APT41 Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (29)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en22
ru4
pl2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

US: USA22
RU: Russia4
GB: Great Britain2
ES: Spain2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Mirai1
BlackLotus1
Mikey1
Windigo1
RedLine Stealer1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined8
Content Management System4
Medical Device Software2
WordPress Plugin2
Network Utility Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined10
SourceCodester2
MGB2
haxx.se2
Google2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

UnrealIRCd2
SourceCodester Medical Hub Directory Site2
MGB OpenSource Guestbook2
Theme My Login Plugin2
haxx.se cURL2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot defined 0.003300.08CVE-2009-4935
2Esoftpro Online Guestbook Pro ogp_show.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable 0.013460.04CVE-2009-2441
3HPE iLO 5 Local Privilege Escalation7.37.1$5k-$25k$0-$5kNot definedOfficial fix 0.000480.00CVE-2022-28634
4Kailash Nadh boastMachine information disclosure5.35.3$0-$5k$0-$5kNot definedNot defined 0.004110.07CVE-2006-3831
5Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot definedNot defined 0.000000.49
6Theme My Login Plugin authorization4.34.2$0-$5k$0-$5kNot definedNot defined 0.001450.06CVE-2024-32525
7Netgear SRX5308 Web Management Interface platform.cgi cross site scripting3.23.1$5k-$25k$0-$5kProof-of-ConceptNot defined 0.000650.03CVE-2023-2387
8Host Discard Service privileges management7.37.1$0-$5k$0-$5kHighWorkaroundpossible0.004670.02CVE-1999-0636
9VMware Spring Security Authorization Rule String.toUpperCase authorization4.54.4$5k-$25k$0-$5kNot definedOfficial fix 0.000760.00CVE-2024-38827
10UnrealIRCd input validation7.37.3$0-$5k$0-$5kHighNot definedpossible0.721590.00CVE-2010-2075
11MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailablepossible0.018020.28CVE-2007-0354
12LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot definedUnavailable 0.000000.42
13JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot defined 0.063100.56CVE-2010-5048
14Apache HTTP Server mod_reqtimeout resource management5.35.1$5k-$25k$0-$5kNot definedOfficial fixexpected0.888580.36CVE-2007-6750
15Atlassian JIRA Server/Data Center Private Project key information disclosure4.34.1$0-$5k$0-$5kNot definedOfficial fix 0.004000.00CVE-2021-39121
16WordPress Admin Pages type confusion6.56.4$5k-$25k$0-$5kNot definedOfficial fix 0.041580.07CVE-2019-17675
17tough-cookie Cookies prototype pollution7.97.8$0-$5k$0-$5kNot definedOfficial fix 0.051910.11CVE-2023-26136
18SourceCodester Medical Hub Directory Site view_details.php sql injection6.36.1$0-$5k$0-$5kNot definedNot defined 0.002380.12CVE-2022-28533
19Terrasoft Bpm'online CRM-System SDK Terrasoft.Core.DB.Column.Const sql injection8.58.5$0-$5k$0-$5kNot definedNot defined 0.003070.06CVE-2019-15301
20Google Chrome GIF Decoder numeric error5.34.8$5k-$25kCalculatingProof-of-ConceptOfficial fix 0.013840.02CVE-2012-2849

Campaigns (8)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (194)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
13.1.206.135ec2-3-1-206-135.ap-southeast-1.compute.amazonaws.comAPT4106/17/2024verifiedLow
25.183.101.21bestofgy.co.ukAPT41MoonBounce01/21/2022verifiedLow
35.183.101.114APT41MoonBounce01/21/2022verifiedLow
45.183.103.122APT41MoonBounce01/21/2022verifiedLow
55.188.93.132gcorelabs.paris.vpn015APT41MoonBounce01/21/2022verifiedVery Low
65.188.108.22pol1.htjsq.comAPT41MoonBounce01/21/2022verifiedLow
75.188.108.228xc5.exclusivacondominios.comAPT41MoonBounce01/21/2022verifiedLow
85.189.222.33spain466.esAPT41MoonBounce01/21/2022verifiedLow
98.209.255.168APT4106/17/2024verifiedHigh
108.218.156.56APT4106/17/2024verifiedHigh
1113.250.182.175ec2-13-250-182-175.ap-southeast-1.compute.amazonaws.comAPT4106/17/2024verifiedLow
1216.162.24.214ec2-16-162-24-214.ap-east-1.compute.amazonaws.comAPT4106/17/2024verifiedLow
1318.118.56.237ec2-18-118-56-237.us-east-2.compute.amazonaws.comAPT41CVE-2021-4420703/11/2022verifiedVery Low
1418.143.183.217ec2-18-143-183-217.ap-southeast-1.compute.amazonaws.comAPT4106/17/2024verifiedLow
1518.163.182.3ec2-18-163-182-3.ap-east-1.compute.amazonaws.comAPT4106/17/2024verifiedLow
1620.121.42.11APT41CVE-2021-4420703/11/2022verifiedLow
1723.67.95.153a23-67-95-153.deploy.static.akamaitechnologies.comAPT4110/06/2021verifiedLow
1823.133.5.48APT4106/17/2024verifiedHigh
1923.225.199.162APT4106/17/2024verifiedHigh
2023.225.199.164APT4106/17/2024verifiedHigh
2123.225.199.165APT4106/17/2024verifiedHigh
2227.102.114.105APT4106/17/2024verifiedHigh
2327.124.37.62APT4106/17/2024verifiedHigh
2427.124.37.63APT4106/17/2024verifiedHigh
2527.124.37.65APT4106/17/2024verifiedHigh
2634.139.13.4646.13.139.34.bc.googleusercontent.comAPT41CVE-2021-4420703/11/2022verifiedLow
2736.255.220.179APT4106/17/2024verifiedHigh
2838.55.97.178APT41LightSpy11/14/2024verifiedVery High
2939.106.32.186APT4106/17/2024verifiedHigh
3043.229.155.38APT4106/17/2024verifiedHigh
31XX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
32XX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
33XX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
34XX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
35XX.XXX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
36XX.XXX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
37XX.XXX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
38XX.XXX.XXX.XXXXxxxx12/23/2020verifiedLow
39XX.XX.XXX.XXXXxxxxXxxxxxxx04/18/2022verifiedLow
40XX.XX.X.XXXxx.xx.x.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
41XX.XX.XX.XXXxx.xx.xx.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
42XX.XX.XXX.XXXxxxxxxx.xxxxxxx.xxxxXxxxx06/17/2024verifiedMedium
43XX.XX.XX.XXXxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxx06/17/2024verifiedHigh
44XX.XX.X.XXXxxxxxxxx.xx.xxxxxxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedVery Low
45XX.XX.XX.XXXxxxxXxx-xxxx-xxxx08/02/2024verifiedVery High
46XX.XX.XX.XXXxxxxXxx-xxxx-xxxx08/02/2024verifiedVery High
47XX.XXX.XX.XXXxxxx.xxxxxxxxx.xxxxxxxxx.xxxXxxxxXxxxxxxx11/14/2024verifiedVery High
48XX.XXX.XXX.XXxxxxXxxxxxxxxx01/21/2022verifiedLow
49XX.XXX.XXX.XXXxxxxXxxxxxxxxx01/21/2022verifiedLow
50XX.XXX.XXX.XXxxxx.xxxxxxxxxxx.xxXxxxx09/14/2021verifiedLow
51XX.XXX.XXX.XXxxxxxxx.xxxxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
52XX.XXX.XXX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
53XX.XXX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
54XX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
55XX.XX.XX.XXXxxxxXxxxxxxx10/29/2023verifiedHigh
56XX.XXX.XX.XXXxxxxXxx-xxxx-xxxxx09/06/2024verifiedVery High
57XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedVery Low
58XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxx06/17/2024verifiedLow
59XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedVery Low
60XX.XX.XXX.XXXXxxxxXxx-xxxx-xxxx08/02/2024verifiedVery High
61XX.XX.XX.XXXxxxxXxx-xxxx-xxxxx09/06/2024verifiedVery High
62XX.XX.XX.XXXxxxx12/23/2020verifiedLow
63XX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxxxxxx.xx.xxXxxxx12/23/2020verifiedVery Low
64XX.XX.XX.XXXxx.xx.xx.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
65XX.XX.XX.XXXxx.xx.xx.xxx.xxxxx.xxxXxxxxXxx-xxxx-xxxxx12/12/2020verifiedVery Low
66XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
67XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
68XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxxxxx.xxxXxxxx05/31/2021verifiedVery Low
69XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxx.xxxxx.xxxXxxxx12/23/2020verifiedVery Low
70XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxx.xxxxx.xxxXxxxx12/23/2020verifiedVery Low
71XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxx.xxxxx.xxxXxxxx12/23/2020verifiedVery Low
72XX.XXX.XXX.XXXXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
73XX.XX.XXX.XXxx.xx.xxx.xx.xxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedVery Low
74XX.XX.XXX.Xxx.xx.xxx.x.xxxxxxxx.xxxXxxxx12/15/2020verifiedVery Low
75XX.XXX.XXX.XXxx-xxxxx.xxxXxxxx12/15/2020verifiedLow
76XX.XX.XXX.XXXxxxxxxx-x-xx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedLow
77XX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedLow
78XX.XX.XX.XXXXxxxxXxx-xxxx-xxxxx09/06/2024verifiedVery High
79XX.XXX.XX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxx10/21/2024verifiedVery High
80XXX.XX.X.XXxxx.xx.x.xx.xxxxxx.xxxx.xxxXxxxx05/31/2021verifiedLow
81XXX.XX.X.XXXxxx.xx.x.xxx.xxxxxx.xxxx.xxxXxxxx05/31/2021verifiedLow
82XXX.XX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
83XXX.XX.XXX.XXXXxxxxXxxxxxxx10/29/2023verifiedHigh
84XXX.XX.XXX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
85XXX.XX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
86XXX.XX.XX.XXXXxxxx06/17/2024verifiedHigh
87XXX.XX.XX.XXXxxxx07/21/2023verifiedHigh
88XXX.XX.XX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
89XXX.XX.XX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
90XXX.XX.XX.XXXxxxx06/17/2024verifiedHigh
91XXX.XX.XXX.XXXxxxxXxx-xxxx-xxxx08/02/2024verifiedVery High
92XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxx.xxxxxxxx.xxxXxxxx05/31/2021verifiedLow
93XXX.XX.XXX.XXXxxxxXxx-xxxx-xxxx08/02/2024verifiedVery High
94XXX.XXX.XX.XXXxxxx05/31/2021verifiedLow
95XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
96XXX.XXX.XXX.XXXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
97XXX.XXX.XX.XXXxxxx06/17/2024verifiedHigh
98XXX.XXX.XX.XXXxxxx06/17/2024verifiedHigh
99XXX.XXX.XXX.XXXXxxxxXxxxxxxx11/15/2024verifiedVery High
100XXX.XX.XX.XXxxxx05/24/2024verifiedHigh
101XXX.XX.X.XXXXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
102XXX.XX.X.XXXXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
103XXX.XX.XX.XXxxxx05/24/2024verifiedHigh
104XXX.XX.XX.XXxxxx05/24/2024verifiedHigh
105XXX.XX.XXX.XXXXxxxx10/06/2021verifiedLow
106XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxx.xxxXxxxx05/31/2021verifiedVery Low
107XXX.XX.XXX.XXXxxxx06/17/2024verifiedHigh
108XXX.XX.XXX.XXXxxxx06/17/2024verifiedHigh
109XXX.XXX.XXX.XXxxx-xxx-xxx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
110XXX.XXX.XX.XXXxxx-xxx-xx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxx05/31/2021verifiedLow
111XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxx.xxxXxxxx05/31/2021verifiedVery Low
112XXX.XX.XXX.XXXXxxxx05/31/2021verifiedLow
113XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xx.xxxxxx.xxxxxxxx.xxxXxxxx12/21/2020verifiedLow
114XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
115XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
116XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
117XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
118XXX.XXX.X.XXXxxxx07/21/2023verifiedHigh
119XXX.XX.XXX.XXxxxx05/31/2021verifiedLow
120XXX.XX.XXX.XXXxxxx05/31/2021verifiedLow
121XXX.XXX.XX.XXXXxxxx07/21/2023verifiedHigh
122XXX.XXX.XXX.XXXXxxxx05/31/2021verifiedLow
123XXX.XXX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
124XXX.X.XXX.XXXxxx-xxx-x-xxx-xxx.xxxxxxx.xxxxxxxx-xxx.xxxXxxxx06/17/2024verifiedLow
125XXX.XXX.XXX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
126XXX.XX.XXX.XXXxxxx07/21/2023verifiedHigh
127XXX.XXX.XXX.XXXxxxx07/21/2023verifiedHigh
128XXX.XX.XXX.XXXXxxxx05/31/2021verifiedLow
129XXX.XXX.XXX.XXXXxxxx06/17/2024verifiedHigh
130XXX.XXX.XXX.XXXxxx-xxx-xxxxx.xx.xxxxxx.xx.xxXxxxx12/23/2020verifiedLow
131XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedVery Low
132XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
133XXX.XX.XXX.XXxxxx06/17/2024verifiedHigh
134XXX.XXX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxx12/23/2020verifiedLow
135XXX.XXX.XXX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxx06/11/2021verifiedLow
136XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxx.xxxXxxxx10/06/2021verifiedVery Low
137XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedVery Low
138XXX.XX.XX.XXxxxxxxxx.xxxxxxxxx.xxxXxxxx05/31/2021verifiedLow
139XXX.XX.XX.XXxxx.xx.xx.xx.xxxxx.xxxXxxxx10/06/2021verifiedVery Low
140XXX.XX.XX.XXxxx.xx.xx.xx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
141XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxXxxxxxxx04/18/2022verifiedLow
142XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
143XXX.XXX.X.XXXXxxxx05/31/2021verifiedLow
144XXX.XX.XXX.XXXxxx.xxx.xx.xxxXxxxx10/21/2024verifiedVery High
145XXX.XX.XXX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
146XXX.XXX.XXX.XXXXxxxx06/17/2024verifiedHigh
147XXX.XXX.XXX.XXXXxxxx05/31/2021verifiedLow
148XXX.XXX.XXX.XXXXxxxx12/21/2020verifiedLow
149XXX.XXX.X.XXXXxxxx06/17/2024verifiedHigh
150XXX.XX.XXX.XXXxxxx-xxxxxx.xxxXxxxx12/23/2020verifiedLow
151XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxx06/11/2021verifiedLow
152XXX.XX.XXX.XXXXxxxx05/31/2021verifiedLow
153XXX.XXX.X.XXxxxx05/31/2021verifiedLow
154XXX.XX.XXX.XXxxxx05/24/2024verifiedHigh
155XXX.XXX.XXX.XXxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
156XXX.XXX.XX.XXxxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedLow
157XXX.XXX.XXX.XXXXxxxxXxxxxxxxxx01/21/2022verifiedLow
158XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxx.xxxx.xxxXxxxx12/23/2020verifiedVery Low
159XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxx.xxxx.xxxXxxxx12/23/2020verifiedVery Low
160XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxx.xxxx.xxxXxxxx12/23/2020verifiedVery Low
161XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxx.xxxXxxxx05/31/2021verifiedVery Low
162XXX.XXX.XX.XXxxxxXxxxxXxx-xxxx-xxxxx09/06/2024verifiedVery High
163XXX.XXX.XX.XXxxx.xxx.xx.xx.xx.xxxxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
164XXX.XX.XX.XXxx.xxxxxxxXxxxx10/06/2021verifiedLow
165XXX.XXX.XXX.XXXxxxxxxxxxxxx.xxxxxxx.xxXxxxxXxxxxxxx04/18/2022verifiedLow
166XXX.XXX.XXX.XXxxxx.xxXxxxxXxxxxxxx04/18/2022verifiedLow
167XXX.XXX.XXX.XXxxxxxx.xxxxxxx.xxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
168XXX.XXX.XXX.XXxxxxxx.xxxx.xxXxxxx12/21/2020verifiedLow
169XXX.XXX.XX.XXXXxxxxXxxxxxxxxx01/21/2022verifiedLow
170XXX.XXX.XX.XXxx.xx.xxx.xxx.xxxx-xxxxxx.xxxXxxxxXxx-xxxx-xxxxx09/06/2024verifiedVery High
171XXX.XX.XXX.XXXXxxxx06/17/2024verifiedHigh
172XXX.XX.XX.XXXxxxxxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedLow
173XXX.XX.XXX.XXXxxxx10/06/2021verifiedLow
174XXX.XXX.XXX.XXXXxxxx06/17/2024verifiedHigh
175XXX.XXX.XXX.XXXxxxx06/17/2024verifiedHigh
176XXX.XXX.XXX.XXXXxxxx06/17/2024verifiedHigh
177XXX.XXX.XX.XXxxxxxxxx.xx.xxxxxxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedVery Low
178XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx03/11/2022verifiedLow
179XXX.XX.XXX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
180XXX.XX.XXX.XXXXxxxx06/17/2024verifiedHigh
181XXX.XX.XXX.XXXXxxxx06/17/2024verifiedHigh
182XXX.XX.XXX.XXXXxxxx06/17/2024verifiedHigh
183XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxx06/17/2024verifiedHigh
184XXX.XX.X.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
185XXX.XX.X.XXXxxxxXxxxxxxx11/14/2024verifiedVery High
186XXX.XX.XX.XXXXxxxxXxxxxxxx11/14/2024verifiedVery High
187XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxx.xxxXxxxx12/21/2020verifiedLow
188XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxXxxxxxxx11/14/2024verifiedVery High
189XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
190XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxx.xxxXxxxx05/31/2021verifiedVery Low
191XXX.XXX.XXX.XXXxxxxxxxx-xxxxx-xxxxxxxx-xx.xxx.xxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxXxx-xxxx-xxxxx09/06/2024verifiedHigh
192XXX.XX.XXX.XXXXxxxx12/21/2020verifiedLow
193XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxx.xxxXxxxxXxxxxxxxxx01/21/2022verifiedVery Low
194XXX.XXX.XXX.XXXxxxxXxxxxxxx11/14/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1059CAPEC-1CWE-1321Argument InjectionpredictiveHigh
2T1059.007CAPEC-209CWE-79Basic Cross Site ScriptingpredictiveHigh
3TXXXXCAPEC-XXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
5TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
6TXXXXCAPEC-XXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forum/away.phppredictiveHigh
2File/mhds/clinic/view_details.phppredictiveHigh
3File/rest/api/latest/projectvalidate/keypredictiveHigh
4Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
5Filexxxxx.xxxpredictiveMedium
6Filexxx_xxxx.xxxpredictiveMedium
7Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxx.xxxpredictiveHigh
8Libraryxxx/xxxxxx.xpredictiveMedium
9ArgumentxxxxxxxpredictiveLow
10ArgumentxxxxxpredictiveLow
11ArgumentxxpredictiveLow
12ArgumentxxxxpredictiveLow
13ArgumentxxxxxpredictiveLow
14ArgumentxxxxxxxxxxxpredictiveMedium

References (23)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

This view requires CTI permissions

Just purchase a CTI license today!