French Polynesia Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (30)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en16
fr12
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

pf18
us10
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Gabon1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined8
Web Server6
Operating System6
Asset Management Software2
Advertising Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined6
Apache4
Cisco4
Apple4
Allegro2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apache HTTP Server4
Apple Mac OS X4
Cisco Unified CallManager2
Allegro RomPager2
GLPI2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002412.23CVE-2020-12440
2Boa Terminal input validation5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.023950.05CVE-2009-4496
3GLPI Admin Dashboard sql injection6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000500.05CVE-2023-37278
4phpLDAPadmin entry_chooser.php cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001450.04CVE-2017-11107
5Allegro RomPager Cookie code7.36.4$0-$5k$0-$5kHighOfficial Fix0.972120.04CVE-2014-9222
6OpenSSL X.400 Address type confusion6.05.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.002550.00CVE-2023-0286
7Apache HTTP Server mod_proxy_ajp request smuggling8.18.0$5k-$25k$5k-$25kNot DefinedOfficial Fix0.022370.07CVE-2022-36760
8Cisco Unified CallManager denial of service5.34.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.102750.00CVE-2007-1833
9Rapid7 Metasploit Framework drb_remote_codeexec Exploit deserialization5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.003940.03CVE-2020-7385
10Apache HTTP Server mod_reqtimeout resource management5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.016960.00CVE-2007-6750
11Cachet Configuration Edition crlf injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002570.00CVE-2021-39172
12json8-merge-patch Package Constructor code injection6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.001020.00CVE-2020-8268
13Microsoft Windows Multimedia Library winmm.dll memory corruption10.09.5$100k and more$0-$5kHighOfficial Fix0.972810.00CVE-2012-0003
14PhastPress Plugin redirect5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001570.00CVE-2021-24210
15nginx Error Page request smuggling6.36.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002730.04CVE-2019-20372
16Rapid7 Metasploit Pro Web Interface permission assignment3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000440.02CVE-2019-5642
17Foxit Quick PDF Library Tree Structure LoadFromStream memory corruption6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.112420.00CVE-2018-20247
18wps-hide-login Plugin 7pk security8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.006970.04CVE-2019-15823
19WindScribe VPN WindScribeService.exe input validation7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.001750.00CVE-2018-11479
20Apache HTTP Server mod_ssl access control7.47.4$5k-$25k$5k-$25kNot DefinedNot Defined0.002670.00CVE-2019-0215

IOC - Indicator of Compromise (37)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
143.249.176.0French Polynesia Unknown01/09/2023verifiedHigh
245.12.70.176wholesomely.alltieinc.comFrench Polynesia Unknown01/09/2023verifiedHigh
345.12.71.176French Polynesia Unknown01/09/2023verifiedHigh
450.21.80.00.80.21.50.abo.mana.pfFrench Polynesia Unknown05/24/2023verifiedHigh
564.140.144.00.144.140.64.dsl.dyn.mana.pfFrench Polynesia Unknown03/15/2023verifiedHigh
6103.4.72.0French Polynesia Unknown01/09/2023verifiedHigh
7103.46.216.0French Polynesia Unknown01/09/2023verifiedHigh
8103.129.120.00.120.129.103.pba.apn.pmt.pfFrench Polynesia Unknown01/09/2023verifiedHigh
9XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
10XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
11XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
12XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
13XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
14XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
15XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
16XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
17XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
18XXX.XX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx05/24/2023verifiedHigh
19XXX.XXX.XXX.Xxxxx-xxx-xxx-x.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
20XXX.XXX.XXX.XXXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
21XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
22XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
23XXX.XXX.XX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
24XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
25XXX.XX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx05/24/2023verifiedHigh
26XXX.XX.XXX.XXXXxxxxx Xxxxxxxxx Xxxxxxx05/24/2023verifiedHigh
27XXX.XX.XX.XXXXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
28XXX.XX.XXX.XXXXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
29XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
30XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
31XXX.XXX.X.XXxxxxx Xxxxxxxxx Xxxxxxx03/15/2023verifiedHigh
32XXX.X.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
33XXX.XX.XX.Xx.xx.xx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
34XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
35XXX.XXX.XXX.Xx.xxx.xxx.xxx.xxx.xxx.xxxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
36XXX.XXX.XXX.XXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh
37XXX.XXX.XX.Xx.xx.xxx.xxx.xxx.xxx.xxXxxxxx Xxxxxxxxx Xxxxxxx01/09/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
3TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
6TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (13)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1FileAccess.app/Contents/Resources/kcproxypredictiveHigh
2Fileaccountancy/customer/card.phppredictiveHigh
3Filexxxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
4Filexxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
5Filexxxxxx/xxxx.xxx.xxxpredictiveHigh
6Filexxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
7Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
8Libraryxxxxx.xxxpredictiveMedium
9ArgumentxxpredictiveLow
10Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxpredictiveHigh
11ArgumentxxpredictiveLow
12ArgumentxxxxxxxxxxxxxpredictiveHigh
13Network Portxxx/xxx, xxx/xxx, xxx/xxxx, xxx/xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!