-47470
17mooSocial mooDating URL ajax_invite cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00235CVE-2023-3845
18WP Discord Invite Plugin Setting cross site request forgery4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00107CVE-2023-5006
19Samsung Exynos Auto T5123 RLC Module buffer overflow6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00046CVE-2023-41112
20Huawei EMUI QMI Service Module buffer overflow6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00046CVE-2023-46772

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDindirizzo IPHostnameAttoreCampagneIdentifiedGenereFiducia
1185.112.82.89server-185-112-82-89.creanova.orgHandymanny11/02/2022verifiedAlto
2XXX.XXX.XX.XXXXxxxxxxxxx11/02/2022verifiedAlto

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CWE-22Path TraversalpredictiveAlto
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CWE-94Argument InjectionpredictiveAlto
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
7TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
8TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
9TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
10TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
11TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
12TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (61)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/addbill.phppredictiveMedia
2File/ample/app/action/edit_product.phppredictiveAlto
3File/cfgpredictiveBasso
4File/conf/predictiveBasso
5File/controller/AdminController.phppredictiveAlto
6File/etc/quantum/quantum.confpredictiveAlto
7File/friends/ajax_invitepredictiveAlto
8File/xxxxx.xxxpredictiveMedia
9File/xxxxxxxxxxx/xxxxx/xxxxxxxx_xxxx.xxxpredictiveAlto
10File/xxxxxxxxxxx/xxxxx/xxxxxxxx_xxxx.xxxpredictiveAlto
11File/xxxxx/xxxxxx.xxxpredictiveAlto
12Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveAlto
13Filexxxxx/xxxx.xxxpredictiveAlto
14Filexxxx.xxxpredictiveMedia
15Filexxx_xxxxx.xxxpredictiveAlto
16Filexx/xxxxxx_xxx.xxxpredictiveAlto
17Filexxxxx/xxxx-xxxx.xpredictiveAlto
18Filexxxxxxxx.xxxpredictiveMedia
19Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
20Filexxxx_xxxx.xpredictiveMedia
21Filexxxxx.xxxpredictiveMedia
22Filexxxxxx/xxxxxx/xxxx.xpredictiveAlto
23Filexxxxxxxxxx/xxx_xx.xpredictiveAlto
24Filexxxxxxxxxxx/xxxxxxx.xpredictiveAlto
25Filexxxxxxxx.xxxpredictiveMedia
26Filexxx_xxxxx_xxxxx.xpredictiveAlto
27Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxx.xpredictiveAlto
28Filexxx/xxxxx.xxxxpredictiveAlto
29Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveAlto
30Filexxxxxxxx.xxxpredictiveMedia
31Filexxxxxxxxx-xxxxxxxxxxxx-xxx/xxxx/xxxxx-xxxx.xxxpredictiveAlto
32Filexxx/xxxxxxx.xpredictiveAlto
33Filexxxxxx.xpredictiveMedia
34Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx-xxxxx.xxxpredictiveAlto
35Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveAlto
36Libraryxxxxxxxx.xxxpredictiveMedia
37ArgumentxxxpredictiveBasso
38Argumentxxxxx[]predictiveBasso
39Argumentxxxxxx_xxxxxxxxxxpredictiveAlto
40ArgumentxxxxxxpredictiveBasso
41ArgumentxxxpredictiveBasso
42ArgumentxxxpredictiveBasso
43ArgumentxxxxxxxxpredictiveMedia
44ArgumentxxpredictiveBasso
45ArgumentxxpredictiveBasso
46ArgumentxxxxxpredictiveBasso
47Argumentxxxxxx_xxpredictiveMedia
48ArgumentxxxpredictiveBasso
49ArgumentxxxxxxxxxpredictiveMedia
50Argumentx[]predictiveBasso
51Argumentxxxxxxx[]predictiveMedia
52ArgumentxxxpredictiveBasso
53ArgumentxxxxxxxxpredictiveMedia
54Argumentxxxxxxxx/xxxxpredictiveAlto
55Argument_xxxxx_xxxxxxx_xxxxxxxxx_xxxxxxx-xxxpredictiveAlto
56Input Value..predictiveBasso
57Input Value../predictiveBasso
58Input Valuex+xxxxx+xxxxxx+x,xxxxxxx,xxxxxxxxxxx+xxxx+xxxxx#predictiveAlto
59Input Valuexxx=/&xxxpredictiveMedia
60Input ValuexxxpredictiveBasso
61Network Portxxx/xxxxxpredictiveMedia

Referenze (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!