Satellite Service Providers Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (225)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en174
zh38
es6
de4
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

la214
us4
il4
my2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike12
Ave Maria8
AsyncRAT6
RedLine Stealer5
Remcos4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined96
Content Management System12
WordPress Plugin10
Operating System8
Groupware Software8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined96
Microsoft16
Sophos6
Atlassian4
HPE4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows6
Moodle6
Microsoft Exchange Server6
Microsoft Office4
CodeIgniter4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010758.47CVE-2006-6168
2Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009362.07CVE-2020-15906
3Drupal Sanitization API cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000560.02CVE-2020-13672
4LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.13
5LiteSpeed Cache Plugin Shortcode cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000510.03CVE-2023-4372
6WebTitan Appliance Extensions Persistent cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000000.00
7ipTIME NAS-I Bulletin Manage unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.009880.05CVE-2020-7847
8request-baskets API Request {name} server-side request forgery6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.081090.04CVE-2023-27163
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.68CVE-2010-0966
10PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.019600.04CVE-2007-1287
11nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.96CVE-2020-12440
12Microsoft Windows Scripting Engine Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.330480.00CVE-2021-34480
13DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd resource injection4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.002050.07CVE-2022-41479
14Basilix Webmail login.php3 command injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.07
15JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.004890.00CVE-2010-5048
16Microsoft Office Remote Code Execution7.06.1$5k-$25k$0-$5kUnprovenOfficial Fix0.001820.00CVE-2023-21735
17Alt-N MDaemon Worldclient injection4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000900.04CVE-2021-27182
18CouchCMS mysql2i.func.php Path information disclosure3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.002410.02CVE-2019-1010042
19SunHater KCFinder upload.php cross site scripting5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.001310.04CVE-2019-14315
20Esri ArcGIS Server sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001230.05CVE-2021-29114

IOC - Indicator of Compromise (45)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.145.149.142ip-5-145-149-142.hosts.businesscomnetworks.comSatellite Service Providers01/17/2023verifiedHigh
257.72.6.0Satellite Service Providers01/17/2023verifiedHigh
362.56.206.0Satellite Service Providers01/17/2023verifiedHigh
462.128.160.0Satellite Service Providers01/17/2023verifiedHigh
562.128.167.0Satellite Service Providers01/17/2023verifiedHigh
662.145.35.0Satellite Service Providers01/17/2023verifiedHigh
777.220.0.0Satellite Service Providers01/17/2023verifiedHigh
878.41.29.0Satellite Service Providers01/17/2023verifiedHigh
978.41.227.0static-0.227.41.78.in-addr.arpaSatellite Service Providers01/17/2023verifiedHigh
10XX.XX.XX.XXXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
11XX.XX.XX.XXXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
12XX.XX.XX.XXXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
13XX.XX.XX.XXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
14XX.XX.XX.XXXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
15XX.XX.XX.XXXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
16XX.XXX.X.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
17XX.XXX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
18XX.XXX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
19XX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
20XX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
21XX.XXX.XXX.Xxx-xxx-xxx-x.xxxxxxxx.xxxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
22XX.XX.XXX.XXXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
23XX.XX.XXX.XXxxx-xxx.xxxxxxx.xxxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
24XXX.XX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
25XXX.XX.XXX.Xxxxxxxx.xxxxx.xxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
26XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
27XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
28XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
29XXX.XX.XXX.XXxxxxxxxxx.xxxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
30XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
31XXX.XX.XXX.XXXxxxx.xxxxxxxx.xxxXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
32XXX.XX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
33XXX.XX.X.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
34XXX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
35XXX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
36XXX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
37XXX.XXX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
38XXX.XXX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
39XXX.XXX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
40XXX.XXX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
41XXX.XXX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
42XXX.XXX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
43XXX.XXX.XXX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
44XXX.XX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh
45XXX.XXX.XX.XXxxxxxxxx Xxxxxxx Xxxxxxxxx01/17/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-24Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-112CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-112CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
19TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/dl_sendmail.phppredictiveHigh
2File/adminPage/conf/reloadpredictiveHigh
3File/api/baskets/{name}predictiveHigh
4File/api/v2/cli/commandspredictiveHigh
5File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveHigh
6File/DXR.axdpredictiveMedium
7File/forum/away.phppredictiveHigh
8File/mfsNotice/pagepredictiveHigh
9File/novel/bookSetting/listpredictiveHigh
10File/novel/userFeedback/listpredictiveHigh
11File/owa/auth/logon.aspxpredictiveHigh
12File/spip.phppredictiveMedium
13File/x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3predictiveHigh
14File/zm/index.phppredictiveHigh
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
17Filexxxxx/xxxx-xxxxxxx/xxxxxxxxxxxpredictiveHigh
18Filexxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
19Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
20Filexxxx.xxxpredictiveMedium
21Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveHigh
22Filexxxx_xxxxxxx.xxxpredictiveHigh
23Filexxxxx.xxxpredictiveMedium
24Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveHigh
25Filexxxxx-xxxxxxx.xxxpredictiveHigh
26Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
27Filexxxxxxxxxx\xxxx.xxxpredictiveHigh
28Filexxxxxxxxxxx.xxxpredictiveHigh
29Filexxxx-xxxxxx.xxxpredictiveHigh
30Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
31Filexxxx.xxxpredictiveMedium
32Filexxxxx_xxxx.xxxpredictiveHigh
33Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
34Filexxx/xxxxxx.xxxpredictiveHigh
35Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
36Filexxxxx.xxxxpredictiveMedium
37Filexxxxx.xxxpredictiveMedium
38Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
39Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
40Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
41Filexxxx_xxxxxxx.xxxpredictiveHigh
42Filexxxxx.xxxxpredictiveMedium
43Filexxxxx.xxxpredictiveMedium
44Filexxxx.xxxxpredictiveMedium
45Filexx_xxxx.xpredictiveMedium
46Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveHigh
47Filexxxxxxx_xxxx.xxxpredictiveHigh
48Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
49Filexxxxxxx.xxxpredictiveMedium
50Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
51Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
52Filexxxx_xxxxx.xxxxpredictiveHigh
53Filexxxxxxxxxx_xxxx.xxxpredictiveHigh
54Filexxx/xxxx/xxxxpredictiveHigh
55Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
56Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
58Filexxxx_xxxxxx.xxpredictiveHigh
59Filexxxx-xxxxx.xxxpredictiveHigh
60Filexxxx-xxxxxxxx.xxxpredictiveHigh
61Filexxxxxx_xxxxx.xxxpredictiveHigh
62Filexxxxxx.xxxpredictiveMedium
63Filexxxxxxx-xxxxx.xxxpredictiveHigh
64Filexxxx_xxxxx.xxxpredictiveHigh
65Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
66Filexxxx.xxxpredictiveMedium
67Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
68Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
69Filexxxx.xxxpredictiveMedium
70File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
71File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
72Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveHigh
73Argumentxxx_xxxpredictiveLow
74ArgumentxxxxpredictiveLow
75ArgumentxxxxxxxxxpredictiveMedium
76ArgumentxxxxxxxxpredictiveMedium
77Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveHigh
78Argumentxxxxx_xxxxpredictiveMedium
79Argumentxxxx_xxx_xxxxpredictiveHigh
80ArgumentxxxxxxxxxxpredictiveMedium
81ArgumentxxxpredictiveLow
82ArgumentxxxxxxxxxxxxxxxpredictiveHigh
83ArgumentxxxxpredictiveLow
84Argumentxxxxxxxxx_xxxxxxpredictiveHigh
85ArgumentxxxxxxxxxpredictiveMedium
86Argumentxx_xxxxxxxpredictiveMedium
87ArgumentxxxxpredictiveLow
88ArgumentxxxxxxxxpredictiveMedium
89ArgumentxxxxxpredictiveLow
90Argumentxxxxxx_xxxxxpredictiveMedium
91Argumentxx_xxpredictiveLow
92Argumentxxxxxxx[xxxxxxx]predictiveHigh
93ArgumentxxxxxxxpredictiveLow
94ArgumentxxxxxxpredictiveLow
95ArgumentxxxxxpredictiveLow
96ArgumentxxpredictiveLow
97ArgumentxxxpredictiveLow
98ArgumentxxxxpredictiveLow
99ArgumentxxxxpredictiveLow
100Argumentxxx xxxxxxxx/xxxxxxx xxxxxxxxpredictiveHigh
101ArgumentxxxxxxxxpredictiveMedium
102Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
103ArgumentxxxxxxxpredictiveLow
104ArgumentxxxxpredictiveLow
105Argumentxxxxxx_xxxxxxpredictiveHigh
106Argumentxxxxxxxx_xxpredictiveMedium
107Argumentxxxxxx_xxxxxpredictiveMedium
108Argumentxxxx_xxxxpredictiveMedium
109ArgumentxxxxpredictiveLow
110Argumentxxxxxxxx/xxxxxxpredictiveHigh
111ArgumentxxxxxxpredictiveLow
112ArgumentxxxxxxxpredictiveLow
113ArgumentxxxpredictiveLow
114ArgumentxxxxxpredictiveLow
115ArgumentxxxpredictiveLow
116ArgumentxxxxxxxxpredictiveMedium
117Argument_xxx_xxxxxxxxxxx_predictiveHigh
118Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
119Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
120Pattern|xx xx xx xx|predictiveHigh
121Network PortxxxxxpredictiveLow
122Network Portxxx/xxxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!