Northern Mariana Islands Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us18
cn2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined8
Operating System4
File Transfer Software2
Unified Communication Software2
Photo Gallery Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined4
Microsoft4
Cisco2
PhotoPost2
Xerox2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows4
FTP Server2
Cisco Packaged Contact Center Enterprise2
Cisco Unified Communications Manager2
Cisco Unified Communications Manager IM & Presence ...2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1PhotoPost PhotoPost vBGallery File Upload upload.php input validation6.35.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.005460.06CVE-2008-7088
2Host FTP Server Anonymous improper authentication5.35.2$0-$5k$0-$5kHighWorkaround0.198740.04CVE-1999-0497
3Dropbear SSH input validation8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.029110.12CVE-2016-7406
4Cisco Packaged Contact Center Enterprise deserialization9.99.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.001620.04CVE-2024-20253
5fredsmith utils Filename screenshot_sync predictable state3.53.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.07CVE-2021-4277
6Xerox AltaLink C8070 Scan to Mailbox denial of service6.86.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001030.00CVE-2021-28670
7D-Link DSL-2641R cross site scripting4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001680.00CVE-2013-6786
8apk Package APKINDEX.tar.gz memory corruption7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.024130.00CVE-2017-9669
9Microsoft Windows Multimedia Library winmm.dll memory corruption10.09.5$100k and more$0-$5kHighOfficial Fix0.972810.00CVE-2012-0003
10FTP Server Port Bounce privileges management7.37.1$0-$5k$0-$5kHighWorkaround0.016530.00CVE-1999-0017
11Microsoft Windows FTP Service denial of service5.35.2$25k-$100k$0-$5kNot DefinedWorkaround0.000000.02
12Linux Kernel USB Device atusb.c use after free4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000990.00CVE-2019-19525
13OctoPrint Service Port 8081 information disclosure8.28.1$0-$5k$0-$5kNot DefinedWorkaround0.003490.02CVE-2018-16710
14Dan Bernstein Qmail RCPT denial of service4.03.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000800.00CVE-1999-0144
15Verizon Fios Actiontec Mi424wr-gen31 Router Administration index.cgi cross-site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.003480.01CVE-2013-0126
16BigTree CMS sql injection7.37.3$0-$5k$0-$5kHighOfficial Fix0.004300.04CVE-2013-4879
17EMC VPLEX GeoSynchrony access control7.17.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000870.00CVE-2015-6850

IOC - Indicator of Compromise (50)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
18.3.112.0Northern Mariana Islands Unknown01/06/2023verifiedHigh
28.3.120.0Northern Mariana Islands Unknown01/06/2023verifiedHigh
38.3.123.48Northern Mariana Islands Unknown01/06/2023verifiedHigh
48.3.123.164Northern Mariana Islands Unknown01/06/2023verifiedHigh
58.3.123.224Northern Mariana Islands Unknown01/06/2023verifiedHigh
68.3.125.0Northern Mariana Islands Unknown01/06/2023verifiedHigh
78.3.126.0Northern Mariana Islands Unknown01/06/2023verifiedHigh
88.3.127.0Northern Mariana Islands Unknown03/07/2023verifiedHigh
943.247.60.0Northern Mariana Islands Unknown01/06/2023verifiedHigh
1045.12.70.150upper-a8993.alltieinc.comNorthern Mariana Islands Unknown01/06/2023verifiedHigh
11XX.XX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
12XX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
13XX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
14XX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
15XX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
16XX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
17XX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
18XXX.XX.XXX.Xxxx-xx-xxx-x.xxxxxxx.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
19XXX.XX.XXX.Xxxx-xx-xxx-x.xxxxxxx.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
20XXX.X.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
21XXX.X.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
22XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
23XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
24XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
25XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
26XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
27XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
28XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
29XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
30XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
31XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
32XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
33XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
34XXX.XX.XXX.XXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
35XXX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
36XXX.XX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
37XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
38XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
39XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
40XXX.XX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
41XXX.XX.XXX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
42XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
43XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
44XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
45XXX.XXX.XXX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
46XXX.XXX.X.Xxxx.xxx.x.x.xxxx.xxxXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
47XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh
48XXX.XXX.XX.XXXXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
49XXX.XXX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx05/24/2023verifiedHigh
50XXX.XX.XX.XXxxxxxxx Xxxxxxx Xxxxxxx Xxxxxxx01/06/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1FileAPKINDEX.tar.gzpredictiveHigh
2Filedrivers/net/ieee802154/atusb.cpredictiveHigh
3Filexxxxx.xxxpredictiveMedium
4Filexxxxxxxxxx_xxxxpredictiveHigh
5Filexxxxxx.xxxpredictiveMedium
6Libraryxxxxx.xxxpredictiveMedium
7Argumentxxxxxxxx/xxxxpredictiveHigh
8Network Portxxx/xx (xxx)predictiveMedium
9Network Portxxx/xxxxpredictiveMedium

References (4)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!