KingMiner Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (320)

Lang

en	222
de	90
es	4
pl	4

Land

us	288
es	4

Skådespelare

KingMiner	2
PLEASE_READ_ME_VVV	1
IRCflu and Interplanetary Storm	1
BianLian	1
Nanocore RAT	1

Intressera

Typ

Not Defined	36
Forum Software	14
Content Management System	6
Web Server	4
Router Operating System	2

Säljare

Not Defined	12
Microsoft	8
Zoho ManageEngine	4
MediaTek	2
Igniterealtime	2

Produkt

Microsoft IIS	4
MediaTek AWUS036NH	2
Igniterealtime Openfire	2
MGB OpenSource Guestbook	2
Jelsoft vBulletin	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash informationsgivning	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	DZCP deV!L`z Clanportal config.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.55	CVE-2010-0966
3	TikiWiki tiki-register.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01009	0.80	CVE-2006-6168
4	FreeBSD FPU x87 Register informationsgivning	4.0	3.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00000	0.00
5	Russcom Network Loginphp register.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00677	0.02	CVE-2006-2160
6	Jelsoft vBulletin register.php förnekande av tjänsten	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01562	0.00	CVE-2006-4272
7	CONTROLzx HMS register_domain.php cross site scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.00
8	Ultimate PHP Board register.php okänd sårbarhet	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00317	0.00	CVE-2006-3206
9	SloughFlash SF-Users register.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00587	0.00	CVE-2006-2167
10	Linux Kernel FXSAVE x87 Register svag kryptering	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00101	0.05	CVE-2006-1056
11	X7 Group X7 Chat register.php cross site scripting	4.3	3.9	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00615	0.02	CVE-2006-2282
12	Kailash Nadh boastMachine Admin Interface register.php cross site scripting	4.3	3.8	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00807	0.02	CVE-2006-3826
13	GeoClassifieds Enterprise register.php cross site scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.02
14	PhotoPost PHP register.php privilegier eskalering	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.02
15	Tritanium Bulletin Board register.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00677	0.03	CVE-2006-1815
16	Free File Hosting register.php privilegier eskalering	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.04
17	Wired Community Software WWWThreads register.php sql injektion	6.5	6.2	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00471	0.02	CVE-2006-1958
18	aWebBB register.php cross site scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02676	0.00	CVE-2006-1612
19	TheWebForum register.php cross site scripting	4.3	4.2	$0-$5k	$0-$5k	High	Unavailable	0.58849	0.00	CVE-2006-0134
20	Jadu Limited Jadu CMS register.php cross site scripting	5.4	5.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00677	0.02	CVE-2006-2305

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	95.179.131.54	95.179.131.54.vultr.com	KingMiner	31/05/2021	verified	Medium
2	107.154.161.209	107.154.161.209.ip.incapdns.net	KingMiner	31/05/2021	verified	Hög
3	XXX.XXX.XX.XXX		Xxxxxxxxx	31/05/2021	verified	Hög
4	XXX.XX.XX.XXX		Xxxxxxxxx	31/05/2021	verified	Hög
5	XXX.XXX.XXX.XXX		Xxxxxxxxx	31/05/2021	verified	Hög
6	XXX.XXX.XXX.XXX		Xxxxxxxxx	31/05/2021	verified	Hög
7	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xxxxx.xxx	Xxxxxxxxx	31/05/2021	verified	Medium

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1006	CWE-22, CWE-23	Path Traversal	predictive	Hög
2	T1059	CWE-94	Argument Injection	predictive	Hög
3	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Hög
4	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
5	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Hög
6	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Hög
7	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
8	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
9	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Hög
10	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (57)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/admin/config/uploadicon.php	predictive	Hög
2	File	/api/addusers	predictive	Hög
3	File	/inquiries/view_inquiry.php	predictive	Hög
4	File	/uncpath/	predictive	Medium
5	File	apply.cgi	predictive	Medium
6	File	booking.php	predictive	Medium
7	File	browse-category.php	predictive	Hög
8	File	data/gbconfiguration.dat	predictive	Hög
9	File	editprofile.php	predictive	Hög
10	File	xxxxx.xxx	predictive	Medium
11	File	xxxxxxxxxxxx.xxx	predictive	Hög
12	File	xxxx.xxx	predictive	Medium
13	File	xxx/xxxxxx.xxx	predictive	Hög
14	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Hög
15	File	xxxxx.xxx	predictive	Medium
16	File	xxxxx.xxx	predictive	Medium
17	File	xxxxx.xxx	predictive	Medium
18	File	xxxxxxx.xxx	predictive	Medium
19	File	xxxx_xxxxxxx.xxx	predictive	Hög
20	File	xxxxx_xxx.xxx	predictive	Hög
21	File	xxxxxxxx.xxxx	predictive	Hög
22	File	xxxxxxxx.xxx	predictive	Medium
23	File	xxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxx	predictive	Hög
24	File	xxxxxxxx_xxxxxx.xxx	predictive	Hög
25	File	xxxxxxx/xxxxxxxx.xxx	predictive	Hög
26	File	xxxxx.xxx	predictive	Medium
27	File	xxxx-xxxxxxxx.xxx	predictive	Hög
28	File	xxxxx_xxxxxx.xxx	predictive	Hög
29	File	xxxx.xx	predictive	Låg
30	Argument	xx_xxxx_xxxx	predictive	Medium
31	Argument	xxxxxxxxx	predictive	Medium
32	Argument	xxxxxx	predictive	Låg
33	Argument	xxxxxxxx	predictive	Medium
34	Argument	xxx	predictive	Låg
35	Argument	x[xxxxx]	predictive	Medium
36	Argument	xxxxxxxx	predictive	Medium
37	Argument	xxxxxxx=xxxxxxxx	predictive	Hög
38	Argument	xxxx	predictive	Låg
39	Argument	xxxxxxxx	predictive	Medium
40	Argument	xxxxxxxxxx	predictive	Medium
41	Argument	xx	predictive	Låg
42	Argument	xxxxxxx_xxxx	predictive	Medium
43	Argument	xxxxxxxx	predictive	Medium
44	Argument	xxxxx	predictive	Låg
45	Argument	xxxx_xxxxx	predictive	Medium
46	Argument	xxxxxxx_xxx	predictive	Medium
47	Argument	xx_xxxx	predictive	Låg
48	Argument	xxxxxx	predictive	Låg
49	Argument	xxx	predictive	Låg
50	Argument	xxx	predictive	Låg
51	Argument	xxxxxx	predictive	Låg
52	Argument	xxxxxxx	predictive	Låg
53	Argument	xxxxx	predictive	Låg
54	Argument	xxxxx	predictive	Låg
55	Argument	xxxxxxxx	predictive	Medium
56	Argument	xxx	predictive	Låg
57	Pattern	\|xx\|	predictive	Låg

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Interested in the pricing of exploits?

See the underground prices here!