Magecart Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en102
fr96
zh90
ar88
ru88

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

fr96
ar88
ru88
pl88
sv80

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined60
WordPress Plugin34
Operating System8
E-Commerce Management Software6
Wireless LAN Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined36
Tenda22
Kashipara4
Apache4
Netgear2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Tenda W15E8
MailCleaner8
Tenda i216
Kashipara Online Furniture Shopping Ecommerce Webs ...4
FreeBSD4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Apryse WebViewer PDF Document cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.08CVE-2024-4327
2MailCleaner Email os command injection9.89.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.07CVE-2024-3191
3osCommerce all-products cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000650.21CVE-2024-4348
4MailCleaner Admin Interface cross site scripting6.56.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.04CVE-2024-3192
5SourceCodester Pisay Online E-Learning System controller.php unrestricted upload7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.12CVE-2024-4349
6MailCleaner Admin Endpoints os command injection8.88.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.04CVE-2024-3193
7BloomPixel Max Addons Pro for Bricks Plugin authorization6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.000430.08CVE-2024-32951
8Extend Themes Teluro Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33688
9Apache HTTP Server mod_lua Multipart Parser r:parsebody out-of-bounds write8.58.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.088080.00CVE-2021-44790
10Elementor ImageBox Plugin cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.08CVE-2024-3074
11Dell Wyse Proprietary OS Telemetry Dashboard information disclosure4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2024-28963
12Apache Parquet Parquet-MR denial of service3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000890.00CVE-2021-41561
13Pavex Embed Google Photos Album Plugin server-side request forgery5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.08CVE-2024-32775
14Foliovision FV Flowplayer Video Player Plugin server-side request forgery5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-32955
15Tenda i21 formQosManageDouble_auto stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.07CVE-2024-4246
16Dell Repository Manager API Module improper authorization8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-28976
17Jegstudio Financio Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33690
18ThemeNcode Fan Page Widget by Plugin cross site scripting4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33695
19AnnounceKit Plugin cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.04CVE-2024-3023
20Repute Infosystems ARMember Plugin authorization7.87.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.07CVE-2024-32948

IOC - Indicator of Compromise (115)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.3.1.6Magecart10/11/2019verifiedHigh
21.3.2.8Magecart10/11/2019verifiedHigh
31.45.76.1Magecart10/11/2019verifiedHigh
42.1.5.3Magecart10/11/2019verifiedHigh
53.1.5.3ec2-3-1-5-3.ap-southeast-1.compute.amazonaws.comMagecart10/11/2019verifiedMedium
65.4.8.1dynamic-005-004-008-001.5.4.pool.telefonica.deMagecart10/11/2019verifiedHigh
75.45.83.223magecart12/19/2023verifiedHigh
85.135.247.141ip141.ip-5-135-247.euMagecart09/13/2021verifiedHigh
95.135.247.142ip142.ip-5-135-247.euMagecart09/13/2021verifiedHigh
105.188.44.32Magecart09/13/2021verifiedHigh
115.252.177.2475-252-177-247.mivocloud.commagecart12/19/2023verifiedHigh
128.209.70.103Magecart05/20/2022verifiedHigh
138.211.0.55Magecart05/20/2022verifiedHigh
148.211.5.139Magecart05/20/2022verifiedHigh
1524.3.29.37c-24-3-29-37.hsd1.pa.comcast.netMagecart10/11/2019verifiedHigh
1628.23.5.5Magecart10/11/2019verifiedHigh
1735.14.69.4Magecart10/11/2019verifiedHigh
1835.246.189.253253.189.246.35.bc.googleusercontent.comMagecart06/01/2021verifiedMedium
1936.85.5.5Magecart10/11/2019verifiedHigh
2036.86.5.5Magecart10/11/2019verifiedHigh
2137.1.213.121magecart12/19/2023verifiedHigh
2237.59.47.208ns3000975.ip-37-59-47.euMagecart09/13/2021verifiedHigh
2337.252.1.225introstock.commagecart12/19/2023verifiedHigh
24XX.XX.X.XXxxxxxxx10/11/2019verifiedHigh
25XX.XXX.XX.XXXXxxxxxxx12/19/2023verifiedHigh
26XX.XXX.XXX.XXXXxxxxxxx08/10/2022verifiedHigh
27XX.XXX.XXX.XXXXxxxxxxx05/20/2022verifiedHigh
28XX.XXX.XXX.XXXXxxxxxxx05/20/2022verifiedHigh
29XX.XXX.XXX.XXXXxxxxxxx06/01/2021verifiedHigh
30XX.XX.XXX.XXxxxx.xx-xx-xx-xxx.xxXxxxxxxx09/13/2021verifiedHigh
31XX.XXX.XXX.XXXXxxxxxxx10/23/2023verifiedHigh
32XX.XX.XX.XXXxxxxx.xx-xx-xx-xx.xxXxxxxxxx09/13/2021verifiedHigh
33XX.XXX.XX.XXXxxxxxxx06/01/2021verifiedHigh
34XX.XX.XXX.XXXxxxxxxx12/19/2023verifiedHigh
35XX.XX.XX.XXXxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx10/11/2019verifiedHigh
36XX.XXX.XXX.XXXXxxxxxxx09/13/2021verifiedHigh
37XX.XXX.X.XXXx-xx-xxx-x-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxx09/13/2021verifiedHigh
38XX.XXX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
39XX.XX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
40XX.XXX.XX.XXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
41XX.XXX.XX.XXXxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
42XX.XXX.XX.XXXxxxxxxxxxxxxxxxx.xxxXxxxxxxx05/20/2022verifiedHigh
43XX.XXX.XXX.Xxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
44XX.XXX.XXX.Xxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
45XX.XXX.XXX.XXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
46XX.XXX.XXX.XXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
47XX.XXX.XXX.XXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
48XX.XXX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
49XX.XXX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
50XX.XXX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
51XX.XXX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
52XX.XX.XX.XXxxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx06/01/2021verifiedHigh
53XX.XX.XXX.XXXxxxxxxxxxxxxxxxx.xxxxxxxx.xxxXxxxxxxx08/10/2022verifiedHigh
54XX.XXX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
55XX.XXX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
56XX.XXX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
57XX.XXX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
58XX.XXX.XXX.XXXxxxxxx.xxx.xxxxxxxxx.xxXxxxxxxx06/21/2022verifiedHigh
59XX.XXX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
60XX.XXX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
61XX.XXX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
62XX.XXX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
63XX.XXX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
64XX.XX.XXX.XXXXxxxxxxx12/19/2023verifiedHigh
65XX.XXX.XXX.XXXxxxxxxxxxx.xxxXxxxxxxx09/13/2021verifiedHigh
66XX.XXX.XXX.XXXXxxxxxxx06/01/2021verifiedHigh
67XXX.XXX.XXX.XXXxxxxxxx08/10/2022verifiedHigh
68XXX.XXX.XX.XXXxxxxxxx08/10/2022verifiedHigh
69XXX.XXX.XX.XXxx-xx.xxxxxxxxxx.xxxXxxxxxxx06/01/2021verifiedHigh
70XXX.XXX.XXX.XXxxx.xx.xxxxxxxxxx.xxxXxxxxxxx09/13/2021verifiedHigh
71XXX.XXX.XX.XXXXxxxxxxx09/13/2021verifiedHigh
72XXX.XXX.XX.XXXXxxxxxxx09/13/2021verifiedHigh
73XXX.XXX.XX.XXXXxxxxxxx09/13/2021verifiedHigh
74XXX.XX.XX.XXXxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxx09/13/2021verifiedHigh
75XXX.XX.XXX.XXXxxxxxx.xxx.xxxxXxxxxxxx09/13/2021verifiedHigh
76XXX.XX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
77XXX.XX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
78XXX.XX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
79XXX.XX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
80XXX.XX.XXX.XXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
81XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
82XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
83XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
84XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
85XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
86XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
87XXX.XX.XXX.XXXxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
88XXX.XX.XX.XXxxxx.xxxxxxXxxxxxxx09/13/2021verifiedHigh
89XXX.XXX.XXX.XXX.Xxxxxxxx09/13/2021verifiedHigh
90XXX.XXX.XXX.XXXXxxxxxxx09/13/2021verifiedHigh
91XXX.XXX.XX.XXxxxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
92XXX.XXX.XX.XXxxxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
93XXX.XXX.XX.XXxxxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
94XXX.XXX.XX.XXxxxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
95XXX.XXX.XX.XXxxxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
96XXX.XXX.XX.XXXxxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
97XXX.XXX.XX.XXxxxxxx.xxxXxxxxxxx06/21/2022verifiedHigh
98XXX.XXX.XX.XXXxxxxx.xxXxxxxxxx06/21/2022verifiedHigh
99XXX.XXX.XX.XXXxxxxx.xxXxxxxxxx06/21/2022verifiedHigh
100XXX.XXX.XX.XXXxxxxx.xxXxxxxxxx06/21/2022verifiedHigh
101XXX.XXX.XX.XXxxxxxxxx.xxxxxxx.xxxXxxxxxxx06/01/2021verifiedHigh
102XXX.XXX.XX.XXXxxxxxxxx.xxxxxxx.xxxXxxxxxxx06/01/2021verifiedHigh
103XXX.XXX.XXX.XXxxxx.xxxxxxxxx.xxXxxxxxxx06/01/2021verifiedHigh
104XXX.XXX.XXX.XXXXxxxxxxx09/13/2021verifiedHigh
105XXX.XX.XXX.XXxxx.xxxxx.xxxXxxxxxxx09/13/2021verifiedHigh
106XXX.XX.XXX.XXXxxxxxxx06/21/2022verifiedHigh
107XXX.XX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
108XXX.XX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
109XXX.XX.XX.XXXxx-xx.xxxxxxxxxx.xxxXxxxxxxx06/01/2021verifiedHigh
110XXX.XXX.XXX.XXXXxxxxxxx06/21/2022verifiedHigh
111XXX.XX.XXX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxx06/01/2021verifiedHigh
112XXX.X.XXX.XXXxxxxxxx05/20/2022verifiedHigh
113XXX.X.XXX.XXXXxxxxxxx09/13/2021verifiedHigh
114XXX.X.XXX.XXXXxxxxxxx09/13/2021verifiedHigh
115XXX.X.XXX.XXXXxxxxxxx09/13/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
11TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (62)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/catalog/all-productspredictiveHigh
2File/changePasswordpredictiveHigh
3File/goform/addIpMacBindpredictiveHigh
4File/goform/DelDhcpRulepredictiveHigh
5File/goform/delIpMacBindpredictiveHigh
6File/goform/DelPortMappingpredictiveHigh
7File/goform/modifyDhcpRulepredictiveHigh
8File/goform/modifyIpMacBindpredictiveHigh
9File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
10File/xxxxxx/xxxxxxxxxxpredictiveHigh
11File/xxxxxx/xxxxxxxxxpredictiveHigh
12File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
13File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
14File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHigh
15File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
16File/xxxxxx/xxxxxxxxxxxxxpredictiveHigh
17File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
18File/xxxxxx/xxxxxxxxxxxpredictiveHigh
19File/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
20File/xxxxxxxxxxx.xxx/xxxxxxxxpredictiveHigh
21File/xxx/xxxxxxx/xxxpredictiveHigh
22File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictiveHigh
23Filexxxxx/xxxxxxx/xxxxxxxxxxxxx.xxpredictiveHigh
24Filexxxxxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
27Filexx/xxxxxx/xxxxxxxxxxpredictiveHigh
28Filexxxxx.xxxpredictiveMedium
29Filexxxxxxxx.xxxpredictiveMedium
30Filexxxxxxxx.xxxpredictiveMedium
31Filexxxxxxxx.xxxpredictiveMedium
32Argumentxxxxx_xxxxxpredictiveMedium
33ArgumentxxxxxxxxxxxxxpredictiveHigh
34ArgumentxxxpredictiveLow
35ArgumentxxxxxxxxxpredictiveMedium
36ArgumentxxxxxxxxxxxxpredictiveMedium
37ArgumentxxxxxxxxxxpredictiveMedium
38ArgumentxxxxxxxpredictiveLow
39ArgumentxxxxpredictiveLow
40ArgumentxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
41Argumentxx/xxxxpredictiveLow
42ArgumentxxpredictiveLow
43ArgumentxxxxxxxxxxxxxxpredictiveHigh
44ArgumentxxxxxxxxxxxxxpredictiveHigh
45Argumentxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
46ArgumentxxxxpredictiveLow
47ArgumentxxxxxxxxxxpredictiveMedium
48ArgumentxxxxxxxxxxxxpredictiveMedium
49ArgumentxxxxpredictiveLow
50ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
51Argumentxxxxxxx_xxxxxxx_xxxxx_xxxxx_xxxxxpredictiveHigh
52ArgumentxxxxxxpredictiveLow
53ArgumentxxxxxxxxpredictiveMedium
54ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
55ArgumentxxxxxxxxxxpredictiveMedium
56ArgumentxxxxxxxxpredictiveMedium
57Argumentxxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
58ArgumentxxxxxxxxxpredictiveMedium
59ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
60ArgumentxxxxpredictiveLow
61ArgumentxxxxxxxxxxpredictiveMedium
62Argumentxxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxxpredictiveHigh

References (17)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!