CoinMiner Analysis

IOB - Indicator of Behavior (25)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en24
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome12
aEnrich eHRD Learning Management2
Apache HTTP Server2
TBK DVR-41042
TBK DVR-42162

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Joomla CMS LDAP Authentication Password ldap injection7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.010390.04CVE-2017-14596
2Dahua IPC/SD/NVR/XVR Packet unknown vulnerability4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000630.04CVE-2022-30564
3TBK DVR-4104/DVR-4216 os command injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000460.07CVE-2024-3721
4Terminal Operating System sql injection9.79.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001680.00CVE-2022-3792
5Apache HTTP Server HTTP Strict Parsing ap_find_token input validation8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.273100.04CVE-2017-7668
6Basic-cms SweetRice post.php input validation7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.014780.04CVE-2009-4224
7Apple iOS/iPadOS IOSurfaceAccelerator out-of-bounds write8.28.0$25k-$100k$5k-$25kHighOfficial Fix0.003770.03CVE-2023-28206
8DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.95CVE-2010-0966
9Active Auction House ItemInfo.asp sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.006850.00CVE-2005-1029
10Google Chrome Network Service use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008080.00CVE-2021-30553
11Google Chrome Extension use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002860.05CVE-2021-30552
12Google Chrome V8 type confusion6.36.0$25k-$100k$5k-$25kHighOfficial Fix0.152540.04CVE-2021-30551
13Google Chrome Accessibility use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002860.00CVE-2021-30550
14Google Chrome Spell Check use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002860.03CVE-2021-30549
15Google Chrome Loader use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008080.00CVE-2021-30548
16Google Chrome ANGLE out-of-bounds write6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008290.04CVE-2021-30547
17Google Chrome Autofill use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008080.00CVE-2021-30546
18Google Chrome Extension use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008080.00CVE-2021-30545
19Google Chrome BFCache use after free6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.008080.00CVE-2021-30544

IOC - Indicator of Compromise (127)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.58.149.237CoinMiner03/18/2024verifiedHigh
24.4.0.0Coinminer04/05/2020verifiedHigh
35.9.157.2static.2.157.9.5.clients.your-server.deCoinMiner03/18/2024verifiedHigh
45.196.13.2929.ip-5-196-13.euCoinMiner07/22/2021verifiedHigh
55.196.23.240240.ip-5-196-23.euCoinMiner07/22/2021verifiedHigh
613.107.21.200CoinMiner07/22/2021verifiedHigh
718.191.246.30ec2-18-191-246-30.us-east-2.compute.amazonaws.comCoinminer04/06/2024verifiedMedium
818.210.126.40ec2-18-210-126-40.compute-1.amazonaws.comCoinMiner07/17/2021verifiedMedium
923.21.48.44ec2-23-21-48-44.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
1023.21.76.253ec2-23-21-76-253.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
1123.21.126.66ec2-23-21-126-66.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
1223.21.140.41ec2-23-21-140-41.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
1323.21.252.4ec2-23-21-252-4.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
1423.224.232.68CoinMiner03/18/2024verifiedHigh
1524.199.71.49Coinminer04/06/2024verifiedHigh
1645.95.147.236hosted-by.as49870.netCoinMiner05/24/2024verifiedHigh
1746.23.108.253Coinminer04/06/2024verifiedHigh
1846.41.150.129CoinMiner03/18/2024verifiedHigh
1947.103.63.1CoinMiner02/02/2024verifiedHigh
2049.12.80.38static.38.80.12.49.clients.your-server.deCoinMiner07/17/2021verifiedHigh
2149.12.80.40static.40.80.12.49.clients.your-server.deCoinMiner07/17/2021verifiedHigh
2249.12.113.223static.223.113.12.49.clients.your-server.deCoinMiner03/18/2024verifiedHigh
2350.19.48.59ec2-50-19-48-59.compute-1.amazonaws.comCoinMiner01/18/2024verifiedMedium
2450.19.96.218ec2-50-19-96-218.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
2550.19.252.36ec2-50-19-252-36.compute-1.amazonaws.comCoinMiner07/23/2021verifiedMedium
2651.15.54.102102-54-15-51.instances.scw.cloudCoinMiner07/22/2021verifiedHigh
27XX.XX.XX.XXXxxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxxXxxxxxxxx07/22/2021verifiedHigh
28XX.XX.XX.XXXxxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxxXxxxxxxxx07/22/2021verifiedHigh
29XX.XX.XX.XXxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxxXxxxxxxxx07/22/2021verifiedHigh
30XX.XX.XX.XXXxxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxxXxxxxxxxx07/22/2021verifiedHigh
31XX.XX.XX.XXxx-xx-xx-xx.xxxxxxxxx.xxx.xxxxxXxxxxxxxx07/22/2021verifiedHigh
32XX.XX.XXX.XXXxxx.xx-xx-xx-xxx.xxXxxxxxxxx03/30/2022verifiedHigh
33XX.XX.XX.XXXxxxx.xxxxxxx.xxxXxxxxxxxx07/22/2021verifiedHigh
34XX.XXX.XX.XXxxxx.xxxxxxx.xxxXxxxxxxxx07/22/2021verifiedHigh
35XX.XXX.XX.XXXxxx.xx-xx-xxx-xx.xxXxxxxxxxx07/22/2021verifiedHigh
36XX.XX.X.XXXXxxxxxxxx07/22/2021verifiedHigh
37XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
38XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
39XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
40XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
41XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
42XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
43XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxx07/23/2021verifiedMedium
44XX.XX.XX.XXXxxxxxxxx07/17/2021verifiedHigh
45XX.XXX.XXX.XXXXxxxxxxxx03/18/2024verifiedHigh
46XX.XX.XXX.XXXXxxxxxxxx04/06/2024verifiedHigh
47XX.XXX.XXX.XXXXxxxxxxxx03/18/2024verifiedHigh
48XX.XX.XXX.XXXxxxxxxxxxxx.xxxXxxxxxxxx03/30/2022verifiedHigh
49XX.XX.XXX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxxx03/30/2022verifiedHigh
50XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
51XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/17/2021verifiedHigh
52XX.XXX.XXX.XXXxxxx.xxxxxxxxxxxx.xxXxxxxxxxx07/22/2021verifiedHigh
53XX.XXX.XXX.XXxx.xxxx.xxxxx.xxxXxxxxxxxx04/16/2022verifiedHigh
54XX.XXX.XXX.XXXXxxxxxxxx04/06/2024verifiedHigh
55XX.XX.XXX.XXXxxxxxxxx03/31/2022verifiedHigh
56XX.XXX.XX.XXXxxxx.xxxxxx-xxxxx.xxxXxxxxxxxx04/08/2022verifiedHigh
57XX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/17/2021verifiedHigh
58XX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx04/16/2022verifiedHigh
59XX.XXX.XXX.XXxxxx.xxxxxxx.xxxXxxxxxxxx07/22/2021verifiedHigh
60XX.XXX.XX.XXXXxxxxxxxx03/18/2024verifiedHigh
61XX.XXX.XX.XXXXxxxxxxxx12/16/2023verifiedHigh
62XX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
63XX.XXX.XXX.XXxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
64XX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
65XX.XXX.XXX.XXXxxxxxxxx04/06/2024verifiedHigh
66XX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
67XX.XXX.XX.XXxxxxxx.xx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
68XX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
69XX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
70XXX.XXX.XXX.XXXxxx-xx.xxxxxxxxxxxxx.xxxXxxxxxxxx01/18/2024verifiedHigh
71XXX.XX.XX.XXXXxxxxxxxx04/06/2024verifiedHigh
72XXX.XX.XX.XXXXxxxxxxxx07/23/2021verifiedHigh
73XXX.XX.XX.XXXXxxxxxxxx07/17/2021verifiedHigh
74XXX.XX.XX.XXXXxxxxxxxx07/17/2021verifiedHigh
75XXX.XX.XX.XXXxxxxxxxx07/17/2021verifiedHigh
76XXX.XX.XX.XXXxxxxxxxx07/17/2021verifiedHigh
77XXX.XX.XXX.XXXxxxxxxxx02/02/2024verifiedHigh
78XXX.XX.XX.XXXXxxxxxxxx02/02/2024verifiedHigh
79XXX.XXX.X.XXXXxxxxxxxx04/16/2022verifiedHigh
80XXX.XXX.XX.XXXXxxxxxxxx03/31/2022verifiedHigh
81XXX.XXX.X.XXXxxxxxxxx02/02/2024verifiedHigh
82XXX.XXX.X.XXXxxxxxx.xxx.x.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
83XXX.XX.XXX.XXXXxxxxxxxx02/02/2024verifiedHigh
84XXX.XXX.XX.XXXxxxxxxxx02/02/2024verifiedHigh
85XXX.XXX.XX.XXXxxxxxxxx07/22/2021verifiedHigh
86XXX.XXX.XX.XXxxxxxx.xx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/23/2021verifiedHigh
87XXX.XXX.XX.XXXxxxxxxxxXxxxxxxxx07/23/2021verifiedHigh
88XXX.XXX.XX.XXXxxxx.xxxxxxx.xxxXxxxxxxxx07/22/2021verifiedHigh
89XXX.XXX.XXX.XXXxxxxxxxx.xxxx-xxxxxxx.xxXxxxxxxxx07/17/2021verifiedHigh
90XXX.XX.XXX.XXXxxx.xx-xxx-xx-xxx.xxXxxxxxxxx07/22/2021verifiedHigh
91XXX.XX.XXX.XXXxxxxxxxx.xx-xxx-xx-xxx.xxxXxxxxxxxx03/18/2024verifiedHigh
92XXX.XX.XX.XXxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxxx03/18/2024verifiedHigh
93XXX.XXX.XXX.XXXxxxxxxxx10/23/2023verifiedHigh
94XXX.XXX.XXX.XXXxxxxxxxx10/23/2023verifiedHigh
95XXX.XXX.XXX.XXXxxxxxxxx03/31/2022verifiedHigh
96XXX.XX.XXX.XXXXxxxxxxxx04/16/2022verifiedHigh
97XXX.XX.XX.XXXXxxxxxxxx04/06/2024verifiedHigh
98XXX.XX.XX.XXXxxx-xxxxxxxx.xx-xxxxxxXxxxxxxxx07/23/2021verifiedHigh
99XXX.XXX.XXX.XXXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxx03/18/2024verifiedHigh
100XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/17/2021verifiedHigh
101XXX.XXX.XXX.XXXXxxxxxxxx03/18/2024verifiedHigh
102XXX.XX.XXX.XXXxxxxxxx.xxxxxxxxx.xxXxxxxxxxx07/22/2021verifiedHigh
103XXX.XX.XX.XXxxxxxx.xx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/17/2021verifiedHigh
104XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxxxx07/23/2021verifiedHigh
105XXX.XXX.XXX.XXXXxxxxxxxx03/18/2024verifiedHigh
106XXX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxx07/22/2021verifiedHigh
107XXX.XX.XX.XXXXxxxxxxxx07/17/2021verifiedHigh
108XXX.XX.XXX.XXXXxxxxxxxx07/23/2021verifiedHigh
109XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxx03/18/2024verifiedHigh
110XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxx03/18/2024verifiedHigh
111XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxxXxxxxxxxx04/06/2024verifiedHigh
112XXX.XXX.XX.XXXXxxxxxxxx02/02/2024verifiedHigh
113XXX.XX.XXX.XXXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxx03/18/2024verifiedHigh
114XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxx.xxxxxxxxxx.xxXxxxxxxxx02/02/2024verifiedHigh
115XXX.XXX.XX.XXXxxxxxxxx.xxxxxxx.xxXxxxxxxxx10/10/2022verifiedHigh
116XXX.XXX.XXX.XXxxxxxxxx12/12/2023verifiedHigh
117XXX.XXX.XXX.Xxxxxxxxx.xx.xxxxxxxXxxxxxxxx10/10/2022verifiedHigh
118XXX.XXX.XXX.XXxxxxx.xxxxxXxxxxxxxx07/17/2021verifiedHigh
119XXX.XXX.XX.XXXXxxxxxxxx05/24/2024verifiedHigh
120XXX.X.XXX.XXXxxxxxxxx07/22/2021verifiedHigh
121XXX.XX.XXX.XXXXxxxxxxxx04/06/2024verifiedHigh
122XXX.XXX.XXX.XXXxxxxxxx-xxxxx.xxXxxxxxxxx03/18/2024verifiedHigh
123XXX.XXX.XXX.XXXXxxxxxxxx03/31/2022verifiedHigh
124XXX.XX.XX.XXxxxxxx.xxxXxxxxxxxx10/10/2022verifiedHigh
125XXX.XX.XXX.XXxxx.xx.xxx.xx.xxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxx04/06/2024verifiedHigh
126XXX.XXX.XXX.XXXxxx.xx-xxx-xxx-xxx.xxXxxxxxxxx07/22/2021verifiedHigh
127XXX.XX.XX.XXXxxxxxxxx02/02/2024verifiedHigh

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (10)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___predictiveHigh
2Fileinc/config.phppredictiveHigh
3Filexxxxxxxx.xxxpredictiveMedium
4Filexxxxxx/xxxxxxxxxx/xxx/xxxx.xxxpredictiveHigh
5Filexxxxxxxxx/xxxx-xxxx-xxx.xpredictiveHigh
6Libraryxx/xxx/xxxx_xxxxxx.xxxpredictiveHigh
7ArgumentxxxxxxxxpredictiveMedium
8ArgumentxxxxxxpredictiveLow
9Argumentxxx/xxxpredictiveLow
10Argumentxxxx_xxxpredictiveMedium

References (27)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

Do you need the next level of professionalism?

Upgrade your account now!