SJ Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (18)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

no18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined4
Document Reader Software2
Unified Communication Software2
Web Server2
Content Management System2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Apache4
Adobe2
Siemens2
Cisco2
Not Defined2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Adobe Acrobat Reader2
Siemens SICAM A8000 CP-80002
Siemens SICAM A8000 CP-802X2
Siemens SICAM A8000 CP-80502
Cisco Expressway2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Adobe Acrobat Reader out-of-bounds write7.06.9$5k-$25k$5k-$25kHighOfficial Fix0.023750.04CVE-2023-26369
2Siemens SIMATIC Drive Controller Service Port 102 operation after expiration4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000950.03CVE-2021-37185
3SourceCodester Online Job Portal EditProfile.php cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-1972
4Kaseya Unitrends Backup Appliance bpserverd Daemon input validation9.39.1$0-$5k$0-$5kNot DefinedOfficial Fix0.035340.00CVE-2021-43033
5Kaseya Unitrends Backup Appliance sql injection9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.014770.00CVE-2021-43035
6Cisco Expressway/TelePresence Video Communication Server input validation9.29.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000500.03CVE-2023-20105
7WordPress Password Reset Link operation after expiration5.95.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.007980.00CVE-2020-11027
8Apache HTTP Server mod_sed out-of-bounds write7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.120150.00CVE-2022-23943
9Apache HTTP Server ap_strcmp_match integer overflow7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.014750.00CVE-2022-28615
10Barco ClickShare CSC-1/ClickShare CSM-1 Firmware Update information disclosure9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.007790.02CVE-2016-3152
11Apache Knox SSO Request Parameter redirect5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.001950.00CVE-2021-42357
12Python ipaddress Library input validation8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.008000.00CVE-2021-29921
13SAP Web Dispatcher/Internet Communication Manager HTTP Header request smuggling6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000540.05CVE-2021-33683
14Siemens SICAM A8000 CP-8050 Web Server input validation6.46.3$5k-$25k$0-$5kNot DefinedWorkaround0.002150.04CVE-2018-13798

IOC - Indicator of Compromise (59)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1128.39.46.116SJ Unknown05/26/2023verifiedHigh
2128.39.47.90longyear-gw4.uninett.noSJ Unknown05/26/2023verifiedHigh
3128.39.47.152SJ Unknown05/26/2023verifiedHigh
4128.39.65.236SJ Unknown05/26/2023verifiedHigh
5128.39.70.80SJ Unknown05/26/2023verifiedHigh
6128.39.70.200tullin-gw1.uninett.noSJ Unknown05/26/2023verifiedHigh
7128.39.90.0SJ Unknown05/26/2023verifiedHigh
8128.39.90.240SJ Unknown05/26/2023verifiedHigh
9128.39.103.69svalA-gsw.infra.uit.noSJ Unknown05/26/2023verifiedHigh
10128.39.103.70svalE-gsw.infra.uit.noSJ Unknown05/26/2023verifiedHigh
11128.39.230.62longyear-gw4.uninett.noSJ Unknown05/26/2023verifiedHigh
12128.39.230.64svalsat-gw1.uninett.noSJ Unknown05/26/2023verifiedHigh
13XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
14XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
15XXX.XX.XXX.XXxxxxxxx-xxx.xxxxxxx.xxXx Xxxxxxx05/26/2023verifiedHigh
16XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
17XXX.XX.XXX.Xxxxxxxxxx-xx.xxxxxxx.xxXx Xxxxxxx05/26/2023verifiedHigh
18XXX.XX.XXX.XXxxxxxxx-xx.xxxxxxx.xxXx Xxxxxxx05/26/2023verifiedHigh
19XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
20XXX.XX.X.XXxxxxxxxx-xxx.xxxxxxx.xxXx Xxxxxxx05/26/2023verifiedHigh
21XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
22XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
23XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
24XXX.XX.X.XXXxxx.xxxxxxx.xxxXx Xxxxxxx05/26/2023verifiedHigh
25XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
26XXX.XX.X.XXXx Xxxxxxx05/26/2023verifiedHigh
27XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
28XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
29XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
30XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
31XXX.XX.XX.XXXx Xxxxxxx05/26/2023verifiedHigh
32XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
33XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
34XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
35XXX.XX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
36XXX.XX.XXX.XXx Xxxxxxx05/26/2023verifiedHigh
37XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
38XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
39XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
40XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
41XXX.XX.XXX.XXx Xxxxxxx05/26/2023verifiedHigh
42XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
43XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
44XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
45XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
46XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
47XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
48XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
49XXX.XX.XXX.XXXx Xxxxxxx05/26/2023verifiedHigh
50XXX.XX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
51XXX.XX.XXX.XXx Xxxxxxx05/26/2023verifiedHigh
52XXX.XX.XXX.XXx Xxxxxxx05/26/2023verifiedHigh
53XXX.XX.XXX.XXx Xxxxxxx05/26/2023verifiedHigh
54XXX.XXX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
55XXX.XXX.XX.XXx Xxxxxxx05/26/2023verifiedHigh
56XXX.XXX.XX.XXXx Xxxxxxx05/26/2023verifiedHigh
57XXX.XXX.XX.Xxxxxxxx.xxx-xxxxxxxx.xxXx Xxxxxxx05/26/2023verifiedHigh
58XXX.XXX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh
59XXX.XXX.XXX.XXXXx Xxxxxxx05/26/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHigh
2TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
3TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (3)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/Employer/EditProfile.phppredictiveHigh
2ArgumentxxxxxxxpredictiveLow
3Argumentxxxxxxxx-xxxxxxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!