Banload Analysis

IOB - Indicator of Behavior (150)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en148
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us140
ru2
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple Safari4
Cisco IP Interoperability2
Cisco Collaboration System2
Firejail2
Cisco IOS XR2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Portainer API Credentials credentials management7.57.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.004310.04CVE-2018-19466
2Sophos Web Appliance Change Password Dialog Box index.php access control7.56.5$0-$5k$0-$5kHighOfficial Fix0.228150.00CVE-2014-2849
3Facebook API authorize redirect6.35.7$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000000.00
4Microsoft Internet Explorer HTTP/HTTPS Request config4.34.1$25k-$100k$0-$5kProof-of-ConceptUnavailable0.061060.00CVE-2013-1451
5ObiHai ObiPhone 1032/ObiPhone 1062 HTTP Digest Authentication Implementation improper authentication7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000000.02
6Microsoft Office RTF Document Necurs Dridex access control7.06.9$25k-$100k$0-$5kHighOfficial Fix0.974550.05CVE-2017-0199
7SPIP URL headers.php redirect6.15.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001700.00CVE-2019-16393
8Ping Identity Agentless Integration Kit authorization.oauth2 cross site scripting5.25.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.003790.00CVE-2019-13564
9SpamAssassin URI resource management5.95.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.029810.00CVE-2007-0451
10request-baskets API Request {name} server-side request forgery6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.081090.00CVE-2023-27163
11Icinga Web SSH Resource File path traversal6.76.6$0-$5k$0-$5kNot DefinedOfficial Fix0.002940.00CVE-2022-24715
12MyBB Template Password information disclosure4.34.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000000.02
13Adobe Graphics Server information disclosure4.03.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000440.00CVE-2006-1182
14WordPress Password Reset wp-login.php mail password recovery6.15.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.028270.06CVE-2017-8295
15Microsoft Internet Explorer gopher URI memory corruption7.36.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.582610.00CVE-2002-0371
16Chamilo LMS Gradebook Dependencies Tool gradebook_list.tpl cross site scripting4.44.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000540.00CVE-2018-20327
17Crypt_GPG GPG Call Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000610.00CVE-2022-24953
18Git path traversal6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001060.04CVE-2023-23946
19Gitea Git Backend argument injection7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001700.04CVE-2022-42968
20Mattermost Audit Log log file5.65.6$0-$5k$0-$5kNot DefinedOfficial Fix0.001050.03CVE-2023-1831

IOC - Indicator of Compromise (85)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.57.226.202Banload04/23/2022verifiedHigh
213.107.21.200Banload07/22/2021verifiedHigh
323.218.129.107a23-218-129-107.deploy.static.akamaitechnologies.comBanload04/16/2022verifiedHigh
431.13.66.19xx-fbcdn-shv-01-iad3.fbcdn.netBanload07/24/2021verifiedHigh
534.102.185.9999.185.102.34.bc.googleusercontent.comBanload07/24/2021verifiedMedium
634.212.89.14ec2-34-212-89-14.us-west-2.compute.amazonaws.comBanload07/22/2021verifiedMedium
751.254.152.94ns1861.webempresa.euBanload04/16/2022verifiedHigh
852.95.165.35s3-sa-east-1.amazonaws.comBanload07/22/2021verifiedMedium
952.216.76.254s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1052.216.84.109s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1152.216.129.45s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1252.216.245.54s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1352.217.33.190s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1452.217.45.150s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1552.217.48.70s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1652.217.79.142s3-1.amazonaws.comBanload07/22/2021verifiedMedium
1752.217.85.222s3-1.amazonaws.comBanload07/22/2021verifiedMedium
18XX.XXX.XX.XXXxxxxxx05/06/2022verifiedHigh
19XX.XXX.XX.Xxxxxxx.xxxxxx.xxxXxxxxxx04/16/2022verifiedHigh
20XX.XXX.XXX.XXXXxxxxxx07/24/2021verifiedHigh
21XX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
22XX.XX.XXX.XXxxxxxxxxx.xx-xx-xx-xxx.xxXxxxxxx10/08/2022verifiedHigh
23XXX.XXX.XX.XXXXxxxxxx04/23/2022verifiedHigh
24XXX.XXX.XX.XXXXxxxxxx04/23/2022verifiedHigh
25XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
26XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
27XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
28XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx10/08/2022verifiedHigh
29XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx10/08/2022verifiedHigh
30XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx10/08/2022verifiedHigh
31XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxx.x.xxxxxxxxxx.xxxXxxxxxx07/24/2021verifiedHigh
32XXX.XXX.XXX.XXXXxxxxxx07/24/2021verifiedHigh
33XXX.XXX.XX.XXxx-xxxxx-xxx-xx-xxxx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
34XXX.XXX.XX.XXxxxx-xxxx-xxxx-xxx-xx-xxxx.xxxxxxxx.xxxXxxxxxx07/24/2021verifiedHigh
35XXX.XXX.X.XXXxxxxxx04/16/2022verifiedHigh
36XXX.XXX.X.XXXxxxxxx04/16/2022verifiedHigh
37XXX.XX.XXX.XXXxxxxxx07/22/2021verifiedHigh
38XXX.XX.XXX.XXXxxxxxx07/22/2021verifiedHigh
39XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
40XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
41XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
42XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
43XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
44XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
45XXX.XXX.XX.XXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
46XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
47XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
48XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
49XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
50XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
51XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
52XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
53XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
54XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
55XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
56XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
57XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
58XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
59XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
60XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
61XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
62XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
63XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
64XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
65XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
66XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
67XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
68XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
69XXX.XXX.XX.XXxxxx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxx07/24/2021verifiedHigh
70XXX.XXX.XX.XXXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxx04/23/2022verifiedHigh
71XXX.XXX.XX.XXXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxx04/23/2022verifiedHigh
72XXX.XXX.XX.XXXXxxxxxx07/22/2021verifiedHigh
73XXX.XXX.XX.XXxxxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxx05/06/2022verifiedHigh
74XXX.XXX.XXX.XXxxxxxx07/24/2021verifiedHigh
75XXX.XX.XX.XXXxxxxxx07/22/2021verifiedHigh
76XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxx.xxx.xxXxxxxxx07/24/2021verifiedHigh
77XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxx.xxx.xxXxxxxxx07/24/2021verifiedHigh
78XXX.XXX.XXX.XXXxxx.xxxxx.xxxXxxxxxx07/24/2021verifiedHigh
79XXX.XX.XX.XXxxxxxxxx.xxx.xxXxxxxxx04/16/2022verifiedHigh
80XXX.XXX.XXX.XXxxx.xxxxxxx.xxxXxxxxxx07/22/2021verifiedHigh
81XXX.XX.XXX.XXxxx.xxxxxxxxxxx.xxxXxxxxxx04/23/2022verifiedHigh
82XXX.XX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
83XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
84XXX.XX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
85XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (60)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/baskets/{name}predictiveHigh
2File/as/authorization.oauth2predictiveHigh
3File/Forms/WLAN_General_1predictiveHigh
4File/html/portal/flash.jsppredictiveHigh
5File/index.phppredictiveMedium
6File/lua/set-passwd.luapredictiveHigh
7File/oauth/authorizepredictiveHigh
8File/xxxxxxx/predictiveMedium
9File/xxxx/xxxx/xxxx.xxxpredictiveHigh
10File/xxxxxxpredictiveLow
11Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
12Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxx_xxx.xxxpredictiveHigh
14Filexxxx_xxxx.xxxpredictiveHigh
15Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
16Filexxxxxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxxxxx/xxxxxxx.xxxpredictiveHigh
18Filexxxxxxxx/xxxx_xxxxpredictiveHigh
19Filexxxxxxxxx.xxpredictiveMedium
20Filexxxxx.xxxpredictiveMedium
21Filexxxxxxxxx/xx_xxxx_xxxxxxxxx_xxxxx/xx_xxxx_xxxxxxxxx.xxxpredictiveHigh
22Filexxxx.xpredictiveLow
23Filexxxxxxxxxxx/xxxx.xpredictiveHigh
24Filexxxx/xxxxxxxx/xxxxxxx/xxxxx/xxxxxxxxx_xxxx.xxxpredictiveHigh
25Filexxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
26Filexxxxxxxx.xxxpredictiveMedium
27Filexxxxxxx.xxxpredictiveMedium
28Filexxxxxxxxxxx.xxxxpredictiveHigh
29Filexxxxxxxx.xxxpredictiveMedium
30Filexxxxx.xxxxpredictiveMedium
31Filexxxxxx/xxx_xxxxxxx.xxxpredictiveHigh
32Filexxxxxx.xxxpredictiveMedium
33Filexxxxxx.xxxpredictiveMedium
34Filexxxxxxxx.xpredictiveMedium
35Filexx-xxxxx.xxxpredictiveMedium
36ArgumentxxxxxxxxxpredictiveMedium
37ArgumentxxxxxxxxpredictiveMedium
38Argumentxxxxx_xxpredictiveMedium
39Argumentx:xxxxxxxxx/x:xxxxxxxx/x:xxxpredictiveHigh
40Argumentxxxx_xxxxxx=xxxxpredictiveHigh
41ArgumentxxxxpredictiveLow
42ArgumentxxxxxpredictiveLow
43ArgumentxxxxxpredictiveLow
44Argumentxxxxxxx_xxxxpredictiveMedium
45Argumentxxxx/xxxxxxx xxxx/xxxxxxxxxxxpredictiveHigh
46Argumentxxxx/xxxxx/xxxxxxxxpredictiveHigh
47ArgumentxxxxxxxpredictiveLow
48ArgumentxxxxxxxxpredictiveMedium
49Argumentxxxxxxxx_xxxpredictiveMedium
50Argumentxxxxxxxx_xxxx/xxxxxx_xx/xxxxxxxx_xxxpredictiveHigh
51ArgumentxxxxxxpredictiveLow
52ArgumentxxxxxxxxxxpredictiveMedium
53ArgumentxxxpredictiveLow
54ArgumentxxxxxxxxpredictiveMedium
55Input Value.%xxxxpredictiveLow
56Input Value../predictiveLow
57Input Value<xxxxxx>xxxxx('xxx');</xxxxxx>xxxxxxx.xxxpredictiveHigh
58Input Valuexxxxxx_xxxxxxxxpredictiveHigh
59Input Valuexxxx://xx%xx[x-xxxxxxxxxxxxxxxxxxxxpredictiveHigh
60Input Valuexxxxx%xx%xx%xxxxx.xxxxxxx.xxx%xxxx&%xx%xx%xxxxxxxx%xxxxxxx(x)%xx%xxxxxxxx%xxpredictiveHigh

References (8)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!