Houdini Analysis
IOB - Indicator of Behavior (416)
Timeline
The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.
Activities
Interest
Timeline
The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.
Vulnerabilities
IOC - Indicator of Compromise (22)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (16)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (193)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
| ID | Class | Indicator | Type | Confidence |
|---|---|---|---|---|
| 1 | File | /admin/inquiries/view_details.php | predictive | High |
| 2 | File | /Admin/login.php | predictive | High |
| 3 | File | /admin/maintenance/view_designation.php | predictive | High |
| 4 | File | /AdminDir | predictive | Medium |
| 5 | File | /coreframe/app/order/admin/index.php | predictive | High |
| 6 | File | /debug/pprof | predictive | Medium |
| 7 | File | /dev/snd/seq | predictive | Medium |
| 8 | File | /etc/sudoers | predictive | Medium |
| 9 | File | /forum/away.php | predictive | High |
| 10 | File | /products/details.asp | predictive | High |
| 11 | File | /showfile.php | predictive | High |
| 12 | File | /uncpath/ | predictive | Medium |
| 13 | File | /Wedding-Management/package_detail.php | predictive | High |
| 14 | File | adclick.php | predictive | Medium |
| 15 | File | admin-ajax.php | predictive | High |
| 16 | File | admin/abc.php | predictive | High |
| 17 | File | admin/news.php | predictive | High |
| 18 | File | adminCons.php | predictive | High |
| 19 | File | apps\admin\controller\content\SingleController.php | predictive | High |
| 20 | File | artlinks.dispnew.php | predictive | High |
| 21 | File | auth.inc.php | predictive | Medium |
| 22 | File | bookPerPub.php | predictive | High |
| 23 | File | ca.c | predictive | Low |
| 24 | File | xxxx_xxxxxxx.xxx | predictive | High |
| 25 | File | xxx.xxx | predictive | Low |
| 26 | File | xxxxxxxx.xxx | predictive | Medium |
| 27 | File | xxxxxxxx.xxx | predictive | Medium |
| 28 | File | xxxxx.xxxxx.xxx | predictive | High |
| 29 | File | xxx/xx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxx.xxxx | predictive | High |
| 30 | File | xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx | predictive | High |
| 31 | File | xxx\xxxxxxxx\xxxxx\xxxxxx\xxx\xxxxxxxxxx.xxxx | predictive | High |
| 32 | File | xxxxxx.xxx | predictive | Medium |
| 33 | File | xxxxx.xxx | predictive | Medium |
| 34 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | High |
| 35 | File | xxxxxx/xx-xxxxx-xxxxxxxxx!xxxxxxx.xxxxxx | predictive | High |
| 36 | File | xxxxxx.xxx | predictive | Medium |
| 37 | File | xxxxxx.xxx | predictive | Medium |
| 38 | File | xxxxxxxx.xxx | predictive | Medium |
| 39 | File | xxxxxxx/xxxx/xxxx/xxxx_xxx.x | predictive | High |
| 40 | File | xxxxxxx/xxxx/xxxx.x | predictive | High |
| 41 | File | xxxxx.x | predictive | Low |
| 42 | File | xxxxx/xx/xxxxx.xx | predictive | High |
| 43 | File | xxxxx.xxx | predictive | Medium |
| 44 | File | xxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.x | predictive | High |
| 45 | File | xxxxxxxxxxx.xxxxx.xxx | predictive | High |
| 46 | File | xxxxxxxxxxx/xxxxx.xxx | predictive | High |
| 47 | File | xx.xxxxx.xxx | predictive | Medium |
| 48 | File | xxxxxxx.xxx | predictive | Medium |
| 49 | File | xxxxxxxxx.xxx | predictive | High |
| 50 | File | xxxx.xxx | predictive | Medium |
| 51 | File | xxxxxxxxx.xxx | predictive | High |
| 52 | File | xxxxxxxxxx.xxx | predictive | High |
| 53 | File | xxxxxxxxx.xxx | predictive | High |
| 54 | File | xxx/xxxxxx.xxx | predictive | High |
| 55 | File | xxxxxxxx/xxxx.xxx | predictive | High |
| 56 | File | xxxxx.xxx | predictive | Medium |
| 57 | File | xxxxx.xxx | predictive | Medium |
| 58 | File | xxxxx.xxx | predictive | Medium |
| 59 | File | xxxxxxx.xxx | predictive | Medium |
| 60 | File | xxxx_xxxx.xxx | predictive | High |
| 61 | File | xxxxx/xxxxxxxx.x | predictive | High |
| 62 | File | xxxxxxxxxxxx/xxxxxxxx.x | predictive | High |
| 63 | File | xxxxxxxxxxxx/xx_xxxxxx.x | predictive | High |
| 64 | File | xxxxx.xxx | predictive | Medium |
| 65 | File | xxxxx.xxx | predictive | Medium |
| 66 | File | xxxxx.xxxx | predictive | Medium |
| 67 | File | xxxxxx.xxx | predictive | Medium |
| 68 | File | xxxxxx/xxxx.xxx | predictive | High |
| 69 | File | xxxxxxx.xxx | predictive | Medium |
| 70 | File | xxx_xxxx.xxx | predictive | Medium |
| 71 | File | xxxxxxx.xxx | predictive | Medium |
| 72 | File | xxxxxxxx.xxx | predictive | Medium |
| 73 | File | xxxxxxxx_xxxxxx.xxx | predictive | High |
| 74 | File | xxx.xx | predictive | Low |
| 75 | File | xxxxxxx.xxxx_xxx | predictive | High |
| 76 | File | xxxxxxxxx.xxx.xxx | predictive | High |
| 77 | File | xxxxxxx.xxx | predictive | Medium |
| 78 | File | xxxx_xxx.x | predictive | Medium |
| 79 | File | xxxxxxxx.xxx | predictive | Medium |
| 80 | File | xxxxx_xxx.xxx | predictive | High |
| 81 | File | xxxx.xxx | predictive | Medium |
| 82 | File | xxxxxxxxxxxxxx.xxx | predictive | High |
| 83 | File | xxxxx.xxx | predictive | Medium |
| 84 | File | xxxxxxxxxxxx_xxxxxxxx.xxx.xxx | predictive | High |
| 85 | File | xxxxxxx_xxx_xxxxx_xxxxxx.xxxx | predictive | High |
| 86 | File | xxxxxxxxxx_xxxxx.xxxxxx | predictive | High |
| 87 | File | xxxxxxx_xxxxxx_xxxxxxxx.xxx | predictive | High |
| 88 | File | xxxx_xxxxxxxxx.xxx | predictive | High |
| 89 | File | xxxxx.xxx | predictive | Medium |
| 90 | File | xxxxx.xxx | predictive | Medium |
| 91 | File | xxxx.xxx | predictive | Medium |
| 92 | File | xxxxxxxxxxxxx.xxx | predictive | High |
| 93 | File | xxxxxxxxxxxx.xxx | predictive | High |
| 94 | File | xxxxxxx.xxx | predictive | Medium |
| 95 | File | xxxxxxxxxxxxxxxx.xxx | predictive | High |
| 96 | File | xxxxxxxxxxxxxx.xxx | predictive | High |
| 97 | File | xxxxxxxxxxxxxxx.xxx | predictive | High |
| 98 | File | xxxx_xxxxxxx_xxxxxxxx.xxx | predictive | High |
| 99 | File | xxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxx | predictive | High |
| 100 | File | xxxxxxxxxxx.xxx | predictive | High |
| 101 | File | xxx/xxxxxxx.x | predictive | High |
| 102 | File | xxxx-xxxxxxx/xxxxx.xxx | predictive | High |
| 103 | File | xxxx-xxxxxxxx.xxx | predictive | High |
| 104 | File | xxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxx | predictive | High |
| 105 | File | xxxxxxxxxxxxxxxx.xxx | predictive | High |
| 106 | File | xx_xxxx.xxx | predictive | Medium |
| 107 | File | xxxxxxxx.xxx | predictive | Medium |
| 108 | File | xxxxxxx.xxx | predictive | Medium |
| 109 | File | xxxxxxx/xxxxxxxxx/xxxxxxxxxxx.xxx | predictive | High |
| 110 | File | xx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxx_xxxxxx_xxxxxx | predictive | High |
| 111 | File | xx-xxxxx.xxx | predictive | Medium |
| 112 | File | xxxxxxxxxxxx.xxx | predictive | High |
| 113 | Library | /xxx/xxx/xxx/xxx_xxxxxxxxxx/xxx_xxxx.xxx | predictive | High |
| 114 | Library | xxx/xxxx/xxxxxxx/xxxxxxxx_xxxxxxx/xxxxxxxx.xx | predictive | High |
| 115 | Library | xxxxxxxx.xxx | predictive | Medium |
| 116 | Library | xxx/xxx/xxxx/ | predictive | High |
| 117 | Argument | x_xx | predictive | Low |
| 118 | Argument | ?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=x | predictive | High |
| 119 | Argument | xxxxxx | predictive | Low |
| 120 | Argument | xxxxxxxx | predictive | Medium |
| 121 | Argument | xxxxxxxxxxx | predictive | Medium |
| 122 | Argument | xxxx_xxx_xxxx | predictive | High |
| 123 | Argument | xxx | predictive | Low |
| 124 | Argument | xxxxxxxxx | predictive | Medium |
| 125 | Argument | xxxxxxxx | predictive | Medium |
| 126 | Argument | xxxxx | predictive | Low |
| 127 | Argument | xxxxx | predictive | Low |
| 128 | Argument | xxx_xx | predictive | Low |
| 129 | Argument | xxx | predictive | Low |
| 130 | Argument | xxxx_xx | predictive | Low |
| 131 | Argument | xxxxxxxxxxxx | predictive | Medium |
| 132 | Argument | xxxxxxxx | predictive | Medium |
| 133 | Argument | xxxxxxxx_xxxxxx/xxxxxxxx_xxxx/xxxxxxxx_xxxxxxxx/xxxxxxxx_xxxx | predictive | High |
| 134 | Argument | xxxxxxxxxx | predictive | Medium |
| 135 | Argument | xxxx | predictive | Low |
| 136 | Argument | xxxxxxxxxx | predictive | Medium |
| 137 | Argument | xxxxx | predictive | Low |
| 138 | Argument | xxxxx_xxxx_xxxx | predictive | High |
| 139 | Argument | xx_xxxxxxx | predictive | Medium |
| 140 | Argument | xxxx | predictive | Low |
| 141 | Argument | xxxxxxx | predictive | Low |
| 142 | Argument | xxxx | predictive | Low |
| 143 | Argument | xxxx | predictive | Low |
| 144 | Argument | xxxxxxxx | predictive | Medium |
| 145 | Argument | xx | predictive | Low |
| 146 | Argument | xx | predictive | Low |
| 147 | Argument | xx/xxxxx/xxxxxxx_xx | predictive | High |
| 148 | Argument | xxxxxxxxxx | predictive | Medium |
| 149 | Argument | xxxxxxxxx | predictive | Medium |
| 150 | Argument | xxxxxxxx | predictive | Medium |
| 151 | Argument | xxxx_xx | predictive | Low |
| 152 | Argument | xxxxx | predictive | Low |
| 153 | Argument | xxxx | predictive | Low |
| 154 | Argument | xxxxxxxxx | predictive | Medium |
| 155 | Argument | xxx | predictive | Low |
| 156 | Argument | xxxxxxxxx_xxxxxxxx_xxxx | predictive | High |
| 157 | Argument | xxx | predictive | Low |
| 158 | Argument | xxxxx | predictive | Low |
| 159 | Argument | xxx | predictive | Low |
| 160 | Argument | xxxx_xx | predictive | Low |
| 161 | Argument | xxxx | predictive | Low |
| 162 | Argument | xxxxxxxx | predictive | Medium |
| 163 | Argument | xxxx_xx_xx_xxx | predictive | High |
| 164 | Argument | xxxxxxxxx | predictive | Medium |
| 165 | Argument | xxx | predictive | Low |
| 166 | Argument | xxxxx | predictive | Low |
| 167 | Argument | xxxxxxxx | predictive | Medium |
| 168 | Argument | xx_xxxx | predictive | Low |
| 169 | Argument | xxxxxxx_xx | predictive | Medium |
| 170 | Argument | xxxxx | predictive | Low |
| 171 | Argument | xxxxxxx/xxxxx | predictive | High |
| 172 | Argument | xxxxxx | predictive | Low |
| 173 | Argument | xxxxxxx-xxxx | predictive | Medium |
| 174 | Argument | xxx | predictive | Low |
| 175 | Argument | xxxxxx | predictive | Low |
| 176 | Argument | xx | predictive | Low |
| 177 | Argument | xxxxxxxxx | predictive | Medium |
| 178 | Argument | xxxxxxxxx | predictive | Medium |
| 179 | Argument | xxxxxx | predictive | Low |
| 180 | Argument | xxxxxxxx | predictive | Medium |
| 181 | Argument | xxxxxxxxxx | predictive | Medium |
| 182 | Argument | xxxx | predictive | Low |
| 183 | Argument | xxxxx_xx | predictive | Medium |
| 184 | Argument | xxxxxxxxxxx | predictive | Medium |
| 185 | Argument | xxxxxx_xxxx | predictive | Medium |
| 186 | Argument | xxx | predictive | Low |
| 187 | Argument | xxxxxx | predictive | Low |
| 188 | Argument | xxxxxxxx | predictive | Medium |
| 189 | Input Value | ../../xxx-xxx/xxx | predictive | High |
| 190 | Input Value | ./xxx/ | predictive | Low |
| 191 | Input Value | <xxxx<xxxxxx>xx>xxxxx(x)</xxxx</xxxxxx>xx> | predictive | High |
| 192 | Input Value | xxxxxxxx+'@xxx | predictive | High |
| 193 | Pattern | /xxx | predictive | Low |
References (12)
The following list contains external sources which discuss the actor and the associated activities:
- https://app.any.run/tasks/568aac24-7631-4f8f-a89b-ff10adf6b875
- https://app.any.run/tasks/8070f7cb-b7e2-4394-8898-cfcf9b52c332/
- xxxxx://xxxxxx.xxx/xxxxxxxxxxxxxx/xxxxxxx-xxxx/xxxx/xxxx/xxxx-xx-xx%xxxxxxxx%xxxxx%xxxxxxxxx%xxxxxx
- xxxxx://xxxxxx.xxx/xxxxx/xxxxx_xxxxxx_xxxxxxxxxxxx/xxxx/xxxx/xxxxxx/xxxxxxx
- xxxxx://xxx.xxxx.xxx/xxxxxx/xxxxx/xxxxxxx+xx+xxxx+xxxxxxxxx+xxxxxxx+x+xxxxxxxxxx+xxxxxxx/xxxxx/
- xxxxx://xxxxxxxxx.xxxxx.xx
- xxxxx://xxxx.xx/xxxxxx-xxxxxxxxxx
- xxxxx://xxxx.xx/xxxxxx-xxxxxxxxxx
- xxxxx://xxxxxxx.xxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxx
- xxxxx://xxx.xxxxxxxxxx.xxx/xxxxxxxx/xxxxxx/x/xxxx#xxx_xxxxxxx
- xxxxx://xxx.xxxxxxxxxx.xxx/xxx/xxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx
- xxxxx://xxx.xxxxxxxxxx.xxx/xxx/xxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx