Pony Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (514)

Lang

en	508
de	4
es	2

Land

us	18
ru	4
it	2

Skådespelare

Pony	3
Agrius	1
Kuluoz	1

Intressera

Typ

Not Defined	138
Smartphone Operating System	54
Operating System	38
Web Browser	28
Content Management System	22

Säljare

Not Defined	146
Apple	46
Microsoft	40
Google	38
IBM	26

Produkt

Google Android	34
Microsoft Windows	22
Apple iOS	20
Mozilla Firefox	12
Apple macOS	10

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	DZCP deV!L`z Clanportal config.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.29	CVE-2010-0966
2	PHP Outburst Easynews admin.php minneskorruption	7.3	6.7	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.05921	0.02	CVE-2006-5412
3	Devilz Clanportal sql injektion	7.3	7.0	$0-$5k	$0-$5k	High	Official Fix	0.00684	0.08	CVE-2006-6339
4	Adobe Flash Player Display Object minneskorruption	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.01346	0.00	CVE-2017-3071
5	XmlMapper in the Data format Extension DTD XML External Entity	8.4	8.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00189	0.00	CVE-2016-7051
6	IBM Platform LSF Local Privilege Escalation	8.3	8.3	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00042	0.00	CVE-2017-1205
7	Faveo rolechangeadmin förfalskning på begäran över webbplatsen	6.1	5.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00401	0.00	CVE-2017-7571
8	Jasper jpc_tsfb.c jpc_tsfb_synthesize förnekande av tjänsten	6.4	5.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00306	0.00	CVE-2016-10248
9	Rapid7 Metasploit Framework Installer privilegier eskalering	6.5	6.3	$0-$5k	Beräknande	Not Defined	Official Fix	0.00063	0.00	CVE-2017-5235
10	Aruba AirWave XML External Entity	7.5	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00683	0.00	CVE-2016-8526
11	JustSystems Ichitaro Office Excel File minneskorruption	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00470	0.00	CVE-2017-2790
12	Facebook HHVM compact förnekande av tjänsten	7.5	7.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00283	0.00	CVE-2016-6873
13	HPE Smart Storage Administrator privilegier eskalering	8.8	7.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.17790	0.04	CVE-2016-8523
14	Intelliants Subrion CMS ia.core.users.php privilegier eskalering	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00314	0.02	CVE-2017-5543
15	Apple tvOS WebKit informationsgivning	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00375	0.04	CVE-2016-7598
16	Netgear R6250/R6400/R6700/R7000/R7100LG/R7300/R7900/R8000 URL förfalskning på begäran över webbplatsen	8.0	7.9	$5k-$25k	$0-$5k	High	Official Fix	0.97464	0.38	CVE-2016-6277
17	Tatsuya Kinoshita w3m minneskorruption	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00448	0.00	CVE-2016-9627
18	SPIP plonger.php cross site scripting	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00127	0.02	CVE-2016-9152
19	BlueZ Dump File packet.c l2cap_packet minneskorruption	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00310	0.02	CVE-2016-9802
20	dotCMS JSONTags Servlet sql injektion	8.8	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00446	0.02	CVE-2016-8905

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	46.161.1.172	free.gbnhost.com	Pony	05/04/2022	verified	Hög
2	66.175.212.25	66-175-212-25.ip.linodeusercontent.com	Pony	18/12/2023	verified	Hög
3	81.177.22.179	cl.hostlix.ru	Pony	05/04/2022	verified	Hög
4	XX.XX.XXX.XXX	xxxx-xx-xx-xxx-xxx.xxxxxx.xxxxxxxxxxxxx.xx	Xxxx	05/04/2022	verified	Hög
5	XX.XXX.XX.XXX	xxxx-xx-xxx.xxx.xxxxxxx.xx	Xxxx	05/04/2022	verified	Hög
6	XX.XX.XX.XX	xx.xxx-xx-xx-xx.xxxxxxxxx.xxxx-xxx.xxx	Xxxx	05/04/2022	verified	Hög
7	XX.XXX.XX.XX		Xxxx	05/04/2022	verified	Hög
8	XX.XXX.XXX.XX	xxxxxxxxx.xx	Xxxx	05/04/2022	verified	Hög
9	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxx.xxxxxxx.xxx	Xxxx	05/04/2022	verified	Hög
10	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxx.xxxxxxxx.xx	Xxxx	05/04/2022	verified	Hög
11	XXX.XX.XXX.XX		Xxxx	31/05/2023	verified	Hög
12	XXX.XXX.XXX.XX	xxxx-xxx-xx.xxx.xxxxxxx.xx	Xxxx	05/04/2022	verified	Hög

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1		CAPEC-10	CWE-19, CWE-20, CWE-99, CWE-119, CWE-125, CWE-134, CWE-189, CWE-190, CWE-287, CWE-345, CWE-346, CWE-352, CWE-361, CWE-369, CWE-384, CWE-388, CWE-399, CWE-400, CWE-404, CWE-416, CWE-417, CWE-441, CWE-476, CWE-502, CWE-610, CWE-611, CWE-674, CWE-787, CWE-843, CWE-862, CWE-863, CWE-918	Unknown Vulnerability	predictive	Hög
2	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	Hög
3	T1059	CAPEC-10	CWE-74, CWE-94, CWE-707	Argument Injection	predictive	Hög
4	T1059.007	CAPEC-10	CWE-74, CWE-79, CWE-80, CWE-707	Cross Site Scripting	predictive	Hög
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
6	TXXXX.XXX	CAPEC-0	CWE-XXX, CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	Hög
7	TXXXX.XXX	CAPEC-191	CWE-XXX, CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Hög
8	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XX, CWE-XXX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Hög
9	TXXXX	CAPEC-0	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Hög
10	TXXXX	CAPEC-0	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Hög
11	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxx Xxxxxxxxx	predictive	Hög
12	TXXXX	CAPEC-112	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
13	TXXXX	CAPEC-37	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
14	TXXXX	CAPEC-38	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Hög
15	TXXXX.XXX	CAPEC-114	CWE-XXX, CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
16	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
17	TXXXX	CAPEC-112	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Hög
18	TXXXX.XXX	CAPEC-0	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Hög

IOA - Indicator of Attack (187)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/admin/	predictive	Låg
2	File	/admin/featured.php	predictive	Hög
3	File	/admin/slider.php	predictive	Hög
4	File	/admin/users.php	predictive	Hög
5	File	/apiclient/ember/index.jsp	predictive	Hög
6	File	/category.php	predictive	Hög
7	File	/cgi/ansi	predictive	Medium
8	File	/dev/datum/	predictive	Medium
9	File	/getImage	predictive	Medium
10	File	/goform/	predictive	Medium
11	File	/holiday.php	predictive	Medium
12	File	/home/dna/spool/.pfile	predictive	Hög
13	File	/html/feed.php	predictive	Hög
14	File	/inc/campaign/view-campaign-list.php	predictive	Hög
15	File	/index.php	predictive	Medium
16	File	/install/index.php	predictive	Hög
17	File	/lists/index.php	predictive	Hög
18	File	/myAccount	predictive	Medium
19	File	/real-estate-script/search_property.php	predictive	Hög
20	File	/SAAS/WEB-INF	predictive	Hög
21	File	/searchpin.php	predictive	Hög
22	File	/xxxxxxx/xxxxxxxxx/%xxxxx%/xxxxx	predictive	Hög
23	File	/xxxxxxxxxxxx/xxxx_xxx_x.xxx	predictive	Hög
24	File	xxxxxxx/xxxxxx.xxx	predictive	Hög
25	File	xxxxx.xxx	predictive	Medium
26	File	xxxxx/xxxxx_xxxxxxx.xxx	predictive	Hög
27	File	xxxxx/xxxxxx.xxx	predictive	Hög
28	File	xxxxx_xxx_xxxx.xxx	predictive	Hög
29	File	xxxxxxxxxxx/xxxxxxx/xxxxxxxxxxx.xxx	predictive	Hög
30	File	xxxx\xxxxx\xxxxxxxxxx\xxxxxxx\xxxxxxxxxxxxxxxxx.xxx	predictive	Hög
31	File	xxx/xxxx/xxxx/xxxx_xxxxx_xxxx_xxxxx.x	predictive	Hög
32	File	xxxx/xxxxxx.x	predictive	Hög
33	File	xxxx/xxxxxxxxx.xxx	predictive	Hög
34	File	xxxxxx.x	predictive	Medium
35	File	xxxxxx_xx.x	predictive	Medium
36	File	xxx.xx	predictive	Låg
37	File	xxxxxxxx_xxxxxxxxx.xxx	predictive	Hög
38	File	xxxxxxxxxxxxxxxxx	predictive	Hög
39	File	xxx.xxx	predictive	Låg
40	File	xxxxxx/xxx.x	predictive	Medium
41	File	xxxxxx/xxx_xxxxxxx.x	predictive	Hög
42	File	xxxxxxxxx-xxxxxx-xxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx/xxxxxxxx_xxxx.xxx	predictive	Hög
43	File	xx-xxxxxxxx.x	predictive	Hög
44	File	xxx_xx_xxx.x	predictive	Medium
45	File	xxx_xx_xxxxxx.x	predictive	Hög
46	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Hög
47	File	xxxxxxx/xxxx/xxxxxx_xxxxxxx.x	predictive	Hög
48	File	xxxxxxx/xxx/xxx/xxx/xxx_xxx.x	predictive	Hög
49	File	xxxxxxx/xxx/xxxxxxxxxx/xxxxx.x	predictive	Hög
50	File	xxxxx_xxxx.x	predictive	Medium
51	File	xxxxxx/xxxx/xxxxxxx.xxx	predictive	Hög
52	File	xxxxxxx.xxx	predictive	Medium
53	File	xxxxxxx.x	predictive	Medium
54	File	xxxxxxxxxxxxx.xxx	predictive	Hög
55	File	xxxxx.x	predictive	Låg
56	File	xxx/xxxx/xxxx.x	predictive	Hög
57	File	xxxxxxx.x	predictive	Medium
58	File	xxxx/xxxxxx/xxxxxxxx/xxxx_x.xxx	predictive	Hög
59	File	xxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxx.xxx	predictive	Hög
60	File	xxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxxxxxx/xxxxxxxx_xxxxxxxxx.xxx	predictive	Hög
61	File	xxxxxxxxxxxxx.x	predictive	Hög
62	File	xxx-xxxxxx-xxx.x	predictive	Hög
63	File	xxx-xxxx/xxx/xxxx/xxxx-xxxxx.x	predictive	Hög
64	File	xxxxxxxxx.xxx	predictive	Hög
65	File	xx/xxxxxxx/xxxxxx_xxx.x	predictive	Hög
66	File	xxx.xxx	predictive	Låg
67	File	xxxxxx-xxx.x	predictive	Medium
68	File	xxxxxx-xxxx.x	predictive	Hög
69	File	xxx/xxxxxx.xxx	predictive	Hög
70	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Hög
71	File	xxxxxxxx/xxxxxxx/xx.xxxx.xxxxx.xxx	predictive	Hög
72	File	xxxxx.xxx	predictive	Medium
73	File	xxxxxxx/xxxxx.xxx	predictive	Hög
74	File	xxxx/x_xxxxxxxxxxxx.x	predictive	Hög
75	File	xxxxx_xxxxxxx.x	predictive	Hög
76	File	xxx_xxxx.x	predictive	Medium
77	File	xxxxxx/xxxxxx/xxxx.x	predictive	Hög
78	File	xxxx/xxxxxx.xxx	predictive	Hög
79	File	xxxxxx/xxxxxxxx.xx	predictive	Hög
80	File	xxxxx/xxxxxxx.x	predictive	Hög
81	File	xxxxxxxxx/xxx/xxx_xxx.x	predictive	Hög
82	File	xxxxxxxx.xx	predictive	Medium
83	File	xxxx/xxx/x/xxx_xxxxxx.x	predictive	Hög
84	File	xxxx/xxx/x/xxx_xxxx.x	predictive	Hög
85	File	xxxxxxx/xxx_xxxxx.x	predictive	Hög
86	File	xxxxxxxxxxxxxxxxxx.xxx	predictive	Hög
87	File	xxx_xxxxx_xxx.xxx	predictive	Hög
88	File	xxxxxx/xxxxxx.x	predictive	Hög
89	File	xxxxxx/xxx-xxxx.x	predictive	Hög
90	File	xxxxxx.xx	predictive	Medium
91	File	xxxxxxx.x	predictive	Medium
92	File	xxxxxxx/xxxxxx.x	predictive	Hög
93	File	xxx/xxx_xxxxxx/xxx_xxxxxx_xxxxxx.x	predictive	Hög
94	File	xxx/xxxx/xxxx.x	predictive	Hög
95	File	xxx/xxxxxx/xx_xxxxxx.x	predictive	Hög
96	File	xxxxxxxxx.x	predictive	Medium
97	File	xxxxxxxx.xxx	predictive	Medium
98	File	xxxxxx.x	predictive	Medium
99	File	xxxxxxx.xxx	predictive	Medium
100	File	xxxxx-xxxxx.x	predictive	Hög
101	File	xxxxx-xxx.x	predictive	Medium
102	File	xxxxxx/xxxxxxxxxxxxxxx	predictive	Hög
103	File	xxxxxxx/xxxxxx:xx.x.x	predictive	Hög
104	File	xxxxxxxx.xxx	predictive	Medium
105	File	xxxxxxxx_xxxx.xxx	predictive	Hög
106	File	xxxx-xxx/xxxxxxxx.xxx	predictive	Hög
107	File	xxxxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Hög
108	File	xxxxx/xxxxxxx/xxxxx/xxxxxx.xxx	predictive	Hög
109	File	xxxxxx_xxxxxxx-xxxxxx/xxxxxxxx/xxxxxxx/xxxxxx_xxxxxxxx.xxx	predictive	Hög
110	File	xxx_xxx.x	predictive	Medium
111	File	xxx_xxxxxxxx.x	predictive	Hög
112	File	xxxx-xxxxxxxx.xxx	predictive	Hög
113	File	xxxxx/xxxxxx/xxx.x	predictive	Hög
114	File	xxxxx/xxxxxx/xxxxx.x	predictive	Hög
115	File	xxxxx/xxxxxxxx.x	predictive	Hög
116	File	xxxxxx.xxx	predictive	Medium
117	File	xxxxxxxxxxx-xxxxxx/xxx/xxxxx/xxxx.xxx	predictive	Hög
118	File	xx-xxxxx.xxx	predictive	Medium
119	File	xxxx/xxxxx	predictive	Medium
120	File	xxxx.xx	predictive	Låg
121	File	xxxxxxxxxx-xxxxxx/xxx/xxxxx/xxxxxxx/xxxxx/xx/xxxxxxxxx.xx.xxx	predictive	Hög
122	Library	/xxx/xxx/xxxx/	predictive	Hög
123	Library	xxxxx.xxx	predictive	Medium
124	Library	xxx/xxx/xxxxxxx/xxxxxxx/xxxxx.xxxxxxx.xxx	predictive	Hög
125	Library	xxxxxxxx.xxx	predictive	Medium
126	Library	xxxxxx.xxx	predictive	Medium
127	Argument	$xxxx['xxx']	predictive	Medium
128	Argument	--xx xxx	predictive	Medium
129	Argument	xxxxxx	predictive	Låg
130	Argument	xxxxxxxxx	predictive	Medium
131	Argument	xxxxxxxxxxxx	predictive	Medium
132	Argument	xxxxxxxx	predictive	Medium
133	Argument	xxxxxxx	predictive	Låg
134	Argument	xxxxx	predictive	Låg
135	Argument	xxxxx_xx	predictive	Medium
136	Argument	xxxx	predictive	Låg
137	Argument	xxxxxxxx/xxxx/xxx/xxxxxxxxxxx/xxxxx	predictive	Hög
138	Argument	xxxxxx_xxx	predictive	Medium
139	Argument	xxxxxx.xxxx[]/xxxxxx.xxxxx[]	predictive	Hög
140	Argument	xxxxxxxxxxx	predictive	Medium
141	Argument	xx_xxxxx_xx	predictive	Medium
142	Argument	xxxx	predictive	Låg
143	Argument	xxxxxxxx	predictive	Medium
144	Argument	xxxxxxxx	predictive	Medium
145	Argument	xxxxxx[xxxxx][xxxxx][x][xxx]	predictive	Hög
146	Argument	xxx->xxx	predictive	Medium
147	Argument	xxx	predictive	Låg
148	Argument	xxxx	predictive	Låg
149	Argument	xx	predictive	Låg
150	Argument	xxxxxxxxxx	predictive	Medium
151	Argument	xxxxx_xxx	predictive	Medium
152	Argument	xxxx	predictive	Låg
153	Argument	xxx_xxx:xxxxxx	predictive	Hög
154	Argument	xxxxx_xx	predictive	Medium
155	Argument	xxxxx	predictive	Låg
156	Argument	xxxxxxxx	predictive	Medium
157	Argument	xxxxxxxxxxxxxx	predictive	Hög
158	Argument	xxxxxxxx_xxx	predictive	Medium
159	Argument	xxx	predictive	Låg
160	Argument	xxxxxxx	predictive	Låg
161	Argument	xxxxxxx	predictive	Låg
162	Argument	xxxxxxxxxxx	predictive	Medium
163	Argument	xx	predictive	Låg
164	Argument	xxxxxxx	predictive	Låg
165	Argument	xxxx	predictive	Låg
166	Argument	xxxxx_xxxx/xxxxx_xxxxxx/xxx_xxxx/xxx_xxxxxx/xxxxxxxx	predictive	Hög
167	Argument	xxxxxxxxxxxx	predictive	Medium
168	Argument	xxxxxxxx	predictive	Medium
169	Argument	xxxxxxxx	predictive	Medium
170	Argument	xxxxxxxx/xxxx	predictive	Hög
171	Argument	xxxxxxxx	predictive	Medium
172	Argument	xxxxxxxx/xxxxxxx_xxxx	predictive	Hög
173	Argument	xxxxxxxx/xxxxxxxx	predictive	Hög
174	Input Value	"><xxx xxx=x xxxxxxx=xxxxxx(x)>	predictive	Hög
175	Input Value	'xx''='	predictive	Låg
176	Input Value	-x+xxxxx+xxxxxx+x,x,xxxxxxx()	predictive	Hög
177	Input Value	..\/	predictive	Låg
178	Input Value	/xxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxx/x&xxxx;)"%xxxxxxxxx=xxxxx('xxx');%xxxxxxxxxxx%xxx='/xxxxxxxxx/xxxxxxxxxx/xxxxxxxxxx	predictive	Hög
179	Input Value	xxxx	predictive	Låg
180	Input Value	;[xxxxxxx]	predictive	Medium
181	Input Value	xxxx	predictive	Låg
182	Input Value	xxxxx!	predictive	Låg
183	Input Value	[\x]*	predictive	Låg
184	Network Port	xx	predictive	Låg
185	Network Port	xxxx	predictive	Låg
186	Network Port	xxx/xxxx	predictive	Medium
187	Network Port	xxx/xxxxx	predictive	Medium

Referenser (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Interested in the pricing of exploits?

See the underground prices here!