DanaBot Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (195)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	164
zh	8
fr	6
ru	6
es	4

Country

US: USA	94
RU: Russia	20
CN: China	12
ES: Spain	8
PT: Portugal	4

Actors

Cobalt Strike	8
Conti	3
RedLine Stealer	3
NetSupportManager RAT	2
Gozi	2

Activities

Interest

Timeline

Type

Not Defined	82
Content Management System	8
Application Server Software	6
Programming Language Software	6
Medical Device Software	6

Vendor

Not Defined	66
SourceCodester	8
Apache	6
Zoho ManageEngine	6
Microsoft	4

Product

SourceCodester Prison Management System	6
Apache Tomcat	4
Clinics Patient Management System	4
Zoho ManageEngine ServiceDesk Plus	4
Tenda CP3	4

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	Calculating	High	Workaround	0.02016	0.00	CVE-2007-1192
2	Zyxel NAS326/NAS542 Web Server os command injection	9.8	9.8	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00068	0.00	CVE-2023-4473
3	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.91	CVE-2010-0966
4	Linux Kernel fbcon vt.c KD_FONT_OP_COPY out-of-bounds	5.0	4.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.00	CVE-2020-28974
5	PHPGurukul Online Notes Sharing System manage-notes.php cross-site request forgery	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00052	0.04	CVE-2023-7051
6	YzmCMS Member User add.html cross-site request forgery	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00063	0.07	CVE-2020-35972
7	yzmCMS login.html cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00129	0.00	CVE-2020-18084
8	CKFinder File Name unrestricted upload	7.4	7.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00155	0.00	CVE-2019-15862
9	Cisco IOS XE Web UI Remote Code Execution	9.9	9.8	$25k-$100k	$5k-$25k	High	Official Fix	0.85254	0.04	CVE-2023-20198
10	Oracle JavaFX Remote Code Execution	9.8	9.4	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.01240	0.00	CVE-2013-1477
11	Mavili Guestbook access control	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00506	0.00	CVE-2012-5298
12	Mavili Guestbook edit.asp access control	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00934	0.00	CVE-2012-5299
13	Saphp SaphpLesson misc.php sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00572	0.02	CVE-2006-3161
14	Microsoft IIS IP/Domain Restriction access control	6.5	5.7	$25k-$100k	$0-$5k	Unproven	Official Fix	0.00817	0.24	CVE-2014-4078
15	Kodi Thumbnail path traversal	5.4	4.9	$0-$5k	$0-$5k	High	Not Defined	0.05175	0.04	CVE-2017-5982
16	code-projects E-Commerce Website user_signup.php sql injection	7.3	7.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.10	CVE-2023-7107
17	DomainMod account-owner.php cross site scripting	4.4	4.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00069	0.00	CVE-2018-11403
18	User Profile & User Registration Forms Plugin Link fallback-page.php cross site scripting	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00206	0.00	CVE-2022-0653
19	Woltlab Burning Board Lite pms.php sql injection	7.3	7.1	$0-$5k	Calculating	Functional	Unavailable	0.00854	0.07	CVE-2007-0812
20	SourceCodester Prison Management System manage_crime.php sql injection	7.5	7.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00098	0.00	CVE-2022-32395

IOC - Indicator of Compromise (228)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	5.8.55.205	carpbaboon.com	DanaBot	05/31/2021	verified	Low
2	5.9.224.217	static.217.224.9.5.clients.your-server.de	DanaBot	08/04/2022	verified	High
3	5.9.247.137	static.137.247.9.5.clients.your-server.de	DanaBot	06/19/2024	verified	Very High
4	5.161.245.54	static.54.245.161.5.clients.your-server.de	DanaBot	06/19/2024	verified	Very High
5	5.189.253.131	ykfygylyfdtuk.jhy	DanaBot	10/29/2023	verified	Very High
6	5.189.253.176	svdjchfdmsohd.com	DanaBot	10/29/2023	verified	Very High
7	6.43.51.17		Danabot	03/02/2019	verified	Low
8	8.209.99.230		DanaBot	12/18/2023	verified	Very High
9	8.222.178.224		DanaBot	03/28/2024	verified	Very High
10	23.106.122.14		DanaBot	08/04/2022	verified	High
11	23.106.123.224		DanaBot	04/20/2022	verified	Medium
12	23.106.123.249		DanaBot	03/04/2022	verified	Medium
13	23.254.129.180	hwsrv-1035456.hostwindsdns.com	DanaBot	04/15/2022	verified	Medium
14	23.254.133.7	client-23-254-133-7.hostwindsdns.com	DanaBot	03/27/2022	verified	Medium
15	23.254.134.53	hwsrv-1045495.hostwindsdns.com	DanaBot	03/22/2022	verified	Medium
16	23.254.144.209	client-23-254-144-209.hostwindsdns.com	DanaBot	06/03/2023	verified	High
17	23.254.164.106	hwsrv-978595.hostwindsdns.com	DanaBot	03/09/2022	verified	Medium
18	23.254.201.147	WIN-FRBTX5I65I.com	DanaBot	03/06/2022	verified	Medium
19	23.254.217.192	hwsrv-982289.hostwindsdns.com	DanaBot	03/26/2022	verified	Medium
20	23.254.226.52	client-23-254-226-52.hostwindsdns.com	DanaBot	02/22/2022	verified	Medium
21	23.254.226.136	box.sostenibilidadsocia.online	DanaBot	03/22/2023	verified	High
22	23.254.227.74	hwsrv-1042388.hostwindsdns.com	DanaBot	06/04/2023	verified	High
23	23.254.228.176	client-23-254-228-176.hostwindsdns.com	DanaBot	04/18/2022	verified	Medium
24	26.64.30.13		Danabot	03/02/2019	verified	Low
25	31.214.157.12	mail.private-mail.nl	DanaBot	05/31/2021	verified	Low
26	34.16.181.0	0.181.16.34.bc.googleusercontent.com	DanaBot	12/18/2023	verified	Medium
27	34.16.215.110	110.215.16.34.bc.googleusercontent.com	DanaBot	06/19/2024	verified	High
28	34.22.151.45	45.151.22.34.bc.googleusercontent.com	DanaBot	03/28/2024	verified	High
29	34.65.140.140	140.140.65.34.bc.googleusercontent.com	DanaBot	03/24/2024	verified	High
30	34.65.245.112	112.245.65.34.bc.googleusercontent.com	DanaBot	06/18/2024	verified	High
31	34.73.147.86	86.147.73.34.bc.googleusercontent.com	DanaBot	03/24/2024	verified	High
32	34.77.22.163	163.22.77.34.bc.googleusercontent.com	DanaBot	03/28/2024	verified	High
33	34.83.108.106	106.108.83.34.bc.googleusercontent.com	DanaBot	06/19/2024	verified	High
34	34.83.149.74	74.149.83.34.bc.googleusercontent.com	DanaBot	06/25/2024	verified	High
35	34.90.104.246	246.104.90.34.bc.googleusercontent.com	DanaBot	01/12/2023	verified	Medium
36	34.95.4.102	102.4.95.34.bc.googleusercontent.com	DanaBot	12/27/2022	verified	Medium
37	34.105.203.100	100.203.105.34.bc.googleusercontent.com	DanaBot	01/05/2023	verified	Medium
38	34.125.56.40	40.56.125.34.bc.googleusercontent.com	DanaBot	03/13/2024	verified	High
39	34.125.60.23	23.60.125.34.bc.googleusercontent.com	DanaBot	06/25/2024	verified	High
40	34.125.95.100	100.95.125.34.bc.googleusercontent.com	DanaBot	06/18/2024	verified	High
41	34.129.5.173	173.5.129.34.bc.googleusercontent.com	DanaBot	08/13/2021	verified	Low
42	34.130.217.52	52.217.130.34.bc.googleusercontent.com	DanaBot	06/19/2024	verified	High
43	34.130.221.34	34.221.130.34.bc.googleusercontent.com	DanaBot	06/19/2024	verified	High
44	34.168.202.91	91.202.168.34.bc.googleusercontent.com	DanaBot	03/28/2024	verified	High
45	34.247.234.201	ec2-34-247-234-201.eu-west-1.compute.amazonaws.com	DanaBot	01/12/2023	verified	Medium
46	35.194.193.144	144.193.194.35.bc.googleusercontent.com	DanaBot	01/12/2023	verified	Medium
47	XX.XXX.XX.XX	xx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	01/05/2023	verified	Medium
48	XX.XXX.XXX.X	x.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	02/03/2023	verified	Medium
49	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	12/18/2023	verified	High
50	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	06/25/2024	verified	High
51	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	01/05/2023	verified	Medium
52	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	12/27/2022	verified	Medium
53	XX.XXX.XX.X	x.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	03/24/2024	verified	High
54	XX.XXX.XX.XXX	xxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	08/13/2021	verified	Low
55	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	03/24/2024	verified	High
56	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	12/27/2022	verified	Medium
57	XX.XXX.XX.XX	xx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	01/05/2023	verified	Medium
58	XX.XXX.XX.XXX	xxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	06/18/2024	verified	High
59	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	03/13/2024	verified	High
60	XX.XXX.XX.XXX	xxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	06/25/2024	verified	High
61	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	03/28/2024	verified	High
62	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	12/18/2023	verified	High
63	XX.XXX.XXX.XXX		Xxxxxxx	06/23/2022	verified	Medium
64	XX.XXX.XX.XX	xxxxxxxxxx.xxxxx-xxxxxx.xxx	Xxxxxxx	05/05/2021	verified	Low
65	XX.XX.XX.XXX		Xxxxxxx	05/16/2022	verified	Medium
66	XX.XXX.XXX.XXX		Xxxxxxx	03/02/2019	verified	Low
67	XX.XXX.XXX.XX	xxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Low
68	XX.XX.XX.XXX		Xxxxxxx	06/19/2024	verified	Very High
69	XX.XX.XXX.XXX	xxxxxx.xxxxxxxxxx.xxx	Xxxxxxx	10/29/2023	verified	Very High
70	XX.XX.XX.XXX	xx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxx	06/19/2024	verified	High
71	XX.XXX.XXX.XX		Xxxxxxx	06/04/2024	verified	Very High
72	XX.XXX.XXX.XXX	xxx.xxxxxxxxxxxxxx.xxx	Xxxxxxx	06/25/2022	verified	Medium
73	XX.XXX.XXX.XX		Xxxxxxx	02/22/2022	verified	Medium
74	XX.XXX.XXX.XXX		Xxxxxxx	03/04/2022	verified	Medium
75	XX.XXX.XXX.XXX		Xxxxxxx	05/16/2022	verified	Medium
76	XX.XX.XX.XXX	xxxxxxx.xxx	Xxxxxxx	07/02/2024	verified	Very High
77	XX.XXX.XX.XX	xxxxxxxx.xxxxxx-xx-xxxxxx.xx	Xxxxxxx	02/06/2024	verified	High
78	XX.XXX.XXX.XX		Xxxxxxx	03/25/2022	verified	Medium
79	XX.XX.X.XXX		Xxxxxxx	06/19/2024	verified	Very High
80	XX.XX.XXX.XXX		Xxxxxxx	05/31/2021	verified	Low
81	XX.XXX.XX.XXX		Xxxxxxx	12/18/2023	verified	Very High
82	XX.XXX.XX.XXX		Xxxxxxx	12/18/2023	verified	Very High
83	XX.XXX.XXX.XX		Xxxxxxx	12/18/2023	verified	Very High
84	XX.XXX.XXX.X		Xxxxxxx	12/18/2023	verified	Very High
85	XX.XX.X.XXX		Xxxxxxx	05/16/2022	verified	Medium
86	XX.XXX.XXX.XXX	xxxxx.xx-xx-xxx-xxx.xx	Xxxxxxx	05/16/2022	verified	Medium
87	XX.XXX.XX.XX	xxxx.xx-xx-xxx-xx.xxx	Xxxxxxx	05/16/2022	verified	Medium
88	XX.XXX.XX.X		Xxxxxxx	03/02/2019	verified	Low
89	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	11/12/2022	verified	Medium
90	XX.XX.XXX.XX	xx.xxx.xx.xx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xx	Xxxxxxx	05/16/2022	verified	Low
91	XX.XXX.XXX.XXX	xxx.xxx.xxx.xx.xxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xx	Xxxxxxx	03/02/2019	verified	Very Low
92	XX.XXX.XXX.XXX		Xxxxxxx	03/02/2019	verified	Low
93	XX.XXX.XX.XX	xx.xxx.xx.xx.xxxxxx.xxxxxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Medium
94	XX.XX.XXX.XXX	xxxxxxxxxxx.xxx	Xxxxxxx	07/04/2022	verified	Medium
95	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xxxxx.xxx.xx.xxx	Xxxxxxx	05/16/2022	verified	Medium
96	XX.XXX.XX.XX		Xxxxxxx	05/16/2022	verified	Medium
97	XX.XX.XXX.XX	xx-xx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxx	06/19/2024	verified	Very High
98	XX.X.XX.X	xx-xx-x-xx-x.xxxxxx.xxxxxxx.xxx	Xxxxxxx	06/04/2024	verified	High
99	XX.X.XX.X	xx.xxx.xx.xxx.xxxxx.xx	Xxxxxxx	06/04/2024	verified	Medium
100	XX.XX.XXX.XXX		Xxxxxxx	05/16/2022	verified	Medium
101	XX.XXX.XXX.XXX	xxxxxxxxx-xxxxx.xxxx.xxxxxxx	Xxxxxxx	06/19/2024	verified	Very High
102	XX.X.XX.X	xxxxxxxxx-xxxxx-x-x-xxxxxxx.xxxx.xxxxx.xxxxxxx.xxx	Xxxxxxx	06/04/2024	verified	Medium
103	XX.X.XX.X	xx.x.xx.x.xxxxxxxxxxx.xxxxx.xx	Xxxxxxx	06/04/2024	verified	Medium
104	XX.XX.XX.XX	xxx-xx-xx-xx.xxxx.xxx.xxxx.xxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Medium
105	XX.XX.XX.XXX		Xxxxxxx	02/10/2022	verified	Medium
106	XX.XXX.XX.XXX	xxxxxxxxx.xxxx.x-xxxxxxxxx.xx	Xxxxxxx	05/16/2022	verified	Medium
107	XX.XXX.XX.XX	xxxxxxxx.xxxxx	Xxxxxxx	05/16/2024	verified	High
108	XX.XXX.XXX.XX		Xxxxxxx	03/31/2022	verified	Medium
109	XX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxx.xxxxxxxxxx.xx.xx	Xxxxxxx	02/22/2022	verified	Medium
110	XX.X.XXX.X	xxxx-xx-x-xxx-x.xx.xx	Xxxxxxx	06/04/2024	verified	Medium
111	XX.XX.X.XXX		Xxxxxxx	05/16/2022	verified	Medium
112	XX.XX.X.XXX		Xxxxxxx	05/16/2022	verified	Medium
113	XX.XXX.XX.XXX		Xxxxxxx	02/10/2022	verified	Medium
114	XX.XXX.XX.XXX		Xxxxxxx	02/10/2022	verified	Medium
115	XX.XX.XXX.XX		Xxxxxxx	07/02/2024	verified	Very High
116	XX.XXX.XX.XXX		Xxxxxxx	03/02/2019	verified	Low
117	XX.XXX.XX.XX	xxxxxxxx.xxxxx.xxxxx	Xxxxxxx	02/15/2024	verified	Very High
118	XX.XXX.XXX.XX		Xxxxxxx	10/29/2023	verified	Very High
119	XX.XXX.XXX.XXX	xxx-xx-xxx-xxx-xxx.xxxx.xxxxxxxxxxx.xx	Xxxxxxx	03/02/2019	verified	Very Low
120	XX.XXX.XXX.XXX	xxxxxx.xxxxx	Xxxxxxx	06/19/2024	verified	Very High
121	XX.XXX.XXX.XXX	xxxxxxxxxxx-xxxxx.xxxx.xxxxxxx	Xxxxxxx	12/18/2023	verified	Very High
122	XX.XXX.XX.XXX	xx.xxxxxxxx.xxxx	Xxxxxxx	07/02/2024	verified	Very High
123	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xxxxx.xxx	Xxxxxxx	02/10/2022	verified	Low
124	XXX.XXX.XXX.XXX		Xxxxxxx	03/11/2022	verified	Medium
125	XXX.XXX.XXX.X	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/13/2022	verified	Medium
126	XXX.XXX.XXX.XX	xxxxxx-xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/04/2022	verified	Medium
127	XXX.XXX.XXX.X		Xxxxxxx	06/19/2024	verified	Very High
128	XXX.XXX.X.XXX	xxx.x.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	06/18/2024	verified	High
129	XXX.XXX.XX.XX		Xxxxxxx	03/22/2023	verified	High
130	XXX.XXX.XXX.XX		Xxxxxxx	03/22/2023	verified	High
131	XXX.XXX.XXX.XX	xxxxxxxxxxxxxx.xxx-xx.xxxx.xx.xx	Xxxxxxx	05/16/2022	verified	Low
132	XXX.XXX.XX.XXX	xxxxxxxx.xxxxxx-xx-xxxxxx.xx	Xxxxxxx	02/06/2024	verified	High
133	XXX.X.X.X	x.x.x.xxx.xx.xxxxxxx.xx.xx	Xxxxxxx	06/04/2024	verified	Very High
134	XXX.X.XXX.X		Xxxxxxx	06/04/2024	verified	High
135	XXX.X.X.X		Xxxxxxx	06/04/2024	verified	Very High
136	XXX.XXX.XXX.XXX	xxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxx	06/19/2024	verified	Very High
137	XXX.XX.XXX.XX		Xxxxxxx	05/16/2022	verified	Medium
138	XXX.XX.XX.XX	xx.xx.xx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xx	Xxxxxxx	05/16/2022	verified	Low
139	XXX.XXX.XXX.XXX		Xxxxxxx	03/31/2022	verified	Medium
140	XXX.XXX.XXX.XXX		Xxxxxxx	06/25/2022	verified	Medium
141	XXX.XXX.XXX.XX	xxxxxx.xx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxx	06/04/2024	verified	Very High
142	XXX.XX.XX.XXX		Xxxxxxx	03/13/2024	verified	Very High
143	XXX.XXX.XXX.XXX		Xxxxxxx	03/02/2019	verified	Low
144	XXX.XX.XXX.XX	xxxxx-xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	06/18/2022	verified	Medium
145	XXX.XX.XXX.XX	xxxxxx-xxx-xx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxx	11/16/2023	verified	Very High
146	XXX.XX.XXX.XXX	xxxxxx-xxx-xx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	01/14/2022	verified	Medium
147	XXX.XXX.XX.XX	xxxxxxxxxxx-xxx-xxx-xx-xx.xxxx-xxxxxxx.xxxxxxx.xx.xxxxxxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Low
148	XXX.XX.XXX.XXX		Xxxxxxx	03/02/2019	verified	Low
149	XXX.XX.XXX.XXX	xxxxxxxxxxxx.xxxxxxxx.xxxxxxxxxxxxx.xxx.xx	Xxxxxxx	02/10/2022	verified	Low
150	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xx-xxxx.xxxx	Xxxxxxx	05/31/2021	verified	Low
151	XXX.XXX.XX.XXX	xxx-xxx-xx-xxx.xxxxxx.xxxx.xx	Xxxxxxx	05/16/2022	verified	Medium
152	XXX.XXX.XXX.XXX		Xxxxxxx	05/16/2022	verified	Medium
153	XXX.XX.XXX.X		Xxxxxxx	05/16/2022	verified	Medium
154	XXX.XX.XX.XX		Xxxxxxx	04/20/2022	verified	Medium
155	XXX.XXX.XXX.X		Xxxxxxx	05/16/2022	verified	Medium
156	XXX.XXX.XXX.XX	xxxxxx.xxxxxxxxxxxxx.xx.xxx	Xxxxxxx	10/04/2022	verified	High
157	XXX.XX.XXX.XX		Xxxxxxx	03/02/2019	verified	Low
158	XXX.XX.XX.XXX	xxx-xx-xx-xxx.xxxxxx.xxxxxxx.xxx	Xxxxxxx	10/29/2023	verified	High
159	XXX.XX.XXX.XXX	xxx-xx-xxx-xxx.xxxxxx.xxxx.xx	Xxxxxxx	10/29/2023	verified	Very High
160	XXX.XX.XXX.XXX	xxx-xxx-xx-xxx.xxxxxxx-xxx	Xxxxxxx	05/16/2022	verified	Medium
161	XXX.XXX.XXX.XX	xxx.xxxxxxx.xxxx	Xxxxxxx	10/03/2023	verified	High
162	XXX.XXX.X.XX		Xxxxxxx	05/31/2021	verified	Low
163	XXX.XXX.X.XXX		Xxxxxxx	05/31/2021	verified	Low
164	XXX.XXX.X.XXX		Xxxxxxx	05/31/2021	verified	Low
165	XXX.XXX.X.XXX		Xxxxxxx	05/31/2021	verified	Low
166	XXX.XXX.XXX.XX	xxx.x.xxxxxxx.xxxxx	Xxxxxxx	05/31/2021	verified	Very Low
167	XXX.XX.XXX.XXX		Xxxxxxx	08/13/2021	verified	Medium
168	XXX.XXX.XX.XXX	xxx.xx.xxx.xxx.xx-xxxx.xxxx	Xxxxxxx	02/10/2022	verified	Medium
169	XXX.XX.XXX.XX	xxxx-xxxxxxxxx.xxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Medium
170	XXX.XX.XX.XXX	xxxx.xxxxxxxx.xx	Xxxxxxx	05/05/2021	verified	Low
171	XXX.XX.XX.XXX	xxxx.xxxxxxxxxxxxx.xxx	Xxxxxxx	05/05/2021	verified	Low
172	XXX.XX.XX.XX		Xxxxxxx	12/21/2023	verified	Very High
173	XXX.XX.XX.XX	xxxxxx-xx.xxxx.xxx	Xxxxxxx	03/13/2022	verified	Low
174	XXX.XX.XX.XXX	xxxx.xxxxxxxxxx.xxxxxx	Xxxxxxx	05/16/2022	verified	Medium
175	XXX.XX.XXX.XXX	xxx.xx.xxx.xxx.xxxxx.xxx	Xxxxxxx	02/10/2022	verified	Low
176	XXX.XXX.XXX.XXX		Xxxxxxx	02/22/2022	verified	Medium
177	XXX.XXX.XX.XX		Xxxxxxx	07/29/2022	verified	High
178	XXX.XXX.XX.XX	xxxxxxx.xxxxxxxxxxx.xx.xx	Xxxxxxx	02/22/2022	verified	Medium
179	XXX.XXX.XXX.XXX		Xxxxxxx	02/10/2022	verified	Medium
180	XXX.XXX.XXX.XX		Xxxxxxx	06/19/2024	verified	Very High
181	XXX.XXX.XX.XX		Xxxxxxx	10/29/2023	verified	Very High
182	XXX.XXX.XX.XXX		Xxxxxxx	10/29/2023	verified	Very High
183	XXX.XXX.XXX.XX	xxxxxxx.xxxxx-xxxxxxx-xxxx.xx	Xxxxxxx	10/29/2022	verified	High
184	XXX.XXX.XXX.XX		Xxxxxxx	05/31/2021	verified	Low
185	XXX.X.X.X		Xxxxxxx	06/04/2024	verified	High
186	XXX.XX.XXX.XX	xxx-xx-xxx-xx.xx.xxxxx.xxx.xx	Xxxxxxx	04/20/2022	verified	Medium
187	XXX.XX.XXX.XX	xxxxxxxxx.xx	Xxxxxxx	05/31/2021	verified	Low
188	XXX.XXX.XXX.XX		Xxxxxxx	03/22/2023	verified	High
189	XXX.X.XX.XX	xxx-x-xx-xx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	06/26/2022	verified	Medium
190	XXX.X.XX.XXX	xxx-x-xx-xxx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	07/16/2022	verified	High
191	XXX.XX.XXX.XX	xxxxxx.xxxxxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	03/25/2022	verified	Medium
192	XXX.XX.XXX.XX	xx.xxx.xx.xxx.xx-xxxx.xxxx	Xxxxxxx	05/31/2021	verified	Low
193	XXX.XX.XXX.XX	xx.xxx.xx.xxx.xx-xxxx.xxxx	Xxxxxxx	02/10/2022	verified	Medium
194	XXX.XXX.XXX.X	xxxx.xxxxxx-xxxxx.xxx	Xxxxxxx	01/14/2022	verified	Medium
195	XXX.XXX.XXX.XX	xxxxx-xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	02/22/2022	verified	Medium
196	XXX.XXX.XX.X	xxxxxxx.xx	Xxxxxxx	06/26/2022	verified	Medium
197	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx-xx.xxxxxxxx.xxx	Xxxxxxx	05/05/2021	verified	Low
198	XXX.XXX.XXX.XX	xxxxx-xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	12/30/2022	verified	High
199	XXX.XXX.XXX.XXX	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	03/22/2022	verified	Medium
200	XXX.XXX.XXX.XXX	xxxxxxxxx.xxx	Xxxxxxx	03/04/2023	verified	High
201	XXX.XXX.XXX.XXX	xxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/25/2022	verified	Medium
202	XXX.XXX.XXX.XXX	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/15/2022	verified	Medium
203	XXX.XXX.XXX.XXX	xxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/25/2022	verified	Medium
204	XXX.XXX.XXX.X	xxxxxx-xxx-xxx-xxx-x.xxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	High
205	XXX.XXX.XXX.XX	xxxxx-xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/12/2022	verified	Medium
206	XXX.XXX.XXX.XXX	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	04/19/2022	verified	Medium
207	XXX.XXX.XXX.XXX	xxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	02/22/2022	verified	Medium
208	XXX.XXX.XXX.XXX	xxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	06/25/2022	verified	Medium
209	XXX.XXX.XXX.XXX	xxxxxx-xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxx	11/26/2022	verified	High
210	XXX.XXX.XXX.XX	xxxxxx-xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxx	01/14/2022	verified	Medium
211	XXX.XXX.XXX.XXX	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	05/16/2022	verified	Medium
212	XXX.XXX.XXX.XX	xxxxx-xxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	03/06/2022	verified	Medium
213	XXX.XX.XX.XX	xxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxx	Xxxxxxx	02/22/2022	verified	Medium
214	XXX.XX.XXX.XX		Xxxxxxx	02/22/2022	verified	Medium
215	XXX.XX.XX.XXX		Xxxxxxx	06/19/2024	verified	Very High
216	XXX.XX.XXX.XX		Xxxxxxx	02/10/2022	verified	Medium
217	XXX.XXX.XXX.XX		Xxxxxxx	05/16/2022	verified	Medium
218	XXX.XXX.XXX.XX	xxxxxxxxxx.xxxxxx-xx-xxxxx.xxx	Xxxxxxx	10/03/2023	verified	High
219	XXX.XXX.XXX.XXX	xx--xxxxx-xxx.xxxxxxx	Xxxxxxx	05/16/2022	verified	Medium
220	XXX.XXX.XX.XX		Xxxxxxx	02/15/2024	verified	Very High
221	XXX.XXX.XXX.XX		Xxxxxxx	06/04/2024	verified	Very High
222	XXX.XXX.XX.XX		Xxxxxxx	02/22/2022	verified	Medium
223	XXX.XXX.XXX.XX	xxxxx-xxxxx.xxxxxxx.xxxx	Xxxxxxx	06/04/2023	verified	Medium
224	XXX.XXX.XX.X		Xxxxxxx	05/16/2022	verified	Medium
225	XXX.XXX.XXX.X		Xxxxxxx	03/02/2019	verified	Low
226	XXX.XXX.XXX.XX		Xxxxxxx	05/16/2022	verified	Medium
227	XXX.XX.XX.XXX		Xxxxxxx	03/02/2019	verified	Low
228	XXX.XXX.XXX.XXX		Xxxxxxx	05/16/2022	verified	Medium

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-22, CWE-23	Path Traversal	predictive	High
2	T1040	CAPEC-102	CWE-319	Authentication Bypass by Capture-replay	predictive	High
3	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	High
7	TXXXX	CAPEC-150	CWE-XXX	Xxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxx	predictive	High
8	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
9	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
10	TXXXX	CAPEC-	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
11	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
12	TXXXX	CAPEC-50	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
13	TXXXX.XXX	CAPEC-	CWE-XXX	Xxxxxxxx Xxxxxx Xxxx	predictive	High
14	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
15	TXXXX	CAPEC-20	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
16	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (129)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	//proc/kcore	predictive	Medium
2	File	/cgi-bin/kerbynet	predictive	High
3	File	/forum/away.php	predictive	High
4	File	/inc/parser/xhtml.php	predictive	High
5	File	/include/makecvs.php	predictive	High
6	File	/member/index/login.html	predictive	High
7	File	/member/myfriend.php	predictive	High
8	File	/member/reg.asp	predictive	High
9	File	/pms/admin/actions/view_action.php	predictive	High
10	File	/pms/admin/cells/view_cell.php	predictive	High
11	File	/pms/admin/crimes/manage_crime.php	predictive	High
12	File	/pms/admin/inmates/view_inmate.php	predictive	High
13	File	/pms/admin/prisons/view_prison.php	predictive	High
14	File	/pms/admin/visits/view_visit.php	predictive	High
15	File	/pms/index.php	predictive	High
16	File	/pms/update_medicine.php	predictive	High
17	File	/xxx/xxxxxx_xxxxxxx.xxx	predictive	High
18	File	/xxx/xxxxxx_xxxx.xxx	predictive	High
19	File	/xxxxxxxx.xxx	predictive	High
20	File	/xxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx	predictive	High
21	File	/xxxxxxx/	predictive	Medium
22	File	/xxxx/xxxxxx-xxxxx.xxx	predictive	High
23	File	/xx-xxxxx/xxxxx.xxx?xxxx=xx_xxxx_xxxxxxx_xxxxxxxxxx	predictive	High
24	File	xxx.xxx	predictive	Low
25	File	xxxxxxxxx-xxxxxxx.xxx	predictive	High
26	File	xxxxxxxxx_xxxxxx.xxx	predictive	High
27	File	xxxxxx/xxxx/xxxxxxx-xxxxx.xxx	predictive	High
28	File	xxx.xxx	predictive	Low
29	File	xxxxx.xxxxxxxxx.xxx	predictive	High
30	File	xxxxxxxxxx.xxx	predictive	High
31	File	xxxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	High
32	File	xxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/	predictive	High
33	File	xxxxxx/xx/xx_xxxxx.x	predictive	High
34	File	xxxx:x.x/xx:x/xx:x/xx:x/xx:x/x:x/x:x/x:x/x:x	predictive	High
35	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
36	File	xxxxxxx.xxx	predictive	Medium
37	File	xxxxxxx_xxxxxxxx.xxxxx.xxx	predictive	High
38	File	xxxxxx.xxx	predictive	Medium
39	File	xxxxxxx/xxx/xx/xx.x	predictive	High
40	File	xxxx.xxx	predictive	Medium
41	File	xxxxx.xxx	predictive	Medium
42	File	xxxxxxxxxxxxx.xxx	predictive	High
43	File	xxxxxx.xxx	predictive	Medium
44	File	xxxxxxxxxxxxxxxxxxxx.xxx	predictive	High
45	File	xxxxxxxxxxxx.xxx	predictive	High
46	File	xxxx_xxxxxxxx.xxx	predictive	High
47	File	xxx/xxxxxx.xxx	predictive	High
48	File	xxxxx.xxx	predictive	Medium
49	File	xxxx.xxx	predictive	Medium
50	File	xx.xxx	predictive	Low
51	File	xxxxxxxxx.xx	predictive	Medium
52	File	xxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxx	predictive	High
53	File	xxxxx_xx.xxxx	predictive	High
54	File	xxxxxxxx_xxxxxxx.xxx	predictive	High
55	File	xxxxxx.xxx	predictive	Medium
56	File	xxxxxx/xxxxxx/xxx.xxxx	predictive	High
57	File	xxxxxx_xxx.xxx	predictive	High
58	File	xxxx.xxx	predictive	Medium
59	File	xxxxxxx.xxx	predictive	Medium
60	File	xxxxxx.xxx/xxxx_xxxx_xxxx.xxx	predictive	High
61	File	xxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xx	predictive	High
62	File	xxx.xxx	predictive	Low
63	File	xxxxxxx.xxx	predictive	Medium
64	File	xxxxx.xxx	predictive	Medium
65	File	xxxxxxxx.xxx	predictive	Medium
66	File	xxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxx	predictive	High
67	File	xxxx.xxx/xxxxxxxxxxxxxx.xxx	predictive	High
68	File	xxxxxxxx.xx?xxxxxxxxxxxx=xxxxxxxx&xxxx=x-xxxx&xxxxxxxx=xxxxxxxxxx&xx	predictive	High
69	File	xxxxxxxxxxxxxxxx.xx	predictive	High
70	File	xxxxxx.xxx	predictive	Medium
71	File	xxxxxxxxxxxxx_xxxxx.xxxx	predictive	High
72	File	xxxx_xxxxxx.xxx	predictive	High
73	File	xxxxxxxx.xxx	predictive	Medium
74	File	xx-xxxxx/xxxxxxx.xxx	predictive	High
75	File	xx-xxxxxx.xxx	predictive	High
76	File	xx-xxxxxxxx.xxx	predictive	High
77	File	~/xxxxxx/xxxx/xxxxxxxx-xxxx.xxx	predictive	High
78	File	~/xxxxxxxxx/	predictive	Medium
79	Argument	xxxxxx	predictive	Low
80	Argument	xxxxxxxx	predictive	Medium
81	Argument	xxx	predictive	Low
82	Argument	xxxxxxxxxxxxx	predictive	High
83	Argument	xxxxx	predictive	Low
84	Argument	xxxxxxxxxxx(xxxxxx)	predictive	High
85	Argument	xxxx/xxxxxx/xxx	predictive	High
86	Argument	xxxxx_xxxxxxx_xx	predictive	High
87	Argument	xxxxx	predictive	Low
88	Argument	xxxxxxxx	predictive	Medium
89	Argument	xxxxxxxxx/xxxxxxxxxx/xxxxx/xxxxxxx/xxxxxxx/xxxxxxxx	predictive	High
90	Argument	xxxxx	predictive	Low
91	Argument	xxxxxxxxxxxx	predictive	Medium
92	Argument	xxxxxxx[xxxx]	predictive	High
93	Argument	xxxxx_xx	predictive	Medium
94	Argument	xxxx	predictive	Low
95	Argument	xx	predictive	Low
96	Argument	xxxx	predictive	Low
97	Argument	xxxxxx	predictive	Low
98	Argument	xxxxxx	predictive	Low
99	Argument	xxxxx[xxxxx][xx]	predictive	High
100	Argument	xxxxx	predictive	Low
101	Argument	xxxx	predictive	Low
102	Argument	xxxx_xxxx	predictive	Medium
103	Argument	xxxx	predictive	Low
104	Argument	xxxxxxxx	predictive	Medium
105	Argument	xxxxxx	predictive	Low
106	Argument	xxxxx.xxxx	predictive	Medium
107	Argument	xxx	predictive	Low
108	Argument	x_xx	predictive	Low
109	Argument	xxxx	predictive	Low
110	Argument	xxxx[x]	predictive	Low
111	Argument	xxxxxxxx	predictive	Medium
112	Argument	xxxxxxxx	predictive	Medium
113	Argument	xxxxxxx	predictive	Low
114	Argument	xxxxxxxxxx	predictive	Medium
115	Argument	xxxx_xxx	predictive	Medium
116	Argument	xxxxxxxxxx_xxxx	predictive	High
117	Argument	xx	predictive	Low
118	Argument	xxx	predictive	Low
119	Argument	xxxx	predictive	Low
120	Argument	xxxx-xxxxx	predictive	Medium
121	Argument	xxxxxxxx	predictive	Medium
122	Argument	xxxxxxxx/xxxxxxxx	predictive	High
123	Argument	xxxx_xxxxx	predictive	Medium
124	Argument	xxxx_xxxx	predictive	Medium
125	Argument	xxxxxxxxx	predictive	Medium
126	Argument	xxxx	predictive	Low
127	Input Value	%xx%xxxxx%xx/xxx/xxxxxx%xx%xx	predictive	High
128	Input Value	--	predictive	Low
129	Input Value	xxxxx' xx 'x'='x	predictive	High

References (34)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

https://bazaar.abuse.ch/sample/12a68c94b4f0b13cca2a8b908bf674686a0ab331ec366d88baa2c192c33f236f/

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!