PakistanChatMessenger Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (322)

Язык

en	280
es	16
ja	12
ru	8
de	4

Страна

us	220
gb	6
nl	6
de	4
ru	2

Акторы

PakistanChatMessenger	3
Conti	2
Cobalt Strike	2
Lazarus	2
Ryuk	1

Интерес

Тип

Not Defined	116
Content Management System	34
Operating System	26
Smartphone Operating System	18
Multimedia Player Software	16

Поставщик

Not Defined	82
Apple	34
Adobe	22
SourceCodester	14
IBM	12

Продукт

Apple iOS	18
Adobe Flash Player	16
Apple Mac OS X	14
WordPress	8
Mahara	8

Уязвимости

#	Уязвимости	Base	Temp	0day	Сегодня	Э�	Rem	CTI	EPSS	CVE
1	Foxit PDF Reader exportXFAData Local Privilege Escalation	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00000	CVE-2023-27363
2	php-revista articulo.php sql-инъекция	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02	0.01900	CVE-2006-4608
3	SourceCodester Facebook News Feed Like Post эскалация привилегий	7.5	7.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.06	0.00091	CVE-2024-1027
4	Tongda OA 2017 delete.php sql-инъекция	6.9	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.18	0.00063	CVE-2023-6885
5	D-Link DAR-7000 workidajax.php sql-инъекция	6.9	6.8	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00063	CVE-2023-6581
6	Totolink X5000R cstecgi.cgi setWizardCfg эскалация привилегий	6.9	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.12	0.00138	CVE-2023-6612
7	SourceCodester Online Exam System GET Parameter updateCourse.php sql-инъекция	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00063	CVE-2023-2642
8	Simple File List Plugin ee-downloader.php обход каталога	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.42222	CVE-2022-1119
9	Quirm SAXON Error Message news.php раскрытие информации	5.3	4.6	$0-$5k	Расчет	Unproven	Official Fix	0.00	0.00796	CVE-2007-4861
10	DouPHP article.php межсайтовый скриптинг	4.1	4.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00046	CVE-2023-30205
11	Solidweb Novus notas.asp sql-инъекция	7.3	7.1	$0-$5k	Расчет	High	Unavailable	0.03	0.00079	CVE-2007-5123
12	Synacor Zimbra Webmail Subsystem upload эскалация привилегий	6.7	6.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	0.00466	CVE-2020-12846
13	IBM HTTP Server повреждение памяти	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	0.00359	CVE-2015-4947
14	WordPress WP_Query class-wp-query.php sql-инъекция	8.5	8.4	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.02	0.00318	CVE-2017-5611
15	Totolink LR1200GB Web Interface cstecgi.cgi loginAuth повреждение памяти	9.8	9.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00045	CVE-2024-1783
16	Tongda OA 2017 delete.php sql-инъекция	5.5	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00063	CVE-2024-1251
17	openBI Icon Screen.php uploadIcon эскалация привилегий	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00253	CVE-2024-1036
18	openBI File.php uploadFile эскалация привилегий	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.09	0.00063	CVE-2024-1034
19	openBI Setting.php dlfile эскалация привилегий	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00055	CVE-2024-1115
20	Totolink LR1200GB cstecgi.cgi setParentalRules повреждение памяти	9.1	8.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00084	CVE-2024-0574

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-адрес	Hostname	Актор	Identified	Тип	Уверенность
1	5.2.78.240		PakistanChatMessenger	31.05.2021	verified	Высокий
2	XX.XXX.XXX.XXX	xx-xxx-xxx.xxxxxxxx.xxxx	Xxxxxxxxxxxxxxxxxxxxx	31.05.2021	verified	Высокий
3	XXX.XXX.XX.XX		Xxxxxxxxxxxxxxxxxxxxx	31.05.2021	verified	Высокий
4	XXX.XX.XXX.XXX		Xxxxxxxxxxxxxxxxxxxxx	31.05.2021	verified	Высокий

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Уязвимости	Вектор доступа	Тип	Уверенность
1	T1006	CWE-22, CWE-24	Path Traversal	predictive	Высокий
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Высокий
3	T1059	CWE-94	Argument Injection	predictive	Высокий
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Высокий
5	T1068	CWE-264, CWE-269, CWE-284	Execution with Unnecessary Privileges	predictive	Высокий
6	TXXXX.XXX	CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Высокий
7	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Высокий
8	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Высокий
9	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Высокий
10	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Высокий
11	TXXXX.XXX	CWE-XXXX	Xxxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
12	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Высокий
13	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
14	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Высокий
15	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Высокий
16	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
17	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	Высокий
18	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Высокий
19	TXXXX.XXX	CWE-XX	Xxxxxxxxxxxxx	predictive	Высокий
20	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Высокий
21	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Высокий

IOA - Indicator of Attack (182)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Класс	Indicator	Тип	Уверенность
1	File	/admin/about-us.php	predictive	Высокий
2	File	/admin/article.php	predictive	Высокий
3	File	/admin/countrymanagement.php	predictive	Высокий
4	File	/admin/transactions/track_shipment.php	predictive	Высокий
5	File	/admin/user/manage_user.php	predictive	Высокий
6	File	/administration/settings_registration.php	predictive	Высокий
7	File	/ajax-files/postComment.php	predictive	Высокий
8	File	/application/index/controller/File.php	predictive	Высокий
9	File	/application/index/controller/Screen.php	predictive	Высокий
10	File	/application/websocket/controller/Setting.php	predictive	Высокий
11	File	/auth/auth.php?user=1	predictive	Высокий
12	File	/blog	predictive	Низкий
13	File	/categorypage.php	predictive	Высокий
14	File	/cgi-bin/cstecgi.cgi	predictive	Высокий
15	File	/cgi-bin/cstecgi.cgi?action=login	predictive	Высокий
16	File	/classes/Master.php	predictive	Высокий
17	File	/collection/all	predictive	Высокий
18	File	/general/email/outbox/delete.php	predictive	Высокий
19	File	/home.php	predictive	Средний
20	File	/list_temp_photo_pin_upload.php	predictive	Высокий
21	File	/login	predictive	Низкий
22	File	/nova/bin/detnet	predictive	Высокий
23	File	/print.php	predictive	Средний
24	File	/searchpin.php	predictive	Высокий
25	File	/xxxxxxx/xxxxxx	predictive	Высокий
26	File	/xxxxxxxx/xxxx/xxxxxxxx	predictive	Высокий
27	File	/xxxx_xxxxx_xxxxxxx.xxx	predictive	Высокий
28	File	/xxxx/xxx/xxxx	predictive	Высокий
29	File	/xxxx/xxx/xxxxxxxxxx.xxx	predictive	Высокий
30	File	/xxxx/xxxxxxx	predictive	Высокий
31	File	/xxxx/xxxxxx/xxxxxx	predictive	Высокий
32	File	/xxxx/?xxxx=xxxxxx_xxxxxxx	predictive	Высокий
33	File	xxxxx/xxxxxxx.xxx	predictive	Высокий
34	File	xxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxx	predictive	Высокий
35	File	xxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxx	predictive	Высокий
36	File	xxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxx.xxx	predictive	Высокий
37	File	xxxxxxxx.xxx	predictive	Средний
38	File	xxx_xxxxxxx.xxx	predictive	Высокий
39	File	xxxxxxx.xxx	predictive	Средний
40	File	xxxxx.xxx	predictive	Средний
41	File	xxxx/xxx_xxxxxx.x	predictive	Высокий
42	File	xxxx-xxx.xxx	predictive	Средний
43	File	xxxxxxxx.xxx	predictive	Средний
44	File	xxxxxxxxxx.xxx	predictive	Высокий
45	File	xxxxxxxxxx/xxxxxxx.xxxx	predictive	Высокий
46	File	xxxxxx/xxxx.x	predictive	Высокий
47	File	xxxxxx/xxx.x	predictive	Средний
48	File	xxx.xxx.xxxx	predictive	Средний
49	File	xxxxxxx.xxx	predictive	Средний
50	File	xxxxxx/xxxxx/xxxxxxx.x	predictive	Высокий
51	File	xxxxxxx.xxx	predictive	Средний
52	File	xxxxxx.xxx	predictive	Средний
53	File	xxxx_xxx.xxx	predictive	Средний
54	File	xxxxxxxxxx_xxxxxx.xxx	predictive	Высокий
55	File	xxxx.xxx	predictive	Средний
56	File	xxxxx_xxxxx.xxx	predictive	Высокий
57	File	xxxx_xxxxxxxx_xxxxxxxxx.x	predictive	Высокий
58	File	xxxxxxxxx.xxx	predictive	Высокий
59	File	xxxxxxx.xxx	predictive	Средний
60	File	xxxxxxx/xxxx/xxxxxx/xxxxxx.xxx	predictive	Высокий
61	File	xxx_xxxx.xxx	predictive	Средний
62	File	xxxxxx/xxxxx_xxxx_xxxxxxx	predictive	Высокий
63	File	xxxxx_xxxxxxxxx.xxx	predictive	Высокий
64	File	xxxx.xxxx.xxx	predictive	Высокий
65	File	xxxxxxxxxxx.x	predictive	Высокий
66	File	xxxxxx_xxxxxxx.xxxx	predictive	Высокий
67	File	xxxxxxxxxxxx.xxx	predictive	Высокий
68	File	xxx/xxxxx/xxxxx.xxxx.xxx	predictive	Высокий
69	File	xxxxxxxx/xxxxx-xxxxxxxxxx-xxxx.xxx	predictive	Высокий
70	File	xxxxx.xxx	predictive	Средний
71	File	xxxxx.xxx?xxxxxx=xxx&xxxxxx=xxxx&x=xxxxxx	predictive	Высокий
72	File	xxxxx/xxxxx.xxx	predictive	Высокий
73	File	x_xxxxxxxx_xxxxx	predictive	Высокий
74	File	xxxxxxxxxx/xxxx.x	predictive	Высокий
75	File	xxxxxxx/xxxxxxx.x	predictive	Высокий
76	File	xxxxx.xxx	predictive	Средний
77	File	xxxxxxxxxx.xxx	predictive	Высокий
78	File	xxxxxxxxxxxxxx.xxx	predictive	Высокий
79	File	xxxx/xxx_xxxxxxxxx.x	predictive	Высокий
80	File	xxxxxx_xxxxxx.xxx	predictive	Высокий
81	File	xxxxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxx/xxxxxx.xxx	predictive	Высокий
82	File	xx.xxxxxxxxxx.xxxx	predictive	Высокий
83	File	xxx/xxxx/xxx_xxxxxxxxx.x	predictive	Высокий
84	File	xxxx.xxx	predictive	Средний
85	File	xxxxx.xxx	predictive	Средний
86	File	xxxxxxxx-xxxxxxxx.xxx	predictive	Высокий
87	File	xxxxxx_xxxxxxxxxx_xxxxx.xxx	predictive	Высокий
88	File	xxxxx.xxx	predictive	Средний
89	File	xxxx.xxx	predictive	Средний
90	File	xxxxxx.xxx	predictive	Средний
91	File	xxxxxxxx/xxxxxx_xxxxxxxx.xxx	predictive	Высокий
92	File	xxxxxxxx.x	predictive	Средний
93	File	xxxx_xxxxxxx_xxxxxxx.xxx	predictive	Высокий
94	File	xxx/xxx.xxxxxxx/xxxxxxxx.xxx	predictive	Высокий
95	File	xxx/xxxx/xxxx/xxx/xxx/xxx/xxxxxxxxxx/xxxxxxxxxxxxxx.xxxx	predictive	Высокий
96	File	xxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxx	predictive	Высокий
97	File	xxxxx.x	predictive	Низкий
98	File	xx_xxxxxx.xxx	predictive	Высокий
99	File	xxxx.xxx	predictive	Средний
100	File	xx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxx	predictive	Высокий
101	File	xx-xxxxx/xxxxxx-xxxx.xxx	predictive	Высокий
102	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	Высокий
103	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	Высокий
104	File	xx-xxxxxxxx/xx-xxxxxxxxx.xxx	predictive	Высокий
105	File	xx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxx	predictive	Высокий
106	File	xx-xxxx.xxx	predictive	Средний
107	File	xxxx/xxxxxxx/xxxxxxxxxxxxxx	predictive	Высокий
108	File	~/xxxxxxxx/xx-xxxxxxxxxx.xxx	predictive	Высокий
109	Library	xxxxxxxx/xxxxxxx/xxx.xxx	predictive	Высокий
110	Library	xxxxxxxxxx.xxx	predictive	Высокий
111	Library	xxx/xxxxx.xxx	predictive	Высокий
112	Library	xxx/xxxxxx.xxx	predictive	Высокий
113	Library	xxx/xxxxxxxx.xx	predictive	Высокий
114	Library	xxx/xxxxxxxxxxxxxxxx.xxx	predictive	Высокий
115	Library	xxxx/xxxxxxxxxxxx/xxxxx/xxxxx.xx	predictive	Высокий
116	Argument	xxxxxxx	predictive	Низкий
117	Argument	xxxxxxxx	predictive	Средний
118	Argument	xxxxx	predictive	Низкий
119	Argument	xxx	predictive	Низкий
120	Argument	xxxxxxxx	predictive	Средний
121	Argument	xxx	predictive	Низкий
122	Argument	xxxxx	predictive	Низкий
123	Argument	xxxx_xx	predictive	Низкий
124	Argument	xxxxxxx	predictive	Низкий
125	Argument	xxxxxxx/xxxxxx	predictive	Высокий
126	Argument	xxxxxxx/xxxxxxxxxxx	predictive	Высокий
127	Argument	xxxxxxxxx=xxxx	predictive	Высокий
128	Argument	xxxxxx_xxx	predictive	Средний
129	Argument	xxx	predictive	Низкий
130	Argument	x_xxx	predictive	Низкий
131	Argument	xxxxxx	predictive	Низкий
132	Argument	xxxxxx	predictive	Низкий
133	Argument	xxxxx	predictive	Низкий
134	Argument	xxxx	predictive	Низкий
135	Argument	xxxxxxxx	predictive	Средний
136	Argument	xxxxx_xxxx	predictive	Средний
137	Argument	xxxx	predictive	Низкий
138	Argument	xx_xxxxxxxx	predictive	Средний
139	Argument	xxx	predictive	Низкий
140	Argument	xxxx_xxxx	predictive	Средний
141	Argument	xx	predictive	Низкий
142	Argument	xxxxx	predictive	Низкий
143	Argument	xx_xxxxxxxx	predictive	Средний
144	Argument	xx_xxxxx	predictive	Средний
145	Argument	x_xxxxxxxx	predictive	Средний
146	Argument	xxxxxxxx	predictive	Средний
147	Argument	xxxx x xxxx	predictive	Средний
148	Argument	xxxxxxx	predictive	Низкий
149	Argument	xxxx	predictive	Низкий
150	Argument	xxxx/xxxxxxx	predictive	Средний
151	Argument	xxx_xxxxxxxx	predictive	Средний
152	Argument	xxxxxx	predictive	Низкий
153	Argument	xxxx_xx	predictive	Низкий
154	Argument	xxxx	predictive	Низкий
155	Argument	xxxxxxx	predictive	Низкий
156	Argument	xxxxxxxx/xxxx/xxxxx/xxxx/xxxxxxxxx/xxxxxxxxxxxx/xx	predictive	Высокий
157	Argument	xxxxxxx	predictive	Низкий
158	Argument	xxx	predictive	Низкий
159	Argument	xxxxxxx_xxxxxxx	predictive	Высокий
160	Argument	xxxxxxxxxxxx	predictive	Средний
161	Argument	xxxxxxx_xxx	predictive	Средний
162	Argument	xxx	predictive	Низкий
163	Argument	xxx_xxxx	predictive	Средний
164	Argument	xxxxx	predictive	Низкий
165	Argument	xxxxx	predictive	Низкий
166	Argument	xxx	predictive	Низкий
167	Argument	xxxxxxx_xx	predictive	Средний
168	Argument	xxxx	predictive	Низкий
169	Argument	xxxxx	predictive	Низкий
170	Argument	xxxxx	predictive	Низкий
171	Argument	xxxxxx_xx	predictive	Средний
172	Argument	xxx	predictive	Низкий
173	Argument	xxxxxxxx	predictive	Средний
174	Input Value	"><xxx xxx=x xxxxxxx=xxxxxx(x)>	predictive	Высокий
175	Input Value	'"--></xxxxx></xxxxxx><xxxxxx>xxxxx(x)</xxxxxx>	predictive	Высокий
176	Input Value	' xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxxxx_xxxx xxxxx xx x)x) xxx 'xxxx'='xxxx	predictive	Высокий
177	Input Value	' xx 'x'='x	predictive	Средний
178	Input Value	../	predictive	Низкий
179	Input Value	<xxx xxx=x xxxxxxx=xxxxxx(x)>	predictive	Высокий
180	Input Value	xxx	predictive	Низкий
181	Network Port	xxx/xxxxx	predictive	Средний
182	Network Port	xxx xxxxxx xxxx	predictive	Высокий

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ ПредыдущийОбзорДалее ▸

Interested in the pricing of exploits?

See the underground prices here!