Kaiji 解析
IOB - Indicator of Behavior (532)
アクティビティ
関心
脆弱性
IOC - Indicator of Compromise (43)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (24)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (223)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | クラス | Indicator | タイプ | 信頼度 |
---|---|---|---|---|
1 | File | /addNotifyServlet | predictive | 高 |
2 | File | /admin/booking-bwdates-reports-details.php | predictive | 高 |
3 | File | /Admin/createClass.php | predictive | 高 |
4 | File | /admin/manage-users.php | predictive | 高 |
5 | File | /Admin/user-record.php | predictive | 高 |
6 | File | /alsdemo/ss/mediam.cgi | predictive | 高 |
7 | File | /api/authentication/login | predictive | 高 |
8 | File | /api/notify.php | predictive | 高 |
9 | File | /api/v2/cli/commands | predictive | 高 |
10 | File | /application/index/common.php | predictive | 高 |
11 | File | /apps/system/router/upload.go | predictive | 高 |
12 | File | /asan/asan_interceptors_memintrinsics.cpp | predictive | 高 |
13 | File | /card_scan.php | predictive | 高 |
14 | File | /cgi-bin/uploadAccessCodePic | predictive | 高 |
15 | File | /config/getuser | predictive | 高 |
16 | File | /cupseasylive/stockissuancelist.php | predictive | 高 |
17 | File | /cupseasylive/unitofmeasurementmodify.php | predictive | 高 |
18 | File | /de2api/engine/getEngine.js | predictive | 高 |
19 | File | /expense_action.php | predictive | 高 |
20 | File | /filemanager/php/connector.php | predictive | 高 |
21 | File | /forum/away.php | predictive | 高 |
22 | File | /goform/aspForm | predictive | 高 |
23 | File | /goform/fromRouteStatic | predictive | 高 |
24 | File | /goform/setUsbUnload | predictive | 高 |
25 | File | /goform/telnet | predictive | 高 |
26 | File | /xxxxx/ | predictive | 低 |
27 | File | /xxxx/xxxxxx_xxxxxxxx | predictive | 高 |
28 | File | /xxx/xxxxxx/xxxxxxxxx/xxxxxxxxx.xxx | predictive | 高 |
29 | File | /xxxxxxx/xxxx.xxx | predictive | 高 |
30 | File | /xxxxx.xxx | predictive | 中 |
31 | File | /xxxxx.xxx?xxx=xxxx&xxxx=xxxxxxxx&xxxxxx=xxxxx | predictive | 高 |
32 | File | /xxxxxx/xxxxxxxxxxx.xxx | predictive | 高 |
33 | File | /xxxxx/xxx/.xxxx-xxxxx/xxxxxx-xxxxxxxxxxxxx | predictive | 高 |
34 | File | /xxx.xxx | predictive | 中 |
35 | File | /xxxxxxx/xxxx | predictive | 高 |
36 | File | /xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
37 | File | /xxx/xxxxx/?xxxx=xxxx/xxxxxx_xxxx | predictive | 高 |
38 | File | /xxx/xxxxxx/xxxxx/xxx.xx | predictive | 高 |
39 | File | /xxxxxx/xxxx/xxxxxxx/xxx_xxxxx/xxxxxxxxxx.xxx | predictive | 高 |
40 | File | /xxxxxxxxxxxxx | predictive | 高 |
41 | File | /xxx/xxxx/xxxxx | predictive | 高 |
42 | File | /xxx/xxx/xxxxxx.xxx | predictive | 高 |
43 | File | /xxxx/xxxx_xxxxxxxx.xxx | predictive | 高 |
44 | File | /xxxx/xxxxxxxxx_xxxxx_xxxx.xxx | predictive | 高 |
45 | File | /xxxx/xxxxx/?xxxx=xxxx | predictive | 高 |
46 | File | /xxxxx/xxxxx.xxx?x=xxxxx/xxxxxxxxxxx/xxxxxxx&xxxxx=xx&xx=x | predictive | 高 |
47 | File | /xx/xxxxx.xxx | predictive | 高 |
48 | File | ?x=xxxxxxx/xxxxxxxx/xxxxxx&xxxxxxxx=x | predictive | 高 |
49 | File | xxxxxx.xxx | predictive | 中 |
50 | File | xxxxxxx.xxx | predictive | 中 |
51 | File | xxxxx.xxx | predictive | 中 |
52 | File | xxxxx/xxx/xxxx.xxx.xxx | predictive | 高 |
53 | File | xxxxx/xxxxx.xxx | predictive | 高 |
54 | File | xxxxx/xxxxxx-xxxxxxxxxxx.xxx | predictive | 高 |
55 | File | xxxxx/xxxxxx-xxxxxxxx.xxx | predictive | 高 |
56 | File | xxxxx/xxxxxxxx.xxx | predictive | 高 |
57 | File | xxxxxxxx.xxx | predictive | 中 |
58 | File | xxxxxxxxxx.xxx | predictive | 高 |
59 | File | xxx/xxxxxxxx/xxxxxx | predictive | 高 |
60 | File | xxxx/xxxxxxx/xxxxxx/xxxxx_xx.x | predictive | 高 |
61 | File | xxxx.xxx | predictive | 中 |
62 | File | xx.xxx | predictive | 低 |
63 | File | xx_xxxx.xxx | predictive | 中 |
64 | File | xxx-xxx/xxxxxx/xxxxx.xx | predictive | 高 |
65 | File | xxxxxxxxxx_xxxxxx | predictive | 高 |
66 | File | xxxxxxx.xxx | predictive | 中 |
67 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | 高 |
68 | File | xxxxxx.xxx | predictive | 中 |
69 | File | xxxxxxxx_xxxx_xxxxxxxxxx.xxxx | predictive | 高 |
70 | File | xxxxxxxxxxxx.xxxx | predictive | 高 |
71 | File | xxxx_xxxxxx.xxx | predictive | 高 |
72 | File | xxxxxxx/xxxx-xxxxx-xxxxxx.xxx | predictive | 高 |
73 | File | xxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=x | predictive | 高 |
74 | File | xxxxx.xxx | predictive | 中 |
75 | File | xxxxx.xx | predictive | 中 |
76 | File | xxxx.x | predictive | 低 |
77 | File | xxxxxxxxxxxxxx.xxx | predictive | 高 |
78 | File | xxxx_xxxxx.xxx | predictive | 高 |
79 | File | xx/xxxx/xxxxx.x | predictive | 高 |
80 | File | xx/xxxx/xxxxx.x | predictive | 高 |
81 | File | xxxx/xxxx.x | predictive | 中 |
82 | File | xxxxxxx/xxxxxx/xxx_xxxxxx/xxxxxxx/xxxxxx_xxxxxxx.xxx | predictive | 高 |
83 | File | xxxxxx_xxxx_xxxxxx.xxx | predictive | 高 |
84 | File | xxxxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
85 | File | xxxxxx_xx.x | predictive | 中 |
86 | File | xxxxxxxxxxxx.xxxxx.xxx | predictive | 高 |
87 | File | xxxxxx/xxxxx?xxx | predictive | 高 |
88 | File | xxx/xxxxxx.xxx | predictive | 高 |
89 | File | xxxxxxxxxxxxx.xxx | predictive | 高 |
90 | File | xxxxx.xxx | predictive | 中 |
91 | File | xxxxx.xxx/xxxxx/xxxxx/ | predictive | 高 |
92 | File | xxxxx.xxx?x=/xxxx/xxxxxxxx | predictive | 高 |
93 | File | xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxx/xxx/xx/xxxxxxx.xx | predictive | 高 |
94 | File | xx/xxxxxx.xxxxxxxxxxx.xx | predictive | 高 |
95 | File | xxxxxxxxxxxxx/xxxxx.xxx | predictive | 高 |
96 | File | xxxxxxxxx/xxxx_xxxxxxx.xxx.xxx | predictive | 高 |
97 | File | xxxx/xxxxxxx/xxxxxxxx.xxxx.xxx | predictive | 高 |
98 | File | xxxxxxx.xxx | predictive | 中 |
99 | File | xxxxx.xxx | predictive | 中 |
100 | File | xxxxx.xxx | predictive | 中 |
101 | File | xxxxx_xxxx.xxx | predictive | 高 |
102 | File | xxxxxx/xxxxx.xxx | predictive | 高 |
103 | File | xxxx_xxx.x | predictive | 中 |
104 | File | xxx_xx/xxx_xx_xxxxxx.x | predictive | 高 |
105 | File | xxxx-xxx.xx | predictive | 中 |
106 | File | xxx | predictive | 低 |
107 | File | xxxxxx-xxxxxxxxxxx.xxx | predictive | 高 |
108 | File | xxxxxxx/xxxxxxxxxx/xxx.xxx | predictive | 高 |
109 | File | xxxxxxx.xxx | predictive | 中 |
110 | File | xxxxx-xxxx.x | predictive | 中 |
111 | File | xxxxxxx/xxxx/* | predictive | 高 |
112 | File | xxxxxxxx.xxx | predictive | 中 |
113 | File | xxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
114 | File | xxxxxxxx.xxx | predictive | 中 |
115 | File | xxxxxxxx.xxx | predictive | 中 |
116 | File | xxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxx | predictive | 高 |
117 | File | xxxxxxx_xxx_xxxxx_xxxxxx.xxxx | predictive | 高 |
118 | File | xxxxxx_xxxxxx.xxx | predictive | 高 |
119 | File | xxxxxxx.xxx | predictive | 中 |
120 | File | xxxxxx/xxx.xxx | predictive | 高 |
121 | File | xxxxxxxx.xxxx | predictive | 高 |
122 | File | xxxx-xxxx.x | predictive | 中 |
123 | File | xxx.xx | predictive | 低 |
124 | File | xxx/xxxxxxx.x | predictive | 高 |
125 | File | xxxxx_xxxx.xxx | predictive | 高 |
126 | File | xxxxxxxx.xxx | predictive | 中 |
127 | File | xxxxxx.xx | predictive | 中 |
128 | File | xxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxx | predictive | 高 |
129 | File | xxxxxxxx.xxxx | predictive | 高 |
130 | File | xxxx-xxxxxxxx.xxx | predictive | 高 |
131 | File | xxxxxxx.x | predictive | 中 |
132 | File | xxxxxxxxx.xxx | predictive | 高 |
133 | File | xxxxxxxxx.xxx | predictive | 高 |
134 | File | xxxx/xxxxxx.x | predictive | 高 |
135 | File | xxxxx/xxxxx.xx | predictive | 高 |
136 | File | xxxxxxxx/xxxxxx_xxxxxxx | predictive | 高 |
137 | File | xxx/xxxxxx.xxx | predictive | 高 |
138 | File | xxxxxx.xxx | predictive | 中 |
139 | File | xxxxxx.x | predictive | 中 |
140 | File | xxxxxxx | predictive | 低 |
141 | File | ~/xxxxx/xxxxxx/xxxxx-xxxxxxxxx-xxxxx.xxx | predictive | 高 |
142 | Library | /xxxxxxxxxxx.xxx | predictive | 高 |
143 | Library | /xxx/xxx/xxxx/xxxx.xxx | predictive | 高 |
144 | Library | xxxxxx/xxxxxxx/xxx/xxx/xxxxx/xxxxxx/xxxxxxxxx.xxx | predictive | 高 |
145 | Library | xxxxxxxxxxxxxx.xxx | predictive | 高 |
146 | Library | xxxxxx.xx | predictive | 中 |
147 | Library | xxxxxx.xxxxx.xxxxxxxx | predictive | 高 |
148 | Argument | $xxx_xxxx_xxxx) | predictive | 高 |
149 | Argument | xxxxxxxxxx/xxxxxxx/xxx/xxxx/xxxxxxxx/xxxxxxxxxxxxxxx | predictive | 高 |
150 | Argument | xxx_xxxx_xx/xxx_xxxx_xxxxx | predictive | 高 |
151 | Argument | xxxx | predictive | 低 |
152 | Argument | xxxxxxxxxxxxxx | predictive | 高 |
153 | Argument | xxxxxxxx | predictive | 中 |
154 | Argument | xxxxx | predictive | 低 |
155 | Argument | xxxxxxxxxxxx | predictive | 中 |
156 | Argument | xxx | predictive | 低 |
157 | Argument | xxx | predictive | 低 |
158 | Argument | xxx_xxxxxx | predictive | 中 |
159 | Argument | xxxxx | predictive | 低 |
160 | Argument | xxxxxxx[x][xxxx] | predictive | 高 |
161 | Argument | xxxxxxx | predictive | 低 |
162 | Argument | xxxx | predictive | 低 |
163 | Argument | xxxxxxxxxx | predictive | 中 |
164 | Argument | xxxxxx | predictive | 低 |
165 | Argument | xxxxxxxxxxxx | predictive | 中 |
166 | Argument | xxxxx | predictive | 低 |
167 | Argument | xxxxx/xxxxxxxx | predictive | 高 |
168 | Argument | xxxxxx | predictive | 低 |
169 | Argument | xxxxx | predictive | 低 |
170 | Argument | xxxxxxxx | predictive | 中 |
171 | Argument | xxxxxxx | predictive | 低 |
172 | Argument | xxxxxxxx | predictive | 中 |
173 | Argument | xxxxxxxxxx | predictive | 中 |
174 | Argument | xxxxxx[xxxxx][xxxxx][x][xxxx] | predictive | 高 |
175 | Argument | xxxxx xxxx/xxxx xxxx | predictive | 高 |
176 | Argument | xxxxx/xxxxx/xxxxx/xxxxxxx | predictive | 高 |
177 | Argument | xxxxxxxx | predictive | 中 |
178 | Argument | xxxxx | predictive | 低 |
179 | Argument | xxxxx | predictive | 低 |
180 | Argument | xxxxx | predictive | 低 |
181 | Argument | xxxxxxxx | predictive | 中 |
182 | Argument | xxxxxxxx | predictive | 中 |
183 | Argument | xx | predictive | 低 |
184 | Argument | xx | predictive | 低 |
185 | Argument | xxxxxxxxx | predictive | 中 |
186 | Argument | xxxxxxxxx | predictive | 中 |
187 | Argument | xxxxx_xxxx | predictive | 中 |
188 | Argument | xx | predictive | 低 |
189 | Argument | xxxxxxxxx | predictive | 中 |
190 | Argument | xxxxxx | predictive | 低 |
191 | Argument | xxxx_xx | predictive | 低 |
192 | Argument | xxxxxxxxx | predictive | 中 |
193 | Argument | xxxx xxxxxx | predictive | 中 |
194 | Argument | xxxxx | predictive | 低 |
195 | Argument | xxxx_xxxxxxxx/xxxxxx_xxxxxxxx/xxxxxx_xxxxxxxx | predictive | 高 |
196 | Argument | xxxx | predictive | 低 |
197 | Argument | xxxxxxxxxx | predictive | 中 |
198 | Argument | xxxx | predictive | 低 |
199 | Argument | xxxxxx | predictive | 低 |
200 | Argument | xxxxxxxx | predictive | 中 |
201 | Argument | xxxx | predictive | 低 |
202 | Argument | xxxxx-xxxxx | predictive | 中 |
203 | Argument | xxxxxxxxxxx | predictive | 中 |
204 | Argument | xxxx_xxxx | predictive | 中 |
205 | Argument | xxxxxx | predictive | 低 |
206 | Argument | xxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxx | predictive | 高 |
207 | Argument | xxxxxx | predictive | 低 |
208 | Argument | xxxx_xxxxxxxx | predictive | 高 |
209 | Argument | xxx | predictive | 低 |
210 | Argument | xxxxxxxxxxx | predictive | 中 |
211 | Argument | xxxxxxxxx | predictive | 中 |
212 | Argument | xxx | predictive | 低 |
213 | Argument | xxxx | predictive | 低 |
214 | Argument | xxxx-xxxxx | predictive | 中 |
215 | Argument | xxxxxxxx | predictive | 中 |
216 | Argument | xxxx_xx | predictive | 低 |
217 | Argument | xxx_xxx | predictive | 低 |
218 | Input Value | ../../../../../../../../../xxx/x.xxx | predictive | 高 |
219 | Input Value | xxxxxx_xxxxxxxx | predictive | 高 |
220 | Network Port | xxx/xx (xxx) | predictive | 中 |
221 | Network Port | xxx/xxxx | predictive | 中 |
222 | Network Port | xxx/xxxx | predictive | 中 |
223 | Network Port | xxx/xxxxx | predictive | 中 |
参考 (29)
The following list contains external sources which discuss the actor and the associated activities:
- https://github.com/vuldb/cyber_threat_intelligence/tree/main/actors/Kaiji
- https://search.censys.io/hosts/23.224.85.39
- https://search.censys.io/hosts/36.152.201.67
- https://search.censys.io/hosts/39.134.69.79
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xx.xxx.xxx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.x.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xx.xxx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xx.xxx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xxx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xx.xxx
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xxx.xx.x
- xxxxx://xxxxxx.xxxxxx.xx/xxxxx/xxx.xx.xxx.xx
- xxxxx://xxxxxxxxx.xxxxx.xx
- xxxxx://xxx.xxxxxxxxxx.xxx/xxx/xxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx
Samples (5)
The following list contains associated samples:
- https://bazaar.abuse.ch/sample/0defd338d2eccc8b865398e038696a1138743631a25b3627b48db3ea40d99460/
- https://bazaar.abuse.ch/sample/0594136e357031978dc6e51bffcf41c7d85c7004be527b0777ca5623c8dc03d9/
- https://bazaar.abuse.ch/sample/7da8f553216859d9f582f69f5183373a61bf02dad9dd3fe466312bcce1a207d6/
- https://bazaar.abuse.ch/sample/7504cc47a4f678a063114be7299971ae8a016e9c520fe4243e30513844dfee69/
- xxxxx://xxxxxx.xxxxx.xx/xxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/