Generickdz Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (152)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en116
de14
zh6
pl4
fr4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us96
ca18
de10
fr6
ch4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Generickdz7
Glupteba4
GandCrab3
Tofsee2
IcedID2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined50
Connectivity Software6
Web Server6
Operating System4
WordPress Plugin4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined48
Microsoft6
D-Link4
Sagemcom2
Google2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OpenSSH4
Sagemcom F@st 52602
Microsoft File Checksum Integrity Verifier2
Google Android2
Zabbix2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1All Enthusiast Inc Reviewpost Php Pro showproduct.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005010.00CVE-2004-2175
2Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.04CVE-2011-0643
3OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.19CVE-2016-6210
4212cafe 212cafeboard view.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.000640.06CVE-2008-4713
5Petwant PF-103/Petalk AI libcommon.so processCommandUploadLog os command injection9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.068870.04CVE-2019-17364
6Petwant PF-103/Petalk AI libcommon.so processCommandSetMac os command injection9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.068870.00CVE-2019-16737
7Apple macOS Login Window state issue4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000560.05CVE-2021-30702
8Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.03CVE-2017-0055
9PhotoPost PHP Pro showproduct.php sql injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002760.04CVE-2004-0250
10Floosietek FTGate memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.238390.02CVE-2005-3640
11Aboleo.net Portmon privileges management5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000420.05CVE-2003-0448
12Sun MySQL MS DOS Device Name denial of service7.57.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.070500.00CVE-2005-0799
13PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.26CVE-2007-0529
14BitTorrent uTorrent Bencoding Parser input validation6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.008670.04CVE-2020-8437
15MDaemon Webmail cross site scripting5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000720.02CVE-2019-8983
16Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
17Synology DiskStation Manager Change Password password recovery7.17.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.03CVE-2018-8916
18Webmin Package Updates Module update.cgi command injection8.88.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.121160.06CVE-2019-12840
19Totolink LR1200GB Web Interface cstecgi.cgi loginAuth stack-based overflow9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.07CVE-2024-1783
20PHP unserialize use after free8.58.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.197570.03CVE-2015-6834

IOC - Indicator of Compromise (70)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.9.72.48cpanelbk.pcready.meGenerickdz05/05/2022verifiedHigh
212.167.151.118Generickdz05/05/2022verifiedHigh
323.12.144.134a23-12-144-134.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
423.12.144.141a23-12-144-141.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
523.207.202.8a23-207-202-8.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
623.207.202.25a23-207-202-25.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
723.207.202.50a23-207-202-50.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
823.207.202.61a23-207-202-61.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
923.221.227.169a23-221-227-169.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
1023.221.227.172a23-221-227-172.deploy.static.akamaitechnologies.comGenerickdz10/02/2023verifiedHigh
1137.1.193.431.1.1.1Generickdz05/05/2022verifiedHigh
1240.112.72.205Generickdz05/05/2022verifiedHigh
1343.230.143.219Generickdz04/08/2022verifiedHigh
1443.231.4.7Generickdz05/05/2022verifiedHigh
15XX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
16XX.XXX.XX.XXxxxxxxxx.xx-xx-xxx-xx.xxXxxxxxxxxx05/04/2022verifiedHigh
17XX.X.XXX.XXxxx-xx-x-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedMedium
18XX.XX.X.XXXXxxxxxxxxx05/05/2022verifiedHigh
19XX.XX.XX.XXXxxxxxxxxx04/12/2022verifiedHigh
20XX.XXX.XXX.XXxx-xx-xxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
21XX.XXX.XXX.XXXXxxxxxxxxx05/04/2022verifiedHigh
22XX.XX.XXX.XXxxxxx.xxxxxxx.xxXxxxxxxxxx04/08/2022verifiedHigh
23XX.XXX.XXX.XXXxxxxxxxxx05/05/2022verifiedHigh
24XX.XXX.XX.XXXXxxxxxxxxx04/12/2022verifiedHigh
25XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
26XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
27XX.XXX.XX.XXXxxx.xxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
28XX.XXX.XX.XXxx.xxxxx.xxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
29XX.XX.XX.XXxxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx05/05/2022verifiedHigh
30XX.XXX.XXX.XXxxxxxxxx.xxxxx.xxx.xxXxxxxxxxxx04/08/2022verifiedHigh
31XX.XXX.XX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
32XX.XXX.XXX.XXXxxxxxxx.xxxxxxxxx.xxXxxxxxxxxx04/08/2022verifiedHigh
33XX.XXX.XXX.XXXXxxxxxxxxx04/08/2022verifiedHigh
34XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
35XXX.XX.XX.XXXXxxxxxxxxx05/05/2022verifiedHigh
36XXX.XX.XXX.XXXxxxxxxxxx05/05/2022verifiedHigh
37XXX.XX.XXX.XXXxxxxxxxxx05/05/2022verifiedHigh
38XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
39XXX.XX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
40XXX.XXX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
41XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedHigh
42XXX.XXX.XXX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedHigh
43XXX.XX.XXX.XXXXxxxxxxxxx04/08/2022verifiedHigh
44XXX.X.XXX.XXXXxxxxxxxxx05/05/2022verifiedHigh
45XXX.X.XXX.XXXxxxxxxxxx04/08/2022verifiedHigh
46XXX.XXX.XX.XXXxxxxxxxxx05/05/2022verifiedHigh
47XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
48XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxx05/05/2022verifiedHigh
49XXX.XXX.XX.XXxxxxxxxxx-xx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
50XXX.XXX.XX.XXXxxxxxxxxx-xxx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
51XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
52XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
53XXX.XXX.XXX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
54XXX.XXX.XX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
55XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
56XXX.XXX.XX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
57XXX.XX.XXX.XXxxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
58XXX.XX.XX.XXXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
59XXX.XXX.XXX.XXXxxxxxxxxx05/05/2022verifiedHigh
60XXX.XX.XX.XXXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxx04/08/2022verifiedHigh
61XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedHigh
62XXX.X.XX.XXXxxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxxxx10/02/2023verifiedHigh
63XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
64XXX.XX.XXX.XXXXxxxxxxxxx05/05/2022verifiedHigh
65XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
66XXX.XX.XXX.Xxx-xxx.xxxXxxxxxxxxx05/04/2022verifiedHigh
67XXX.XXX.XX.XXXxxxxxxxxx05/04/2022verifiedHigh
68XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
69XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxx05/05/2022verifiedHigh
70XXX.XXX.XXX.XXXXxxxxxxxxx05/05/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCAPEC-108CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-50CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/departments/view_department.phppredictiveHigh
2File/auxpredictiveLow
3File/cgi-bin/cstecgi.cgipredictiveHigh
4File/etc/sudoerspredictiveMedium
5File/items/view_item.phppredictiveHigh
6File/pages/processlogin.phppredictiveHigh
7File/uncpath/predictiveMedium
8File/way4acs/enrollpredictiveHigh
9Fileadmin/conf_users_edit.phppredictiveHigh
10Filexxxxxxxxxxxx.xxxpredictiveHigh
11Filexxx.xxxpredictiveLow
12Filexxxxxxxx.xxxpredictiveMedium
13Filexxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
15Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxx.xxxpredictiveMedium
17Filexxxx.xxxpredictiveMedium
18Filexxxxxxxxxxx/xxxxx.xxxpredictiveHigh
19Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxxx.xxxpredictiveHigh
22Filexxxxx.xxxxpredictiveMedium
23Filexxxxx.xxxpredictiveMedium
24Filexxxxx.xxx?x=/xxxx/xxxxxxxxpredictiveHigh
25Filexxxxx/xxxxxxxx.xpredictiveHigh
26Filexxxxxxxxx.xxpredictiveMedium
27Filexxxxx.xxxpredictiveMedium
28Filexxxx.xxxpredictiveMedium
29Filexxxx_xxxx.xxxpredictiveHigh
30Filexxx.xxpredictiveLow
31Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
32Filexxxx_xxxxxxxxx.xxxpredictiveHigh
33Filexxxx-xxxxxx.xpredictiveHigh
34Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxxxx.xxxpredictiveHigh
36Filexxxxxx.xxxpredictiveMedium
37Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
38Filexxxx.xxxpredictiveMedium
39Filexxxxxxxx.xxxpredictiveMedium
40Filexx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxxpredictiveHigh
41Filexxxxxx.xxxpredictiveMedium
42File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
43Argument-x/-xpredictiveLow
44ArgumentxxxpredictiveLow
45ArgumentxxxxxxxxpredictiveMedium
46ArgumentxxxxxpredictiveLow
47Argumentxxx_xxpredictiveLow
48Argumentxx_xxpredictiveLow
49ArgumentxxxxpredictiveLow
50Argumentxxxx_xxxxxxpredictiveMedium
51ArgumentxxxxxpredictiveLow
52ArgumentxxxxxxxxpredictiveMedium
53Argumentxxxx_xxxxxxxx_xxxxpredictiveHigh
54Argumentxxxx_xxxxpredictiveMedium
55ArgumentxxpredictiveLow
56Argumentxxxxxxx_xxxpredictiveMedium
57Argumentxxxx_xxpredictiveLow
58ArgumentxxxxpredictiveLow
59ArgumentxxxxxpredictiveLow
60ArgumentxxxxxpredictiveLow
61ArgumentxxxxxxxxpredictiveMedium
62ArgumentxxxpredictiveLow
63ArgumentxxxpredictiveLow
64ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
65ArgumentxxxpredictiveLow
66ArgumentxxxxpredictiveLow
67Input Value.%xx.../.%xx.../predictiveHigh
68Input Valuexxxx://xxx.xxxxxxx.xxx/xxxxxxxx.xxx?xxxxxxxxxxx=xxxpredictiveHigh

References (8)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!