DanaBot Analysis

IOB - Indicator of Behavior (39)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en40

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

cPanel4
PHP PEAR2
Cisco VPN Client2
Python2
SquirrelMail2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Kodi Thumbnail path traversal5.44.9$0-$5k$0-$5kHighNot Defined0.037200.04CVE-2017-5982
2Crestron AM-100/AM-101 HTTP Endpoint file_transfer.cgi command injection9.89.7$0-$5k$0-$5kProof-of-ConceptWorkaround0.973080.02CVE-2019-3929
3Crestron AM-100/AM-101 libAwgCgi.so PARSERtoCHAR memory corruption9.99.7$0-$5k$0-$5kNot DefinedWorkaround0.016990.03CVE-2019-3930
4Apache Tomcat Chunked HTTP Request numeric error5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.038440.00CVE-2014-0075
5Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.008170.29CVE-2014-4078
6WordPress URL Validator redirect6.66.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.005090.03CVE-2018-10101
7Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.17CVE-2017-0055
8Microsoft Office RTF memory corruption7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.104180.00CVE-2018-0797
9Microsoft Office memory corruption7.87.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.247270.00CVE-2016-3364
10CRIU Service Daemon information disclosure6.76.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2015-5231
11vzctl DiskDescriptor.xml link following5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.03CVE-2015-6927
12OpenStack Neutron access control4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001940.00CVE-2014-6414
13Kerberos Ticket randkey credentials management4.23.7$0-$5k$0-$5kUnprovenOfficial Fix0.002650.02CVE-2014-5351
14Zabbix Configuration Script userparameter_mysql.conf sql injection7.26.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.021240.00CVE-2016-4338
15cPanel Script privileges management5.34.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.03
16cPanel entropysearch.cgi Website information disclosure5.34.8$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.00
17ZeroShell Net Services kerbynet privileges management7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.03
18BoZoN privileges management6.35.7$0-$5kCalculatingProof-of-ConceptNot Defined0.000000.00
19Pagekit Password privileges management6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000000.00
20PEAR HTTP_Upload Upload.php privileges management7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00

IOC - Indicator of Compromise (188)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.8.55.205carpbaboon.comDanaBot05/31/2021verifiedHigh
25.9.224.217static.217.224.9.5.clients.your-server.deDanaBot08/04/2022verifiedHigh
35.189.253.131ykfygylyfdtuk.jhyDanaBot10/29/2023verifiedHigh
45.189.253.176svdjchfdmsohd.comDanaBot10/29/2023verifiedHigh
56.43.51.17Danabot03/02/2019verifiedHigh
68.209.99.230DanaBot12/18/2023verifiedHigh
78.222.178.224DanaBot03/28/2024verifiedHigh
823.106.122.14DanaBot08/04/2022verifiedHigh
923.106.123.224DanaBot04/20/2022verifiedHigh
1023.106.123.249DanaBot03/04/2022verifiedHigh
1123.254.129.180hwsrv-1035456.hostwindsdns.comDanaBot04/15/2022verifiedHigh
1223.254.133.7client-23-254-133-7.hostwindsdns.comDanaBot03/27/2022verifiedHigh
1323.254.134.53hwsrv-1045495.hostwindsdns.comDanaBot03/22/2022verifiedHigh
1423.254.144.209client-23-254-144-209.hostwindsdns.comDanaBot06/03/2023verifiedHigh
1523.254.164.106hwsrv-978595.hostwindsdns.comDanaBot03/09/2022verifiedHigh
1623.254.201.147WIN-FRBTX5I65I.comDanaBot03/06/2022verifiedHigh
1723.254.217.192hwsrv-982289.hostwindsdns.comDanaBot03/26/2022verifiedHigh
1823.254.226.52client-23-254-226-52.hostwindsdns.comDanaBot02/22/2022verifiedHigh
1923.254.226.136box.sostenibilidadsocia.onlineDanaBot03/22/2023verifiedHigh
2023.254.227.74hwsrv-1042388.hostwindsdns.comDanaBot06/04/2023verifiedHigh
2123.254.228.176client-23-254-228-176.hostwindsdns.comDanaBot04/18/2022verifiedHigh
2226.64.30.13Danabot03/02/2019verifiedHigh
2331.214.157.12mail.private-mail.nlDanaBot05/31/2021verifiedHigh
2434.16.181.00.181.16.34.bc.googleusercontent.comDanaBot12/18/2023verifiedMedium
2534.22.151.4545.151.22.34.bc.googleusercontent.comDanaBot03/28/2024verifiedMedium
2634.65.140.140140.140.65.34.bc.googleusercontent.comDanaBot03/24/2024verifiedMedium
2734.73.147.8686.147.73.34.bc.googleusercontent.comDanaBot03/24/2024verifiedMedium
2834.77.22.163163.22.77.34.bc.googleusercontent.comDanaBot03/28/2024verifiedMedium
2934.90.104.246246.104.90.34.bc.googleusercontent.comDanaBot01/12/2023verifiedMedium
3034.95.4.102102.4.95.34.bc.googleusercontent.comDanaBot12/27/2022verifiedMedium
3134.105.203.100100.203.105.34.bc.googleusercontent.comDanaBot01/05/2023verifiedMedium
3234.125.56.4040.56.125.34.bc.googleusercontent.comDanaBot03/13/2024verifiedMedium
3334.129.5.173173.5.129.34.bc.googleusercontent.comDanaBot08/13/2021verifiedMedium
3434.168.202.9191.202.168.34.bc.googleusercontent.comDanaBot03/28/2024verifiedMedium
3534.247.234.201ec2-34-247-234-201.eu-west-1.compute.amazonaws.comDanaBot01/12/2023verifiedMedium
3635.194.193.144144.193.194.35.bc.googleusercontent.comDanaBot01/12/2023verifiedMedium
3735.199.99.1616.99.199.35.bc.googleusercontent.comDanaBot01/05/2023verifiedMedium
3835.199.103.55.103.199.35.bc.googleusercontent.comDanaBot02/03/2023verifiedMedium
39XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx12/18/2023verifiedMedium
40XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx01/05/2023verifiedMedium
41XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx12/27/2022verifiedMedium
42XX.XXX.XX.Xx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx03/24/2024verifiedMedium
43XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx08/13/2021verifiedMedium
44XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx03/24/2024verifiedMedium
45XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx12/27/2022verifiedMedium
46XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx01/05/2023verifiedMedium
47XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx03/13/2024verifiedMedium
48XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx03/28/2024verifiedMedium
49XX.XXX.XXX.XXxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx12/18/2023verifiedMedium
50XX.XXX.XXX.XXXXxxxxxx06/23/2022verifiedHigh
51XX.XXX.XX.XXxxxxxxxxxx.xxxxx-xxxxxx.xxxXxxxxxx05/05/2021verifiedHigh
52XX.XX.XX.XXXXxxxxxx05/16/2022verifiedHigh
53XX.XXX.XXX.XXXXxxxxxx03/02/2019verifiedHigh
54XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx05/16/2022verifiedMedium
55XX.XX.XXX.XXXxxxxxx.xxxxxxxxxx.xxxXxxxxxx10/29/2023verifiedHigh
56XX.XXX.XXX.XXXxxx.xxxxxxxxxxxxxx.xxxXxxxxxx06/25/2022verifiedHigh
57XX.XXX.XXX.XXXxxxxxx02/22/2022verifiedHigh
58XX.XXX.XXX.XXXXxxxxxx03/04/2022verifiedHigh
59XX.XXX.XXX.XXXXxxxxxx05/16/2022verifiedHigh
60XX.XXX.XX.XXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxxx02/06/2024verifiedHigh
61XX.XXX.XXX.XXXxxxxxx03/25/2022verifiedHigh
62XX.XX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
63XX.XXX.XX.XXXXxxxxxx12/18/2023verifiedHigh
64XX.XXX.XX.XXXXxxxxxx12/18/2023verifiedHigh
65XX.XXX.XXX.XXXxxxxxx12/18/2023verifiedHigh
66XX.XXX.XXX.XXxxxxxx12/18/2023verifiedHigh
67XX.XX.X.XXXXxxxxxx05/16/2022verifiedHigh
68XX.XXX.XXX.XXXxxxxx.xx-xx-xxx-xxx.xxXxxxxxx05/16/2022verifiedHigh
69XX.XXX.XX.XXxxxx.xx-xx-xxx-xx.xxxXxxxxxx05/16/2022verifiedHigh
70XX.XXX.XX.XXxxxxxx03/02/2019verifiedHigh
71XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx11/12/2022verifiedMedium
72XX.XX.XXX.XXxx.xxx.xx.xx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxx05/16/2022verifiedHigh
73XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxx03/02/2019verifiedHigh
74XX.XXX.XXX.XXXXxxxxxx03/02/2019verifiedHigh
75XX.XXX.XX.XXxx.xxx.xx.xx.xxxxxx.xxxxxxxxx.xxxXxxxxxx05/16/2022verifiedHigh
76XX.XX.XXX.XXXxxxxxxxxxxx.xxxXxxxxxx07/04/2022verifiedHigh
77XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxx.xxx.xx.xxxXxxxxxx05/16/2022verifiedHigh
78XX.XXX.XX.XXXxxxxxx05/16/2022verifiedHigh
79XX.XX.XXX.XXXXxxxxxx05/16/2022verifiedHigh
80XX.XX.XX.XXxxx-xx-xx-xx.xxxx.xxx.xxxx.xxxxxx.xxxXxxxxxx05/16/2022verifiedHigh
81XX.XX.XX.XXXXxxxxxx02/10/2022verifiedHigh
82XX.XXX.XX.XXXxxxxxxxxx.xxxx.x-xxxxxxxxx.xxXxxxxxx05/16/2022verifiedHigh
83XX.XXX.XXX.XXXxxxxxx03/31/2022verifiedHigh
84XX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxx.xxxxxxxxxx.xx.xxXxxxxxx02/22/2022verifiedHigh
85XX.XX.X.XXXXxxxxxx05/16/2022verifiedHigh
86XX.XX.X.XXXXxxxxxx05/16/2022verifiedHigh
87XX.XXX.XX.XXXXxxxxxx02/10/2022verifiedHigh
88XX.XXX.XX.XXXXxxxxxx02/10/2022verifiedHigh
89XX.XXX.XX.XXXXxxxxxx03/02/2019verifiedHigh
90XX.XXX.XX.XXxxxxxxxx.xxxxx.xxxxxXxxxxxx02/15/2024verifiedHigh
91XX.XXX.XXX.XXXxxxxxx10/29/2023verifiedHigh
92XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxx.xxxxxxxxxxx.xxXxxxxxx03/02/2019verifiedHigh
93XX.XXX.XXX.XXXxxxxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxxx12/18/2023verifiedHigh
94XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxx.xxxXxxxxxx02/10/2022verifiedMedium
95XXX.XXX.XXX.XXXXxxxxxx03/11/2022verifiedHigh
96XXX.XXX.XXX.Xxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx04/13/2022verifiedHigh
97XXX.XXX.XXX.XXxxxxxx-xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxx04/04/2022verifiedHigh
98XXX.XXX.XX.XXXxxxxxx03/22/2023verifiedHigh
99XXX.XXX.XXX.XXXxxxxxx03/22/2023verifiedHigh
100XXX.XXX.XXX.XXxxxxxxxxxxxxxx.xxx-xx.xxxx.xx.xxXxxxxxx05/16/2022verifiedHigh
101XXX.XXX.XX.XXXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxxx02/06/2024verifiedHigh
102XXX.XX.XXX.XXXxxxxxx05/16/2022verifiedHigh
103XXX.XX.XX.XXxx.xx.xx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxx05/16/2022verifiedHigh
104XXX.XXX.XXX.XXXXxxxxxx03/31/2022verifiedHigh
105XXX.XXX.XXX.XXXXxxxxxx06/25/2022verifiedHigh
106XXX.XX.XX.XXXXxxxxxx03/13/2024verifiedHigh
107XXX.XXX.XXX.XXXXxxxxxx03/02/2019verifiedHigh
108XXX.XX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx06/18/2022verifiedHigh
109XXX.XX.XXX.XXxxxxxx-xxx-xx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxx11/16/2023verifiedHigh
110XXX.XX.XXX.XXXxxxxxx-xxx-xx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx01/14/2022verifiedHigh
111XXX.XXX.XX.XXxxxxxxxxxxx-xxx-xxx-xx-xx.xxxx-xxxxxxx.xxxxxxx.xx.xxxxxxxxxx.xxxXxxxxxx05/16/2022verifiedHigh
112XXX.XX.XXX.XXXXxxxxxx03/02/2019verifiedHigh
113XXX.XX.XXX.XXXxxxxxxxxxxxx.xxxxxxxx.xxxxxxxxxxxxx.xxx.xxXxxxxxx02/10/2022verifiedHigh
114XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx-xxxx.xxxxXxxxxxx05/31/2021verifiedHigh
115XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx.xxxx.xxXxxxxxx05/16/2022verifiedHigh
116XXX.XXX.XXX.XXXXxxxxxx05/16/2022verifiedHigh
117XXX.XX.XXX.XXxxxxxx05/16/2022verifiedHigh
118XXX.XX.XX.XXXxxxxxx04/20/2022verifiedHigh
119XXX.XXX.XXX.XXxxxxxx05/16/2022verifiedHigh
120XXX.XXX.XXX.XXxxxxxx.xxxxxxxxxxxxx.xx.xxxXxxxxxx10/04/2022verifiedHigh
121XXX.XX.XXX.XXXxxxxxx03/02/2019verifiedHigh
122XXX.XX.XX.XXXxxx-xx-xx-xxx.xxxxxx.xxxxxxx.xxxXxxxxxx10/29/2023verifiedHigh
123XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxx.xxxx.xxXxxxxxx10/29/2023verifiedHigh
124XXX.XX.XXX.XXXxxx-xxx-xx-xxx.xxxxxxx-xxxXxxxxxx05/16/2022verifiedHigh
125XXX.XXX.XXX.XXxxx.xxxxxxx.xxxxXxxxxxx10/03/2023verifiedHigh
126XXX.XXX.X.XXXxxxxxx05/31/2021verifiedHigh
127XXX.XXX.X.XXXXxxxxxx05/31/2021verifiedHigh
128XXX.XXX.X.XXXXxxxxxx05/31/2021verifiedHigh
129XXX.XXX.X.XXXXxxxxxx05/31/2021verifiedHigh
130XXX.XXX.XXX.XXxxx.x.xxxxxxx.xxxxxXxxxxxx05/31/2021verifiedHigh
131XXX.XX.XXX.XXXXxxxxxx08/13/2021verifiedHigh
132XXX.XXX.XX.XXXxxx.xx.xxx.xxx.xx-xxxx.xxxxXxxxxxx02/10/2022verifiedHigh
133XXX.XX.XXX.XXxxxx-xxxxxxxxx.xxxxxx.xxxXxxxxxx05/16/2022verifiedHigh
134XXX.XX.XX.XXXxxxx.xxxxxxxx.xxXxxxxxx05/05/2021verifiedHigh
135XXX.XX.XX.XXXxxxx.xxxxxxxxxxxxx.xxxXxxxxxx05/05/2021verifiedHigh
136XXX.XX.XX.XXXxxxxxx12/21/2023verifiedHigh
137XXX.XX.XX.XXxxxxxx-xx.xxxx.xxxXxxxxxx03/13/2022verifiedHigh
138XXX.XX.XX.XXXxxxx.xxxxxxxxxx.xxxxxxXxxxxxx05/16/2022verifiedHigh
139XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxxxx02/10/2022verifiedMedium
140XXX.XXX.XXX.XXXXxxxxxx02/22/2022verifiedHigh
141XXX.XXX.XX.XXXxxxxxx07/29/2022verifiedHigh
142XXX.XXX.XX.XXxxxxxxx.xxxxxxxxxxx.xx.xxXxxxxxx02/22/2022verifiedHigh
143XXX.XXX.XXX.XXXXxxxxxx02/10/2022verifiedHigh
144XXX.XXX.XX.XXXxxxxxx10/29/2023verifiedHigh
145XXX.XXX.XX.XXXXxxxxxx10/29/2023verifiedHigh
146XXX.XXX.XXX.XXxxxxxxx.xxxxx-xxxxxxx-xxxx.xxXxxxxxx10/29/2022verifiedHigh
147XXX.XXX.XXX.XXXxxxxxx05/31/2021verifiedHigh
148XXX.XX.XXX.XXxxx-xx-xxx-xx.xx.xxxxx.xxx.xxXxxxxxx04/20/2022verifiedHigh
149XXX.XX.XXX.XXxxxxxxxxx.xxXxxxxxx05/31/2021verifiedHigh
150XXX.XXX.XXX.XXXxxxxxx03/22/2023verifiedHigh
151XXX.X.XX.XXxxx-x-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxx06/26/2022verifiedHigh
152XXX.X.XX.XXXxxx-x-xx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxx07/16/2022verifiedHigh
153XXX.XX.XXX.XXxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxxx03/25/2022verifiedHigh
154XXX.XX.XXX.XXxx.xxx.xx.xxx.xx-xxxx.xxxxXxxxxxx05/31/2021verifiedHigh
155XXX.XX.XXX.XXxx.xxx.xx.xxx.xx-xxxx.xxxxXxxxxxx02/10/2022verifiedHigh
156XXX.XXX.XXX.Xxxxx.xxxxxx-xxxxx.xxxXxxxxxx01/14/2022verifiedHigh
157XXX.XXX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx02/22/2022verifiedHigh
158XXX.XXX.XX.Xxxxxxxx.xxXxxxxxx06/26/2022verifiedHigh
159XXX.XXX.XXX.XXxxx-xxx-xxx-xx-xx.xxxxxxxx.xxxXxxxxxx05/05/2021verifiedHigh
160XXX.XXX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx12/30/2022verifiedHigh
161XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx03/22/2022verifiedHigh
162XXX.XXX.XXX.XXXxxxxxxxxx.xxxXxxxxxx03/04/2023verifiedHigh
163XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx04/25/2022verifiedHigh
164XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx04/15/2022verifiedHigh
165XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx04/25/2022verifiedHigh
166XXX.XXX.XXX.Xxxxxxx-xxx-xxx-xxx-x.xxxxxxxxxxxx.xxxXxxxxxx08/04/2022verifiedHigh
167XXX.XXX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx04/12/2022verifiedHigh
168XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx04/19/2022verifiedHigh
169XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx02/22/2022verifiedHigh
170XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx06/25/2022verifiedHigh
171XXX.XXX.XXX.XXXxxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxx11/26/2022verifiedHigh
172XXX.XXX.XXX.XXxxxxxx-xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxx01/14/2022verifiedHigh
173XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx05/16/2022verifiedHigh
174XXX.XXX.XXX.XXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx03/06/2022verifiedHigh
175XXX.XX.XX.XXxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxxx02/22/2022verifiedHigh
176XXX.XX.XXX.XXXxxxxxx02/22/2022verifiedHigh
177XXX.XX.XXX.XXXxxxxxx02/10/2022verifiedHigh
178XXX.XXX.XXX.XXXxxxxxx05/16/2022verifiedHigh
179XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxx10/03/2023verifiedHigh
180XXX.XXX.XXX.XXXxx--xxxxx-xxx.xxxxxxxXxxxxxx05/16/2022verifiedHigh
181XXX.XXX.XX.XXXxxxxxx02/15/2024verifiedHigh
182XXX.XXX.XX.XXXxxxxxx02/22/2022verifiedHigh
183XXX.XXX.XXX.XXxxxxx-xxxxx.xxxxxxx.xxxxXxxxxxx06/04/2023verifiedHigh
184XXX.XXX.XX.XXxxxxxx05/16/2022verifiedHigh
185XXX.XXX.XXX.XXxxxxxx03/02/2019verifiedHigh
186XXX.XXX.XXX.XXXxxxxxx05/16/2022verifiedHigh
187XXX.XX.XX.XXXXxxxxxx03/02/2019verifiedHigh
188XXX.XXX.XXX.XXXXxxxxxx05/16/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (21)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/kerbynetpredictiveHigh
2File/uncpath/predictiveMedium
3FileDeliver_SendMail.class.phppredictiveHigh
4Filexxxxxxxxxxxxx.xxxpredictiveHigh
5Filexxxx_xxxxxxxx.xxxpredictiveHigh
6Filexxxxx.xxxpredictiveMedium
7Filexxxxxxxxx.xxpredictiveMedium
8Filexxxx.xxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
10Filexxxxxx.xxxpredictiveMedium
11Filexxxxxxxxxxxxx_xxxxx.xxxxpredictiveHigh
12ArgumentxxxxxxxxxxxxxpredictiveHigh
13Argumentxxxxx.xxxxpredictiveMedium
14ArgumentxxxxpredictiveLow
15ArgumentxxxxxxxxpredictiveMedium
16ArgumentxxpredictiveLow
17ArgumentxxxxpredictiveLow
18ArgumentxxxxxxxxpredictiveMedium
19Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
20Input Value%xx%xxxxx%xx/xxx/xxxxxx%xx%xxpredictiveHigh
21Input Value--predictiveLow

References (18)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!