Letscall Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (10)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en6
zh4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us6
cn4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Letscall2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined6
Web Browser2
Content Management System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined4
Google2
Kentico2
Telerik Progress2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome2
Pligg2
Kentico CMS2
Kubelet2
Telerik Progress UI for ASP.NET AJAX2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Google Chrome Javascript use after free6.46.2$25k-$100k$0-$5kHighOfficial Fix0.671700.06CVE-2019-5825
2Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009362.27CVE-2020-15906
3Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.92
4Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.966100.00CVE-2023-4966
5LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.47
6Shenzhen Youkate Industrial Facial Love Cloud Payment System Account SystemMng.ashx privileges management8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.09CVE-2023-6099
7Kubelet seccomp Profile improper validation of specified type of input4.44.3$0-$5k$0-$5kNot DefinedNot Defined0.000450.03CVE-2023-2431
8Telerik Progress UI for ASP.NET AJAX Telerik.Web.UI inadequate encryption8.58.4$0-$5k$0-$5kHighOfficial Fix0.081370.05CVE-2017-11317
9Kentico CMS CMS Administration Dashboard install.aspx access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.148300.04CVE-2017-17736

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
135.243.122.211211.122.243.35.bc.googleusercontent.comLetscall07/11/2023verifiedMedium
245.43.215.98Letscall07/11/2023verifiedHigh
3XX.XX.XXX.XXXXxxxxxxx07/11/2023verifiedHigh
4XXX.XXX.XXX.XXXXxxxxxxx07/11/2023verifiedHigh
5XXX.XXX.XXX.XXXXxxxxxxx07/11/2023verifiedHigh
6XXX.XXX.XXX.XXXXxxxxxxx07/11/2023verifiedHigh
7XXX.XX.XX.XXxxxxxxx07/11/2023verifiedHigh
8XXX.XX.XX.XXXxxxxxxx07/11/2023verifiedHigh
9XXX.XX.XX.XXXxxxxxxx07/11/2023verifiedHigh
10XXX.XXX.XXX.XXXXxxxxxxx07/11/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1068CAPEC-122CWE-264, CWE-269Execution with Unnecessary PrivilegespredictiveHigh
2TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
3TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-112CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/oauth/idp/.well-known/openid-configurationpredictiveHigh
3File/xxxxxxxxx.xxxxpredictiveHigh
4Filexxxxx.xxxpredictiveMedium
5Filexxxxxxxxxx/xxxxxxx.xxxxpredictiveHigh
6Filexxxx-xxxxx.xxxpredictiveHigh
7ArgumentxxxxxxxxxxpredictiveMedium
8ArgumentxxxxxxxxxxxxpredictiveMedium
9Input ValuexxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!