Djvu Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (331)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en316
es8
fr4
it2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us326
ar4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Rhadamanthys2
Djvu2
AgentTesla1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Operating System62
Not Defined58
Web Browser20
Smartphone Operating System16
Firewall Software14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined74
Microsoft62
Cisco24
Linux24
IBM18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows36
Linux Kernel24
ImageMagick10
Google Android10
F5 BIG-IP8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft .NET Framework Code Access Security cryptographic issues9.89.8$5k-$25k$0-$5kNot DefinedNot Defined0.001630.11CVE-2008-5100
2Microsoft .NET Framework Username Parser access control8.87.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.964180.06CVE-2011-3416
3Cisco Wireless LAN Controller IPv6 UDP Ingress input validation6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.003560.00CVE-2016-9219
4Cisco Mobility Express 2800/Mobility Express 3800 802.11 Ingress Packet resource management4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.06CVE-2016-9220
5Cisco Mobility Express 2800/Mobility Express 3800 802.11 Ingress Connection Authentication resource management4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000550.02CVE-2016-9221
6Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.14CVE-2017-0055
7Google Chrome Index DB use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002380.00CVE-2022-1853
8Microsoft Windows Malware Protection Service memory corruption8.87.9$100k and more$0-$5kProof-of-ConceptOfficial Fix0.945260.00CVE-2017-0290
9PHP unserialize use after free7.36.4$25k-$100k$0-$5kUnprovenOfficial Fix0.000000.03
10Linux Kernel UDP Packet udp.c security check8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.048370.03CVE-2016-10229
11WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.003180.04CVE-2017-5611
12Mozilla Focus Javascript URI cross site scripting4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.06CVE-2024-1563
13Exim Configuration File access control8.48.0$0-$5k$0-$5kHighOfficial Fix0.001210.00CVE-2010-4345
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.40CVE-2020-12440
15AngularJS merge input validation7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.001150.05CVE-2019-10768
16Icewarp WebMail Server Object Note cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000740.04CVE-2019-19266
17AXIS IP Camera Access Control access control8.58.2$0-$5k$0-$5kHighOfficial Fix0.105400.05CVE-2018-10661
18Samsung Galaxy OMACP Message Config 7pk error7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001150.05CVE-2016-7991
19Apache CXF Fediz Plugins cross-site request forgery6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.001450.00CVE-2017-7661
20Cisco Snort++ Protocol Decoder resource management7.16.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.001180.02CVE-2017-6657

IOC - Indicator of Compromise (22)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.180.10.7Djvu05/30/2023verifiedHigh
249.12.115.154static.154.115.12.49.clients.your-server.deDjvu05/30/2023verifiedHigh
358.235.189.192Djvu05/30/2023verifiedHigh
495.158.162.200Djvu05/30/2023verifiedHigh
5116.202.7.239static.239.7.202.116.clients.your-server.deDjvu05/30/2023verifiedHigh
6XXX.XXX.XXX.XXXXxxx05/30/2023verifiedHigh
7XXX.XXX.XXX.XXXxxx05/30/2023verifiedHigh
8XXX.X.XXX.XXXxxxxxxxxxxx-xxx.xxxxxxxx.xxx-xxxxxxx.xxxXxxx05/30/2023verifiedHigh
9XXX.XXX.XX.XXXXxxx05/30/2023verifiedHigh
10XXX.XXX.XXX.XXxxx05/30/2023verifiedHigh
11XXX.XXX.XXX.XXXxxx05/30/2023verifiedHigh
12XXX.XXX.XX.XXXxxx05/30/2023verifiedHigh
13XXX.XXX.XX.XXXxxx-xxx-xxx-xx-xxx-xxx.xxxx-xxxxxxxxx.xxx.xxXxxx05/30/2023verifiedHigh
14XXX.XXX.XX.XXxxx05/30/2023verifiedHigh
15XXX.XXX.XXX.XXXxxx-xxxxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxx05/30/2023verifiedHigh
16XXX.XXX.XX.Xxxxxx.xxx-xxx-xx.xxxxxxx.xxx.xxXxxx05/30/2023verifiedHigh
17XXX.XXX.XX.XXXxxx-xxx-xxx-xx-xxx-xxx.xxxx-xxxxxxxxx.xxx.xxXxxx05/30/2023verifiedHigh
18XXX.XXX.XX.XXXxxx05/30/2023verifiedHigh
19XXX.XX.XX.XXXXxxx05/30/2023verifiedHigh
20XXX.XX.XX.XXXxxx05/30/2023verifiedHigh
21XXX.XXX.XX.XXXXxxx05/30/2023verifiedHigh
22XXX.XXX.XXX.XXXXxxx05/30/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
11TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
13TXXXX.XXXCAPEC-459CWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-112CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
17TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (119)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/kerbynetpredictiveHigh
2File/cgi-bin/supervisor/CloudSetup.cgipredictiveHigh
3File/domain/addpredictiveMedium
4File/etc/sudoerspredictiveMedium
5File/index.php/weblinks-categoriespredictiveHigh
6File/plainpredictiveLow
7File/show_group_members.phppredictiveHigh
8File/uncpath/predictiveMedium
9File/web/google_analytics.phppredictiveHigh
10Filearchive_endian.hpredictiveHigh
11Filebmp.cpredictiveLow
12Filecgi-bin/jc.cgipredictiveHigh
13Filechecklogin.phppredictiveHigh
14Filexxx.xxxpredictiveLow
15Filexxxxxx/xxx.xpredictiveMedium
16Filexxxxxx/xxx.xpredictiveMedium
17Filexxxxxx\xxxx.xpredictiveHigh
18Filexxxx\xxxxxxxxxxxxxxpredictiveHigh
19Filexxxxxxxx_xxxxxxxxx_xxxxx.xxxpredictiveHigh
20Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHigh
21Filexxxxxxx/xxx/xxx-xxxxxxx.xpredictiveHigh
22Filexxxxxxx/xxxxx/xxx/xxxxxxx/xxxxxxx-xxx.xpredictiveHigh
23Filexxxxxxx/xxx/xxxxxx.xpredictiveHigh
24Filexxxxxxx/xxxxxxxxx/xxxx.xpredictiveHigh
25Filexxxxxxx.xxxpredictiveMedium
26Filexx_xxxxxxx.xpredictiveMedium
27Filexxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
28Filexxx.xpredictiveLow
29Filexxxx.xpredictiveLow
30Filexx/xxxxxxxx/xxxx.xpredictiveHigh
31Filexx/xxxx/xxxxx.xpredictiveHigh
32Filexxxxxx.xxxpredictiveMedium
33Filexxxx/.xxxxxxxxxxxxxxxpredictiveHigh
34Filexxx/xxx/xxx.xxxpredictiveHigh
35Filexxxxx.xxxpredictiveMedium
36Filexxxxxxx/xxxxx.xxxpredictiveHigh
37Filexxxxxxxxx.xxxpredictiveHigh
38Filexxxx.xxxx.xxxxx.xxxxxxx.xxxxxxxpredictiveHigh
39Filexxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
40Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
41Filexxxx/xxxx/x_xxxxx.xpredictiveHigh
42Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
43Filexxxxx-xxxxx/xx-xxxxxx.xpredictiveHigh
44Filexxxxxxxx/xxxxxxxx.xpredictiveHigh
45Filexxx.xpredictiveLow
46Filexxx/xxx_xxxxxx/xxx_xxxxxx_xxxxxx.xpredictiveHigh
47Filexxx/xxxx/xxxx_xxxxxxxxxx_xxxx.xpredictiveHigh
48Filexxx/xxxx/xxxx.xpredictiveHigh
49Filexxx/xxx/xx_xxx.xpredictiveHigh
50Filexxx/xxx/xxxxxxx.xpredictiveHigh
51Filexxx/xxxxx/xxx_xxx.xpredictiveHigh
52Filexxx/xxxxxx/xxx.xpredictiveHigh
53Filexxx/xxxxxxx.xpredictiveHigh
54Filexxxxxx_xxx.xpredictiveMedium
55Filexxxxxxx/xxxx-xxxxxx.xpredictiveHigh
56Filexxxxxxx.xxxpredictiveMedium
57Filexxxx.xpredictiveLow
58Filexxx/xxxx.xpredictiveMedium
59Filexxxxxxxx.xpredictiveMedium
60Filexx_xxxx.xpredictiveMedium
61Filexxxxxxxx/xxxxxxxx/xxx.xpredictiveHigh
62Filexxxx_xxxxxx.xxpredictiveHigh
63Filexxx.xpredictiveLow
64Filexxx.xpredictiveLow
65Filexxxxxxxx/xxxxxxx.xpredictiveHigh
66Filexxx.xpredictiveLow
67Filexxxxxx.xxxpredictiveMedium
68Filexxxxxxxxx.xxxxxpredictiveHigh
69Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
70Filexxx_xxxx.xxxpredictiveMedium
71Filexxxx/xxxx_xxxxxxxxx.xpredictiveHigh
72Filexxxx/xxxx_xxxxxx.xpredictiveHigh
73Library/xxx/xxxx/xxxxx.x/xx-xxxx-xxxxxxx.xxxxxpredictiveHigh
74Library/xxx/xxx/xxxx/predictiveHigh
75Libraryxxxxxxxxxxxx_xxx.xxxpredictiveHigh
76Libraryxxxxxxxx.xxxpredictiveMedium
77Libraryxxxxxx.xxxpredictiveMedium
78Libraryxxx/xxx_xxxx_xxxxxx.xpredictiveHigh
79Libraryxxxxxx.xxxpredictiveMedium
80Libraryxxxxxxxx.xxxpredictiveMedium
81Libraryxx_xxxx.x/xxx_xxxx.x/xx_xxx.xpredictiveHigh
82Libraryxxxxx.xxxpredictiveMedium
83Libraryxxxxxx.xxxpredictiveMedium
84ArgumentxxxxxxxxxxxxxxxpredictiveHigh
85ArgumentxxxpredictiveLow
86Argumentxxxxx_xxpredictiveMedium
87ArgumentxxxxxxxxxxpredictiveMedium
88ArgumentxxxpredictiveLow
89ArgumentxxxxxxpredictiveLow
90ArgumentxxxxxxxpredictiveLow
91ArgumentxxxpredictiveLow
92ArgumentxxxxpredictiveLow
93ArgumentxxpredictiveLow
94ArgumentxxxxxxxpredictiveLow
95Argumentxxxxxxx xxxxpredictiveMedium
96Argumentxxxx_xxxxpredictiveMedium
97ArgumentxxxxpredictiveLow
98ArgumentxxxxxxpredictiveLow
99ArgumentxxxxxxxxpredictiveMedium
100ArgumentxxxxxxxxpredictiveMedium
101ArgumentxxxxxxxxpredictiveMedium
102ArgumentxxxxxxpredictiveLow
103ArgumentxxxxxxxxxxxxxxxpredictiveHigh
104ArgumentxxpredictiveLow
105ArgumentxxxxxxxxxpredictiveMedium
106ArgumentxxxxxxxxpredictiveMedium
107ArgumentxxxxxxxxpredictiveMedium
108Input Value%xx%xxxxx%xx/xxx/xxxxxx%xx%xxpredictiveHigh
109Input Value' xx 'x'='xpredictiveMedium
110Input Valuex%xx%xx%xxxxxxx%xxxxxxxx%xxxxxxxxxx%xxxxxx%xx%xxxxxxx_xxxxx%xx%xx--%xx%xxpredictiveHigh
111Input ValuexxxxxxpredictiveLow
112Input Value<xxxxxx>xxxxx(xxxxxxxx. xxxxxx)</xxxxxx>predictiveHigh
113Input ValuexxpredictiveLow
114Pattern|xx|xx|xx|predictiveMedium
115Network Portxxx/xx (xxxxxx)predictiveHigh
116Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
117Network PortxxxpredictiveLow
118Network Portxxx/xxx (xxx)predictiveHigh
119Network Portxxx/xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!