Roboto Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (60)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	42
ru	16
es	2

Country

ru	28
us	28
es	2
de	2

Actors

Roboto	4

Activities

Interest

Timeline

Type

Not Defined	32
WordPress Plugin	6
Web Server	2
Content Management System	2
Programming Language Software	2

Vendor

Not Defined	30
Microsoft	4
SourceCodester	4
Apache	2
isoftforce	2

Product

SourceCodester Online Tours & Travels Management S ...	4
Apache HTTP Server	2
isoftforce Dreamer CMS	2
tholum crm42	2
Gazelle	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Grafana authentication spoofing	8.8	8.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00100	0.05	CVE-2023-3128
2	GPAC SVG Parser svg_attributes.c svg_parse_preserveaspectratio memory leak	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00192	0.05	CVE-2022-3957
3	Rocket.Chat Server NoSQL sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.94751	0.02	CVE-2021-22911
4	PHP Serialization spl_observer.c memory corruption	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00475	0.00	CVE-2016-7480
5	Host Discard Service privileges management	7.3	7.1	$0-$5k	$0-$5k	High	Workaround	0.01500	0.03	CVE-1999-0636
6	Grafana Dashboard access control	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00044	0.05	CVE-2023-2801
7	XoruX LPAR2RRD/STOR2RRD hard-coded credentials	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00262	0.00	CVE-2021-42371
8	Microsoft Windows Privilege Escalation	8.1	7.7	$25k-$100k	$5k-$25k	High	Official Fix	0.00054	0.05	CVE-2023-36802
9	7-zip SquashFS File Parser out-of-bounds write	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.04	CVE-2023-40481
10	Keycloak cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00173	0.04	CVE-2021-20323
11	Directum HTTP Header cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00084	0.00	CVE-2021-31794
12	Grafana cross-site request forgery	4.9	4.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00361	0.00	CVE-2022-21703
13	SourceCodester Online Tours & Travels Management System s.php sql injection	7.1	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00126	0.09	CVE-2023-0561
14	SourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injection	5.5	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00282	0.03	CVE-2023-0516
15	SourceCodester Online Tours & Travels Management System approve_user.php sql injection	6.4	6.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00148	0.06	CVE-2023-0530
16	isoftforce Dreamer CMS cross site scripting	4.1	4.0	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00078	0.04	CVE-2023-0513
17	sternenseemann sternenblog main.c blog_index file inclusion	6.6	6.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00152	0.17	CVE-2014-125059
18	cronvel terminal-kit redos	4.8	4.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00117	0.03	CVE-2021-4306
19	pig-vector LogisticRegression.java LogisticRegression temp file	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00076	0.04	CVE-2022-4641
20	roxlukas LMeve Login Page sql injection	7.5	7.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00152	0.03	CVE-2021-4246

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	1.125.125.5		Roboto	11/26/2019	verified	High
2	51.38.200.230	ip230.ip-51-38-200.eu	Roboto	11/26/2019	verified	High
3	XX.XXX.XXX.XX	xxx-xxxxxxx-xxxxx.xxxxxx.xxxxxxxxx.xxx	Xxxxxx	11/26/2019	verified	High
4	XX.XXX.XX.XX	xxxx.xxxx.xx	Xxxxxx	11/26/2019	verified	High
5	XX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	11/26/2019	verified	High
6	XXX.XXX.XX.XX	xxxxxxxxxx.xxx.xxxxxxx.xxx	Xxxxxx	11/26/2019	verified	High
7	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	11/26/2019	verified	High
8	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxx.xxxxxxx.xxx-xxxx.xx	Xxxxxx	11/26/2019	verified	High
9	XXX.XXX.XXX.XXX		Xxxxxx	11/26/2019	verified	High
10	XXX.XXX.XX.X		Xxxxxx	11/26/2019	verified	High

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
2	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	High
3	T1068	CAPEC-122	CWE-264, CWE-269, CWE-284	Execution with Unnecessary Privileges	predictive	High
4	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	High
5	TXXXX	CAPEC-108	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
6	TXXXX.XXX	CAPEC-492	CWE-XXXX	Xxxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxxx	predictive	High
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
8	TXXXX.XXX	CAPEC-133	CWE-XXX	Xxxxxxxx	predictive	High
9	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
10	TXXXX	CAPEC-20	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
11	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (41)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	.htaccess	predictive	Medium
2	File	/Admin/createClass.php	predictive	High
3	File	/balance/service/list	predictive	High
4	File	/debug/pprof	predictive	Medium
5	File	/user/s.php	predictive	Medium
6	File	admin/?page=system_info	predictive	High
7	File	xxxxx/xxxxxxx_xxxx.xxx	predictive	High
8	File	xxxxxxxxxxxxxxxxxxxxx.xxx	predictive	High
9	File	xxx-xxxxxxx.xxx	predictive	High
10	File	xxxxx\xxxxx\xxxxx.xxxx.xxx	predictive	High
11	File	xxx/xxx/xxx_xxxxxxxx.x	predictive	High
12	File	xxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxxxxxx/xxxxxxxx_xxxxxxxxx.xxx	predictive	High
13	File	xxxxxx/xxxxxxxxx?xx=xxx_xxx.xxx	predictive	High
14	File	xxx/xxxxx/xxxxxxxx/xxxx/xxxxxxx_xxxxxxxxx.xx	predictive	High
15	File	xxxx.x	predictive	Low
16	File	xxxx/xxxx.x	predictive	Medium
17	File	xxxxxxxxxx/xxx_xxxxxxxxxx.x	predictive	High
18	File	xxxxxxxx.xxxx?xxxx=xxxxx	predictive	High
19	File	xxxxx/xxxxxx/xxxx/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxx	predictive	High
20	File	xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxx/xxx/xxxxxxxxxxxxxxxxxx.xxxx	predictive	High
21	File	xxx/xxxxxxx/xxxxxxxxxxxxx.xxx	predictive	High
22	File	xxx/xxxxx/xxxxxxxx.x	predictive	High
23	File	xxxx/xxxxxx_xxxxxxxx.xxx	predictive	High
24	File	~/xxxxx/xxxxxxx.xxx	predictive	High
25	Argument	xxx	predictive	Low
26	Argument	xxxxxxxx/xxxxxx	predictive	High
27	Argument	xxxxx	predictive	Low
28	Argument	xxxxxxxx	predictive	Medium
29	Argument	xxxxx	predictive	Low
30	Argument	xxxx	predictive	Low
31	Argument	xx	predictive	Low
32	Argument	xx	predictive	Low
33	Argument	xxxxxxxx	predictive	Medium
34	Argument	xxxxxxxx	predictive	Medium
35	Argument	xxxx_xxxx	predictive	Medium
36	Argument	xxxxxxx xxxxx	predictive	High
37	Argument	xxxxx/xxxxxxx	predictive	High
38	Argument	xxxxxxxx/xxxx	predictive	High
39	Argument	xxxx-xxxxx	predictive	Medium
40	Argument	xxxx_xxxx	predictive	Medium
41	Argument	x-xxxxxxxxx-xxx	predictive	High

References (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!