Gabon Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

fr16
en4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

fr18
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Gabon5

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined8
JavaScript Library2
WordPress Plugin2
Content Management System2
Operating System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined6
Green Packet4
Blueimp2
Icegram2
Microsoft2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Green Packet DX-3504
Blueimp jQuery-File-Upload2
Open5GS2
Icegram Email Subscribers 2
Icegram Newsletters Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Green Packet DX-350 hard-coded credentials8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.006590.04CVE-2017-9932
2BlueMind Contact Application data processing7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001720.02CVE-2019-9563
3Green Packet DX-350 Web Interface command injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.050010.00CVE-2017-9980
4Open5GS Service Port 3000 hard-coded password8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.001070.00CVE-2021-25863
5Sage X3 AdxDSrv.exe authentication spoofing7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.195970.05CVE-2020-7388
6Icegram Email Subscribers / Newsletters Plugin missing authentication6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002890.00CVE-2020-5780
7Ubuntu config4.03.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2009-1295
8Ubuntu Linux overlayfs access control7.87.6$5k-$25k$0-$5kHighOfficial Fix0.000620.04CVE-2015-1328
9Dolibarr User Note note.php Stored cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2019-16686
10IBM AIX LVM lquerylv access control7.87.0$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000910.02CVE-2016-6079
11Blueimp jQuery-File-Upload File Upload unrestricted upload8.58.2$0-$5k$0-$5kHighOfficial Fix0.966890.04CVE-2018-9206
12Netgate pfSense command injection6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.166600.00CVE-2018-4020
13WordPress REST API class-wp-rest-users-controller.php information disclosure5.35.1$5k-$25k$0-$5kFunctionalOfficial Fix0.874100.04CVE-2017-5487
14Microsoft Windows Kernel access control7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.004040.06CVE-2017-11847
15Green Packet DX-350 UPnP ajax.cgi cross-site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001120.03CVE-2017-9930
16TeamPass sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.004710.00CVE-2014-3773

IOC - Indicator of Compromise (49)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
141.72.224.0Gabon Unknown02/21/2023verifiedHigh
241.76.120.0Gabon Unknown05/03/2023verifiedHigh
341.77.120.0Gabon Unknown05/03/2023verifiedHigh
441.78.96.0Gabon Unknown05/03/2023verifiedHigh
541.78.240.0Gabon Unknown02/21/2023verifiedHigh
641.158.0.0Gabon Unknown02/21/2023verifiedHigh
741.211.128.0Gabon Unknown02/21/2023verifiedHigh
841.223.168.0Gabon Unknown02/21/2023verifiedHigh
957.82.62.0Gabon Unknown02/21/2023verifiedHigh
1066.102.36.64Gabon Unknown05/03/2023verifiedHigh
11XX.XXX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
12XX.XXX.XX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
13XX.XXX.XXX.Xxx-xxx-xxx-x.xx.xxxxxxxxxxx.xxxXxxxx Xxxxxxx02/21/2023verifiedHigh
14XX.XXX.XX.Xxx-xxx-xx-x.xx.xxxxxxxxxxx.xxxXxxxx Xxxxxxx02/21/2023verifiedHigh
15XXX.XXX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
16XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
17XXX.XXX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
18XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
19XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
20XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
21XXX.X.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
22XXX.X.XXX.Xx-xxx-x-xxx.x.xxxxxx.xxXxxxx Xxxxxxx02/21/2023verifiedHigh
23XXX.XX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
24XXX.XX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
25XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
26XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
27XXX.XXX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
28XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
29XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
30XXX.XXX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
31XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
32XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
33XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
34XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
35XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
36XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
37XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
38XXX.XX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
39XXX.XX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
40XXX.XX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
41XXX.XXX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
42XXX.XXX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
43XXX.XXX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
44XXX.XXX.X.XXxxxx Xxxxxxx02/21/2023verifiedHigh
45XXX.XXX.XXX.XXxxxx Xxxxxxx05/03/2023verifiedHigh
46XXX.XXX.XXX.XXxxxxxx.xxxxxx.xxx.xxxxxxxx.xxxXxxxx Xxxxxxx05/03/2023verifiedHigh
47XXX.XXX.XXX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
48XXX.XX.XX.XXxxxx Xxxxxxx02/21/2023verifiedHigh
49XXX.XXX.XX.Xxxx-xxx-xx-x.xxxxxx.xxxxxxxxxx.xxxXxxxx Xxxxxxx02/21/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHigh
2T1068CWE-264Execution with Unnecessary PrivilegespredictiveHigh
3TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
5TXXXXCAPEC-136CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1FileAdxDSrv.exepredictiveMedium
2Fileajax.cgipredictiveMedium
3FilexxxxxxxxpredictiveMedium
4Filexxxx.xxxpredictiveMedium
5Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
6ArgumentxxxpredictiveLow
7Argumentxxxxxx_xx_xxxxpredictiveHigh
8Argumentxxxxxxxx_predictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!