Banload Analysis

IOB - Indicator of Behavior (137)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en138

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us132
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Zoho ManageEngine OpManager4
WordPress2
Cisco IP Interoperability2
Cisco Collaboration System2
PHPMailer2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Portainer API Credentials credentials management7.56.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.040.12492CVE-2018-19466
2Sophos Web Appliance Change Password Dialog Box index.php access control7.56.5$0-$5k$0-$5kHighOfficial Fix0.010.01132CVE-2014-2849
3Facebook API authorize redirect6.35.7$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.020.00000
4Microsoft Internet Explorer HTTP/HTTPS Request config4.34.1$25k-$100k$0-$5kProof-of-ConceptUnavailable0.020.37448CVE-2013-1451
5ObiHai ObiPhone 1032/ObiPhone 1062 HTTP Digest Authentication Implementation improper authentication7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00000
6Microsoft Office RTF Document Necurs Dridex access control7.06.9$25k-$100k$0-$5kHighOfficial Fix0.060.95487CVE-2017-0199
7SPIP URL headers.php redirect6.15.8$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01108CVE-2019-16393
8Ping Identity Agentless Integration Kit authorization.oauth2 cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.01018CVE-2019-13564
9SpamAssassin URI resource management5.95.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.060.07344CVE-2007-0451
10MyBB Template Password information disclosure4.34.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00000
11Adobe Graphics Server information disclosure4.03.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.05462CVE-2006-1182
12WordPress Password Reset wp-login.php mail password recovery6.15.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.020.23476CVE-2017-8295
13Microsoft Internet Explorer gopher URI memory corruption7.36.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.63976CVE-2002-0371
14VMware RabbitMQ Installer permission5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01404CVE-2021-22117
15IdentityServer4 URI cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01018CVE-2018-8899
16MidiCart midicart.mdb information disclosure5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.010.04187CVE-2002-1432
17Genymotion Desktop Clipboard information disclosure4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.010.01108CVE-2021-27549
18Liferay Portal CE javascript URI flash.jsp cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.020.01055CVE-2017-1000425
19Apple Safari input validation7.57.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.050.01183CVE-2018-4208
20Cisco SocialMiner Web-based Management Interface Stored cross site scripting5.75.7$5k-$25k$0-$5kNot DefinedNot Defined0.060.01055CVE-2018-15435

IOC - Indicator of Compromise (88)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.57.226.202BanloadverifiedHigh
213.107.21.200BanloadverifiedHigh
323.218.129.107a23-218-129-107.deploy.static.akamaitechnologies.comBanloadverifiedHigh
431.13.66.19xx-fbcdn-shv-01-iad3.fbcdn.netBanloadverifiedHigh
534.102.185.9999.185.102.34.bc.googleusercontent.comBanloadverifiedMedium
634.212.89.14ec2-34-212-89-14.us-west-2.compute.amazonaws.comBanloadverifiedMedium
751.254.152.94ns1861.webempresa.euBanloadverifiedHigh
852.95.165.35s3-sa-east-1.amazonaws.comBanloadverifiedMedium
952.216.76.254s3-1.amazonaws.comBanloadverifiedMedium
1052.216.84.109s3-1.amazonaws.comBanloadverifiedMedium
1152.216.129.45s3-1.amazonaws.comBanloadverifiedMedium
1252.216.245.54s3-1.amazonaws.comBanloadverifiedMedium
1352.217.33.190s3-1.amazonaws.comBanloadverifiedMedium
1452.217.45.150s3-1.amazonaws.comBanloadverifiedMedium
1552.217.48.70s3-1.amazonaws.comBanloadverifiedMedium
1652.217.79.142s3-1.amazonaws.comBanloadverifiedMedium
1752.217.85.222s3-1.amazonaws.comBanloadverifiedMedium
1864.136.20.39BanloadverifiedHigh
19XX.XXX.XX.Xxxxxxx.xxxxxx.xxxXxxxxxxverifiedHigh
20XX.XXX.XXX.XXXXxxxxxxverifiedHigh
21XX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
22XX.XX.XXX.XXxxxxxxxxx.xx-xx-xx-xxx.xxXxxxxxxverifiedHigh
23XXX.XXX.XX.XXXXxxxxxxverifiedHigh
24XXX.XXX.XX.XXXXxxxxxxverifiedHigh
25XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
26XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
27XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
28XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
29XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
30XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
31XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxx.x.xxxxxxxxxx.xxxXxxxxxxverifiedHigh
32XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
33XXX.XXX.XX.XXxx-xxxxx-xxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
34XXX.XXX.XX.XXxxxx-xxxx-xxxx-xxx-xx-xxxx.xxxxxxxx.xxxXxxxxxxverifiedHigh
35XXX.XXX.X.XXXxxxxxxverifiedHigh
36XXX.XXX.X.XXXxxxxxxverifiedHigh
37XXX.XX.XXX.XXXxxxxxxverifiedHigh
38XXX.XX.XXX.XXXxxxxxxverifiedHigh
39XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
40XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
41XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
42XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
43XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
44XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
45XXX.XXX.XX.XXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
46XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
47XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
48XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
49XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
50XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
51XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
52XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
53XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxverifiedHigh
54XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
55XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
56XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
57XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
58XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
59XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
60XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
61XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
62XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
63XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
64XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
65XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
66XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
67XXX.XXX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
68XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
69XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
70XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
71XXX.XXX.XX.XXxxxx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
72XXX.XXX.XX.XXXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh
73XXX.XXX.XX.XXXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh
74XXX.XXX.XX.XXXXxxxxxxverifiedHigh
75XXX.XXX.XX.XXxxxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxxverifiedHigh
76XXX.XXX.XXX.XXxxxxxxverifiedHigh
77XXX.XX.XX.XXXxxxxxxverifiedHigh
78XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxx.xxx.xxXxxxxxxverifiedHigh
79XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxx.xxx.xxXxxxxxxverifiedHigh
80XXX.XXX.XXX.XXXx.xxxxx.xxxXxxxxxxverifiedHigh
81XXX.XXX.XXX.XXXxxx.xxxxx.xxxXxxxxxxverifiedHigh
82XXX.XX.XX.XXxxxxxxxx.xxx.xxXxxxxxxverifiedHigh
83XXX.XXX.XXX.XXxxx.xxxxxxx.xxxXxxxxxxverifiedHigh
84XXX.XX.XXX.XXxxx.xxxxxxxxxxx.xxxXxxxxxxverifiedHigh
85XXX.XX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
86XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh
87XXX.XX.XXX.XXxx-xx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
88XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (55)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/as/authorization.oauth2predictiveHigh
2File/Forms/WLAN_General_1predictiveHigh
3File/html/portal/flash.jsppredictiveHigh
4File/index.phppredictiveMedium
5File/lua/set-passwd.luapredictiveHigh
6File/oauth/authorizepredictiveHigh
7File/uncpath/predictiveMedium
8File/xxxx/xxxx/xxxx.xxxpredictiveHigh
9Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
10Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
11Filexxxxxxx_xxx.xxxpredictiveHigh
12Filexxxx_xxxx.xxxpredictiveHigh
13Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
14Filexxxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxxxxxxx/xxxxxxx.xxxpredictiveHigh
16Filexxxxxxxx/xxxx_xxxxpredictiveHigh
17Filexxxxxxxxx.xxpredictiveMedium
18Filexxxxx.xxxpredictiveMedium
19Filexxxxxxxxx/xx_xxxx_xxxxxxxxx_xxxxx/xx_xxxx_xxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxxxxxx/xxxx.xpredictiveHigh
21Filexxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
22Filexxxxxxxx.xxxpredictiveMedium
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxxxxxxx.xxxxpredictiveHigh
25Filexxxxxxxx.xxxpredictiveMedium
26Filexxxxx.xxxxpredictiveMedium
27Filexxxxxx/xxx_xxxxxxx.xxxpredictiveHigh
28Filexxxxxx.xxxpredictiveMedium
29Filexxxxxx.xxxpredictiveMedium
30Filexxxxxxxx.xpredictiveMedium
31Filexx-xxxxx.xxxpredictiveMedium
32ArgumentxxxxxxxxxpredictiveMedium
33ArgumentxxxxxxxxpredictiveMedium
34Argumentxxxxx_xxpredictiveMedium
35Argumentx:xxxxxxxxx/x:xxxxxxxx/x:xxxpredictiveHigh
36Argumentxxxx_xxxxxx=xxxxpredictiveHigh
37ArgumentxxxxpredictiveLow
38ArgumentxxxxxpredictiveLow
39ArgumentxxxxxpredictiveLow
40Argumentxxxxxxx_xxxxpredictiveMedium
41Argumentxxxx/xxxxx/xxxxxxxxpredictiveHigh
42ArgumentxxxxxxxpredictiveLow
43ArgumentxxxxxxxxpredictiveMedium
44Argumentxxxxxxxx_xxxpredictiveMedium
45Argumentxxxxxxxx_xxxx/xxxxxx_xx/xxxxxxxx_xxxpredictiveHigh
46ArgumentxxxxxxpredictiveLow
47ArgumentxxxxxxxxxxpredictiveMedium
48ArgumentxxxpredictiveLow
49ArgumentxxxxxxxxpredictiveMedium
50Input Value.%xxxxpredictiveLow
51Input Value../predictiveLow
52Input Value<xxxxxx>xxxxx('xxx');</xxxxxx>xxxxxxx.xxxpredictiveHigh
53Input Valuexxxxxx_xxxxxxxxpredictiveHigh
54Input Valuexxxx://xx%xx[x-xxxxxxxxxxxxxxxxxxxxpredictiveHigh
55Input Valuexxxxx%xx%xx%xxxxx.xxxxxxx.xxx%xxxx&%xx%xx%xxxxxxxx%xxxxxxx(x)%xx%xxxxxxxx%xxpredictiveHigh

References (8)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!