Nymaim Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

de108
es98
it96
sv90
zh86

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de108
es98
it96
sv90
pl82

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined60
WordPress Plugin10
E-Commerce Management Software6
Operating System2
Wireless LAN Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Tenda40
Not Defined6
Kashipara6
Thimo Grauerholz2
Hualai Xiaofang2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Tenda TX98
Tenda i218
Tenda 4G3006
Kashipara Online Furniture Shopping Ecommerce Webs ...6
Tenda W94

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Tenda AC8 SetRebootTimer formSetRebootTimer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.35CVE-2024-4065
2Tenda W15E DelPortMapping formDelPortMapping stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.16CVE-2024-4117
3Techkshetra Info Solutions Savsoft Quiz Category Page editCategory cross site scripting2.42.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.09CVE-2024-4256
4Tenda W9 wifiSSIDset formwrlSSIDset stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.09CVE-2024-4243
5idcCMS cross-site request forgery4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.16CVE-2024-4172
6Tenda 4G300 sub_4279CC stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000451.39CVE-2024-4169
7Tenda W9 DhcpSetSer fromDhcpSetSer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.94CVE-2024-4244
8Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.09CVE-2024-4064
9PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.43CVE-2024-4293
10Tenda AX1806 SetRebootTimer formSetRebootTimer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.90CVE-2024-4239
11Tenda i21 DhcpSetSe fromDhcpSetSer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.86CVE-2024-4251
12EZVIZ CS-C6-21WFR-8 Davinci Application certificate validation3.73.6$0-$5k$0-$5kNot DefinedNot Defined0.000451.31CVE-2024-4063
13PHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.17CVE-2024-4294
14Tenda W15E formQOSRuleDel stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000451.27CVE-2024-4121
15Tenda AX1806 execCommand R7WebsSecurityHandler stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.16CVE-2024-4237
16Tenda W15E SetRemoteWebManage formSetRemoteWebManage stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.24CVE-2024-4124
17cyanomiko dcnnt-py Notification notifications.py main command injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000450.86CVE-2023-1000
18SourceCodester Simple Subscription Website view_application.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.27CVE-2024-4093
19Tenda i21 wifiSSIDget formwrlSSIDget stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.83CVE-2024-4249
20Tenda W15E SetSysTimeCfg formSetSysTime stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.01CVE-2024-4126

IOC - Indicator of Compromise (65)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
18.253.131.120Nymaim05/11/2022verifiedHigh
28.253.132.120Nymaim05/11/2022verifiedHigh
334.227.185.153ec2-34-227-185-153.compute-1.amazonaws.comNymaim04/14/2022verifiedMedium
437.152.176.90Nymaim07/17/2021verifiedHigh
545.139.105.171Nymaim11/14/2022verifiedHigh
646.4.52.109witntech.devNymaim05/04/2022verifiedHigh
746.47.98.12846-47-98-128.stz.ddns.bulsat.comNymaim07/17/2021verifiedHigh
846.238.18.157ip-46-238-18-157.home.megalan.bgNymaim07/17/2021verifiedHigh
947.91.242.212Nymaim07/17/2021verifiedHigh
1050.22.169.261a.a9.1632.ip4.static.sl-reverse.comNymaim05/04/2022verifiedHigh
1151.218.181.145Nymaim07/17/2021verifiedHigh
1252.85.144.32server-52-85-144-32.iad89.r.cloudfront.netNymaim08/07/2021verifiedHigh
1352.114.128.43Nymaim07/18/2021verifiedHigh
14XX.XXX.XXX.XXxxx-xx.xxxxxxxx.xxXxxxxx10/20/2018verifiedHigh
15XX.XX.XXX.XXXxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxxXxxxxx04/14/2022verifiedHigh
16XX.XXX.XXX.XXXXxxxxx10/20/2018verifiedHigh
17XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxxXxxxxx04/14/2022verifiedHigh
18XX.XX.XX.XXxxxxx07/17/2021verifiedHigh
19XX.XX.XXX.XXXxxxxx07/17/2021verifiedHigh
20XX.XX.XX.XXxxxxxx.xxxxx.xxxxxxxxxxxxx.xxXxxxxx05/04/2022verifiedHigh
21XX.XX.XX.XXXXxxxxx10/20/2018verifiedHigh
22XX.XX.XXX.XXXXxxxxx07/17/2021verifiedHigh
23XX.XX.XXX.XXXXxxxxx10/20/2018verifiedHigh
24XX.XXX.XXX.XXxxxxxxxxx.xxxx.x-xxxxxxxxx.xxXxxxxx05/04/2022verifiedHigh
25XX.XXX.XX.XXxxxxx10/20/2018verifiedHigh
26XX.X.XX.XXXxxxxxxxxxxx.xxxxx.x-xxxxxx.xxXxxxxx07/17/2021verifiedHigh
27XX.XXX.XXX.XXXxxxxx10/20/2018verifiedHigh
28XX.XX.XX.XXXXxxxxx11/14/2022verifiedHigh
29XX.XX.XX.XXxxx-xx-xx-xx.xxxxxx.xxxx.xxxXxxxxx07/17/2021verifiedHigh
30XX.XXX.XXX.XXXXxxxxx07/17/2021verifiedHigh
31XX.XXX.XX.XXXxxxxx07/17/2021verifiedHigh
32XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxxx.xxXxxxxx07/17/2021verifiedHigh
33XX.XXX.X.XXxx-xxx-x-xx.xxx.xx.xxXxxxxx10/20/2018verifiedHigh
34XX.XXX.XXX.XXXXxxxxx07/17/2021verifiedHigh
35XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxxxxxxxx.xxXxxxxx07/17/2021verifiedHigh
36XX.XXX.XX.XXXXxxxxx05/04/2022verifiedHigh
37XX.XX.XXX.XXXXxxxxx07/17/2021verifiedHigh
38XXX.XXX.XXX.XXXXxxxxx11/14/2022verifiedHigh
39XXX.XX.XXX.XXXxxxxx07/17/2021verifiedHigh
40XXX.XX.XX.XXXXxxxxx07/17/2021verifiedHigh
41XXX.XXX.XXX.XXXxxxxx10/20/2018verifiedHigh
42XXX.XXX.XX.XXXxxxxx10/20/2018verifiedHigh
43XXX.XXX.XX.XXXXxxxxx07/17/2021verifiedHigh
44XXX.XX.XX.XXXXxxxxx11/14/2022verifiedHigh
45XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxx07/18/2021verifiedHigh
46XXX.X.XXX.XXXxxxx.xxxxxxxxx.xxxXxxxxx05/04/2022verifiedHigh
47XXX.XX.XXX.XXXx-xxx-xx-xxx-xxx.xxxx.xxxx.xxxxxxx.xxXxxxxx10/20/2018verifiedHigh
48XXX.XXX.X.XXXxxxxx10/20/2018verifiedHigh
49XXX.XXX.XXX.XXXXxxxxx10/20/2018verifiedHigh
50XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxxXxxxxx04/14/2022verifiedHigh
51XXX.XXX.XXX.XXX.Xxxxxx10/20/2018verifiedHigh
52XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxx.xxXxxxxx10/20/2018verifiedHigh
53XXX.XXX.XX.XXXXxxxxx07/17/2021verifiedHigh
54XXX.XXX.XXX.XXxxxx-xxxxxx-xxx-xxx-xxx-xx.xxxxxxxxxxx.xxXxxxxx10/20/2018verifiedHigh
55XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxx.xxxxxx.xxxXxxxxx10/20/2018verifiedHigh
56XXX.XX.XXX.XXXXxxxxx07/17/2021verifiedHigh
57XXX.XXX.XX.Xxxxxxxxxxxxx.xxxxx.x-xxxxxx.xxXxxxxx07/17/2021verifiedHigh
58XXX.XX.XXX.XXXxxxxx07/17/2021verifiedHigh
59XXX.XX.XXX.XXXXxxxxx10/20/2018verifiedHigh
60XXX.XXX.XXX.XXXXxxxxx07/17/2021verifiedHigh
61XXX.XXX.XXX.XXXXxxxxx10/20/2018verifiedHigh
62XXX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxx10/20/2018verifiedHigh
63XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxx.xxx.xxXxxxxx07/17/2021verifiedHigh
64XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxxxxx.xxxXxxxxx10/20/2018verifiedHigh
65XXX.XXX.XXX.XXxxxx-xx.xxxxxxxxxxxx.xxxXxxxxx04/14/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CAPEC-209CWE-79Cross Site ScriptingpredictiveHigh
2T1202CAPEC-136CWE-77, CWE-78Command Shell in Externally Accessible DirectorypredictiveHigh
3TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
4TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
5TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (92)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/admin_cl.php?mudi=revPwdpredictiveHigh
2File/cgi-bin/koha/opac-MARCdetail.plpredictiveHigh
3File/doctor/view-appointment-detail.phppredictiveHigh
4File/goform/AddDnsForwardpredictiveHigh
5File/goform/addIpMacBindpredictiveHigh
6File/goform/AdvSetMacMtuWanpredictiveHigh
7File/goform/DelDhcpRulepredictiveHigh
8File/goform/DelPortMappingpredictiveHigh
9File/goform/DhcpSetSepredictiveHigh
10File/goform/DhcpSetSerpredictiveHigh
11File/goform/execCommandpredictiveHigh
12File/goform/modifyDhcpRulepredictiveHigh
13File/goform/modifyIpMacBindpredictiveHigh
14File/xxxxxx/xxxxxxxxxxxxxxxxxxxxxpredictiveHigh
15File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
16File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
17File/xxxxxx/xxxxxxxxxxpredictiveHigh
18File/xxxxxx/xxxxxxxxxxxpredictiveHigh
19File/xxxxxx/xxxxxxxxxpredictiveHigh
20File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
21File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
22File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
23File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHigh
24File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
25File/xxxxxx/xxxxxxxxxxxxxpredictiveHigh
26File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
27File/xxxxxx/xxxxxxxxxxxpredictiveHigh
28File/xxxxxx/xxxxxxxxxxxpredictiveHigh
29File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
30File/xxxxxxxxxxxxx.xxpredictiveHigh
31File/xxxxxx/xxxxx.xxx/xxxxx/xxxxxxxxxxxxpredictiveHigh
32File/xxxxxxx.xxpredictiveMedium
33File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictiveHigh
34File/xxx/xxxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxx.xxxpredictiveHigh
36Filexxxxx/xxxxxxx/xxxxxxxxxxxxx.xxpredictiveHigh
37Filexxxxxx/xxxxxx/xxx/xxxxxxxxxxx/xx.xxpredictiveHigh
38Filexxxxx.xxxpredictiveMedium
39Filexxxxxxxx.xxxpredictiveMedium
40Filexxxxxxxx.xxxpredictiveMedium
41Filexxxxxx.xxxpredictiveMedium
42Filexxxxxxxxxxxx.xxxpredictiveHigh
43Filexxxx_xxxxxxxxxxx.xxxpredictiveHigh
44ArgumentxxxxxxxxxxxxpredictiveMedium
45ArgumentxxxxxxxxxxxxxpredictiveHigh
46Argumentxxxxxxxx_xxxxpredictiveHigh
47ArgumentxxxxxxxxxxxxpredictiveMedium
48ArgumentxxxxxxxxxxpredictiveMedium
49ArgumentxxxxxxxpredictiveLow
50Argumentxxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveHigh
51ArgumentxxxxxxxxxxxxxxpredictiveHigh
52ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
53ArgumentxxxxxxpredictiveLow
54Argumentxxxxxx/xxxxx/xxxxxxpredictiveHigh
55ArgumentxxxxxxxxpredictiveMedium
56Argumentxxxxxxxx/xxxxxxpredictiveHigh
57Argumentxx/xxxxpredictiveLow
58ArgumentxxxxxxxxxxpredictiveMedium
59ArgumentxxpredictiveLow
60ArgumentxxpredictiveLow
61ArgumentxxxxxxxxxxxxxpredictiveHigh
62Argumentxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
63ArgumentxxxxpredictiveLow
64ArgumentxxxxpredictiveLow
65ArgumentxxxxxpredictiveLow
66ArgumentxxxxxxxxxxpredictiveMedium
67ArgumentxxxxpredictiveLow
68ArgumentxxxxpredictiveLow
69ArgumentxxxxxxxxpredictiveMedium
70ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
71Argumentxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
72ArgumentxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
73ArgumentxxxpredictiveLow
74ArgumentxxxxxxpredictiveLow
75ArgumentxxxxxxxxpredictiveMedium
76ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
77ArgumentxxxxxxxxpredictiveMedium
78ArgumentxxxxxxxxxxpredictiveMedium
79ArgumentxxxxxxxxpredictiveMedium
80Argumentxxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
81ArgumentxxxxxxxxxxxxpredictiveMedium
82ArgumentxxxxxxxxxpredictiveMedium
83ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
84ArgumentxxxxpredictiveLow
85ArgumentxxxxxxxxxxpredictiveMedium
86ArgumentxxxxxxxxxpredictiveMedium
87ArgumentxxxxxxxpredictiveLow
88Argumentxxxxxx/xxxxxxxx/xxxxxxxxx/xxx/xxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
89Argumentxxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxxpredictiveHigh
90Input Valuex"><xxxx>predictiveMedium
91Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
92Input Value><xxxxxx>xxxxx('xxx')</xxxxxx>predictiveHigh

References (12)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!