Denonia Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (107)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en30
it24
ar10
zh10
pt10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Denonia2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined10
Automattic2
Jason26052
LabVantage2
CIMTechniques2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Serpico6
Automattic Jetpack2
Zoom2
Jason2605 AdminPanel2
QuickBox Pro2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Zoom Screen Sharing information disclosure4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.001830.00CVE-2021-28133
2Serpico cross-site request forgery6.56.2$0-$5k$0-$5kProof-of-ConceptUnavailable0.000730.03CVE-2019-19854
3TopManage OLK Session Cookie cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.002910.00CVE-2020-6845
4Serpico input validation5.34.9$0-$5k$0-$5kNot DefinedNot Defined0.000840.04CVE-2019-19859
5BACKCLICK Professional cross site scripting4.84.7$0-$5k$0-$5kNot DefinedNot Defined0.000700.00CVE-2022-44002
6Serpico Password Change insufficiently protected credentials6.45.9$0-$5k$0-$5kNot DefinedNot Defined0.000720.00CVE-2019-19857
7LabVantage LIMS Database Name information disclosure5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.035840.00CVE-2020-7959
8Serpico list_user Stored cross site scripting3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.00CVE-2019-19856
9CIMTechniques CIMScan SOAP WSDL Parser GetSqlData sql injection8.48.4$0-$5k$0-$5kHighNot Defined0.002560.02CVE-2018-16803
10Serpico list_user Stored cross site scripting3.63.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.04CVE-2019-19855
11Jason2605 AdminPanel editPlayer.php sql injection8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.001270.00CVE-2020-13433
12Serpico UID Stored cross site scripting3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.04CVE-2019-19858
13QuickBox Pro cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000780.00CVE-2021-45281
14PHP Scripts Mall Citysearch Clone Script restaurants-details.php Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000720.00CVE-2019-6248
15WordPress Thumbnail input validation7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.009900.03CVE-2018-1000773
16Automattic Jetpack sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.000640.02CVE-2011-4673
17Apache Tomcat Servlets access control5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.001100.02CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1116.203.4.0static.0.4.203.116.clients.your-server.deDenonia04/07/2022verifiedHigh
2XXX.XXX.XX.XXxxxxx.xxxx.xxxx.xxXxxxxxx04/07/2022verifiedHigh
3XXX.XX.XXX.XXx.xx.xxxxxxx.xxxXxxxxxx04/07/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCAPEC-19CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileadmin/add_user/UIDpredictiveHigh
2Fileadmin/list_userpredictiveHigh
3Filexxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxxpredictiveHigh
4Filexxxxxxxxxx.xxxpredictiveHigh
5Filexxxxxxxxxxx-xxxxxxx.xxxpredictiveHigh
6ArgumentxxxxxxpredictiveLow
7Argumentxxxx_xxxxpredictiveMedium
8ArgumentxxxxxxpredictiveLow
9ArgumentxxpredictiveLow
10ArgumentxxxxpredictiveLow
11ArgumentxxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!