Timor-Leste Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (27)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en24
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us20
id4
tl2
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined14
Web Browser2
Anti-Malware Software2
Groupware Software2
Forum Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined6
DZCP4
Mozilla2
Trend Micro2
Microsoft2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Mozilla Firefox2
Trend Micro Antivirus 20212
DZCP Witze Addon2
DZCP deV!L`z Clanportal2
Arvados2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft IIS WebDav memory corruption5.65.2$25k-$100k$0-$5kHighOfficial Fix0.974180.04CVE-2003-0109
2LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.23
3YaBB yabb.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.012400.04CVE-2004-2402
4Benjamin Arnaudetr Ginkgocms index.php sql injection7.37.3$0-$5k$0-$5kHighNot Defined0.001320.00CVE-2013-5318
5Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.23CVE-2017-0055
6Apache HTTP Server mod_proxy_uwsgi request smuggling6.96.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.018980.07CVE-2023-27522
7Apache HTTP Server mod_proxy request smuggling7.47.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.007390.12CVE-2023-25690
8Apache HTTP Server Limit Directive ap_limit_section use after free6.46.3$5k-$25k$0-$5kHighOfficial Fix0.972400.03CVE-2017-9798
9Aruba Networks ArubaOS Command Line Interface denial of service5.15.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000730.00CVE-2022-37910
10Arvados PAM improper authentication6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.00CVE-2022-39238
11Apple macOS wifivelocityd default permission8.28.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.001480.00CVE-2020-3838
12Trend Micro Antivirus 2021 access control8.38.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000450.05CVE-2021-43771
13Backdoor.Win32.Wollf.h Service Port 7300 hard-coded credentials9.88.6$0-$5k$0-$5kProof-of-ConceptWorkaround0.000000.00
14Microsoft Exchange Server ProxyShell unknown vulnerability9.48.6$25k-$100k$5k-$25kHighOfficial Fix0.844310.00CVE-2021-34523
15Microsoft Excel MergeCells Record Heap access control4.43.9$5k-$25k$0-$5kUnprovenOfficial Fix0.945530.00CVE-2012-0185
16ZTE ZXDT22 SF01 path traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.003200.00CVE-2017-10933
17Apache OpenMeetings Password Reset sendHashByUser information disclosure7.57.1$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002230.03CVE-2016-0783
18Host Web Server phpinfo.php phpinfo information disclosure5.35.2$5k-$25k$0-$5kNot DefinedWorkaround0.000000.04
19IBM Tivoli Endpoint Manager HTTPOnly Flag Cookie Handling information disclosure7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.003050.00CVE-2012-1837
20Apple Mac OS X Server input validation6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2010-1821

IOC - Indicator of Compromise (20)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
114.137.33.0Timor-Leste Unknown03/21/2023verifiedHigh
243.254.56.0Timor-Leste Unknown03/21/2023verifiedHigh
345.115.72.0Timor-Leste Unknown03/21/2023verifiedHigh
459.153.132.0Timor-Leste Unknown03/21/2023verifiedHigh
5XXX.XX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
6XXX.XX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
7XXX.XX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
8XXX.XX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
9XXX.XX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
10XXX.XXX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
11XXX.XXX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
12XXX.XXX.XXX.Xxx-xxx-x.xxxxxxxxx.xxXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
13XXX.XXX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
14XXX.XXX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
15XXX.XXX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
16XXX.XXX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
17XXX.XXX.XX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
18XXX.XXX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
19XXX.XX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh
20XXX.XX.XXX.XXxxxx-xxxxx Xxxxxxx03/21/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
3TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-19CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-1CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
9TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/uncpath/predictiveMedium
3Filefetchsettings.phppredictiveHigh
4Filexxx/xxxxxx.xxxpredictiveHigh
5Filexxxxx.xxxpredictiveMedium
6Filexxxxx/xxxxx.xxxpredictiveHigh
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxx.xxpredictiveLow
9ArgumentxxxxxxxxpredictiveMedium
10ArgumentxxxxxpredictiveLow
11ArgumentxxxxxxxxxxxpredictiveMedium
12ArgumentxxpredictiveLow
13ArgumentxxxxpredictiveLow
14ArgumentxxxxxxxxxxpredictiveMedium
15ArgumentxxxxxxpredictiveLow
16Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxx+xxxxxx+x,x,xxxx,xxx,x,x+xxxx+xxx_xxxxx+xxxxx+xx=x--+predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!