Papua New Guinea Unknown 解析
IOB - Indicator of Behavior (636)
アクティビティ
関心
脆弱性
IOC - Indicator of Compromise (185)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (21)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (173)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | クラス | Indicator | タイプ | 信頼度 |
---|---|---|---|---|
1 | File | .htaccess | predictive | 中 |
2 | File | /admin.php?p=/Area/index#tab=t2 | predictive | 高 |
3 | File | /api/v1/terminal/sessions/?limit=1 | predictive | 高 |
4 | File | /apiclient/ember/index.jsp | predictive | 高 |
5 | File | /Application/Admin/Controller/ConfigController.class.php | predictive | 高 |
6 | File | /bin/boa | predictive | 中 |
7 | File | /cimom | predictive | 低 |
8 | File | /etc/sysconfig/tomcat | predictive | 高 |
9 | File | /forum/away.php | predictive | 高 |
10 | File | /getcfg.php | predictive | 中 |
11 | File | /goform | predictive | 低 |
12 | File | /login/index.php | predictive | 高 |
13 | File | /mgmt/tm/util/bash | predictive | 高 |
14 | File | /printers | predictive | 中 |
15 | File | /SASWebReportStudio/logonAndRender.do | predictive | 高 |
16 | File | /src/dede/makehtml_js_action.php | predictive | 高 |
17 | File | /sysmanage/edit_manageadmin.php | predictive | 高 |
18 | File | /uncpath/ | predictive | 中 |
19 | File | /wp-json/oembed/1.0/embed?url | predictive | 高 |
20 | File | /_xxx_xxx/xxxxxx.xxx | predictive | 高 |
21 | File | xxxxxxxxxxxxx.xxxx | predictive | 高 |
22 | File | xxxxxxx.xxx | predictive | 中 |
23 | File | xxxxxxxxx.xxx | predictive | 高 |
24 | File | xxxxx.xxx | predictive | 中 |
25 | File | xxxxx/xxxxxx/xxxx.xxxx | predictive | 高 |
26 | File | xxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxx | predictive | 高 |
27 | File | xxx/xxxxx/xxxxxxxxxx/xxxx.xxx | predictive | 高 |
28 | File | xxxxxxxx.xxx | predictive | 中 |
29 | File | xxxxxxx_xxxx_xxxxxxx_xxxxxx_xxx.x | predictive | 高 |
30 | File | xxxxxxx_xxxxxxxxx_xxxx.xxx | predictive | 高 |
31 | File | xxxxxx.x | predictive | 中 |
32 | File | xxxxxxxx/xxxxx.x | predictive | 高 |
33 | File | xxx.x | predictive | 低 |
34 | File | xxxxx.xxxxxxxxxxx.xxxx[x]=xxx | predictive | 高 |
35 | File | xxxxxx/xxx.x | predictive | 中 |
36 | File | xxxx/xxxxxx/xxxx.xxx | predictive | 高 |
37 | File | xxxx/xxxxxx/xxxxxxxxxxxxxx.xxx | predictive | 高 |
38 | File | x_xxxxxx | predictive | 中 |
39 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | 高 |
40 | File | xxx\xxxxxx\xxxxxxxxxxx\xxxxx\xxxxxxxxxxxxx.xxx | predictive | 高 |
41 | File | xxxxxxx/xxxx/xxxx/xxxx_xxxxxxxxxx.x | predictive | 高 |
42 | File | xxxxxxx/xxx/xxx-xxxxxxxx.x | predictive | 高 |
43 | File | xxxxxxx/xxx/xxxxxxxx/xxxxx.x | predictive | 高 |
44 | File | xxxxxxx/xxx/xxxxxx/xxxxxxxx/xxxxx.x | predictive | 高 |
45 | File | xxxx/xxxxxxxxxx/xxxxxx-xxxx.x | predictive | 高 |
46 | File | xxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.x | predictive | 高 |
47 | File | xxxxxxxx.xxx | predictive | 中 |
48 | File | xxxxxxxxxxxx.xxx | predictive | 高 |
49 | File | xxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
50 | File | xx/xxxxx/xxxxx.x | predictive | 高 |
51 | File | xxxxxxxxx/xxxx-xxxxxxx-xxx.xxx | predictive | 高 |
52 | File | xxxx.xxx | predictive | 中 |
53 | File | xxxxxxxxxxxxxxxxxxx.xxxx | predictive | 高 |
54 | File | xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxx | predictive | 高 |
55 | File | xxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxx | predictive | 高 |
56 | File | xxxxx.xxx | predictive | 中 |
57 | File | xxxxxxx.x | predictive | 中 |
58 | File | x_xxxxxxxx_xxxxx | predictive | 高 |
59 | File | xxxx\xxxxxxx\xxxxxxxxxx.xxxxx.xxx | predictive | 高 |
60 | File | xxx_xxxxx_xxxx.x | predictive | 高 |
61 | File | xxxxxxxx.xxx | predictive | 中 |
62 | File | xxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxx | predictive | 高 |
63 | File | xxxx | predictive | 低 |
64 | File | xxx/xxxx/xxxx_xxxxxx.x | predictive | 高 |
65 | File | xx.xx | predictive | 低 |
66 | File | xxx/xxxxx.xxxx | predictive | 高 |
67 | File | xxxx_xxxx.x | predictive | 中 |
68 | File | xxx_xxx.x | predictive | 中 |
69 | File | xxxx/xxxxxxxxx.xxx | predictive | 高 |
70 | File | xxxxxxx.xxx | predictive | 中 |
71 | File | xxxxxxxxxxxxxxxxxxxxxxxxxxx!xxxxxxx.xxxx | predictive | 高 |
72 | File | xxxxxxxx.x | predictive | 中 |
73 | File | xxxxx.xxx | predictive | 中 |
74 | File | xxxxxxxx.xxx | predictive | 中 |
75 | File | xxxxxxx.xx | predictive | 中 |
76 | File | xxxx/xxx/xxx_xxxx.x | predictive | 高 |
77 | File | xxxxxx.xx | predictive | 中 |
78 | File | xxxxx/xxxxxxxxxxxx/xxxxxxx/xxx.xxxx | predictive | 高 |
79 | File | xxxxxx\xxxxxx\xxxxxx\xxx\xxxxxx\xxx.xxx | predictive | 高 |
80 | File | xxxxxxxxxxxxxxxx.xx | predictive | 高 |
81 | File | xxxxxxxxxxxxxxx/xxxxxxxxxxxx.xxx | predictive | 高 |
82 | File | xxxxxx.xxx | predictive | 中 |
83 | File | xxxxxxxxxxxxxxx.xxx | predictive | 高 |
84 | File | xxxx.x | predictive | 低 |
85 | File | xxxxxxxx.xxx | predictive | 中 |
86 | File | xxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxx | predictive | 高 |
87 | File | xxxx-xxxxx.xxx | predictive | 高 |
88 | File | xxxxxxxxxx.xxx | predictive | 高 |
89 | File | xxxxx/xxxxxxxx.x | predictive | 高 |
90 | File | xxxxxxxxxxxxxx.xxx/xxxxxxxxxxxxxxxx.xxx | predictive | 高 |
91 | File | xxxxxxxx/xxxxxxxx | predictive | 高 |
92 | File | xxxx/xxx/xxxx-xxxxx.xxx | predictive | 高 |
93 | File | xxxxx.x | predictive | 低 |
94 | File | xxxxxx.xxx | predictive | 中 |
95 | File | xxxxxx.x | predictive | 中 |
96 | File | xxxxxxxx.x | predictive | 中 |
97 | File | xxxxxx.xxx | predictive | 中 |
98 | Library | xxxxx.xxx | predictive | 中 |
99 | Library | xxxxx.xxx | predictive | 中 |
100 | Library | xxx/xxxxxxxx.xx | predictive | 高 |
101 | Library | xxxx | predictive | 低 |
102 | Library | xxxxxxxx.xxx | predictive | 中 |
103 | Library | xxxxxxxxx.x.x.xxx.xxx | predictive | 高 |
104 | Library | xxxxxxx.xxx | predictive | 中 |
105 | Argument | $xxxx['xxxx'] | predictive | 高 |
106 | Argument | $_xxxxx | predictive | 低 |
107 | Argument | $_xxxxxx['xxxxx_xxxxxx'] | predictive | 高 |
108 | Argument | x@xxxx | predictive | 低 |
109 | Argument | xxx_xxxxxx_xxxxx | predictive | 高 |
110 | Argument | xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxx | predictive | 高 |
111 | Argument | xxxxxx_xxxx | predictive | 中 |
112 | Argument | xxx | predictive | 低 |
113 | Argument | xxxxx.xxxxxxxxxxx.xxxx[x]=xxx | predictive | 高 |
114 | Argument | xxx | predictive | 低 |
115 | Argument | xxxxxxx | predictive | 低 |
116 | Argument | xxxx | predictive | 低 |
117 | Argument | xx | predictive | 低 |
118 | Argument | xxxx/xxxx/xxxxxxxxx | predictive | 高 |
119 | Argument | xxxxxxxx | predictive | 中 |
120 | Argument | xxxxxxxx | predictive | 中 |
121 | Argument | xxxx | predictive | 低 |
122 | Argument | xxxx | predictive | 低 |
123 | Argument | xx | predictive | 低 |
124 | Argument | xx/xxxxx | predictive | 中 |
125 | Argument | xxxxxxxxxxxxxxxx | predictive | 高 |
126 | Argument | xxx | predictive | 低 |
127 | Argument | xxxxxxx | predictive | 低 |
128 | Argument | xxxxxxxxxx | predictive | 中 |
129 | Argument | x_xxxxxxxx | predictive | 中 |
130 | Argument | xxxx | predictive | 低 |
131 | Argument | xxxxxx | predictive | 低 |
132 | Argument | xxxxxxxxxx/xxxxxxxxxxxx | predictive | 高 |
133 | Argument | xxxx | predictive | 低 |
134 | Argument | xxx_xxx_xxx | predictive | 中 |
135 | Argument | xxx | predictive | 低 |
136 | Argument | xxxx | predictive | 低 |
137 | Argument | xxxx[] | predictive | 低 |
138 | Argument | xxxxxxxx | predictive | 中 |
139 | Argument | xxxxxxxx | predictive | 中 |
140 | Argument | xxxx | predictive | 低 |
141 | Argument | xxxxx_xxxxxx | predictive | 中 |
142 | Argument | xxxxxxxxx | predictive | 中 |
143 | Argument | xxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxx | predictive | 高 |
144 | Argument | xxxxxx | predictive | 低 |
145 | Argument | xxxxxx/xxxxxx_xxxxxx | predictive | 高 |
146 | Argument | xxxxxxxxxxxxxxxxxxx | predictive | 高 |
147 | Argument | xxxxxxxx | predictive | 中 |
148 | Argument | xxxxxxxxx | predictive | 中 |
149 | Argument | xxxxxxxx | predictive | 中 |
150 | Argument | xxxxxx | predictive | 低 |
151 | Argument | xxxxx | predictive | 低 |
152 | Argument | xxxxxx | predictive | 低 |
153 | Argument | xxx | predictive | 低 |
154 | Argument | xxx | predictive | 低 |
155 | Argument | xxxxxxxx | predictive | 中 |
156 | Argument | xxxxxxxxxx | predictive | 中 |
157 | Argument | xxxx->xxxxxxx | predictive | 高 |
158 | Argument | x-xxxx-xxxxx | predictive | 中 |
159 | Input Value | -x | predictive | 低 |
160 | Input Value | /../../../../../../../../../../../../xxx/xxxxxx | predictive | 高 |
161 | Input Value | /<xxxxxxxx> | predictive | 中 |
162 | Input Value | /xxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxx/x&xxxx;);%xxxxxxx('xxx');xxx('/xxxxxxxxx/xxxxxxxxxx/xxxxxxxxxx | predictive | 高 |
163 | Input Value | ::$xxxxx_xxxxxxxxxx | predictive | 高 |
164 | Input Value | <xxxxxx>xxxxx(x)</xxxxxx> | predictive | 高 |
165 | Input Value | xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx | predictive | 高 |
166 | Input Value | xxx?xxx#xxx | predictive | 中 |
167 | Input Value | \x | predictive | 低 |
168 | Pattern | xxxxxxxxxxx | predictive | 中 |
169 | Pattern | |xx| | predictive | 低 |
170 | Network Port | xxxxx xxx-xxx, xxx | predictive | 高 |
171 | Network Port | xxx/xx (xxx xxxxxxxx) | predictive | 高 |
172 | Network Port | xxx/xxxx | predictive | 中 |
173 | Network Port | xxx xxxxxx xxxx | predictive | 高 |
参考 (4)
The following list contains external sources which discuss the actor and the associated activities:
- https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_pg.netset
- xxxxx://xxxxxx.xxx/xxxxxxx/xxxxxxxxx-xxxxxx/xxxx/xxxxxx/xxxxxxxxxxx_xxxxxxx/xxxxxxxxxxx_xxxxxxx_xx.xxxxxx
- xxxxx://xxxxxx.xxx/xxxxxxx/xxxxxxxxx-xxxxxx/xxxx/xxxxxx/xxxx_xxxxxxx/xxxx_xxxxxxx_xx.xxxxxx
- xxxxx://xxxxxx.xxx/xxxxx/xxxxx_xxxxxx_xxxxxxxxxxxx/xxxx/xxxx/xxxxxx/xxxxx%xxxxx%xxxxxxxx%xxxxxxxxx