Cpuminer Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (221)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en200
ru20
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn28
us22
ru6
es4
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

RedLine Stealer2
Cobalt Strike2
Responder2
CredStealer1
TeamTNT1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined108
WordPress Plugin18
Operating System16
Router Operating System8
Web Browser6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined76
Apple8
Apache6
IBM6
Netgear6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple macOS8
Netgear D78006
Netgear R61006
Netgear R75006
Netgear R7500v26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1ZyXEL P660HN-T v1 ViewLog.asp command injection7.36.4$5k-$25k$0-$5kProof-of-ConceptWorkaround0.000000.03
2Dahua DHI-HCVR7216A-S3 SmartPSS Auto Login Hash access control6.76.7$0-$5k$0-$5kNot DefinedNot Defined0.003310.04CVE-2017-6342
3Cyr to Lat Plugin sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.03CVE-2022-4290
4HPE Onboard Administrator Reflected cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000500.03CVE-2020-7132
5xwikisas macro-pdfviewer PDF Viewer Macro information disclosure6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-30263
6Moises Heberle WooCommerce Bookings Calendar Plugin cross site scripting5.04.9$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-31117
7Foxit PDF Reader AcroForm use after free6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000460.03CVE-2024-30354
8Tenda AC10 SetStaticRouteCfg fromSetRouteStatic stack-based overflow8.88.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.11CVE-2024-2581
9MediaTek MT8798 Lk memory corruption6.76.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.02CVE-2024-20022
10Kofax Power PDF PNG File Parser out-of-bounds4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2024-27336
11Linux Kernel ASPM pci_set_power_state_locked deadlock4.84.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.03CVE-2024-26605
12Elementor Plugin deserialization5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.03CVE-2024-24934
13IBM Security Access Manager Container DSC Server resource consumption6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.02CVE-2023-31006
14WP Recipe Maker Plugin cross site scripting5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000450.02CVE-2024-0382
15Dahua IPC/SD/NVR/XVR Packet unknown vulnerability4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000630.03CVE-2022-30564
16PrestaShop blockwishlist sql injection7.77.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.007410.00CVE-2022-31101
17ThemePunch OHG Slider Revolution Plugin unrestricted upload7.27.1$0-$5k$0-$5kNot DefinedNot Defined0.000500.05CVE-2023-47784
18OpenZeppelin openzeppelin-contracts Subcall control flow5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000480.06CVE-2023-49798
19Brocade Fabric OS risky encryption6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000910.00CVE-2021-27795
20WPFactory Products, Order & Customers Export for WooCommerce Plugin cross site scripting5.85.8$0-$5k$0-$5kNot DefinedNot Defined0.000460.00CVE-2023-47547

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.9.148.117Cpuminer07/16/2022verifiedHigh
2XXX.XXX.XX.XXXXxxxxxxx10/06/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-425Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
15TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
17TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-20CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
19TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
20TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (84)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/ajax.php?action=read_msgpredictiveHigh
2File/debug/pprofpredictiveMedium
3File/desktop_app/file.ajax.php?action=uploadfilepredictiveHigh
4File/envpredictiveLow
5File/goform/SetNetControlListpredictiveHigh
6File/goform/SetStaticRouteCfgpredictiveHigh
7File/src/chatbotapp/chatWindow.javapredictiveHigh
8Fileadmin/categories_industry.phppredictiveHigh
9Fileadmin/class-woo-popup-admin.phppredictiveHigh
10Fileadmin/content/postcategorypredictiveHigh
11Filexxxxxxxxxxxx/xxxxx/xxxx/predictiveHigh
12Filexxxxx.xxxpredictiveMedium
13Filexxx_xx_xxx_xxx.xxxpredictiveHigh
14Filexxx.xpredictiveLow
15FilexxxpredictiveLow
16Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
17Filexxxxxx.xxxpredictiveMedium
18Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
19Filexxx_xxxx.xpredictiveMedium
20Filexxx/xxxxx.xxxxxpredictiveHigh
21Filexxxx/xxxxxxxx/xxx&xx=xxxxxxxpredictiveHigh
22Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
23Filexxxxxx.xxxpredictiveMedium
24Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
25Filexx_xxxxx.xpredictiveMedium
26Filexxxxx_xxxxx.xpredictiveHigh
27Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
28Filexxxx.xxxpredictiveMedium
29Filexxxxx.xxxpredictiveMedium
30Filexxxxxxxx.xxxpredictiveMedium
31Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
32Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
33Filexxxxx.xxxpredictiveMedium
34Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
35Filexxxxx/xxxxx.xxxxxpredictiveHigh
36Filexxxxxxx.xpredictiveMedium
37Filexxxxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxxx-xxxxxx.xxxpredictiveHigh
39Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
40Filexxx.xpredictiveLow
41FilexxxxxxxxxxxxxxxxpredictiveHigh
42Filexxx-xxxxxxx-xxx.xxpredictiveHigh
43Filexxxxxxx.xpredictiveMedium
44Filexxxxxxx.xxxpredictiveMedium
45Filexxx.xxxpredictiveLow
46Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
47File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
48Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
49Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
50Libraryxxxxxxx.xxxpredictiveMedium
51Libraryxxxxx.xxxpredictiveMedium
52Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
53ArgumentxxxxxxpredictiveLow
54ArgumentxxxpredictiveLow
55Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
56ArgumentxxxxxxpredictiveLow
57Argumentx:\xxxxxxx\xpredictiveMedium
58Argumentxxxxx_xxxxpredictiveMedium
59Argumentxxxxx_xxpredictiveMedium
60ArgumentxxxxxxxxpredictiveMedium
61ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
62Argumentxxx_xxxpredictiveLow
63ArgumentxxxxpredictiveLow
64ArgumentxxxxpredictiveLow
65Argumentxxxx_xxxxxpredictiveMedium
66Argumentxxxxxx_xxxpredictiveMedium
67ArgumentxxxxpredictiveLow
68ArgumentxxpredictiveLow
69ArgumentxxxxxxxpredictiveLow
70ArgumentxxxxpredictiveLow
71ArgumentxxxxpredictiveLow
72ArgumentxxxxpredictiveLow
73ArgumentxxxxxxxpredictiveLow
74Argumentx_xxxxpredictiveLow
75Argumentxxxxxx_xxxxpredictiveMedium
76Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
77ArgumentxxxpredictiveLow
78ArgumentxxxxxpredictiveLow
79ArgumentxxxxxxxxxxxpredictiveMedium
80ArgumentxxpredictiveLow
81ArgumentxxxxxxpredictiveLow
82Argumentx-xxxxxxxxx-xxxxpredictiveHigh
83Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
84Input Value//xxx//xxxxxxx.xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!