GandCrab Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en934
es18
it12
ru8
de8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us984
cn10
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows8
ASP Portal4
Oracle Application Server4
Zoho ManageEngine ADSelfService Plus4
DZCP deV!L`z Clanportal4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable5.040.00000
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.610.00943CVE-2010-0966
3FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.180.00203CVE-2008-5928
4Bitrix Site Manager redirect.php link following5.34.7$0-$5k$0-$5kUnprovenUnavailable0.030.00113CVE-2008-2052
5Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix3.670.00936CVE-2020-15906
6My Link Trader out.php sql injection6.35.7$0-$5kCalculatingProof-of-ConceptNot Defined0.020.00000
7SAS Web Report Studio javascript: URL logonAndRender.do cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00089CVE-2022-25256
8Vunet VU Web Visitor Analyst redir.asp sql injection7.37.1$0-$5k$0-$5kHighWorkaround0.070.00119CVE-2010-2338
9Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00000
10OpenX adclick.php redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.360.00440CVE-2014-2230
11vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.110.00141CVE-2018-6200
12Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
13Microsoft Windows Roaming Security Rights Management Services Remote Code Execution8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.020.00302CVE-2022-21974
14GetSimpleCMS index.php redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.050.00123CVE-2019-9915
15PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00348CVE-2015-4134
16Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00054CVE-2021-43943
17Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.290.01871CVE-2007-2046
18Atlassian JIRA Server/Data Center Thread Contention/CPU Monitoring Service ViewInstrumentation.jspa cross-site request forgery4.34.1$0-$5kCalculatingNot DefinedOfficial Fix0.000.00074CVE-2021-43953
19vu Mass Mailer Login Page redir.asp sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00181CVE-2007-6138
20Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.000.00043CVE-2022-24507

IOC - Indicator of Compromise (181)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
13.64.163.50ec2-3-64-163-50.eu-central-1.compute.amazonaws.comGandCrab10/24/2021verifiedMedium
23.215.23.197ec2-3-215-23-197.compute-1.amazonaws.comGandCrab05/05/2022verifiedMedium
35.23.49.811241393-cn03460.tw1.ruGandCrab05/24/2019verifiedHigh
45.39.221.60GandCrab07/17/2021verifiedHigh
55.135.183.146freya.stelas.deGandCrab10/24/2021verifiedHigh
65.144.168.210mail.xdeers.comGandCrab04/13/2022verifiedHigh
713.37.189.21ec2-13-37-189-21.eu-west-3.compute.amazonaws.comGandCrab02/20/2023verifiedMedium
813.76.158.123GandCrab07/17/2021verifiedHigh
913.107.21.200GandCrab04/08/2022verifiedHigh
1015.188.214.230ec2-15-188-214-230.eu-west-3.compute.amazonaws.comGandCrab02/20/2023verifiedMedium
1120.42.65.92GandCrab05/07/2022verifiedHigh
1220.42.73.29GandCrab05/07/2022verifiedHigh
1320.50.64.11GandCrab10/09/2021verifiedHigh
1420.189.173.20GandCrab05/07/2022verifiedHigh
1523.56.169.147a23-56-169-147.deploy.static.akamaitechnologies.comGandCrab02/20/2023verifiedHigh
1623.56.169.152a23-56-169-152.deploy.static.akamaitechnologies.comGandCrab02/20/2023verifiedHigh
1723.100.15.180GandCrab04/14/2022verifiedHigh
1823.205.105.157a23-205-105-157.deploy.static.akamaitechnologies.comGandCrab05/07/2022verifiedHigh
1923.221.227.165a23-221-227-165.deploy.static.akamaitechnologies.comGandCrab02/20/2023verifiedHigh
2023.221.227.172a23-221-227-172.deploy.static.akamaitechnologies.comGandCrab02/20/2023verifiedHigh
2123.236.62.147147.62.236.23.bc.googleusercontent.comGandCrab04/14/2022verifiedMedium
2234.102.136.180180.136.102.34.bc.googleusercontent.comGandCrab10/09/2021verifiedMedium
2335.205.61.6767.61.205.35.bc.googleusercontent.comGandCrab10/09/2021verifiedMedium
2439.107.34.197GandCrab10/09/2021verifiedHigh
2545.33.91.79li1037-79.members.linode.comGandCrab04/08/2022verifiedHigh
2645.118.145.96GandCrab10/09/2021verifiedHigh
2746.32.228.22720808.vps-10.comGandCrab04/13/2022verifiedHigh
2847.75.206.148GandCrab04/14/2022verifiedHigh
2950.63.202.89ip-50-63-202-89.ip.secureserver.netGandCrab04/08/2022verifiedHigh
3050.87.58.16550-87-58-165.unifiedlayer.comGandCrab04/08/2022verifiedHigh
3151.15.229.127127-229-15-51.instances.scw.cloudGandCrab02/20/2023verifiedHigh
3251.68.50.168ip168.ip-51-68-50.euGandCrab04/08/2022verifiedHigh
3351.254.25.115ip115.ip-51-254-25.euGandCrab10/24/2021verifiedHigh
3451.255.48.78vps-ede152ed.vps.ovh.netGandCrab10/24/2021verifiedHigh
3552.17.9.185ec2-52-17-9-185.eu-west-1.compute.amazonaws.comGandCrab04/13/2022verifiedMedium
3652.29.192.136ec2-52-29-192-136.eu-central-1.compute.amazonaws.comGandCrab04/08/2022verifiedMedium
3752.58.78.16ec2-52-58-78-16.eu-central-1.compute.amazonaws.comGandCrab04/29/2022verifiedMedium
38XX.XXX.XXX.XXxxxx.xxxx.xxxxxXxxxxxxx10/09/2021verifiedHigh
39XX.XXX.XXX.XXXXxxxxxxx05/07/2022verifiedHigh
40XX.XXX.XXX.XXXXxxxxxxx05/07/2022verifiedHigh
41XX.XX.XXX.XXxxxx.xx-xx-xx-xxx.xxXxxxxxxx10/09/2021verifiedHigh
42XX.XXX.XX.XXXxx-xxx-xx-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxxx04/14/2022verifiedHigh
43XX.XX.XXX.XXxx.xxx.xx.xx.xxxxxx.xxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
44XX.XX.XXX.XXXxxx.xxx.xx.xx.xxxxxx.xxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
45XX.XXX.XXX.XXXxxxx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxx07/15/2021verifiedHigh
46XX.XXX.XXX.XXXXxxxxxxx05/06/2022verifiedHigh
47XX.XXX.XXX.XXxxxxxxxxxxxx.xx.xxxxxxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
48XX.XX.XXX.XXXxxxxx.xxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
49XX.XXX.XXX.XXXxxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
50XX.XX.XXX.XXxx-xx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
51XX.XX.XX.XXXXxxxxxxx05/07/2022verifiedHigh
52XX.XX.XXX.XXxxxxxx-xxxxx.xx-xxxxxxx.xxXxxxxxxx05/07/2022verifiedHigh
53XX.XXX.XXX.XXxx-xx-xxx-xxx-xx.xxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
54XX.XXX.XXX.XXXxx-xx-xxx-xxx-xxx.xxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
55XX.XXX.XXX.Xxxxxx.xxXxxxxxxx02/15/2018verifiedHigh
56XX.XX.XXX.XXxxxxx.xxxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
57XX.X.XXX.XXXxxxx-xxx.xxxxxx.xxxxxxx.xxx.xxXxxxxxxx04/08/2022verifiedHigh
58XX.XXX.XX.XXXxxxxxx.xxx-xxxx.xxxXxxxxxxx04/13/2022verifiedHigh
59XX.XXX.XXX.Xxxxxxxx.xxxxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
60XX.XXX.XXX.XXxx-xxxxxx.xxxxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
61XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
62XX.XXX.XX.XXxxx.xxxx.xxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
63XX.XXX.XX.XXxxx.xxxxx.xxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
64XX.XXX.XX.XXXxxx.xxxxxxx.xxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
65XX.XXX.XX.XXXxxx.xxxx.xxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
66XX.XXX.XX.XXXxx.xxxxx.xxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
67XX.XXX.XX.XXXxxxxxxx07/15/2021verifiedHigh
68XX.XXX.XXX.Xxxxxxxx.xxxxx.xxx.xxXxxxxxxx10/09/2021verifiedHigh
69XX.XXX.XXX.XXxxxxxxxx.xxxxx.xxx.xxXxxxxxxx04/08/2022verifiedHigh
70XX.XXX.XXX.XXxxxxxx.xxxxx.xxxxxxxxx.xxXxxxxxxx05/24/2019verifiedHigh
71XX.XX.XX.XXXxxxxx.xxxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
72XX.XXX.XX.XXxxxx.xxxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
73XX.XXX.XX.XXXxxxxx.xxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
74XX.XX.XXX.XXxxxxxx.xxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
75XX.XXX.XX.XXxxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
76XX.XXX.XXX.XXXxxxxxxx.xxxxxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
77XX.XX.XX.XXXxx-xx-xx-xxx.xx.xxx-xxx.xxXxxxxxxx04/08/2022verifiedHigh
78XX.XXX.XX.XXXxxxxxxxx.xxxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
79XX.XXX.XX.XXxxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xxXxxxxxxx07/21/2022verifiedHigh
80XX.XXX.XXX.XXXxxxxxxx04/08/2022verifiedHigh
81XX.XXX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
82XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxx07/15/2021verifiedHigh
83XXX.XXX.XX.XXXXxxxxxxx02/15/2018verifiedHigh
84XXX.XX.XXX.XXXxxxxxxx04/08/2022verifiedHigh
85XXX.XXX.XX.XXXXxxxxxxx04/08/2022verifiedHigh
86XXX.XX.XX.XXXXxxxxxxx10/24/2021verifiedHigh
87XXX.XX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
88XXX.XX.XXX.XXXXxxxxxxx04/14/2022verifiedHigh
89XXX.XX.XXX.XXXxxxxxxx04/08/2022verifiedHigh
90XXX.XX.XXX.XXXXxxxxxxx04/14/2022verifiedHigh
91XXX.XX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
92XXX.XX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
93XXX.XX.XX.XXXXxxxxxxx04/08/2022verifiedHigh
94XXX.XX.XX.XXXXxxxxxxx04/08/2022verifiedHigh
95XXX.XX.XX.XXXXxxxxxxx04/14/2022verifiedHigh
96XXX.XX.XX.XXXXxxxxxxx04/13/2022verifiedHigh
97XXX.XX.XX.XXXXxxxxxxx04/14/2022verifiedHigh
98XXX.XX.XX.XXXxxxxxxx04/08/2022verifiedHigh
99XXX.XXX.XX.XXXxxxxxxx05/07/2022verifiedHigh
100XXX.XXX.XXX.XXXxx.xxxx.xxxxxxx.xx.xxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
101XXX.XX.XXX.XXXxx-xxx.xxxxxxxxx.xxXxxxxxxx05/06/2022verifiedHigh
102XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
103XXX.XX.XXX.XXXXxxxxxxx02/15/2018verifiedHigh
104XXX.XX.XXX.XXXxxxxxxx03/31/2022verifiedHigh
105XXX.XXX.XX.XXxxxxxxx.xxxXxxxxxxx10/24/2021verifiedHigh
106XXX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
107XXX.XXX.XXX.XXXxxxxxx.xxxx-xxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
108XXX.XX.XXX.XXxxxx.xx-xxx-xx-xxx.xxXxxxxxxx04/08/2022verifiedHigh
109XXX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
110XXX.XX.XXX.XXXXxxxxxxx10/24/2021verifiedHigh
111XXX.XX.X.XXXXxxxxxxx04/14/2022verifiedHigh
112XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxx10/24/2021verifiedHigh
113XXX.XX.XX.XXxx-xxx-xx-xx-xx.xxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
114XXX.XXX.XXX.XXXxxxxxxx10/09/2021verifiedHigh
115XXX.XX.XXX.XXXxxxx.xxxxxx.xxxXxxxxxxx04/14/2022verifiedHigh
116XXX.XXX.X.XXxxxx.xxxx.xxxXxxxxxxx04/13/2022verifiedHigh
117XXX.XXX.X.XXxxxx.xxxx.xxxXxxxxxxx04/13/2022verifiedHigh
118XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxx.xxx.xxxxxxxxxxxx.xxXxxxxxxx03/31/2022verifiedHigh
119XXX.XX.XXX.XXXxxxxxxx04/08/2022verifiedHigh
120XXX.XXX.XXX.XXXXxxxxxxx10/09/2021verifiedHigh
121XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxx.xxxXxxxxxxx10/24/2021verifiedHigh
122XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxx.xxxXxxxxxxx10/24/2021verifiedHigh
123XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxx10/24/2021verifiedHigh
124XXX.XXX.XX.XXXXxxxxxxx10/09/2021verifiedHigh
125XXX.XX.XX.XXXXxxxxxxx07/17/2021verifiedHigh
126XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxxxxxXxxxxxxx04/08/2022verifiedHigh
127XXX.XX.XXX.XXXxxxxxxxx.xx-xxx-xx-xxx.xxXxxxxxxx04/08/2022verifiedHigh
128XXX.XXX.XX.XXXxxxxxx.xxxxxxx.xxXxxxxxxx10/24/2021verifiedHigh
129XXX.XXX.XX.XXXxxxxx.xxxxxx.xxXxxxxxxx04/08/2022verifiedHigh
130XXX.XXX.XX.XXXxxxxx.xxxxxx.xxXxxxxxxx10/09/2021verifiedHigh
131XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxXxxxxxxx04/08/2022verifiedHigh
132XXX.XX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
133XXX.XX.XXX.XXXXxxxxxxx04/13/2022verifiedHigh
134XXX.XX.XXX.Xxxxx.xxx.xxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
135XXX.XXX.XXX.XXXxxxxxxx10/24/2021verifiedHigh
136XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxx10/24/2021verifiedHigh
137XXX.XXX.XX.XXXxxxxxx.xx.xxXxxxxxxx04/08/2022verifiedHigh
138XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
139XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
140XXX.XXX.XXX.XXXxxxxxxx04/08/2022verifiedHigh
141XXX.XXX.XXX.XXxxxxxx.xxxxxxx.xxx.xxXxxxxxxx04/14/2022verifiedHigh
142XXX.XXX.XXX.XXXxxxxxx.xxxxxxx.xxx.xxXxxxxxxx04/08/2022verifiedHigh
143XXX.XXX.XXX.XXXxxxxxxx10/09/2021verifiedHigh
144XXX.XX.XXX.XXxxxxx.xxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
145XXX.XXX.XX.XXXxxx.xxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
146XXX.XXX.XX.XXXxxxxxxxxxx.xxxxxxx.xxx.xxxXxxxxxxx04/08/2022verifiedHigh
147XXX.XX.XXX.XXXxxxxxxx07/15/2021verifiedHigh
148XXX.XX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
149XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxXxxxxxxx04/08/2022verifiedHigh
150XXX.XX.XXX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxx05/06/2022verifiedHigh
151XXX.XX.XXX.XXxxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xxXxxxxxxx10/24/2021verifiedHigh
152XXX.XX.XXX.XXxxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xxXxxxxxxx04/13/2022verifiedHigh
153XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxxx04/08/2022verifiedHigh
154XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxxx05/06/2022verifiedHigh
155XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxx04/13/2022verifiedHigh
156XXX.X.XXX.XXXxxxxxxxxx.xxx-xxxx.xxXxxxxxxx04/08/2022verifiedHigh
157XXX.XXX.XX.XXXxxxxxxx10/24/2021verifiedHigh
158XXX.XXX.XXX.XXxxxxxxx04/13/2022verifiedHigh
159XXX.XXX.XX.XXXxxxxx.xxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
160XXX.XX.XXX.XXXxxxxxxx04/13/2022verifiedHigh
161XXX.XX.XXX.XXXxxxxxxx04/13/2022verifiedHigh
162XXX.XX.XX.XXXxxxxxxx04/08/2022verifiedHigh
163XXX.XXX.XXX.XXxxxxxxx-xxxxx.xx.xxXxxxxxxx04/08/2022verifiedHigh
164XXX.XXX.XXX.XXXxxx.xxxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
165XXX.XXX.XXX.XXXxxxxxxxxx.xxx-xxxxxxx.xxxXxxxxxxx04/14/2022verifiedHigh
166XXX.XX.XX.XXXxxxxx-xxxxx-xx.xxxxxxxxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
167XXX.XX.XX.XXXxxxxxxx04/29/2022verifiedHigh
168XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxx07/17/2021verifiedHigh
169XXX.XX.XX.XXXxxx-xx-xx-xxx.xxx.xxxxxxxxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
170XXX.XXX.XXX.XXXXxxxxxxx04/08/2022verifiedHigh
171XXX.XXX.XX.Xxxxxxxxxxx.xxx.xxxXxxxxxxx10/09/2021verifiedHigh
172XXX.XXX.XX.Xxxxxxxxx.xxx.xxxXxxxxxxx10/09/2021verifiedHigh
173XXX.XXX.XX.XXXxxxx-xxx-xx.xxxxxxxxxx.xxxxxxx.xxx.xxxXxxxxxxx04/08/2022verifiedHigh
174XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxxxx.xxxXxxxxxxx10/24/2021verifiedHigh
175XXX.XX.XX.XXxxxx.xxx.xxxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
176XXX.XX.XX.XXXxxxxx.xxx.xxxxxxxxx.xxXxxxxxxx04/13/2022verifiedHigh
177XXX.XX.XXX.XXxxxxxxxx.xxx.xxxxx.xxxXxxxxxxx10/09/2021verifiedHigh
178XXX.XXX.X.XXxxx-xxx-x-xx.xxxxxxx-xxx.xx-x.xxxXxxxxxxx04/08/2022verifiedHigh
179XXX.XXX.X.XXXxxx-xxx-x-xxx.xxxxxxx-xxx.xx-x.xxxXxxxxxxx04/08/2022verifiedHigh
180XXX.XXX.XXX.XXXxxxxxx.xxx.xxXxxxxxxx10/09/2021verifiedHigh
181XXX.XX.XX.XXXxxxxxxx04/08/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (297)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/../conf/config.propertiespredictiveHigh
2File/admin/general.cgipredictiveHigh
3File/admin/reminders/manage_reminder.phppredictiveHigh
4File/CCMAdmin/serverlist.asppredictiveHigh
5File/cgi/get_param.cgipredictiveHigh
6File/csms/admin/inquiries/view_details.phppredictiveHigh
7File/cstecgi.cgipredictiveMedium
8File/files.md5predictiveMedium
9File/forum/away.phppredictiveHigh
10File/hrm/employeeview.phppredictiveHigh
11File/images/predictiveMedium
12File/include/chart_generator.phppredictiveHigh
13File/librarian/bookdetails.phppredictiveHigh
14File/loginpredictiveLow
15File/messageboard/view.phppredictiveHigh
16File/modules/profile/index.phppredictiveHigh
17File/one_church/userregister.phppredictiveHigh
18File/out.phppredictiveMedium
19File/owa/auth/logon.aspxpredictiveHigh
20File/public/plugins/predictiveHigh
21File/SAP_Information_System/controllers/add_admin.phppredictiveHigh
22File/SASWebReportStudio/logonAndRender.dopredictiveHigh
23File/secure/admin/InsightDefaultCustomFieldConfig.jspapredictiveHigh
24File/secure/admin/ViewInstrumentation.jspapredictiveHigh
25File/SVFE2/pages/feegroups/country_group.jsfpredictiveHigh
26File/textpattern/index.phppredictiveHigh
27File/upfile.cgipredictiveMedium
28File/v2/quantum/save-data-upload-big-filepredictiveHigh
29File/wordpress/wp-admin/admin.phppredictiveHigh
30File4.edu.phppredictiveMedium
31Fileaccount_footer.phppredictiveHigh
32Fileadclick.phppredictiveMedium
33Fileadd_edit_cat.asppredictiveHigh
34Fileadd_edit_user.asppredictiveHigh
35Fileadmin.cropcanvas.phppredictiveHigh
36Fileadmin.jcomments.phppredictiveHigh
37Filexxxxx/xxxxxxxxxxx.xxxpredictiveHigh
38Filexxxxx/xxxx_xxxxxxxx.xxxpredictiveHigh
39Filexxxxx/xxxxx.xxxpredictiveHigh
40Filexxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
41Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxxxx.xxxpredictiveHigh
43Filexxxxxxxxxxx.xxxpredictiveHigh
44Filexxxx_xxxx_xxxxxxxx.xxxpredictiveHigh
45Filexx_xxxxxxxxxx.xxxpredictiveHigh
46Filexxx/xxxxxx/xxxx_xxxxxx.xxxpredictiveHigh
47Filexxxxxxxxxxxxxx.xxxpredictiveHigh
48Filexxxxxxxx.xxxxxxx.xxxpredictiveHigh
49Filexx_xxxxx_xxxxx.xxxpredictiveHigh
50Filexx_xxxx.xxxpredictiveMedium
51Filexxx_xxxxxxxxx.xxxpredictiveHigh
52Filex:\xxxxpredictiveLow
53Filexxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
54Filexxxx_xxxxxxx.xxxpredictiveHigh
55Filexxxxxxxx.xxxpredictiveMedium
56Filexxxxxxxx.xxxpredictiveMedium
57Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveHigh
58Filexxx-xxx/xxx/xxxxxxxx_xxx.xxxpredictiveHigh
59Filexxxxxxxxxxx.xxxpredictiveHigh
60Filexxxxx.xxxxx.xxxpredictiveHigh
61Filexxxxx/xxxxx_xxxxxx.xxxpredictiveHigh
62Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
63Filexxxxx_xx_xxxxxxxxx.xxxpredictiveHigh
64Filexxxxx_xxxx.xxxpredictiveHigh
65Filexxxxx.xxxpredictiveMedium
66Filexxx.xxx?xxx=xxxxx_xxxxpredictiveHigh
67Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxxxxx.xxxpredictiveHigh
70Filexxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
71Filexxxxxxxxx.xxxpredictiveHigh
72Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
73Filexx.xxxpredictiveLow
74Filexxxxxxx.xxxpredictiveMedium
75Filexxxxxx.xxxpredictiveMedium
76Filexxxxxx.xxxpredictiveMedium
77Filexxxxxxxx.xxxpredictiveMedium
78Filexxxxxxxxxx-xxxxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx/xxxxx/xxxxx.xpredictiveHigh
80Filexxxxx.xxxpredictiveMedium
81Filexxxxx.xxxpredictiveMedium
82Filexxxx.xxxpredictiveMedium
83Filexxxxxxxx.xxxpredictiveMedium
84Filexxxxxxxx.xxxpredictiveMedium
85Filexxxxxxxxx.xxxpredictiveHigh
86Filexxxxxx.xxxxpredictiveMedium
87Filexxxx.xxxpredictiveMedium
88Filexxxx.xxxpredictiveMedium
89Filexxxxxxxxxx.xxxpredictiveHigh
90Filexxxxx_xxxxxx.xxxpredictiveHigh
91Filexxxxxxxxx.xxxpredictiveHigh
92Filexxx/xxxxxxxx.xxxpredictiveHigh
93Filexxx/xxxxxx.xxxpredictiveHigh
94Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
95Filexxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
96Filexxxxxxx.xxxpredictiveMedium
97Filexxxxxxx/xxxx.xxxpredictiveHigh
98Filexxxxxxxx/xxxx.xxxpredictiveHigh
99Filexxxxx.xxxpredictiveMedium
100Filexxxx.xxxxpredictiveMedium
101Filexxxxxxxxxxxxx.xxxpredictiveHigh
102Filexxxxxx/xxxx/xxxxxx_xxx.xxxpredictiveHigh
103Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
104Filexxxx_xxxx.xxxpredictiveHigh
105Filexxx.xxxxpredictiveMedium
106Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictiveHigh
107Filexxxx/xx.xxxpredictiveMedium
108Filexxxxxx.xxxpredictiveMedium
109Filexxxxx.xxxxpredictiveMedium
110Filexxxxx.xxxpredictiveMedium
111Filexxxxx.xxxxpredictiveMedium
112Filexxxxx_xxxxxxx.xxxpredictiveHigh
113Filexxx_xxxxxxxx.xxxpredictiveHigh
114Filexxx/xxxx_xxx.xxxpredictiveHigh
115Filexxxxxxx/xxx.xxxpredictiveHigh
116Filexxx/xxxxxxxxx/xx_xxx_xxxxxx.xpredictiveHigh
117Filexxx.xxxpredictiveLow
118Filexxxxxx_xx.xxxpredictiveHigh
119Filexxx/xxxxx.xxxxpredictiveHigh
120Filex-xxxx.xxxpredictiveMedium
121Filexxxx.xxxxxxxxx.xxxpredictiveHigh
122Filexxxxxxxxx.xxx.xxxpredictiveHigh
123Filexxxxxx.xxxpredictiveMedium
124Filexxxx.xxxpredictiveMedium
125Filexxxx.xxxpredictiveMedium
126Filexxxxx/xxxxxxx.xxxpredictiveHigh
127Filexxxxxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
128Filexxxxx.xxxpredictiveMedium
129Filexxxxx.xxxpredictiveMedium
130Filexxxxxxxx.xxxpredictiveMedium
131Filexxxxxxxxxx.xxxpredictiveHigh
132Filexxxxxxxx.xxxpredictiveMedium
133Filexxxxxxxx.xxxpredictiveMedium
134Filexxxxxxxx_xxxxxxxxxxxx_xxxxxx.xxpredictiveHigh
135Filexxxxxxxx_xxxx.xxxpredictiveHigh
136Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
137Filexxxxxx.xxxpredictiveMedium
138Filexxxxxxxx.xpredictiveMedium
139Filexx_xxxx.xpredictiveMedium
140Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
141Filexxxxxx.xxxpredictiveMedium
142Filexxxxxx.xxxpredictiveMedium
143Filexxxx/xxxxxxx/xxxxxxxxxxxxx_xxx.xxxpredictiveHigh
144Filexxxxxx.xxxxpredictiveMedium
145Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveHigh
146Filexxxx.xxxpredictiveMedium
147Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
148Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
149Filexxxxxxxxxxx.xxxpredictiveHigh
150Filexxxxxxx.xxxpredictiveMedium
151Filexxx/xxx/xxxxxxx/xxxx.xxxpredictiveHigh
152Filexxxxx_xxxxx.xxxpredictiveHigh
153Filexxxx-xxxxx.xxxpredictiveHigh
154Filexxxx-xxxxxxxx.xxxpredictiveHigh
155Filexxxxx.xxpredictiveMedium
156Filexxxxx.xxxpredictiveMedium
157Filexxxxxx.xxxpredictiveMedium
158Filexxxx.xxxpredictiveMedium
159Filexxxxx-xxxxxxxx-xxxxx-xxxxxxxxxxx-xxx-xxxxx.xxxpredictiveHigh
160Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
161Filexxxxx.xxxxpredictiveMedium
162Filexxxxxxxxx.xxxxpredictiveHigh
163Filexxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
164Filexxxxxxx.xxxpredictiveMedium
165Filexx-xxxxx/xxxxx.xxxpredictiveHigh
166Filexx.xxxpredictiveLow
167Filexxxxxxxxxxxx.xxxpredictiveHigh
168File~/xxxxx-xxxxx.xxxpredictiveHigh
169File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
170Libraryxxxxxx[xxxxxx_xxxxpredictiveHigh
171Libraryxxxxxx.xxxxxxxxx.xxxxxxx.xxxxx_xxxxx.xxxpredictiveHigh
172Libraryxxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxx.xxxpredictiveHigh
173Libraryxxxxxxxx.xxxpredictiveMedium
174Library~/xxx/xxxxx-xxxxxxxx-xxxxxxxxxx.xxxpredictiveHigh
175Argument$_xxxxxxpredictiveMedium
176Argumentxxx_xxxxpredictiveMedium
177ArgumentxxxxxpredictiveLow
178Argumentxx_xxpredictiveLow
179ArgumentxxxxxxpredictiveLow
180ArgumentxxpredictiveLow
181Argumentxxx_xxpredictiveLow
182ArgumentxxpredictiveLow
183ArgumentxxpredictiveLow
184ArgumentxxxxxxxxpredictiveMedium
185ArgumentxxxxxxxxpredictiveMedium
186ArgumentxxxxxpredictiveLow
187ArgumentxxxxpredictiveLow
188Argumentxxxx_xxx_xxxxpredictiveHigh
189ArgumentxxxpredictiveLow
190ArgumentxxxxxxxxxxpredictiveMedium
191Argumentxxxxxxxx_xxxxpredictiveHigh
192Argumentxxx_xxpredictiveLow
193Argumentxx_xxxxxxpredictiveMedium
194ArgumentxxxpredictiveLow
195ArgumentxxxxpredictiveLow
196Argumentxxxx_xxpredictiveLow
197ArgumentxxxxxxxxxxpredictiveMedium
198Argumentxxxxxx[xxxxxx_xxxx]predictiveHigh
199ArgumentxxxxxxpredictiveLow
200Argumentxxxx_xxpredictiveLow
201ArgumentxxxxxxxxxxxxpredictiveMedium
202ArgumentxxxpredictiveLow
203ArgumentxxxxxxxxpredictiveMedium
204ArgumentxxxxxpredictiveLow
205ArgumentxxxxpredictiveLow
206ArgumentxxxxxxxxxxxxxxxpredictiveHigh
207Argumentxxxxx_xxxx_xxxxpredictiveHigh
208Argumentxxxxxxx=xxxxxxxxpredictiveHigh
209ArgumentxxxxpredictiveLow
210ArgumentxxxxxxxpredictiveLow
211Argumentxxxxxxx_xxxxxxxpredictiveHigh
212Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveHigh
213ArgumentxxxxxxxxpredictiveMedium
214ArgumentxxxxpredictiveLow
215ArgumentxxpredictiveLow
216Argumentxx/xx_xxxxxx_xxxx/xx_xxxx_xxxxxxpredictiveHigh
217ArgumentxxxxxxxxxpredictiveMedium
218Argumentxx_xxxxxpredictiveMedium
219ArgumentxxxxxpredictiveLow
220Argumentxxxxx_xxxxpredictiveMedium
221ArgumentxxxxxxpredictiveLow
222Argumentxxxx_xxpredictiveLow
223ArgumentxxxxpredictiveLow
224Argumentxxxxxxxx_xxxpredictiveMedium
225Argumentxxx_xxxpredictiveLow
226ArgumentxxxxxxxpredictiveLow
227ArgumentxxxpredictiveLow
228ArgumentxxxxpredictiveLow
229ArgumentxxxxxxxpredictiveLow
230Argumentxxx_xxxx_xxxxpredictiveHigh
231ArgumentxxxxxxxxxxpredictiveMedium
232ArgumentxxxpredictiveLow
233Argumentxx_xxxxpredictiveLow
234Argumentxxx/xxxxxxxxxpredictiveHigh
235Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
236ArgumentxxxxxpredictiveLow
237Argumentxxxxxxx_xxxxpredictiveMedium
238ArgumentxxxxpredictiveLow
239Argumentxxxx/xxxxxxxx/xxx/xxx/xxxxxxxx/xxxxxxxpredictiveHigh
240Argumentxxxxxxx_xxpredictiveMedium
241Argumentxxxxxx xxxxxxpredictiveHigh
242ArgumentxxxxpredictiveLow
243Argumentxxx_xxx[]predictiveMedium
244ArgumentxxxxxxxxpredictiveMedium
245Argumentxxxx_xxxxxpredictiveMedium
246Argumentxxxx_xx_xx_xxxpredictiveHigh
247ArgumentxxxxxxxpredictiveLow
248ArgumentxxxxxxxxxxxxxpredictiveHigh
249ArgumentxxxxxxxxxpredictiveMedium
250Argumentxxxxx_xxxx_xxxxpredictiveHigh
251ArgumentxxxxxpredictiveLow
252ArgumentxxxxpredictiveLow
253Argumentxx_xxxxpredictiveLow
254Argumentxx_xxxxpredictiveLow
255ArgumentxxxxxxpredictiveLow
256Argumentxxxxxxx_xxpredictiveMedium
257ArgumentxxxxxpredictiveLow
258ArgumentxxxxxxxxpredictiveMedium
259ArgumentxxxxxxxxxxpredictiveMedium
260ArgumentxxxxxpredictiveLow
261Argumentxxxxxxx_xxpredictiveMedium
262ArgumentxxxxxxxxxxpredictiveMedium
263ArgumentxxxxxxxpredictiveLow
264Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictiveHigh
265ArgumentxxxpredictiveLow
266ArgumentxxxxxxpredictiveLow
267ArgumentxxxpredictiveLow
268Argumentxxxxxx_xxxpredictiveMedium
269Argumentxxxx_xxxxpredictiveMedium
270ArgumentxxxxxxxpredictiveLow
271Argumentxxxxxx_xxpredictiveMedium
272Argumentxxxxxxx_xxpredictiveMedium
273ArgumentxxxxxxpredictiveLow
274Argumentxx_xxxxx_xxxx_xxxxpredictiveHigh
275ArgumentxxpredictiveLow
276ArgumentxxxxxxxxxpredictiveMedium
277ArgumentxxxxxxxpredictiveLow
278ArgumentxxxxxxxxxxpredictiveMedium
279Argumentx_xxpredictiveLow
280Argumentxxxxxxxxxx_xxpredictiveHigh
281ArgumentxxxxpredictiveLow
282Argumentxxxx_xxpredictiveLow
283ArgumentxxxpredictiveLow
284ArgumentxxxpredictiveLow
285Argumentxxxx.xxxxxpredictiveMedium
286Argumentxxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxxpredictiveHigh
287ArgumentxxxxxxpredictiveLow
288ArgumentxxxxxxxxpredictiveMedium
289Argumentxxxx_xxpredictiveLow
290Argumentxx_xxxxpredictiveLow
291Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
292Input Value..predictiveLow
293Input Valuex%xxxxxxx%xxxxxxxx%xxx,xxxxxx_xx%xxxxxx,xx_xxxxxxx,xxxxxxxx%xx,x,x,x,x,x,x,x,xx,xx,xx,xx,xx,xx,xx,xx,xx%xxxxxx%xxxxxxxxxx%xxxxxxx%xxxx%xxxpredictiveHigh
294Input Value<xxx%xxxxx='xxxx://xxx.xxxx.xx/xxxx.xxx'%xxxxxxx='xxxxxx:%xxxxx%xxxxxxx%xxxxxxx;'>predictiveHigh
295Input Value\xxx../../../../xxx/xxxxxxpredictiveHigh
296Patternxxxxxxx-xxxx|xx| xxxx/xxxxpredictiveHigh
297Patternxxxx /xpredictiveLow

References (21)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!