GlobeImposter Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (14)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	14

Country

us	14

Actors

Wizard Spider	1
GlobeImposter	1

Activities

Interest

Timeline

Type

Not Defined	12
Project Management Software	2

Vendor

SourceCodester	8
code-projects	2
Not Defined	2
Kashipara	2

Product

SourceCodester Inventory Management System	4
SourceCodester Simple Student Attendance System	2
code-projects Human Resource Integrated System	2
SourceCodester Online Tours & Travels Management S ...	2
openBI	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	openBI Screen.php index code injection	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00075	0.18	CVE-2024-1117
2	openBI Screen.php dlfile access control	7.6	7.4	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.11	CVE-2024-1114
3	SourceCodester Online Tours & Travels Management System payment.php exec sql injection	6.4	6.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.06	CVE-2024-0884
4	Totolink LR1200GB cstecgi.cgi setLanguageCfg stack-based overflow	9.1	8.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00109	0.11	CVE-2024-0577
5	code-projects Simple Online Hotel Reservation System login.php sql injection	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.03	CVE-2024-0359
6	code-projects Human Resource Integrated System inc_service_credits.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.03	CVE-2024-0470
7	Kashipara Food Management System stock_edit.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.14	CVE-2024-0290
8	Kashipara Food Management System rawstock_used_damaged_submit.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.04	CVE-2024-0288
9	SourceCodester Simple Student Attendance System actions.class.php save_attendance sql injection	6.9	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00130	0.03	CVE-2023-6771
10	Thecosy IceCMS Captcha login excessive authentication	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.06	CVE-2023-6756
11	SourceCodester Engineers Online Portal login.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00077	0.00	CVE-2023-5278
12	Tongda OA 2017 delete.php sql injection	6.9	6.8	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00077	0.14	CVE-2023-5267
13	SourceCodester Inventory Management System search_purchase_paymen_report.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.07	CVE-2023-4557
14	SourceCodester Inventory Management System staff_data.php sql injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.03	CVE-2023-4558

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	46.148.235.114		GlobeImposter		03/18/2024	verified	High
2	XXX.XX.XXX.X	xx-x-xxx-xx-xxx.xxx-x.xxxxxxx.xx	Xxxxxxxxxxxxx		03/18/2024	verified	High

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
2	TXXXX	CAPEC-19	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
3	TXXXX.XXX	CAPEC-16	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	High
4	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (23)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin_route/inc_service_credits.php	predictive	High
2	File	/application/index/controller/Screen.php	predictive	High
3	File	/cgi-bin/cstecgi.cgi	predictive	High
4	File	/login	predictive	Low
5	File	xxxxxxx.xxxxx.xxx	predictive	High
6	File	xxx/xxxx/xxxxxx_xxxxxxxx_xxxxxx_xxxxxx.xxx	predictive	High
7	File	xxxxxxx/xx/xxxxxxx/xx_xxxx/xxxxxx.xxx	predictive	High
8	File	xxxxx.xxx	predictive	Medium
9	File	xxxxxxx.xxx	predictive	Medium
10	File	xxxxxxxx_xxxx_xxxxxxx_xxxxxx.xxx	predictive	High
11	File	xxxxx_xxxx.xxx	predictive	High
12	File	xxxxx_xxxx.xxx	predictive	High
13	Argument	xxxxxxx[x][xxxx]	predictive	High
14	Argument	xxxxxxxx	predictive	Medium
15	Argument	xxxxxx_xx	predictive	Medium
16	Argument	xxxxxxx	predictive	Low
17	Argument	xxxxxxx	predictive	Low
18	Argument	xx	predictive	Low
19	Argument	xxxx_xxxx	predictive	Medium
20	Argument	xxxx	predictive	Low
21	Argument	xxxxxxx_xxxx	predictive	Medium
22	Argument	xxx	predictive	Low
23	Argument	xxxxxxxx/xxxxxxxx	predictive	High

References (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!