ERMAC Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en122
zh102
ar102
pl84
sv84

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ar102
pl84
sv84
ru78
it74

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Dark Caracal2
Balada1
APT291
Qakbot1
Satellite Service Providers1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined64
WordPress Plugin36
Operating System10
E-Commerce Management Software10
Content Management System6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined58
Tenda14
Apache6
SourceCodester4
Kashipara4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

MailCleaner6
FreeBSD4
Apache HTTP Server4
Tenda W15E4
Tenda i214

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Apryse WebViewer PDF Document cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.07CVE-2024-4327
2MailCleaner Email os command injection9.89.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.24CVE-2024-3191
3osCommerce all-products cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000650.04CVE-2024-4348
4MailCleaner Admin Interface cross site scripting5.85.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.34CVE-2024-3192
5SourceCodester Pisay Online E-Learning System controller.php unrestricted upload7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.24CVE-2024-4349
6MailCleaner Admin Endpoints os command injection8.88.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000460.24CVE-2024-3193
7BloomPixel Max Addons Pro for Bricks Plugin authorization6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.000430.08CVE-2024-32951
8Extend Themes Teluro Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33688
9Apache HTTP Server mod_lua Multipart Parser r:parsebody out-of-bounds write8.58.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.088080.03CVE-2021-44790
10Elementor ImageBox Plugin cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.08CVE-2024-3074
11Dell Wyse Proprietary OS Telemetry Dashboard information disclosure4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.04CVE-2024-28963
12Apache Parquet Parquet-MR denial of service3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000860.00CVE-2021-41561
13Foliovision FV Flowplayer Video Player Plugin server-side request forgery5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.04CVE-2024-32955
14Dell Repository Manager API Module improper authorization8.38.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.04CVE-2024-28976
15Jegstudio Financio Plugin cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.03CVE-2024-33690
16ThemeNcode Fan Page Widget by Plugin cross site scripting4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-33695
17Pavex Embed Google Photos Album Plugin server-side request forgery5.65.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.07CVE-2024-32775
18AnnounceKit Plugin cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.04CVE-2024-3023
19Repute Infosystems ARMember Plugin authorization7.87.7$0-$5k$0-$5kNot DefinedNot Defined0.000430.07CVE-2024-32948
20Dell Repository Manager Logger Module improper authorization3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-28977

IOC - Indicator of Compromise (226)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
13.68.135.109ec2-3-68-135-109.eu-central-1.compute.amazonaws.comERMAC02/13/2024verifiedMedium
24.178.96.222ERMAC02/10/2024verifiedHigh
35.42.67.10ERMAC02/06/2024verifiedHigh
45.42.67.89ERMAC02/23/2024verifiedHigh
55.42.92.98.ERMAC01/24/2024verifiedHigh
65.42.92.165benderrdp.ruERMAC02/09/2024verifiedHigh
75.42.199.3ERMAC01/20/2023verifiedHigh
85.42.199.22ERMAC01/20/2023verifiedHigh
95.42.199.91ERMAC01/20/2023verifiedHigh
105.182.87.142showy-push.aeza.networkERMAC01/17/2024verifiedHigh
115.199.162.93ERMAC02/27/2024verifiedHigh
125.199.168.141ERMAC03/24/2024verifiedHigh
135.199.169.206ERMAC02/26/2024verifiedHigh
1418.139.243.205ec2-18-139-243-205.ap-southeast-1.compute.amazonaws.comERMAC02/03/2024verifiedMedium
1518.159.210.80ec2-18-159-210-80.eu-central-1.compute.amazonaws.comERMAC01/25/2024verifiedMedium
1620.0.153.70ERMAC02/27/2024verifiedHigh
1720.55.63.136ERMAC04/07/2024verifiedHigh
1820.65.178.69ERMAC02/28/2024verifiedHigh
1920.77.71.31ERMAC03/04/2024verifiedHigh
2020.82.182.10ERMAC02/28/2024verifiedHigh
2120.108.0.165ERMAC10/11/2023verifiedHigh
2220.121.42.245ERMAC02/26/2024verifiedHigh
2320.151.153.84ERMAC02/08/2024verifiedHigh
2420.166.248.109ERMAC02/26/2024verifiedHigh
2520.199.14.181ERMAC01/24/2024verifiedHigh
2620.210.252.118ERMAC10/11/2023verifiedHigh
2720.241.69.111ERMAC02/09/2024verifiedHigh
2820.249.63.72ERMAC10/11/2023verifiedHigh
2920.251.169.136ERMAC02/28/2024verifiedHigh
3031.41.244.187ERMAC10/11/2023verifiedHigh
3131.129.99.52ERMAC03/22/2024verifiedHigh
3234.16.134.132132.134.16.34.bc.googleusercontent.comERMAC02/19/2024verifiedMedium
3335.90.154.240ec2-35-90-154-240.us-west-2.compute.amazonaws.comERMAC10/11/2023verifiedMedium
3435.91.53.224ec2-35-91-53-224.us-west-2.compute.amazonaws.comERMAC10/11/2023verifiedMedium
3537.60.235.110vmi1631602.contaboserver.netERMAC02/02/2024verifiedHigh
3637.60.245.93vmi1774336.contaboserver.netERMAC04/22/2024verifiedHigh
3737.140.242.93ERMAC02/23/2024verifiedHigh
3838.180.94.161ERMAC01/26/2024verifiedHigh
3938.242.209.185vmi1543263.contaboserver.netERMAC12/15/2023verifiedHigh
4040.119.24.133ERMAC02/26/2024verifiedHigh
4143.129.215.239ERMAC12/15/2023verifiedHigh
4245.15.159.44sore-direction.aeza.networkERMAC02/27/2024verifiedHigh
4345.77.68.12045.77.68.120.vultrusercontent.comERMAC12/15/2023verifiedHigh
4445.88.90.29ERMAC05/04/2024verifiedHigh
4545.88.91.227ERMAC05/13/2024verifiedHigh
4645.93.201.92ERMAC01/20/2023verifiedHigh
47XX.XXX.XX.XXXxxxx03/04/2024verifiedHigh
48XX.XXX.XX.XXXXxxxx01/25/2024verifiedHigh
49XX.XXX.XX.XXXXxxxx04/07/2024verifiedHigh
50XX.XXX.XX.XXXXxxxx01/25/2024verifiedHigh
51XX.XXX.XX.XXXXxxxx04/12/2024verifiedHigh
52XX.XXX.XX.XXXXxxxx01/25/2024verifiedHigh
53XX.XXX.X.XXXXxxxx02/19/2024verifiedHigh
54XX.XXX.XX.XXXxxxx08/04/2022verifiedHigh
55XX.XXX.XXX.XXxxxxxx.xxxxxxxx.xxXxxxx10/11/2023verifiedHigh
56XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxx01/24/2024verifiedHigh
57XX.XX.XXX.Xxx-xx-xxx-x.xxxxx.xxxxXxxxx10/11/2023verifiedHigh
58XX.XXX.XX.XXXXxxxx02/14/2024verifiedHigh
59XX.XXX.XX.XXXxxxx03/22/2024verifiedHigh
60XX.XXX.XX.XXXxxxx10/11/2023verifiedHigh
61XX.XXX.XX.XXXxxxx08/29/2022verifiedHigh
62XX.XXX.XX.XXXXxxxx12/24/2023verifiedHigh
63XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxx10/11/2023verifiedHigh
64XX.XX.XXX.XXXxxxx01/31/2024verifiedHigh
65XX.XXX.X.XXXXxxxx02/14/2024verifiedHigh
66XX.XX.XX.XXxxxxxx-xx.xxxxxxxxx.xxxXxxxx12/15/2023verifiedHigh
67XX.XX.XX.XXXxxxxxx-xx.xxxxx-xxxxx.xxXxxxx01/04/2024verifiedHigh
68XX.XXX.XXX.XXxxxx02/13/2024verifiedHigh
69XX.XXX.XXX.XXXxxxx02/19/2024verifiedHigh
70XX.XXX.XXX.XXXxxxx02/20/2024verifiedHigh
71XX.XXX.XXX.XXXxxxxx-xxxx.xxxx.xxxxxxxXxxxx01/17/2024verifiedHigh
72XX.XXX.XXX.XXxxxx02/12/2024verifiedHigh
73XX.XXX.XXX.XXxxxxxxxxx-xxxxxxxxx.xxxx.xxxxxxxXxxxx11/24/2023verifiedHigh
74XX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxxx.xxxXxxxx01/24/2024verifiedHigh
75XX.XX.XX.XXxxxx05/04/2024verifiedHigh
76XX.XXX.XX.XXxx-xxx-xx-xx.xxxxx.xxxxxxx.xxxxxx.xxXxxxx12/15/2023verifiedHigh
77XX.XX.X.XXXxxxx01/31/2024verifiedHigh
78XX.XXX.XX.XXXXxxxx01/30/2024verifiedHigh
79XX.XXX.XX.XXXXxxxx10/14/2023verifiedHigh
80XX.XX.XX.XXXXxxxx02/12/2024verifiedHigh
81XX.XX.XXX.XXXxxxx09/06/2023verifiedHigh
82XX.XXX.XXX.XXxxxxxxxxxxxx.xxxXxxxx02/13/2024verifiedHigh
83XX.XXX.XXX.XXXXxxxx05/04/2024verifiedHigh
84XX.XX.XXX.XXXxxxxx.xx-xx-xx-xxx.xxXxxxx02/10/2024verifiedHigh
85XX.XX.XXX.XXxxxx.xx-xx-xx-xxx.xxXxxxx01/24/2024verifiedHigh
86XX.XX.XXX.XXXxxxxx.xx-xx-xx-xxx.xxXxxxx01/24/2024verifiedHigh
87XX.XXX.XX.XXXxxxx03/22/2024verifiedHigh
88XX.XXX.X.XXXxxx.x.xxx.xx.xxxxxx.xxxxx.xxXxxxx01/24/2024verifiedHigh
89XX.XX.XXX.XXxxxxxx.xx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxx12/27/2023verifiedHigh
90XX.XX.XX.XXXxxxx02/05/2024verifiedHigh
91XX.XX.XXX.XXXXxxxx01/24/2024verifiedHigh
92XX.XX.XXX.XXXXxxxx01/24/2024verifiedHigh
93XX.XX.XXX.XXXxxxx01/25/2024verifiedHigh
94XX.XXX.XXX.XXXxxxx12/15/2023verifiedHigh
95XX.XXX.XXX.XXXXxxxx11/25/2023verifiedHigh
96XX.XX.XXX.XXXXxxxx11/04/2023verifiedHigh
97XX.XX.XXX.XXXXxxxx04/29/2024verifiedHigh
98XX.XX.XXX.XXXXxxxx05/15/2024verifiedHigh
99XX.XX.XXX.XXXxxxx01/25/2024verifiedHigh
100XX.XX.XXX.XXXXxxxx12/15/2023verifiedHigh
101XX.XX.XXX.XXXXxxxx11/09/2023verifiedHigh
102XX.XX.XXX.XXXXxxxx04/01/2024verifiedHigh
103XX.XX.XXX.XXXXxxxx12/15/2023verifiedHigh
104XX.XX.XXX.XXXXxxxx01/21/2024verifiedHigh
105XX.XX.XXX.XXXxxxx12/15/2023verifiedHigh
106XX.XX.XXX.XXXXxxxx01/21/2024verifiedHigh
107XX.XX.XXX.XXXXxxxx12/10/2023verifiedHigh
108XX.XX.XXX.XXXXxxxx01/21/2024verifiedHigh
109XX.XX.XXX.XXXXxxxx04/07/2024verifiedHigh
110XX.XXX.XX.XXXxxxx10/11/2023verifiedHigh
111XX.XXX.XX.XXXxxxx10/11/2023verifiedHigh
112XX.XXX.XX.XXXXxxxx07/13/2023verifiedHigh
113XX.XXX.XXX.XXXxxxx11/24/2023verifiedHigh
114XX.XXX.XX.XXXxxx.xxxxxx.xxxXxxxx07/14/2023verifiedHigh
115XX.XXX.XX.XXxxxxxxxxx.xx.xxxXxxxx01/20/2023verifiedHigh
116XX.XXX.XX.XXXxxxx01/24/2024verifiedHigh
117XX.XXX.XX.XXXxxxx01/24/2024verifiedHigh
118XX.XXX.XX.XXXXxxxx01/24/2024verifiedHigh
119XX.XXX.XX.XXXXxxxx01/28/2024verifiedHigh
120XX.XXX.XX.XXXXxxxx01/27/2024verifiedHigh
121XX.XXX.XX.XXXxxxx03/22/2024verifiedHigh
122XX.XXX.XXX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxx11/01/2023verifiedHigh
123XX.XXX.X.XXXXxxxx03/01/2024verifiedHigh
124XX.XXX.XX.XXXXxxxx03/22/2024verifiedHigh
125XX.XXX.XX.XXXXxxxx01/25/2024verifiedHigh
126XX.XXX.XX.XXXXxxxx01/25/2024verifiedHigh
127XX.XXX.XX.XXXXxxxx02/06/2024verifiedHigh
128XX.XXX.XX.XXXXxxxx02/06/2024verifiedHigh
129XX.XXX.XX.XXXxxxx03/01/2024verifiedHigh
130XX.XXX.XX.XXXXxxxx04/22/2024verifiedHigh
131XX.XXX.XXX.XXXxxxx02/01/2024verifiedHigh
132XX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx02/03/2024verifiedHigh
133XX.XXX.XXX.XXXXxxxx01/31/2024verifiedHigh
134XX.XXX.XXX.XXXxxxx02/14/2024verifiedHigh
135XX.XX.XXX.XXXXxxxx02/05/2024verifiedHigh
136XXX.XXX.XXX.XXXXxxxx04/02/2024verifiedHigh
137XXX.XXX.XXX.XXXxxxx03/01/2024verifiedHigh
138XXX.XXX.XXX.XXXXxxxx03/01/2024verifiedHigh
139XXX.XX.XX.XXXXxxxx02/26/2024verifiedHigh
140XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx10/11/2023verifiedHigh
141XXX.XX.XX.XXXxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxx02/06/2024verifiedHigh
142XXX.XXX.XX.XXXXxxxx02/26/2024verifiedHigh
143XXX.XXX.XX.XXXXxxxx02/23/2024verifiedHigh
144XXX.XXX.XX.XXXXxxxx02/26/2024verifiedHigh
145XXX.XXX.XX.XXXXxxxx02/26/2024verifiedHigh
146XXX.XXX.XX.XXXXxxxx02/26/2024verifiedHigh
147XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxx03/01/2024verifiedHigh
148XXX.XX.XXX.XXXxxxx02/10/2024verifiedHigh
149XXX.XX.XXX.XXXXxxxx02/02/2024verifiedHigh
150XXX.XXX.XX.XXXxxxx12/15/2023verifiedHigh
151XXX.XXX.XX.XXXxxxx12/15/2023verifiedHigh
152XXX.XXX.XX.XXXxxxx12/15/2023verifiedHigh
153XXX.XXX.XXX.XXXXxxxx02/27/2024verifiedHigh
154XXX.XXX.XXX.XXXxxxxx.xx-xxx-xxx-xxx.xxXxxxx12/15/2023verifiedHigh
155XXX.XXX.XXX.XXXXxxxx01/24/2024verifiedHigh
156XXX.XX.XXX.XXXXxxxx12/15/2023verifiedHigh
157XXX.XX.XXX.XXXxxxxxx-xx.xxx.xxx.xxXxxxx01/25/2024verifiedHigh
158XXX.XX.XX.XXXxxxx02/15/2024verifiedHigh
159XXX.XXX.XX.XXXxxxx12/15/2023verifiedHigh
160XXX.XX.XX.XXXxxxx12/15/2023verifiedHigh
161XXX.X.XX.XXxxxx01/25/2024verifiedHigh
162XXX.X.XXX.XXxxxx01/25/2024verifiedHigh
163XXX.X.XXX.XXXxxxx01/25/2024verifiedHigh
164XXX.XX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx01/25/2024verifiedHigh
165XXX.XXX.XXX.XXXXxxxx02/08/2024verifiedHigh
166XXX.XXX.XX.XXXXxxxx10/11/2023verifiedHigh
167XXX.XX.XX.XXXXxxxx03/22/2024verifiedHigh
168XXX.XXX.XX.XXXxxxx03/04/2024verifiedHigh
169XXX.XXX.XX.XXXXxxxx03/22/2024verifiedHigh
170XXX.XXX.XX.XXXxxxx03/28/2024verifiedHigh
171XXX.XXX.XXX.XXXXxxxx03/22/2024verifiedHigh
172XXX.XXX.XXX.XXXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx04/07/2024verifiedHigh
173XXX.XXX.XX.XXXxxxx10/11/2023verifiedHigh
174XXX.XXX.XXX.XXXxxxx01/20/2023verifiedHigh
175XXX.XXX.XXX.XXXxxxx01/20/2023verifiedHigh
176XXX.XXX.XXX.XXXXxxxx10/11/2023verifiedHigh
177XXX.XXX.XXX.XXXXxxxx02/10/2024verifiedHigh
178XXX.XXX.X.XXXxxx-xxx-x-xxx.xxxxxx-xx-xxxxxxxxxxx.xxxXxxxx02/23/2022verifiedHigh
179XXX.XXX.XXX.XXXxxx.xxxx.xxxxxxxXxxxx12/27/2023verifiedHigh
180XXX.XX.XXX.XXXxxxxx-xxxxxx.xxxxxxxxxx-xxxx-xxxxxx.xxx-xxxxxxx.xxxXxxxx12/15/2023verifiedHigh
181XXX.XX.XX.XXXxxxx03/04/2024verifiedHigh
182XXX.XX.XX.XXXxxxxxxxx.xxxxx.xxxx.xxxxxxxXxxxx01/25/2024verifiedHigh
183XXX.XX.XX.XXXxxxxxxx.xxxXxxxx01/24/2024verifiedHigh
184XXX.XXX.XXX.XXxxxxxx-xx.xxxxxxxxxxxxx.xxxXxxxx04/07/2024verifiedHigh
185XXX.XXX.XXX.XXXxxxxxxx.xxxxXxxxx01/27/2024verifiedHigh
186XXX.XXX.XXX.XXXxxxx02/06/2024verifiedHigh
187XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx02/10/2024verifiedHigh
188XXX.XXX.XXX.XXXxxxx02/23/2022verifiedHigh
189XXX.XXX.XXX.XXXxxxx02/23/2022verifiedHigh
190XXX.XXX.XXX.XXXxxxx02/23/2022verifiedHigh
191XXX.XXX.XXX.XXXxxxx02/07/2024verifiedHigh
192XXX.XXX.XXX.XXXxxxx01/24/2024verifiedHigh
193XXX.XXX.XX.XXXxxxxxxxxx-xxx.xx.xxx.xxx.xxxxxxxxx-xx.xxxxxxx.xxxXxxxx01/24/2024verifiedHigh
194XXX.XXX.XX.XXXXxxxx08/26/2023verifiedHigh
195XXX.XXX.XX.XXXXxxxx01/28/2024verifiedHigh
196XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx02/16/2024verifiedHigh
197XXX.XXX.XX.XXXxxxxx.xxxxxxxxxxxxxxx.xxxXxxxx02/09/2024verifiedHigh
198XXX.XXX.XXX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxx03/01/2024verifiedHigh
199XXX.XX.XXX.XXXXxxxx10/11/2023verifiedHigh
200XXX.XXX.XXX.XXXXxxxx08/04/2022verifiedHigh
201XXX.XXX.XXX.XXXXxxxx10/11/2023verifiedHigh
202XXX.XXX.XXX.XXXXxxxx10/05/2022verifiedHigh
203XXX.XXX.XXX.XXXXxxxx10/11/2023verifiedHigh
204XXX.XXX.XXX.XXXxxxx01/26/2024verifiedHigh
205XXX.XXX.X.XXXxxxx12/15/2023verifiedHigh
206XXX.XXX.XX.XXXxxxx01/17/2024verifiedHigh
207XXX.XXX.XX.XXXxxxx03/04/2024verifiedHigh
208XXX.XXX.XX.XXXxxxx02/10/2024verifiedHigh
209XXX.XXX.XX.XXXXxxxx04/07/2024verifiedHigh
210XXX.XXX.XX.XXXXxxxx02/28/2024verifiedHigh
211XXX.XXX.XXX.XXxxxx01/24/2024verifiedHigh
212XXX.XXX.XXX.XXXxxxx01/31/2024verifiedHigh
213XXX.XXX.XXX.XXXxxxx01/22/2024verifiedHigh
214XXX.XXX.XXX.XXXXxxxx01/26/2024verifiedHigh
215XXX.XXX.XXX.XXXXxxxx12/15/2023verifiedHigh
216XXX.XXX.XXX.XXX.Xxxxx01/16/2024verifiedHigh
217XXX.XX.XXX.XXXxxxx12/15/2023verifiedHigh
218XXX.XX.XXX.XXXXxxxx12/15/2023verifiedHigh
219XXX.XX.XXX.XXXXxxxx12/27/2023verifiedHigh
220XXX.XX.XX.XXXxxx.xxxxxxxxxxxxx.xxxXxxxx01/30/2024verifiedHigh
221XXX.XX.XXX.XXXXxxxx02/12/2024verifiedHigh
222XXX.XX.XXX.XXXXxxxx01/25/2024verifiedHigh
223XXX.XXX.XXX.XXXxxxx-xxxxxxxxxx.xxx.xxx.xxXxxxx02/14/2024verifiedHigh
224XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx12/15/2023verifiedHigh
225XXX.XXX.XXX.XXXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxx03/22/2024verifiedHigh
226XXX.XXX.XX.XXxxxxxxxxx.xxxxx.xxx.xxXxxxx02/26/2024verifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (77)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/catalog/all-productspredictiveHigh
2File/changePasswordpredictiveHigh
3File/forum/away.phppredictiveHigh
4File/goform/addIpMacBindpredictiveHigh
5File/goform/DelDhcpRulepredictiveHigh
6File/goform/delIpMacBindpredictiveHigh
7File/goform/DelPortMappingpredictiveHigh
8File/goform/modifyDhcpRulepredictiveHigh
9File/goform/modifyIpMacBindpredictiveHigh
10File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
11File/xxxxxx/xxxxxxxxxxpredictiveHigh
12File/xxxxxx/xxxxxxxxxpredictiveHigh
13File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
14File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
15File/xxxxxx/xxxxxxxxxxxxxpredictiveHigh
16File/xxxxxx/xxxxxxxxxxxpredictiveHigh
17File/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
18File/xxxxxxxxxxx.xxx/xxxxxxxxpredictiveHigh
19File/xxxxxx_xx.xxxpredictiveHigh
20File/xxxxxxxx.xxxpredictiveHigh
21File/xxx/xxxxxxx/xxxpredictiveHigh
22File/xxxx.xxxpredictiveMedium
23File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictiveHigh
24File/xxxx/xxxxxx_xxx.xxxpredictiveHigh
25Filexxxxxxx.xxxpredictiveMedium
26Filexxxxxxx.xxpredictiveMedium
27Filexxx-xxx/xxxxxxx.xxpredictiveHigh
28Filexxxxx/xxxxxxx/xxxxxxxxxxxxx.xxpredictiveHigh
29Filexxxxxxxxxxxx.xxxpredictiveHigh
30Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
31Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
32Filexx/xxxxxx/xxxxxxxxxxpredictiveHigh
33Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
34Filexxxxx.xxxpredictiveMedium
35Filexxxxxxxx.xxxpredictiveMedium
36Filexxxxxx.xxxpredictiveMedium
37Filexxx.xxpredictiveLow
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxxxxx.xxxpredictiveMedium
40Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
41Argumentxxxxx_xxxxxpredictiveMedium
42ArgumentxxxxxxxxxxxxxpredictiveHigh
43ArgumentxxxpredictiveLow
44ArgumentxxxxxxpredictiveLow
45ArgumentxxxxxxxxxpredictiveMedium
46ArgumentxxxxxxxxxxxxpredictiveMedium
47ArgumentxxxxxxxxxxpredictiveMedium
48ArgumentxxxxxxxpredictiveLow
49ArgumentxxxxpredictiveLow
50ArgumentxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
51Argumentxxxxxxxxx/xxxxxxpredictiveHigh
52Argumentxx/xxxxpredictiveLow
53ArgumentxxxxxxxpredictiveLow
54ArgumentxxpredictiveLow
55ArgumentxxpredictiveLow
56ArgumentxxxxxxxxxxxxxxpredictiveHigh
57ArgumentxxxxxxxxxxxxxpredictiveHigh
58Argumentxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
59ArgumentxxxxxxxxxxpredictiveMedium
60ArgumentxxxxxxxxxxxxpredictiveMedium
61Argumentxx_xxxxxx_xxxxxxxxxxxxpredictiveHigh
62Argumentxx_xxxxxpredictiveMedium
63ArgumentxxxxpredictiveLow
64Argumentxxxx/xxxxxx/xxxxxxxpredictiveHigh
65ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
66Argumentxxxxxxx_xxxxxxx_xxxxx_xxxxx_xxxxxpredictiveHigh
67ArgumentxxxxxxpredictiveLow
68ArgumentxxxxxxxxpredictiveMedium
69ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
70Argumentxxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
71ArgumentxxxxxxxxxpredictiveMedium
72ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
73ArgumentxxxxpredictiveLow
74ArgumentxxxxxxxxxxpredictiveMedium
75Argumentxxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxxpredictiveHigh
76Argument\xxxx\xxxxpredictiveMedium
77Argument_xxxxxpredictiveLow

References (172)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!