GandCrab Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (565)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	534
ru	10
es	8
de	4
ar	2

Country

US: USA	556
CN: China	6
ES: Spain	2

Actors

RedLine Stealer	3
AsyncRAT	2
NjRAT	1
DPRK	1

Activities

Interest

Timeline

Type

Not Defined	122
Content Management System	24
Forum Software	8
WordPress Plugin	8
Programming Language Software	8

Vendor

Not Defined	74
SourceCodester	10
Pearlinger	8
Google	6
Novell	4

Product

Pearlinger Products	8
PHPWind	4
Google Chrome	4
Microsoft Windows	2
Google Android	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	LogicBoard CMS away.php redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	0.41
2	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02820	0.26	CVE-2010-0966
3	Tiki Admin Password tiki-login.php improper authentication	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.91980	0.74	CVE-2020-15906
4	FLDS redir.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00291	0.09	CVE-2008-5928
5	My Link Trader out.php sql injection	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.03
6	Bitrix Site Manager redirect.php link following	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00137	0.26	CVE-2008-2052
7	SPIP spip.php cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00193	1.02	CVE-2022-28959
8	OpenX adclick.php redirect	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00584	0.13	CVE-2014-2230
9	Vunet VU Web Visitor Analyst redir.asp sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Workaround	0.00162	0.10	CVE-2010-2338
10	GetSimpleCMS index.php redirect	6.6	6.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00203	0.03	CVE-2019-9915
11	PHPWind goto.php redirect	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00348	0.04	CVE-2015-4134
12	Openads adclick.php Remote Code Execution	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02546	0.02	CVE-2007-2046
13	Serendipity exit.php privileges management	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.02
14	kurniaramadhan E-Commerce-PHP Create Product Page create_product.php cross site scripting	2.4	2.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.24	CVE-2024-13205
15	vu Mass Mailer Login Page redir.asp sql injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00496	0.02	CVE-2007-6138
16	TikiWiki tiki-register.php input validation	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01075	0.48	CVE-2006-6168
17	vBulletin redirector.php	6.6	6.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00233	0.02	CVE-2018-6200
18	Pyrophobia out.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00199	0.04	CVE-2007-1159
19	CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php cross site scripting	4.1	4.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00084	0.17	CVE-2024-11676
20	PHPWind goto.php cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00254	0.00	CVE-2015-4135

IOC - Indicator of Compromise (181)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	3.64.163.50	ec2-3-64-163-50.eu-central-1.compute.amazonaws.com	GandCrab	10/24/2021	verified	Very Low
2	3.215.23.197	ec2-3-215-23-197.compute-1.amazonaws.com	GandCrab	05/05/2022	verified	Low
3	5.23.49.81	1241393-cn03460.tw1.ru	GandCrab	05/24/2019	verified	Low
4	5.39.221.60		GandCrab	07/17/2021	verified	Low
5	5.135.183.146	freya.stelas.de	GandCrab	10/24/2021	verified	Low
6	5.144.168.210	mail.xdeers.com	GandCrab	04/13/2022	verified	Medium
7	13.37.189.21	ec2-13-37-189-21.eu-west-3.compute.amazonaws.com	GandCrab	02/20/2023	verified	Low
8	13.76.158.123		GandCrab	07/17/2021	verified	Low
9	13.107.21.200		GandCrab	04/08/2022	verified	Medium
10	15.188.214.230	ec2-15-188-214-230.eu-west-3.compute.amazonaws.com	GandCrab	02/20/2023	verified	Low
11	20.42.65.92		GandCrab	05/07/2022	verified	Medium
12	20.42.73.29		GandCrab	05/07/2022	verified	Medium
13	20.50.64.11		GandCrab	10/09/2021	verified	Low
14	20.189.173.20		GandCrab	05/07/2022	verified	Medium
15	23.56.169.147	a23-56-169-147.deploy.static.akamaitechnologies.com	GandCrab	02/20/2023	verified	Medium
16	23.56.169.152	a23-56-169-152.deploy.static.akamaitechnologies.com	GandCrab	02/20/2023	verified	Medium
17	23.100.15.180		GandCrab	04/14/2022	verified	Medium
18	23.205.105.157	a23-205-105-157.deploy.static.akamaitechnologies.com	GandCrab	05/07/2022	verified	Medium
19	23.221.227.165	a23-221-227-165.deploy.static.akamaitechnologies.com	GandCrab	02/20/2023	verified	Medium
20	23.221.227.172	a23-221-227-172.deploy.static.akamaitechnologies.com	GandCrab	02/20/2023	verified	Medium
21	23.236.62.147	147.62.236.23.bc.googleusercontent.com	GandCrab	04/14/2022	verified	Low
22	34.102.136.180	180.136.102.34.bc.googleusercontent.com	GandCrab	10/09/2021	verified	Very Low
23	35.205.61.67	67.61.205.35.bc.googleusercontent.com	GandCrab	10/09/2021	verified	Very Low
24	39.107.34.197		GandCrab	10/09/2021	verified	Low
25	45.33.91.79	li1037-79.members.linode.com	GandCrab	04/08/2022	verified	Medium
26	45.118.145.96		GandCrab	10/09/2021	verified	Low
27	46.32.228.22	720808.vps-10.com	GandCrab	04/13/2022	verified	Low
28	47.75.206.148		GandCrab	04/14/2022	verified	Medium
29	50.63.202.89	ip-50-63-202-89.ip.secureserver.net	GandCrab	04/08/2022	verified	Medium
30	50.87.58.165	50-87-58-165.unifiedlayer.com	GandCrab	04/08/2022	verified	Medium
31	XX.XX.XXX.XXX	xxx-xxx-xx-xx.xxxxxxxxx.xxx.xxxxx	Xxxxxxxx	02/20/2023	verified	Low
32	XX.XX.XX.XXX	xxxxx.xx-xx-xx-xx.xx	Xxxxxxxx	04/08/2022	verified	Medium
33	XX.XXX.XX.XXX	xxxxx.xx-xx-xxx-xx.xx	Xxxxxxxx	10/24/2021	verified	Low
34	XX.XXX.XX.XX	xxx-xxxxxxxx.xxx.xxx.xxx	Xxxxxxxx	10/24/2021	verified	Very Low
35	XX.XX.X.XXX	xxx-xx-xx-x-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx	04/13/2022	verified	Low
36	XX.XX.XXX.XXX	xxx-xx-xx-xxx-xxx.xx-xxxxxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Low
37	XX.XX.XX.XX	xxx-xx-xx-xx-xx.xx-xxxxxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx	04/29/2022	verified	Low
38	XX.XXX.XXX.XX	xxxx.xxxx.xxxxx	Xxxxxxxx	10/09/2021	verified	Low
39	XX.XXX.XXX.XXX		Xxxxxxxx	05/07/2022	verified	Medium
40	XX.XXX.XXX.XXX		Xxxxxxxx	05/07/2022	verified	Medium
41	XX.XX.XXX.XX	xxxx.xx-xx-xx-xxx.xx	Xxxxxxxx	10/09/2021	verified	Low
42	XX.XXX.XX.XXX	xx-xxx-xx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx	04/14/2022	verified	Medium
43	XX.XX.XXX.XX	xx.xxx.xx.xx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
44	XX.XX.XXX.XXX	xxx.xxx.xx.xx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
45	XX.XXX.XXX.XXX	xxxx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	07/15/2021	verified	Low
46	XX.XXX.XXX.XXX		Xxxxxxxx	05/06/2022	verified	Medium
47	XX.XXX.XXX.XX	xxxxxxxxxxxx.xx.xxxxxxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
48	XX.XX.XXX.XXX	xxxxx.xxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
49	XX.XXX.XXX.XXX	xxxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
50	XX.XX.XXX.XX	xx-xx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
51	XX.XX.XX.XXX		Xxxxxxxx	05/07/2022	verified	Medium
52	XX.XX.XXX.XX	xxxxxx-xxxxx.xx-xxxxxxx.xx	Xxxxxxxx	05/07/2022	verified	Low
53	XX.XXX.XXX.XX	xx-xx-xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
54	XX.XXX.XXX.XXX	xx-xx-xxx-xxx-xxx.xxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
55	XX.XXX.XXX.X	xxxxx.xx	Xxxxxxxx	02/15/2018	verified	Low
56	XX.XX.XXX.XX	xxxxx.xxxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
57	XX.X.XXX.XXX	xxxx-xxx.xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
58	XX.XXX.XX.XXX	xxxxxx.xxx-xxxx.xxx	Xxxxxxxx	04/13/2022	verified	Medium
59	XX.XXX.XXX.X	xxxxxxx.xxxxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
60	XX.XXX.XXX.XX	xx-xxxxxx.xxxxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
61	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
62	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
63	XX.XXX.XX.XX	xxx.xxxxx.xxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
64	XX.XXX.XX.XXX	xxx.xxxxxxx.xxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
65	XX.XXX.XX.XXX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
66	XX.XXX.XX.XXX	xx.xxxxx.xxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
67	XX.XXX.XX.XX		Xxxxxxxx	07/15/2021	verified	Low
68	XX.XXX.XXX.X	xxxxxxx.xxxxx.xxx.xx	Xxxxxxxx	10/09/2021	verified	Low
69	XX.XXX.XXX.XX	xxxxxxxx.xxxxx.xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
70	XX.XXX.XXX.XX	xxxxxx.xxxxx.xxxxxxxxx.xx	Xxxxxxxx	05/24/2019	verified	Low
71	XX.XX.XX.XXX	xxxxx.xxxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
72	XX.XXX.XX.XX	xxxx.xxxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
73	XX.XXX.XX.XXX	xxxxx.xxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
74	XX.XX.XXX.XX	xxxxxx.xxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
75	XX.XXX.XX.XX	xxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Low
76	XX.XXX.XXX.XXX	xxxxxxx.xxxxxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
77	XX.XX.XX.XXX	xx-xx-xx-xxx.xx.xxx-xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
78	XX.XXX.XX.XXX	xxxxxxxx.xxxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
79	XX.XXX.XX.XX	xxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xx	Xxxxxxxx	07/21/2022	verified	Low
80	XX.XXX.XXX.XX		Xxxxxxxx	04/08/2022	verified	Medium
81	XX.XXX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
82	XX.XX.XXX.XXX	xxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxxx	07/15/2021	verified	Low
83	XXX.XXX.XX.XXX		Xxxxxxxx	02/15/2018	verified	Low
84	XXX.XX.XXX.XX		Xxxxxxxx	04/08/2022	verified	Medium
85	XXX.XXX.XX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
86	XXX.XX.XX.XXX		Xxxxxxxx	10/24/2021	verified	Low
87	XXX.XX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
88	XXX.XX.XXX.XXX		Xxxxxxxx	04/14/2022	verified	Medium
89	XXX.XX.XXX.XX		Xxxxxxxx	04/08/2022	verified	Medium
90	XXX.XX.XXX.XXX		Xxxxxxxx	04/14/2022	verified	Medium
91	XXX.XX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
92	XXX.XX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
93	XXX.XX.XX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
94	XXX.XX.XX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
95	XXX.XX.XX.XXX		Xxxxxxxx	04/14/2022	verified	Medium
96	XXX.XX.XX.XXX		Xxxxxxxx	04/13/2022	verified	Medium
97	XXX.XX.XX.XXX		Xxxxxxxx	04/14/2022	verified	Medium
98	XXX.XX.XX.XX		Xxxxxxxx	04/08/2022	verified	Medium
99	XXX.XXX.XX.XX		Xxxxxxxx	05/07/2022	verified	Medium
100	XXX.XXX.XXX.XXX	xx.xxxx.xxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
101	XXX.XX.XXX.XXX	xx-xxx.xxxxxxxxx.xx	Xxxxxxxx	05/06/2022	verified	Medium
102	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
103	XXX.XX.XXX.XXX		Xxxxxxxx	02/15/2018	verified	Low
104	XXX.XX.XXX.XX		Xxxxxxxx	03/31/2022	verified	Medium
105	XXX.XXX.XX.XX	xxxxxxx.xxx	Xxxxxxxx	10/24/2021	verified	Low
106	XXX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
107	XXX.XXX.XXX.XXX	xxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
108	XXX.XX.XXX.XX	xxxx.xx-xxx-xx-xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
109	XXX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
110	XXX.XX.XXX.XXX		Xxxxxxxx	10/24/2021	verified	Low
111	XXX.XX.X.XXX		Xxxxxxxx	04/14/2022	verified	Medium
112	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	10/24/2021	verified	Low
113	XXX.XX.XX.XX	xx-xxx-xx-xx-xx.xxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
114	XXX.XXX.XXX.XX		Xxxxxxxx	10/09/2021	verified	Low
115	XXX.XX.XXX.XXX	xxxx.xxxxxx.xxx	Xxxxxxxx	04/14/2022	verified	Medium
116	XXX.XXX.X.XX	xxxx.xxxx.xxx	Xxxxxxxx	04/13/2022	verified	Medium
117	XXX.XXX.X.XX	xxxx.xxxx.xxx	Xxxxxxxx	04/13/2022	verified	Medium
118	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx	03/31/2022	verified	Low
119	XXX.XX.XXX.XX		Xxxxxxxx	04/08/2022	verified	Medium
120	XXX.XXX.XXX.XXX		Xxxxxxxx	10/09/2021	verified	Low
121	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxxxxx.xxx	Xxxxxxxx	10/24/2021	verified	Low
122	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxxxxx.xxx	Xxxxxxxx	10/24/2021	verified	Low
123	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xx	Xxxxxxxx	10/24/2021	verified	Low
124	XXX.XXX.XX.XXX		Xxxxxxxx	10/09/2021	verified	Low
125	XXX.XX.XX.XXX		Xxxxxxxx	07/17/2021	verified	Low
126	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xxxxxx	Xxxxxxxx	04/08/2022	verified	Medium
127	XXX.XX.XXX.XXX	xxxxxxxx.xx-xxx-xx-xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
128	XXX.XXX.XX.XXX	xxxxxx.xxxxxxx.xx	Xxxxxxxx	10/24/2021	verified	Low
129	XXX.XXX.XX.XXX	xxxxx.xxxxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
130	XXX.XXX.XX.XXX	xxxxx.xxxxxx.xx	Xxxxxxxx	10/09/2021	verified	Low
131	XXX.XXX.XX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
132	XXX.XX.XXX.XX	xxxxxxxxxxxx.xxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
133	XXX.XX.XXX.XXX		Xxxxxxxx	04/13/2022	verified	Medium
134	XXX.XX.XXX.X	xxxx.xxx.xxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
135	XXX.XXX.XXX.XX		Xxxxxxxx	10/24/2021	verified	Low
136	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xx	Xxxxxxxx	10/24/2021	verified	Low
137	XXX.XXX.XX.XXX	xxxxxx.xx.xx	Xxxxxxxx	04/08/2022	verified	Medium
138	XXX.XXX.XX.XXX	xxxxxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
139	XXX.XXX.XX.XXX	xxxxxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
140	XXX.XXX.XXX.XX		Xxxxxxxx	04/08/2022	verified	Medium
141	XXX.XXX.XXX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	04/14/2022	verified	Medium
142	XXX.XXX.XXX.XXX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
143	XXX.XXX.XXX.XX		Xxxxxxxx	10/09/2021	verified	Low
144	XXX.XX.XXX.XX	xxxxx.xxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
145	XXX.XXX.XX.XXX	xxx.xxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
146	XXX.XXX.XX.XXX	xxxxxxxxxx.xxxxxxx.xxx.xxx	Xxxxxxxx	04/08/2022	verified	Low
147	XXX.XX.XXX.XX		Xxxxxxxx	07/15/2021	verified	Low
148	XXX.XX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
149	XXX.XXX.XX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
150	XXX.XX.XXX.XX	xxxx.xxxxxxxxxxx.xxx	Xxxxxxxx	05/06/2022	verified	Medium
151	XXX.XX.XXX.XX	xxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xx	Xxxxxxxx	10/24/2021	verified	Low
152	XXX.XX.XXX.XX	xxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
153	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx	04/08/2022	verified	Medium
154	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxxx	05/06/2022	verified	Medium
155	XXX.XXX.XXX.XXX	xxxxx.xxxxxxxxxxxxxx.xxx	Xxxxxxxx	04/13/2022	verified	Medium
156	XXX.X.XXX.XXX	xxxxxxxxx.xxx-xxxx.xx	Xxxxxxxx	04/08/2022	verified	Medium
157	XXX.XXX.XX.XX		Xxxxxxxx	10/24/2021	verified	Low
158	XXX.XXX.XXX.X		Xxxxxxxx	04/13/2022	verified	Medium
159	XXX.XXX.XX.XXX	xxxxx.xxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
160	XXX.XX.XXX.XX		Xxxxxxxx	04/13/2022	verified	Medium
161	XXX.XX.XXX.XX		Xxxxxxxx	04/13/2022	verified	Medium
162	XXX.XX.XX.XX		Xxxxxxxx	04/08/2022	verified	Medium
163	XXX.XXX.XXX.XX	xxxxxxx-xxxxx.xx.xx	Xxxxxxxx	04/08/2022	verified	Medium
164	XXX.XXX.XXX.XXX	xxx.xxxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
165	XXX.XXX.XXX.XXX	xxxxxxxxx.xxx-xxxxxxx.xxx	Xxxxxxxx	04/14/2022	verified	Low
166	XXX.XX.XX.XXX	xxxxx-xxxxx-xx.xxxxxxxxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Very Low
167	XXX.XX.XX.XX		Xxxxxxxx	04/29/2022	verified	Medium
168	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxxxxxxx	07/17/2021	verified	Low
169	XXX.XX.XX.XXX	xxx-xx-xx-xxx.xxx.xxxxxxxxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
170	XXX.XXX.XXX.XXX		Xxxxxxxx	04/08/2022	verified	Medium
171	XXX.XXX.XX.X	xxxxxxxxxx.xxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
172	XXX.XXX.XX.X	xxxxxxxx.xxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
173	XXX.XXX.XX.XXX	xxxx-xxx-xx.xxxxxxxxxx.xxxxxxx.xxx.xxx	Xxxxxxxx	04/08/2022	verified	Low
174	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	10/24/2021	verified	Low
175	XXX.XX.XX.XX	xxxx.xxx.xxxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
176	XXX.XX.XX.XXX	xxxxx.xxx.xxxxxxxxx.xx	Xxxxxxxx	04/13/2022	verified	Medium
177	XXX.XX.XXX.XX	xxxxxxxx.xxx.xxxxx.xxx	Xxxxxxxx	10/09/2021	verified	Low
178	XXX.XXX.X.XX	xxx-xxx-x-xx.xxxxxxx-xxx.xx-x.xxx	Xxxxxxxx	04/08/2022	verified	Medium
179	XXX.XXX.X.XXX	xxx-xxx-x-xxx.xxxxxxx-xxx.xx-x.xxx	Xxxxxxxx	04/08/2022	verified	Medium
180	XXX.XXX.XXX.XXX	xxxxxx.xxx.xx	Xxxxxxxx	10/09/2021	verified	Low
181	XXX.XX.XX.XX		Xxxxxxxx	04/08/2022	verified	Medium

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
4	TXXXX.XXX	CAPEC-XXX	CWE-XX, CWE-XX	Xxxxx Xxxxx Xxxx Xxxxxxxxx	predictive	High
5	TXXXX	CAPEC-XXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX	CAPEC-XXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX.XXX	CAPEC-XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
8	TXXXX		CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
9	TXXXX		CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
10	TXXXX	CAPEC-XXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	High
11	TXXXX.XXX	CAPEC-XXX	CWE-XXX	Xxxxxxxx	predictive	High
12	TXXXX	CAPEC-XXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
13	TXXXX	CAPEC-XXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
14	TXXXX.XXX	CAPEC-X	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (250)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin/create_product.php	predictive	High
2	File	/admin/general.cgi	predictive	High
3	File	/admin/reminders/manage_reminder.php	predictive	High
4	File	/API/info	predictive	Medium
5	File	/backend/admin/his_admin_add_lab_equipment.php	predictive	High
6	File	/CCMAdmin/serverlist.asp	predictive	High
7	File	/cgi/get_param.cgi	predictive	High
8	File	/csms/admin/inquiries/view_details.php	predictive	High
9	File	/cstecgi.cgi	predictive	Medium
10	File	/ecommerce/support_ticket	predictive	High
11	File	/forum/away.php	predictive	High
12	File	/home/search	predictive	Medium
13	File	/include/chart_generator.php	predictive	High
14	File	/librarian/bookdetails.php	predictive	High
15	File	/messageboard/view.php	predictive	High
16	File	/out.php	predictive	Medium
17	File	/owa/auth/logon.aspx	predictive	High
18	File	/spip.php	predictive	Medium
19	File	/SVFE2/pages/feegroups/country_group.jsf	predictive	High
20	File	/textpattern/index.php	predictive	High
21	File	/upfile.cgi	predictive	Medium
22	File	/webui/modules/log/operate.mds	predictive	High
23	File	/wordpress/wp-admin/admin.php	predictive	High
24	File	account_footer.php	predictive	High
25	File	adclick.php	predictive	Medium
26	File	add_edit_cat.asp	predictive	High
27	File	add_edit_user.asp	predictive	High
28	File	admin.cropcanvas.php	predictive	High
29	File	admin/editusertag.php	predictive	High
30	File	admin/edit_category.php	predictive	High
31	File	xxxxx/xx_xxxx.xxx	predictive	High
32	File	xxxxx/xxxxx.xxx	predictive	High
33	File	xxxxx/xxxxxx.xxx	predictive	High
34	File	xxxxxxxxxxxxxxxx.xxx	predictive	High
35	File	xxxxxxxxxxx.xxx	predictive	High
36	File	xxxxxxxxxxx.xxx	predictive	High
37	File	xxxx_xxxx_xxxxxxxx.xxx	predictive	High
38	File	xx_xxxxxxxxxx.xxx	predictive	High
39	File	xxx/xxxxxx/xxxx_xxxxxx.xxx	predictive	High
40	File	xxxxxxxx.xxxxxxx.xxx	predictive	High
41	File	xx_xxxxx_xxxxx.xxx	predictive	High
42	File	xx_xxxx.xxx	predictive	Medium
43	File	xxx_xxxxxxxxx.xxx	predictive	High
44	File	x:\xxxx	predictive	Low
45	File	xxxxxx/xxxxx/xxxxx.xxx	predictive	High
46	File	xxxx_xxxxxxx.xxx	predictive	High
47	File	xxxxxxxx.xxx	predictive	Medium
48	File	xxx-xxx/xxxxxxxxxxxx.xxx	predictive	High
49	File	xxxxxxxxxxx.xxx	predictive	High
50	File	xxxxx.xxxxx.xxx	predictive	High
51	File	xxxxx/xxxxx_xxxxxx.xxx	predictive	High
52	File	xxxxxxxxxx_xxxxx.xxx	predictive	High
53	File	xxxxx_xx_xxxxxxxxx.xxx	predictive	High
54	File	xxxxx_xxxx.xxx	predictive	High
55	File	xxx.xxx?xxx=xxxxx_xxxx	predictive	High
56	File	xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx	predictive	High
57	File	xxxxxxxxxx.xxx	predictive	High
58	File	xxxxxxxxx.xxx	predictive	High
59	File	xxxxxxx.xxx	predictive	Medium
60	File	xxxxxx.xxx	predictive	Medium
61	File	xxxxxx.xxx	predictive	Medium
62	File	xxxxxxxx.xxx	predictive	Medium
63	File	xxxxxxx/xxxxx/xxxxx.x	predictive	High
64	File	xxxxx.xxx	predictive	Medium
65	File	xxxxx.xxx	predictive	Medium
66	File	xxxx.xxx	predictive	Medium
67	File	xxxxxxxx.xxx	predictive	Medium
68	File	xxxxxxxx.xxx	predictive	Medium
69	File	xxxxxxxxx.xxx	predictive	High
70	File	xxxxxx.xxxx	predictive	Medium
71	File	xxxx.xxx	predictive	Medium
72	File	xxxx.xxx	predictive	Medium
73	File	xxxxxxxxxx.xxx	predictive	High
74	File	xxxxx_xxxxxx.xxx	predictive	High
75	File	xxxxxxxxx.xxx	predictive	High
76	File	xxx/xxxxxxxx.xxx	predictive	High
77	File	xxx/xxxxxx.xxx	predictive	High
78	File	xxx/xxxxxxx/xxxxxxxxxxxx.xxx	predictive	High
79	File	xxxxxxx.xxx	predictive	Medium
80	File	xxxxxxx/xxxx.xxx	predictive	High
81	File	xxxxxxxx/xxxx.xxx	predictive	High
82	File	xxxxx.xxx	predictive	Medium
83	File	xxxx.xxxx	predictive	Medium
84	File	xxxxxxxxxxxxx.xxx	predictive	High
85	File	xxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxx	predictive	High
86	File	xxxx_xxxx.xxx	predictive	High
87	File	xxx.xxxx	predictive	Medium
88	File	xxxxxx.xxx	predictive	Medium
89	File	xxxxx.xxxx	predictive	Medium
90	File	xxxxx.xxx	predictive	Medium
91	File	xxxxx.xxxx	predictive	Medium
92	File	xxxxx_xxxxxxx.xxx	predictive	High
93	File	xxx_xxxxxxxx.xxx	predictive	High
94	File	xxx/xxxx_xxx.xxx	predictive	High
95	File	xxxxxxx/xxx.xxx	predictive	High
96	File	xxx.xxx	predictive	Low
97	File	xxxxxx_xx.xxx	predictive	High
98	File	xxx/xxxxx.xxxx	predictive	High
99	File	x-xxxx.xxx	predictive	Medium
100	File	xxxx.xxxxxxxxx.xxx	predictive	High
101	File	xxxxxxxxx.xxx.xxx	predictive	High
102	File	xxxxxx.xxx	predictive	Medium
103	File	xxxx.xxx	predictive	Medium
104	File	xxxx.xxx	predictive	Medium
105	File	xxxxxxxxx/xxxxxxxxxxxxxx.xxxx	predictive	High
106	File	xxxxx.xxx	predictive	Medium
107	File	xxxxx.xxx	predictive	Medium
108	File	xxxxxxxx.xxx	predictive	Medium
109	File	xxxxxxxxxx.xxx	predictive	High
110	File	xxxxxxxx.xxx	predictive	Medium
111	File	xxxxxxxx.xxx	predictive	Medium
112	File	xxxxxxxxxxxx_xxxxxxxx.xxx.xxx	predictive	High
113	File	xxxxxx.xxx	predictive	Medium
114	File	xxxx_xxxx_xxxxxx.xxx	predictive	High
115	File	xxxxxx.xxx	predictive	Medium
116	File	xxxxxx.xxx	predictive	Medium
117	File	xxxx/xxxxxxx/xxxxxxxxxxxxx_xxx.xxx	predictive	High
118	File	xxxx.xxx	predictive	Medium
119	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	High
120	File	xxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxx	predictive	High
121	File	xxxxxxxxxxx.xxx	predictive	High
122	File	xxx/xxx/xxxxxxx/xxxx.xxx	predictive	High
123	File	xxxxx_xxxxx.xxx	predictive	High
124	File	xxxxxx_xxxx/xxxxx.xxx	predictive	High
125	File	xxxx-xxxxx.xxx	predictive	High
126	File	xxxx-xxxxxxxx.xxx	predictive	High
127	File	xxxxxxxxxxxxxx.x	predictive	High
128	File	xxxxx.xxx	predictive	Medium
129	File	xxxxxx.xxx	predictive	Medium
130	File	xxx.xxx	predictive	Low
131	File	xxxx.xxx	predictive	Medium
132	File	xxxxx-xxxxxxxx-xxxxx-xxxxxxxxxxx-xxx-xxxxx.xxx	predictive	High
133	File	xxxxx.xxxx	predictive	Medium
134	File	xxxxxxxxx.xxxx	predictive	High
135	File	xxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxx	predictive	High
136	File	xxxxxxx.xxx	predictive	Medium
137	File	xx.xxx	predictive	Low
138	File	xxxxxxxxxxxx.xxx	predictive	High
139	File	~/xxxxx-xxxxx.xxx	predictive	High
140	Library	xxxxxx[xxxxxx_xxxx	predictive	High
141	Library	xxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxx.xxx	predictive	High
142	Library	~/xxx/xxxxx-xxxxxxxx-xxxxxxxxxx.xxx	predictive	High
143	Argument	xxx_xxxx	predictive	Medium
144	Argument	xx_xx	predictive	Low
145	Argument	xxxxxx	predictive	Low
146	Argument	xxx_xx	predictive	Low
147	Argument	xx	predictive	Low
148	Argument	xx	predictive	Low
149	Argument	xxxxxxxx	predictive	Medium
150	Argument	xxxxxxxx	predictive	Medium
151	Argument	xxxxx	predictive	Low
152	Argument	xxxx	predictive	Low
153	Argument	xxxx_xxx_xxxx	predictive	High
154	Argument	xxx	predictive	Low
155	Argument	xxxxxxxx_xxxx	predictive	High
156	Argument	xxx_xx	predictive	Low
157	Argument	xx_xxxxxx	predictive	Medium
158	Argument	xxxx	predictive	Low
159	Argument	xxxx_xx	predictive	Low
160	Argument	xxxxxxxxxx	predictive	Medium
161	Argument	xxxxxx[xxxxxx_xxxx]	predictive	High
162	Argument	xxxx_xx	predictive	Low
163	Argument	xxxxxxxxxxxx	predictive	Medium
164	Argument	xxxxxxxx	predictive	Medium
165	Argument	xxxx	predictive	Low
166	Argument	xxxxxxx	predictive	Low
167	Argument	xxxxx_xxxx_xxxx	predictive	High
168	Argument	xxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxx	predictive	High
169	Argument	xxxxxxx=xxxxxxxx	predictive	High
170	Argument	xxxxxxx	predictive	Low
171	Argument	xxxxxxx_xxxxxxx	predictive	High
172	Argument	xxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]	predictive	High
173	Argument	xxxxxxxx	predictive	Medium
174	Argument	xxxx	predictive	Low
175	Argument	xx	predictive	Low
176	Argument	xx/xx_xxxxxx_xxxx/xx_xxxx_xxxxxx	predictive	High
177	Argument	xxxxxxxxx	predictive	Medium
178	Argument	xx_xxxxx	predictive	Medium
179	Argument	xxxxx	predictive	Low
180	Argument	xxxxxx	predictive	Low
181	Argument	xxxx_xx	predictive	Low
182	Argument	xxxx	predictive	Low
183	Argument	xxxxxxxx_xxx	predictive	Medium
184	Argument	xxx_xxx	predictive	Low
185	Argument	xxxxxxx	predictive	Low
186	Argument	xxx	predictive	Low
187	Argument	xxx_xxxx_xxxx	predictive	High
188	Argument	xxx	predictive	Low
189	Argument	xx_xxxx	predictive	Low
190	Argument	xxx/xxxxxxxxx	predictive	High
191	Argument	xxxxxxxxx[xxxxxxxxx][]	predictive	High
192	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	High
193	Argument	xxxxx	predictive	Low
194	Argument	xxxxxxx_xxxx	predictive	Medium
195	Argument	xxxx	predictive	Low
196	Argument	xxxx	predictive	Low
197	Argument	xxxx/xxxxxxxx/xxx/xxx/xxxxxxxx/xxxxxxx	predictive	High
198	Argument	xxxxxxx_xx	predictive	Medium
199	Argument	xxxx	predictive	Low
200	Argument	xxx_xxx[]	predictive	Medium
201	Argument	xxxxxxxx	predictive	Medium
202	Argument	xxxx_xx_xx_xxx	predictive	High
203	Argument	xxxxxxx	predictive	Low
204	Argument	xxxxxxxxxxxxx	predictive	High
205	Argument	xxxxxxxxx	predictive	Medium
206	Argument	xxxxx_xxxx_xxxx	predictive	High
207	Argument	xxxxxxxxxxxx	predictive	Medium
208	Argument	xxxxx	predictive	Low
209	Argument	xxxxxxx	predictive	Low
210	Argument	xx_xxxx	predictive	Low
211	Argument	xx_xxxx	predictive	Low
212	Argument	xxxxxx	predictive	Low
213	Argument	xxxxxxxx	predictive	Medium
214	Argument	xxxxx	predictive	Low
215	Argument	xxxxxxx_xx	predictive	Medium
216	Argument	xxx	predictive	Low
217	Argument	xxxxxx_xxxxxx	predictive	High
218	Argument	xxx	predictive	Low
219	Argument	xxxxxx_xxx	predictive	Medium
220	Argument	xxxx_xxxx	predictive	Medium
221	Argument	xxxxxxx	predictive	Low
222	Argument	xxxxxx_xx	predictive	Medium
223	Argument	xxxxxxx_xx	predictive	Medium
224	Argument	xxxxxx	predictive	Low
225	Argument	xx_xxxxx_xxxx_xxxx	predictive	High
226	Argument	xx	predictive	Low
227	Argument	xxxxxxxxx	predictive	Medium
228	Argument	xxxxx_xxxx	predictive	Medium
229	Argument	xxxxxxx	predictive	Low
230	Argument	xxxxxx xxxx/xxxxxx xxxxx xxxx	predictive	High
231	Argument	xxxxxxxxxx	predictive	Medium
232	Argument	xxxxxxxxxx_xx	predictive	High
233	Argument	xxxx	predictive	Low
234	Argument	xxxx_xx	predictive	Low
235	Argument	xxx	predictive	Low
236	Argument	xxx	predictive	Low
237	Argument	xxxx.xxxxx	predictive	Medium
238	Argument	xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx	predictive	High
239	Argument	xxxxxx	predictive	Low
240	Argument	xxxxxxxx	predictive	Medium
241	Argument	xxxx_xx	predictive	Low
242	Argument	xx_xxxx	predictive	Low
243	Input Value	' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxx	predictive	High
244	Input Value	..	predictive	Low
245	Input Value	x%xxxxxxx%xxxxxxxx%xxx,xxxxxx_xx%xxxxxx,xx_xxxxxxx,xxxxxxxx%xx,x,x,x,x,x,x,x,xx,xx,xx,xx,xx,xx,xx,xx,xx%xxxxxx%xxxxxxxxxx%xxxxxxx%xxxx%xxx	predictive	High
246	Input Value	<xxx%xxxxx='xxxx://xxx.xxxx.xx/xxxx.xxx'%xxxxxxx='xxxxxx:%xxxxx%xxxxxxx%xxxxxxx;'>	predictive	High
247	Input Value	<xxxxxx>xxxxx(x)</xxxxxx>	predictive	High
248	Input Value	\xxx../../../../xxx/xxxxxx	predictive	High
249	Pattern	xxxxxxx-xxxx\|xx\| xxxx/xxxx	predictive	High
250	Pattern	xxxx /x	predictive	Low

References (21)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

This view requires CTI permissions

Just purchase a CTI license today!