Qrypter Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (123)

Tidslinje

Lang

en124

Land

us82
cn2

Skådespelare

Adwind1
Qrypter1
Remcos1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined48
Firewall Software16
Document Reader Software8
Content Management System6
Web Browser6

Säljare

Not Defined36
Cisco16
2daybiz8
Adobe8
Google6

Produkt

Cisco ASA 558016
Adobe Acrobat Reader8
Google Chrome6
Trevor Mckay Cumin6
2daybiz Multi Level Marketing Software4

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1auth0.js Password informationsgivning3.83.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000630.00CVE-2020-5263
2LearnDash Plugin sql injektion8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.001380.02CVE-2020-6009
3cPanel Script privilegier eskalering5.34.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.03
4WordPress Multisite API ms-functions.php svag kryptering7.47.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.006570.00CVE-2017-5493
5D-Link DWR-932B Telnet/SSH Service svag autentisering9.89.6$5k-$25k$0-$5kNot DefinedWorkaround0.510040.01CVE-2016-10177
6JetBrains Space Password Authentication svag autentisering8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.003090.00CVE-2020-11796
7PrestaShop AdminFeatures Page Reflected cross site scripting4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2020-5269
8PrestaShop Product Attributes Page privilegier eskalering4.13.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.00CVE-2020-5288
9IBM Maximo Asset Management Web UI cross site scripting4.74.7$5k-$25k$0-$5kNot DefinedNot Defined0.000500.00CVE-2019-4749
10OpenMRS login.htm privilegier eskalering5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001050.00CVE-2020-5728
11IBM MQ informationsgivning3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.000420.03CVE-2020-4338
12Schneider Electric TriStation 1131 informationsgivning6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001710.00CVE-2020-7483
13Google Android rw_t2t_ndef.cc rw_t2t_extract_default_locks_info minneskorruption8.58.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001020.00CVE-2020-0071
14IBM UrbanCode Deploy Permission informationsgivning3.13.1$5k-$25k$0-$5kNot DefinedNot Defined0.000500.04CVE-2020-4260
15ClearPass Stored cross site scripting3.63.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.04CVE-2020-7110
16LG Mobile Device GPS okänd sårbarhet5.55.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000440.00CVE-2019-20784
17IBM MQ Error förnekande av tjänsten4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.000840.00CVE-2019-4762
18Netgear WAC510 Stored cross site scripting4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2019-20742
19iCatch DVR privilegier eskalering7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001040.03CVE-2020-10514
20Cisco UCS Director/UCS Director Express for Big Data REST API privilegier eskalering8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.967560.00CVE-2020-3250

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
1178.175.138.211178-175-138-211.static.as43289.netQrypter31/05/2021verifiedHög

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassSårbarheterÅtkomstvektorTypFörtroende
1CAPEC-10CWE-17, CWE-20, CWE-59, CWE-61, CWE-119, CWE-134, CWE-189, CWE-190, CWE-266, CWE-285, CWE-287, CWE-352, CWE-362, CWE-363, CWE-384, CWE-399, CWE-404, CWE-502, CWE-710, CWE-787, CWE-824, CWE-862, CWE-863, CWE-908, CWE-939Unknown VulnerabilitypredictiveHög
2T1006CAPEC-126CWE-22Path TraversalpredictiveHög
3T1055CAPEC-10CWE-74, CWE-707Improper Neutralization of Data within XPath ExpressionspredictiveHög
4TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxxx XxxxxxxxxpredictiveHög
5TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx XxxxxxxxxpredictiveHög
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
7TXXXX.XXXCAPEC-191CWE-XXX, CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHög
8TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHög
9TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxx XxxxxxxxxpredictiveHög
10TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHög
11TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
12TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (40)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/ajax/GetInheritedPropertiespredictiveHög
2File/MicroStrategyWS/happyaxis.jsppredictiveHög
3File/web/google_analytics.phppredictiveHög
4Filecustomize.phppredictiveHög
5Filecustomprofile.phppredictiveHög
6FileeditAccount.htmlpredictiveHög
7Filexxxxxxxxxxxxx.xxxpredictiveHög
8Filexxxxxxxxxxxx.xxxpredictiveHög
9Filexxx/xxxxxx.xxxpredictiveHög
10Filexxxxx.xxxpredictiveMedium
11Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHög
12Filexxxx_xxxx.xxxpredictiveHög
13Filexxxxxx.xpredictiveMedium
14Filexxxxx.xxxpredictiveMedium
15Filexxxxx.xxxpredictiveMedium
16Filexxxxxx.xxxpredictiveMedium
17Filexxxxxxx.xxxpredictiveMedium
18Filexx_xxx_xxxx.xxpredictiveHög
19Filexxxx-xxxxxx-xxx.xxxpredictiveHög
20Filexxxxxxxx.xxxpredictiveMedium
21Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHög
22Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveHög
23ArgumentxxxpredictiveLåg
24ArgumentxxxxxxxxpredictiveMedium
25Argumentxxxx_xxpredictiveLåg
26ArgumentxxxxxxxxxxxpredictiveMedium
27ArgumentxxxxxpredictiveLåg
28ArgumentxxpredictiveLåg
29Argumentxx_xxxxxxxpredictiveMedium
30ArgumentxxxxxxxxpredictiveMedium
31ArgumentxxxxxpredictiveLåg
32ArgumentxxxxxxxxpredictiveMedium
33ArgumentxxxxxxxxpredictiveMedium
34ArgumentxxxxxxxxxxxpredictiveMedium
35ArgumentxxxpredictiveLåg
36ArgumentxxxxxpredictiveLåg
37ArgumentxxxxxxxxxxpredictiveMedium
38ArgumentxxxxxxxxpredictiveMedium
39ArgumentxxxxpredictiveLåg
40Input ValuexxxxpredictiveLåg

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Do you need the next level of professionalism?

Upgrade your account now!