DarkGate Analysisinfo

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en906
zh30
es12
ru10
sv10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows10
Apache Tomcat8
code-projects Job Recruitment6
TP-Link Omada ER6054
1C-Bitrix Bitrix244

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010751.21CVE-2006-6168
2trojan Initialization Interface register initialization6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000430.02CVE-2024-55215
3eSyndicat Directory Software suggest-listing.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.36
4CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php cross site scripting4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000840.04CVE-2024-11676
5SPIP spip.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001931.73CVE-2022-28959
6Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.919800.95CVE-2020-15906
7WordPress AdServe adclick.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002650.12CVE-2008-0507
8Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.74
9Apple Mac OS X Server Wiki Server sql injection5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.003390.05CVE-2015-5911
10MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.014340.26CVE-2007-0354
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000000.20
12Kelli Shaver S8Forum register.php privileges management7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.057880.07CVE-2003-1252
13kurniaramadhan E-Commerce-PHP Create Product Page create_product.php cross site scripting2.42.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.15CVE-2024-13205
14E-topbiz Viral DX 1 adclick.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.001340.11CVE-2008-2867
15OpenX adclick.php redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.005840.14CVE-2014-2230
16AWStats Config awstats.pl cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.017130.06CVE-2006-3681
17Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.16
18Leo Khoa Laragon file_upload.php unrestricted upload8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.000450.03CVE-2024-0864
19PHPVibe cross site scripting5.45.1$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.001200.04CVE-2015-5399
20Multi-Vendor Online Groceries Management System view_product.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.003700.02CVE-2022-26632

Campaigns (2)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (154)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.2.68.68DarkGate09/14/2023verifiedHigh
25.2.68.77DarkGate09/14/2023verifiedHigh
35.2.68.89DarkGate10/19/2023verifiedHigh
45.34.178.21udfurgqxmjzcc.pserver.ruDarkGate09/01/2023verifiedHigh
55.180.24.155vm2303689.stark-industries.solutionsDarkGate04/11/2024verifiedVery High
65.181.159.29no-rdns.mivocloud.comBattleRoyalDarkGate12/23/2023verifiedMedium
75.181.159.49no-rdns.mivocloud.comDarkGate01/31/2024verifiedMedium
85.181.159.64no-rdns.mivocloud.comDarkGate01/24/2024verifiedMedium
95.181.159.76no-rdns.mivocloud.comDarkGate02/13/2024verifiedMedium
105.188.87.58DarkGate09/23/2023verifiedHigh
115.252.178.1935-252-178-193.mivocloud.comDarkGate02/13/2024verifiedMedium
128.209.99.230DarkGate02/13/2024verifiedHigh
1334.16.181.00.181.16.34.bc.googleusercontent.comDarkGate02/13/2024verifiedLow
1435.203.111.228228.111.203.35.bc.googleusercontent.comDarkGate02/13/2024verifiedMedium
1535.247.194.7272.194.247.35.bc.googleusercontent.comDarkGate02/13/2024verifiedMedium
1638.180.60.31DarkGate01/31/2024verifiedHigh
1745.11.59.87mail2.hbmzubnihk.comDarkGate07/09/2024verifiedVery High
1845.11.59.161mail.discover-rates.comDarkGate08/27/2024verifiedVery High
1945.63.52.18445.63.52.184.vultrusercontent.comDarkGate04/01/2024verifiedHigh
2045.67.34.69vm2117880.stark-industries.solutionsDarkGate02/21/2024verifiedVery High
2145.89.53.187vm2338426.stark-industries.solutionsDarkGate04/09/2024verifiedVery High
2245.89.65.1982.server.comDarkGate09/01/2023verifiedHigh
2345.140.146.2vm2099152.stark-industries.solutionsDarkGate03/06/2024verifiedVery High
2445.141.87.89DarkGate09/13/2023verifiedHigh
2545.147.228.138DarkGate03/15/2024verifiedVery High
2645.154.98.2145.154.98.21.powered.by.rdp.shDarkGate05/05/2024verifiedVery High
2746.21.157.142142.157.21.46.inferno.nameDarkGate02/29/2024verifiedVery High
2846.173.215.132DarkGate02/01/2024verifiedHigh
2947.252.33.131DarkGate02/13/2024verifiedHigh
3047.252.45.173DarkGate02/13/2024verifiedHigh
31XX.XXX.XXX.XXXxxxxxxx02/13/2024verifiedHigh
32XX.XXX.XXX.XXxxxxxxx02/13/2024verifiedHigh
33XX.XX.XXX.XXXxxxxxxx.xxxxxxxx.xxxXxxxxxxx03/12/2024verifiedVery High
34XX.XXX.XXX.XXxxxx.xx-xx-xxx-xxx.xxXxxxxxxx03/15/2024verifiedVery High
35XX.XX.XXX.XXXxxxxx.xx-xx-xx-xxx.xxxXxxxxxxx10/09/2023verifiedHigh
36XX.XXX.XX.XXxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx08/26/2024verifiedVery High
37XX.XX.XX.XXXxxxxxxxXxx-xxxx-xxxxx07/22/2024verifiedVery High
38XX.XXX.XXX.XXXXxxxxxxx10/12/2023verifiedHigh
39XX.XXX.XX.XXxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxx12/03/2024verifiedHigh
40XX.XX.XX.XXxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx10/12/2023verifiedMedium
41XX.XX.XX.XXxx.xx.xx.xx.xxxxx.xxxxxXxxxxxxx09/20/2023verifiedHigh
42XX.XX.XX.XXXxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx02/12/2025verifiedHigh
43XX.XXX.XX.XXXxxx.xxxxxxxxx.xxXxxxxxxx03/12/2024verifiedVery High
44XX.XX.XXX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx05/07/2024verifiedVery High
45XX.XXX.XX.XXXXxxxxxxx04/11/2024verifiedVery High
46XX.XXX.XX.XXXxxxxxxx10/12/2023verifiedHigh
47XX.XX.XX.XXXxxxxxxx09/25/2023verifiedHigh
48XX.XX.XX.XXXXxxxxxxx08/28/2023verifiedHigh
49XX.XX.XXX.XXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxxxxxxx10/02/2023verifiedHigh
50XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxxxxxxx10/04/2023verifiedHigh
51XX.XXX.XXX.XXXxxxx.xxXxxxxxxx02/01/2024verifiedHigh
52XX.XXX.XXX.XXxxxxxxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxx10/27/2023verifiedMedium
53XX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/20/2023verifiedHigh
54XX.XXX.XXX.XXxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/02/2023verifiedHigh
55XX.XXX.XX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx09/27/2023verifiedHigh
56XX.XXX.XX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx09/27/2023verifiedHigh
57XX.XXX.XXX.XXXXxxxxxxx11/17/2023verifiedHigh
58XX.XX.XXX.XXxxxxxx.xx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx10/12/2023verifiedHigh
59XX.XXX.XXX.XXXxxxxxxx09/01/2023verifiedHigh
60XX.XX.XXX.XXXXxxxxxxx05/04/2024verifiedVery High
61XX.XXX.XXX.XXxxxxxxxxx.xxxxxxxxx.xxxXxxxxxxx08/28/2024verifiedVery High
62XX.XXX.XXX.XXxxxxx.xxxxxxxxxx.xxxXxxxxxxx07/14/2024verifiedVery High
63XX.XXX.XXX.XXxxxxxxxxx.xxXxxxxxxx10/19/2024verifiedVery High
64XX.XXX.XXX.XXxx.xx.x-xx.xxxxxxxxxxxxx.xxxXxxxxxxx06/26/2024verifiedVery High
65XX.XXX.XXX.XXXxxxxxx.x-x.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxxxx05/27/2024verifiedVery High
66XX.XXX.XXX.XXXxxx.xxx-xxxxxx.xxxXxxxxxxx10/10/2024verifiedVery High
67XX.XXX.XXX.XXXxxxxx.xxxxxx.xxxXxxxxxxx02/07/2025verifiedVery High
68XX.XXX.XXX.XXXxxxxx.xxxxxxxx.xxXxxxxxxx07/19/2024verifiedVery High
69XX.XXX.XXX.XXXxx.xx.x-xxx.xxxxxxxxxxxxx.xxxXxxxxxxx06/27/2024verifiedVery High
70XX.XXX.XXX.XXXxxxxx.xxxxxxxx.xxXxxxxxxx07/03/2024verifiedVery High
71XX.XXX.XXX.XXXxxxxx.xxxxxx.xxxXxxxxxxx10/04/2024verifiedVery High
72XX.XXX.XXX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxx07/19/2024verifiedVery High
73XX.XXX.XX.XXXxxxxxxx11/20/2024verifiedVery High
74XX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx10/10/2023verifiedHigh
75XX.XXX.XX.XXXxxxxxxx03/15/2024verifiedVery High
76XX.XXX.XXX.XXXxxxxx-xxxxx.xxxx.xxxxxxxXxxxxxxx09/23/2023verifiedHigh
77XX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxxxx09/22/2023verifiedHigh
78XX.XXX.XX.XXXxxxxxxx10/12/2023verifiedHigh
79XX.XXX.XXX.XXXxxxxxxxxx-xxxxx.xxxXxxxxxxx05/13/2024verifiedVery High
80XX.XXX.XX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx02/14/2024verifiedHigh
81XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx10/02/2023verifiedMedium
82XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx10/02/2023verifiedMedium
83XXX.XXX.XXX.XXXXxxxxxxx04/11/2024verifiedVery High
84XXX.XXX.XXX.XXXXxxxxxxx04/03/2024verifiedVery High
85XXX.XXX.XXX.XXXXxxxxxxx04/09/2024verifiedVery High
86XXX.XXX.XXX.XXXxxxxxxx09/25/2023verifiedHigh
87XXX.XXX.XXX.XXXxxxxx-xxxxxxxxxxxxxxx-xxxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxx08/28/2023verifiedMedium
88XXX.XX.XXX.XXXxxxxxxx.xxxxx.xxXxxxxxxx10/12/2023verifiedHigh
89XXX.X.XXX.XXXxxxxxxxxxXxxxxxxx02/01/2024verifiedHigh
90XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx10/02/2023verifiedMedium
91XXX.XXX.XXX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx02/13/2024verifiedHigh
92XXX.XXX.XXX.XXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx01/30/2024verifiedHigh
93XXX.XX.XXX.XXXxxxxx.xx-xxx-xx-xxx.xxXxxxxxxx03/15/2024verifiedVery High
94XXX.XXX.XXX.XXxxxxxxxxxxx.xxxXxxxxxxx03/18/2024verifiedVery High
95XXX.XXX.XXX.XXXxxxxx.xx-xxx-xxx-xxx.xxXxxxxxxx03/05/2024verifiedVery High
96XXX.XXX.XXX.XXXXxxxxxxx12/03/2024verifiedVery High
97XXX.XXX.X.XXXxxxxxxxxx.xx-xxx-xxx-x.xxxXxxxxxxx10/09/2023verifiedHigh
98XXX.XX.XXX.XXxxxx.xx-xxx-xx-xxx.xxxXxxxxxxx03/04/2024verifiedVery High
99XXX.XXX.X.XXxxx.xxx.x.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx08/28/2023verifiedMedium
100XXX.XXX.XX.XXXxxxxxxx12/14/2024verifiedVery High
101XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx01/24/2025verifiedHigh
102XXX.XXX.XX.XXXXxxxxxxx12/01/2023verifiedHigh
103XXX.XXX.XX.XXXxxxxxxx10/12/2023verifiedHigh
104XXX.XXX.XX.XXXxxxxxxx12/03/2024verifiedVery High
105XXX.XX.XXX.XXXxxxxxxx10/12/2023verifiedHigh
106XXX.XX.XXX.XXxxxx.xx-xxx-xx-xxx.xxXxxxxxxx09/27/2023verifiedHigh
107XXX.XX.XXX.XXXxxxxxxx10/10/2023verifiedHigh
108XXX.XX.XXX.XXXxxxxxxx10/09/2023verifiedHigh
109XXX.XX.XXX.XXXXxxxxxxx10/10/2023verifiedHigh
110XXX.XXX.XX.XXxxxxxxx02/01/2024verifiedHigh
111XXX.XXX.X.XXXxxxxx.xx-xxx-xxx-x.xxXxxxxxxx11/20/2024verifiedVery High
112XXX.XX.XX.XXxxxxxxxxxxxxxxx.xxxXxxxxxxx03/19/2024verifiedVery High
113XXX.XX.XXX.XXXxxxxxxx12/03/2024verifiedVery High
114XXX.XXX.XXX.XXxxxx.xx-xxx-xxx-xxx.xxxXxxxxxxx11/21/2023verifiedHigh
115XXX.XXX.XX.XXXXxxxxxxx03/28/2024verifiedVery High
116XXX.XX.XX.XXXxxxxxxx08/29/2023verifiedHigh
117XXX.XX.XX.XXxxxxxx.xx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx08/28/2023verifiedHigh
118XXX.XXX.XXX.XXXxxxxxxx09/23/2023verifiedHigh
119XXX.XXX.XXX.XXXXxxxxxxx09/14/2023verifiedHigh
120XXX.XX.XXX.XXxxxxxxx08/28/2023verifiedHigh
121XXX.XX.XXX.XXXxxxx-xx.xxxx-xxx.xxxxXxxxxxxx11/20/2024verifiedHigh
122XXX.X.XXX.XXXXxxxxxxx09/01/2023verifiedHigh
123XXX.XX.XX.XXXxxxxxxx10/12/2023verifiedHigh
124XXX.XX.XX.XXXXxxxxxxx02/01/2024verifiedHigh
125XXX.XX.XXX.XXxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx02/03/2024verifiedHigh
126XXX.XXX.XXX.XXXxxxxxxx09/19/2023verifiedHigh
127XXX.XXX.XXX.XXXXxxxxxxx10/30/2023verifiedHigh
128XXX.XXX.XXX.XXXXxxxxxxx10/12/2023verifiedHigh
129XXX.XXX.XX.XXXxxxxxxx02/01/2024verifiedHigh
130XXX.XXX.XXX.XXXxxxxxxx09/01/2023verifiedHigh
131XXX.XXX.XX.XXxxxx-xxx-xxx-xx-xx.xxxxxxx.xxxxXxxxxxxx08/28/2023verifiedMedium
132XXX.XXX.XXX.XXXXxxxxxxx04/16/2024verifiedVery High
133XXX.XXX.XXX.XXXXxxxxxxx11/21/2023verifiedHigh
134XXX.XXX.XXX.XXXXxxxxxxx04/03/2024verifiedVery High
135XXX.XXX.XXX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxxXxx-xxxx-xxxxx07/22/2024verifiedVery High
136XXX.XXX.XXX.XXXxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxxx03/05/2024verifiedVery High
137XXX.XX.XXX.XXxxx.xx.xxx.xx.xxxxxxx.xx.xxx.xxXxxxxxxx05/05/2024verifiedVery High
138XXX.XXX.XXX.XXxxxxxxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxx08/16/2024verifiedHigh
139XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/04/2023verifiedHigh
140XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/02/2023verifiedHigh
141XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/06/2023verifiedHigh
142XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/09/2023verifiedHigh
143XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/01/2023verifiedHigh
144XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/02/2023verifiedHigh
145XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxxXxxxxxxx11/03/2023verifiedHigh
146XXX.XXX.XX.XXXxxxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxx10/10/2023verifiedMedium
147XXX.XXX.XXX.XXXxxxxxxxx.xxx.xxxxxx.xxxXxxxxxxx10/12/2023verifiedMedium
148XXX.XXX.XXX.XXXxxxxxxxx.xxx.xxxxxx.xxxXxxxxxxx10/12/2023verifiedMedium
149XXX.XXX.XXX.XXXxxxxxxxx.xxx.xxxxxx.xxxXxxxxxxx10/12/2023verifiedMedium
150XXX.XX.XXX.XXXXxxxxxxx03/14/2024verifiedVery High
151XXX.XXX.XXX.XXXxxxxxxx09/22/2024verifiedVery High
152XXX.XXX.XXX.XXXXxxxxxxx03/12/2024verifiedVery High
153XXX.XXX.XX.XXXxxxxxxx09/14/2023verifiedHigh
154XXX.XXX.XXX.XXXxxx-xxxxxx.xxxxxxx.xxXxxxxxxx10/13/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-23, CWE-37, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-XXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXXXXxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxx Xx X Xxxxxxxx XxxxxxpredictiveHigh
11TXXXXCAPEC-XCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
22TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (286)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.phppredictiveHigh
2File/admin/book-details.phppredictiveHigh
3File/admin/bwdates-report-details.phppredictiveHigh
4File/admin/change-image.phppredictiveHigh
5File/admin/cmsVote/savepredictiveHigh
6File/admin/create_product.phppredictiveHigh
7File/admin/DatabaseQuerypredictiveHigh
8File/admin/edit-admin.phppredictiveHigh
9File/admin/extensions/upload.phppredictiveHigh
10File/admin/file_manager/exportpredictiveHigh
11File/admin/forms/option_lists/edit.phppredictiveHigh
12File/admin/login.phppredictiveHigh
13File/admin/operations/expense_category.phppredictiveHigh
14File/admin/options-theme.phppredictiveHigh
15File/admin/orders/view_order.phppredictiveHigh
16File/admin/print.phppredictiveHigh
17File/admin/process_category_edit.phppredictiveHigh
18File/admin/product/manage_product.phppredictiveHigh
19File/admin/sou.phppredictiveHigh
20File/adms/admin/?page=vehicles/view_transactionpredictiveHigh
21File/api/predictiveLow
22File/auth/registerpredictiveHigh
23File/backend/admin/his_admin_add_lab_equipment.phppredictiveHigh
24File/backend/admin/his_admin_add_vendor.phppredictiveHigh
25File/backend/admin/his_admin_register_patient.phppredictiveHigh
26File/cgi-bin/adm.cgipredictiveHigh
27File/cgi-bin/cstecgi.cgipredictiveHigh
28File/cgi-bin/wlogin.cgipredictiveHigh
29File/cms/category/listpredictiveHigh
30File/core/config-revisionspredictiveHigh
31File/dashboard/admin/submit_payments.phppredictiveHigh
32File/device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___predictiveHigh
33File/editar-cliente.phppredictiveHigh
34File/editar-produto.phppredictiveHigh
35File/endpoint/add-task.phppredictiveHigh
36File/xxxxxxx.xxxpredictiveMedium
37File/xxxxxxx.xxxpredictiveMedium
38File/xxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
39File/xxxxxxxxxxx/xxxxxxpredictiveHigh
40File/xxxxxxx/xxxxxxx_xxxxx.xxxpredictiveHigh
41File/xxxxx/xxxxxxxpredictiveHigh
42File/xxxxx/xxxx.xxxpredictiveHigh
43File/xxxxxxxxx/xxx/xxxx.xxxxpredictiveHigh
44File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
45File/xxxxxx/xxxxxxxxxxxxxxxpredictiveHigh
46File/xxxxxx/xxxxxxxxxxxxxpredictiveHigh
47File/xxxxx.xxx/xxxxxpredictiveHigh
48File/xxxxx.xxx/xxxxxxx/xxxxxxxx/predictiveHigh
49File/xxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
50File/xxxxx.xxxpredictiveMedium
51File/xxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxxxxx_xxxxpredictiveHigh
52File/xxx_xxxxxpredictiveMedium
53File/xxxxxxxxxxx.xxx/xxxxxxxxpredictiveHigh
54File/xxxx/xxxxxx/xxxxxxx/xxxxxx-xxxxxxxxxx-x.xx.x/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
55File/xxxxx/xxxxx/xxxxxxxx.xxxpredictiveHigh
56File/xxx/xxxxxxx_xxxxxx/xxxx_xxxx.xxxpredictiveHigh
57File/xxxxxxx.xxxpredictiveMedium
58File/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
59File/xxxxxx/xxxxxpredictiveHigh
60File/xxxxxxxx.xxxpredictiveHigh
61File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
62File/xxxxxx.xxxpredictiveMedium
63File/xxxxxxxxxx.xxxpredictiveHigh
64File/xxxx.xxxpredictiveMedium
65File/xxxxxxpredictiveLow
66File/xxx/xxxx/xxxxxxxxxxxx?xxxxxxxx=xxxxxpredictiveHigh
67File/xxxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
68File/xxxxx/xxxxxx/xxxxpredictiveHigh
69File/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
70File/xxxxxpredictiveLow
71File/xxx/xxxpredictiveMedium
72File/xxx/xxxxxxxx_${xxxxx'x_xxxx}.xxxpredictiveHigh
73File/xxxxxxx-xxxxxxx.xxxpredictiveHigh
74File/xxxxxxxxxxx.xxxpredictiveHigh
75File/xx/xxxxxxx/xxxxxx-xxxxxxx.xxxpredictiveHigh
76File/_xxxxx/_xxx_xxxxx.xxxpredictiveHigh
77Filexxx.xpredictiveLow
78Filexxxxxxx.xxxpredictiveMedium
79Filexxx.xxxpredictiveLow
80Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
81Filexxxxx.xxxpredictiveMedium
82Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
83Filexxxxx/xxxxx-xxxx.xxxpredictiveHigh
84Filexxxxx\xxxxxxx\xxxxx.xxx#xxxx_xxxxpredictiveHigh
85Filexxx/xxpredictiveLow
86Filexxx.xxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
87Filexxx/xxxxxxx/xx-xxx/xxxxx/xxx.xxxpredictiveHigh
88Filexxxxxxx.xxpredictiveMedium
89Filexxxxxxxxxxx.xxxpredictiveHigh
90Filexxxxxxxxxx.xxxpredictiveHigh
91Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictiveHigh
92Filexx_xxxxxxxxxxxxxxx.xpredictiveHigh
93Filexxxxxxxxxxxxxxxxxx.xxpredictiveHigh
94Filexxxxxxx/xxxxx-xxxxxxxxxxx-xxx-xxxxxxxxx.xxxpredictiveHigh
95Filexxxxx.xxxpredictiveMedium
96Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveHigh
97Filexxx_xxxxx.xxxpredictiveHigh
98Filexxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/predictiveHigh
99Filexxxx.xpredictiveLow
100Filexxxxxx.xxxpredictiveMedium
101Filexxx/xxxxx.xxpredictiveMedium
102Filexxxx_xxx/xx/xxxxxxxx/xxxxxx.xxxpredictiveHigh
103Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
104Filexxxxx.xxxpredictiveMedium
105Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
106Filexxxx.xxxpredictiveMedium
107Filexxxx.xxxpredictiveMedium
108Filexxx/xxxx/xxxx.xpredictiveHigh
109Filexxxx_xxxxxx.xxxpredictiveHigh
110Filexxxxxx.xpredictiveMedium
111Filexxxx/xxxxxxxx.xpredictiveHigh
112Filexxxxx/xxxxxx.xxxpredictiveHigh
113Filexxx/xxxxxx_xxx.xpredictiveHigh
114Filexxxxx.xxxpredictiveMedium
115Filexxxx.xxxpredictiveMedium
116Filexxxxx_xxxx.xxxpredictiveHigh
117Filexxxxxxxxx.xxxpredictiveHigh
118Filexxxxxxxxxx/xxx/xxxx/xxxx/xxx/xxx/xxxxxx/xxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
119Filexxxxx/xxxx/xxxx.xxxpredictiveHigh
120Filexxx/xxxxxx.xxxpredictiveHigh
121Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
122Filexxxxx.xxxxpredictiveMedium
123Filexxxxx.xxxpredictiveMedium
124Filexxxxxxxx.xxxpredictiveMedium
125Filexxxxxx.xxxpredictiveMedium
126Filexxxx/xxxxxxx/xxxxxxxx.xxxxxx.xxxpredictiveHigh
127Filexxxxx-xxxxxx-xxxxxx.xxxxpredictiveHigh
128Filexxxxx.xxxpredictiveMedium
129Filexxxxx.xxxpredictiveMedium
130Filexxxxxxxxxxxx.xxxpredictiveHigh
131Filexxxxxx.xxxpredictiveMedium
132Filexxxxxxx/xxxxxxxx/xxxxxxxxxxx/xxxxx/xxxxxxxx.xxxpredictiveHigh
133Filexxxxxxx/xxxxxx.xxxpredictiveHigh
134Filexx.xxxpredictiveLow
135Filexxxxxxxxx.xxxpredictiveHigh
136Filexxxxxxxx.xxxpredictiveMedium
137Filexxxxxxxxxx.xxxxpredictiveHigh
138Filexxx/xxxxx.xxxpredictiveHigh
139Filexxxxxxx.xxxpredictiveMedium
140Filexxxxxxx.xxpredictiveMedium
141Filexxxxx_xxxxxxx.xxxpredictiveHigh
142Filexxxxx.xxxpredictiveMedium
143Filexxxxx.xxxpredictiveMedium
144Filexxxxxxxx.xxxpredictiveMedium
145Filexxxxx.xxxpredictiveMedium
146Filexxxxxxxxxxxx.xxpredictiveHigh
147Filexxxxxxx.xxxxpredictiveMedium
148Filexxxxx.xxpredictiveMedium
149Filexxxx_xxxx.xxxpredictiveHigh
150Filexxx/xxxx/xxxx/xxx/xx/xxxx/xxxxxxx/xxxxxxxxxx/xxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
151Filexxx/xxxx/xxxx/xxx/xxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxx. xxxxpredictiveHigh
152Filexxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
153Filexxxxxxx-xxxxxxxx.xxxpredictiveHigh
154Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
155Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
156Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
157Filexxxx-xxxxx.xxxpredictiveHigh
158Filexxxx-xxxxxxxxx.xxxpredictiveHigh
159Filexxxx-xxxxx.xxxpredictiveHigh
160Filexxxx-xxxxxxxx.xxxpredictiveHigh
161Filexxxxxxxxxx.xxxpredictiveHigh
162Filexxxxxxx-xxxx-xxx-xxxxxx\xxx\xxxx\xxxx\xx\xxxxxx\xxxxxxxxxxxxx\xxxxxxxxxxxxxx\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
163FilexxxxxpredictiveLow
164Filexxxxxxxxxxxxx.xxxpredictiveHigh
165Filexxxx.xpredictiveLow
166Filexxxxxx/xxxxxxx/xxxxxxxx/xxxx/xxxxxxx.xxxpredictiveHigh
167Filexxxxxx\xxxxxx\xxxxxxxxx-xxxxxx-xxxxxxx\xxx\xxxxxxx\xxxxxxx.xxxpredictiveHigh
168Filexxxx.xxxpredictiveMedium
169Filexxxxx.xxxpredictiveMedium
170Filexxxxxx.xxxpredictiveMedium
171Filexxxxxx.xxxpredictiveMedium
172Filexxxxxxxxxx.xxxpredictiveHigh
173Filexxxxxxx.xxxpredictiveMedium
174Filexxxxxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
175Filexxxxxxxxxxxx-xxxxxx.xxxpredictiveHigh
176Libraryxxxxxxxx.xxxpredictiveMedium
177Libraryxxx/xxxxxxx/xxxxx.xpredictiveHigh
178Libraryxxxxxxxx.xxxpredictiveMedium
179Argumentxx/xxpredictiveLow
180ArgumentxxxxxxxxxxpredictiveMedium
181Argumentx_xxxxpredictiveLow
182ArgumentxxxxxxxxpredictiveMedium
183ArgumentxxxxxxxxpredictiveMedium
184Argumentxxxxx_xxxxpredictiveMedium
185Argumentxxxxx xxxxxxx xxxx xxxxpredictiveHigh
186ArgumentxxxxxpredictiveLow
187ArgumentxxxpredictiveLow
188ArgumentxxxxxxxxxxpredictiveMedium
189Argumentxxxxxxx_xxpredictiveMedium
190Argumentxxxxx/xxxpredictiveMedium
191ArgumentxxxxxxpredictiveLow
192Argumentxxxxxxx_xxxxpredictiveMedium
193ArgumentxxxxxxxpredictiveLow
194Argumentxxxxxxxxx[x]predictiveMedium
195Argumentxxxx[xxx_xxxx_xxxxxxx]*[xxxx][xxxx][xxxx][xxxxxxxx][xxxx]predictiveHigh
196ArgumentxxxxxpredictiveLow
197ArgumentxxxxxxpredictiveLow
198ArgumentxxxxpredictiveLow
199Argumentx/xxxxpredictiveLow
200Argumentxxxxxx_xxxxpredictiveMedium
201ArgumentxxxxxpredictiveLow
202Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
203Argumentxxxxx_xxxxxxx/xxxxxxx/xxxxxxx_xxxx/xxx_xxxxx/xxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
204ArgumentxxxxxpredictiveLow
205Argumentxx_xxxxx_xxpredictiveMedium
206Argumentxxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxxpredictiveHigh
207Argumentxxxxx_xxxpredictiveMedium
208ArgumentxxxxxxpredictiveLow
209Argumentxxxxxx-xxxxxxpredictiveHigh
210ArgumentxxxxxxpredictiveLow
211Argumentxxxxx/xxxxxpredictiveMedium
212ArgumentxxxxpredictiveLow
213Argumentxxxxxxxx/xxpredictiveMedium
214ArgumentxxxxxpredictiveLow
215Argumentxxxxx/xxxxxpredictiveMedium
216ArgumentxxxxxxxxpredictiveMedium
217Argumentxx_xxxxxxpredictiveMedium
218ArgumentxxxxpredictiveLow
219Argumentxxxxxxxx/xxpredictiveMedium
220Argumentxxxx_xxxxpredictiveMedium
221ArgumentxxpredictiveLow
222Argumentxxx_xxxxxxxxpredictiveMedium
223Argumentxxx_xxxxxxxpredictiveMedium
224ArgumentxxxxpredictiveLow
225ArgumentxxxxpredictiveLow
226ArgumentxxxxxxxpredictiveLow
227ArgumentxxxxxpredictiveLow
228ArgumentxxpredictiveLow
229Argumentxxxxxxx/xxxxpredictiveMedium
230ArgumentxxxxxxxxxxpredictiveMedium
231Argumentxxx/xxxpredictiveLow
232Argumentx_xxpredictiveLow
233ArgumentxxxxpredictiveLow
234ArgumentxxxxpredictiveLow
235Argumentxxxxxxxx xxxxxxpredictiveHigh
236ArgumentxxxxxxxxxxxxpredictiveMedium
237ArgumentxxxxpredictiveLow
238ArgumentxxxxxxxxpredictiveMedium
239ArgumentxxxxpredictiveLow
240Argumentxxx_xxxxx/xxx_xxxxxxx/xxx_xxxxx/xxx_xxx/xxx_xxx/xxx_xxxxxx/xxx_xxxxx/xxx_xxxx/xxx_xxxxpredictiveHigh
241ArgumentxxxpredictiveLow
242Argumentxxx/xx/xx/xx/xx/xx/xx/xxpredictiveHigh
243ArgumentxxxxxxpredictiveLow
244ArgumentxxxxxxxxxxpredictiveMedium
245Argumentxxxxxxxxxx_xxpredictiveHigh
246ArgumentxxxxxxxxpredictiveMedium
247ArgumentxxxxxpredictiveLow
248ArgumentxxxxxxxpredictiveLow
249ArgumentxxxxxxxxxxpredictiveMedium
250Argumentxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
251Argumentxxx_xxpredictiveLow
252ArgumentxxxxxxxpredictiveLow
253ArgumentxxxxxxpredictiveLow
254ArgumentxxxxxxxxxxpredictiveMedium
255Argumentxxxxxx_xxxpredictiveMedium
256ArgumentxxxxpredictiveLow
257Argumentxxxx_xxxxxxpredictiveMedium
258ArgumentxxxxpredictiveLow
259Argumentxxxx_xxxxpredictiveMedium
260Argumentxxx_xx_xxxpredictiveMedium
261ArgumentxxxxxxxxpredictiveMedium
262ArgumentxxxxpredictiveLow
263ArgumentxxxxxxxxxpredictiveMedium
264ArgumentxxxxxxpredictiveLow
265Argumentxxxxxx($xxx)predictiveMedium
266Argumentxxxx_xxxxpredictiveMedium
267ArgumentxxxxxpredictiveLow
268Argumentxxxx_xxxxpredictiveMedium
269Argumentxxxxxx[xxx][xxxx]predictiveHigh
270ArgumentxxxpredictiveLow
271ArgumentxxxpredictiveLow
272ArgumentxxxxpredictiveLow
273ArgumentxxxxxxxxpredictiveMedium
274ArgumentxxxxxxxxpredictiveMedium
275Argumentx_xxxx/x_xxx/x_xxxxxx/x_xxxxx/x_xxxxx/x_xxxxpredictiveHigh
276ArgumentxxxxxxxpredictiveLow
277Argument_xxxxxxpredictiveLow
278Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
279Input Value-xpredictiveLow
280Input Value-xpredictiveLow
281Input Value..%xxpredictiveLow
282Input Value../predictiveLow
283Input Value.x./predictiveLow
284Input Value<<xx xxxxxx=xxxxx(x)>>xxxx</xx>predictiveHigh
285Input Value<xxx%xxxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
286Network Portxxxx/xxxxpredictiveMedium

References (83)

The following list contains external sources which discuss the actor and the associated activities:

Samples (83)

The following list contains associated samples:

This view requires CTI permissions

Just purchase a CTI license today!