IcedID Downloader Analysisinfo

IOB - Indicator of Behavior (108)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en96
zh6
ru2
es2
pl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apache Struts2
Hikvision Intercom Broadcasting System2
Atmail2
SpringBlade2
iThemes BackupBuddy Plugin2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Atmail Remote Code Execution9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002440.03CVE-2013-5033
2Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.00CVE-2009-4935
3Linksys WRT54GL Web Management Interface SysInfo1.htm information disclosure4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000470.09CVE-2024-1406
4Esoftpro Online Guestbook Pro ogp_show.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.002440.03CVE-2009-2441
5Teclib GLPI unlock_tasks.php sql injection8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.132580.00CVE-2019-10232
6Apache Struts ExceptionDelegator input validation8.88.4$5k-$25k$0-$5kHighOfficial Fix0.140970.06CVE-2012-0391
7Schneider Electric Vijeo Designer path traversal5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002760.00CVE-2021-22704
8Host Discard Service privileges management7.37.1$0-$5k$0-$5kHighWorkaround0.015000.04CVE-1999-0636
9VMware Spring Security Authorization Rule String.toUpperCase authorization4.54.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-38827
10Liferay Portal ommand absolute path traversal8.48.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.064560.04CVE-2021-33990
11MZ Automation LibIEC61850 MMS Client stack-based overflow5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.00CVE-2024-45970
12Pureftpd pure-FTPd path traversal5.15.1$0-$5k$0-$5kNot DefinedNot Defined0.000420.03CVE-2011-3171
13WP Maps Plugin sql injection7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-2386
14UnrealIRCd input validation7.37.3$0-$5k$0-$5kHighNot Defined0.756550.07CVE-2010-2075
15vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.002860.03CVE-2016-6195
16Bitrix24 tools.php initialization7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.086240.03CVE-2023-1719
17DokuWiki Media Manager unrestricted upload6.26.2$0-$5k$0-$5kNot DefinedNot Defined0.000430.05CVE-2024-33103
18Linux Kernel mm_fault_error memory corruption8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000440.03CVE-2024-42267
19Dovecot Message Parser resource consumption7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.03CVE-2024-23185
20code-projects Online Polling Registration registeracc.php sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001210.04CVE-2024-7637

IOC - Indicator of Compromise (208)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.39.218.210IcedID Downloader12/16/2021verifiedLow
25.181.27.192gcl-lon.comIcedID Downloader04/21/2022verifiedMedium
35.181.80.125ip-80-125-bullethost.netIcedID Downloader12/31/2021verifiedLow
45.181.80.214IcedID Downloader12/31/2021verifiedLow
55.181.80.224IcedID Downloader12/31/2021verifiedLow
65.188.0.52saycain.example.comIcedID Downloader04/21/2022verifiedMedium
75.196.103.151IcedID Downloader05/21/2022verifiedMedium
85.196.196.253IcedID Downloader12/31/2021verifiedLow
95.196.196.255IcedID Downloader12/31/2021verifiedLow
105.199.162.123IcedID Downloader04/23/2022verifiedMedium
115.199.162.162IcedID Downloader05/06/2022verifiedMedium
125.199.162.166IcedID Downloader05/19/2022verifiedMedium
135.199.162.174IcedID Downloader06/11/2022verifiedMedium
145.199.162.235IcedID Downloader06/02/2022verifiedMedium
155.199.173.20IcedID Downloader04/24/2022verifiedMedium
165.199.173.24IcedID Downloader06/02/2022verifiedMedium
175.199.173.27IcedID Downloader04/22/2022verifiedMedium
185.199.173.29IcedID Downloader06/02/2022verifiedMedium
195.199.173.107IcedID Downloader05/06/2022verifiedMedium
205.199.173.141IcedID Downloader05/12/2022verifiedMedium
215.199.173.150IcedID Downloader05/13/2022verifiedMedium
225.199.173.217IcedID Downloader06/04/2022verifiedMedium
235.199.173.234IcedID Downloader05/20/2022verifiedMedium
245.199.174.232IcedID Downloader04/21/2022verifiedMedium
2523.88.37.159static.159.37.88.23.clients.your-server.deIcedID Downloader10/19/2023verifiedHigh
2623.106.124.26IcedID Downloader04/21/2022verifiedMedium
2737.61.229.95zeno.igorclark.netIcedID Downloader04/21/2022verifiedMedium
2845.11.19.121IcedID Downloader04/21/2022verifiedMedium
2945.66.248.151IcedID Downloader04/24/2022verifiedMedium
3045.86.229.46IcedID Downloader05/17/2022verifiedMedium
31XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/27/2022verifiedMedium
32XX.XX.XXX.XXXxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx05/17/2022verifiedMedium
33XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx05/20/2022verifiedMedium
34XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx05/27/2022verifiedMedium
35XX.XX.XXX.XXXxxx.xxxxxxxx-xxx.xxxxxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx05/14/2022verifiedMedium
36XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/10/2022verifiedMedium
37XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
38XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/09/2022verifiedMedium
39XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
40XX.XX.XXX.XXXxxxxx.xxxxxxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
41XX.XX.XX.XXXxxxx.xxxxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
42XX.XX.XX.XXXxxxx.xxxxxxxxx.xxxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
43XX.XX.XXX.XXXxxxxxx.xxxxXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
44XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx05/12/2022verifiedMedium
45XX.XXX.XX.XXXxxxxx Xxxxxxxxxx05/21/2022verifiedMedium
46XX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
47XX.XXX.XXX.XXxxxxx Xxxxxxxxxx05/20/2022verifiedMedium
48XX.XXX.XXX.XXxxxxxxx.xxxXxxxxx Xxxxxxxxxx12/31/2021verifiedLow
49XX.XX.XX.XXXxxxxx Xxxxxxxxxx05/09/2022verifiedMedium
50XX.XX.XXX.XXxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
51XX.XXX.XXX.XXXxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
52XX.XX.XXX.XXxxxxx Xxxxxxxxxx04/24/2022verifiedMedium
53XX.XX.XXX.XXxxxxx Xxxxxxxxxx06/13/2022verifiedMedium
54XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
55XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/21/2022verifiedMedium
56XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/05/2022verifiedMedium
57XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
58XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/05/2022verifiedMedium
59XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
60XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx05/26/2022verifiedMedium
61XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx04/22/2022verifiedMedium
62XX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
63XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/11/2022verifiedMedium
64XX.XX.XXX.XXXxxxxx Xxxxxxxxxx04/22/2022verifiedMedium
65XX.XX.XXX.XXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
66XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/11/2022verifiedMedium
67XX.XX.XXX.XXXxxxxx Xxxxxxxxxx06/05/2022verifiedMedium
68XX.XX.XXX.XXXxxxxx Xxxxxxxxxx04/24/2022verifiedMedium
69XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/23/2022verifiedMedium
70XX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/27/2022verifiedMedium
71XX.XXX.XX.XXXxxxxx Xxxxxxxxxx04/29/2022verifiedMedium
72XX.XXX.XX.XXxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
73XX.XXX.XX.XXXxxxxxxx.xxx.xxxx.xx.xxXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
74XX.XXX.XX.XXXXxxxxx Xxxxxxxxxx06/08/2022verifiedMedium
75XX.XXX.XX.XXXxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx06/05/2022verifiedMedium
76XX.XXX.XX.XXXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
77XX.XXX.XX.XXXxxxx.xxxxxxxxxx.xxxxXxxxxx Xxxxxxxxxx05/05/2022verifiedMedium
78XX.XXX.XX.XXxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx05/08/2022verifiedMedium
79XX.XX.XX.XXxxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxx Xxxxxxxxxx10/19/2023verifiedHigh
80XX.XXX.XXX.XXxxxx.xxxxxxx.xxxXxxxxx Xxxxxxxxxx04/07/2022verifiedMedium
81XX.XX.XXX.XXxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx06/05/2022verifiedMedium
82XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxx.xxXxxxxx Xxxxxxxxxx10/16/2023verifiedMedium
83XX.XXX.XXX.XXXxxxx.xxxxxxxxx.xxXxxxxx Xxxxxxxxxx06/09/2022verifiedMedium
84XX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
85XX.XXX.XX.XXXxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
86XX.XXX.XXX.XXxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
87XX.XXX.XX.XXXXxxxxx Xxxxxxxxxx12/31/2021verifiedLow
88XX.XXX.XXX.XXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
89XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx12/31/2021verifiedLow
90XX.XXX.XXX.XXXxxxx.xxx.xxXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
91XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
92XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
93XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
94XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
95XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
96XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/23/2022verifiedMedium
97XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
98XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
99XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/20/2022verifiedMedium
100XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
101XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/22/2022verifiedMedium
102XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/09/2022verifiedMedium
103XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/09/2022verifiedMedium
104XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
105XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
106XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/05/2022verifiedMedium
107XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx05/13/2022verifiedMedium
108XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
109XX.XXX.XXX.XXXxxxxx Xxxxxxxxxx05/27/2022verifiedMedium
110XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/04/2022verifiedMedium
111XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
112XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/22/2022verifiedMedium
113XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
114XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
115XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
116XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
117XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx05/17/2022verifiedMedium
118XX.XXX.XX.XXXXxxxxx Xxxxxxxxxx11/04/2022verifiedMedium
119XX.XXX.XXX.XXXx-xxxxx.xxxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
120XX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
121XXX.XXX.XX.XXxxxxxxxx.xxxXxxxxx Xxxxxxxxxx06/13/2022verifiedMedium
122XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
123XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
124XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
125XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx05/17/2022verifiedMedium
126XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/22/2022verifiedMedium
127XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
128XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/23/2022verifiedMedium
129XXX.XX.X.XXXxxxxx Xxxxxxxxxx11/15/2023verifiedHigh
130XXX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxx Xxxxxxxxxx10/19/2023verifiedHigh
131XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
132XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
133XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
134XXX.XXX.XXX.XXxxxx.xx-xxx-xxx-xxx.xxXxxxxx Xxxxxxxxxx05/07/2022verifiedMedium
135XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx07/13/2022verifiedMedium
136XXX.XX.X.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
137XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
138XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/15/2022verifiedMedium
139XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx04/24/2022verifiedMedium
140XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/01/2022verifiedMedium
141XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/06/2022verifiedMedium
142XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/23/2022verifiedMedium
143XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
144XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
145XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx04/24/2022verifiedMedium
146XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx04/28/2022verifiedMedium
147XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx05/02/2022verifiedMedium
148XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx05/10/2022verifiedMedium
149XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx05/26/2022verifiedMedium
150XXX.XX.XX.XXXxxxxx.xx-xxx-xx-xx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
151XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx09/30/2023verifiedMedium
152XXX.XXX.XX.XXXxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxXxxxxx Xxxxxxxxxx04/22/2022verifiedMedium
153XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx07/26/2022verifiedMedium
154XXX.XXX.XX.XXXxxxxx Xxxxxxxxxx05/20/2022verifiedMedium
155XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx03/18/2022verifiedMedium
156XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
157XXX.XX.XX.XXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
158XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx03/09/2022verifiedMedium
159XXX.XX.XX.XXXxxxxx Xxxxxxxxxx05/10/2022verifiedMedium
160XXX.XX.XXX.XXxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx04/23/2022verifiedMedium
161XXX.XX.XXX.XXXxxx.xxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx04/18/2022verifiedMedium
162XXX.XXX.XX.XXxxxxx Xxxxxxxxxx06/11/2022verifiedMedium
163XXX.XXX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
164XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx05/11/2022verifiedMedium
165XXX.XXX.XX.XXxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
166XXX.XXX.XX.XXxxxxxx.xxxxxxxxxxxxxxxxx.xxxxXxxxxx Xxxxxxxxxx05/10/2022verifiedMedium
167XXX.XXX.XX.XXxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedLow
168XXX.XX.XX.XXXxxxxxxxxx.xxxxxxxx.xxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
169XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
170XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx04/28/2022verifiedMedium
171XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx06/08/2022verifiedMedium
172XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx05/20/2022verifiedMedium
173XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx05/01/2022verifiedMedium
174XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx05/22/2022verifiedMedium
175XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
176XXX.X.XXX.XXXXxxxxx Xxxxxxxxxx05/22/2022verifiedMedium
177XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
178XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx05/19/2022verifiedMedium
179XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx04/24/2022verifiedMedium
180XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
181XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/02/2022verifiedMedium
182XXX.XX.XXX.XXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
183XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
184XXX.XX.XXX.XXxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx12/31/2021verifiedLow
185XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx05/27/2022verifiedMedium
186XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/08/2022verifiedMedium
187XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium
188XXX.XXX.XXX.XXXxxxxx Xxxxxxxxxx06/13/2022verifiedMedium
189XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx12/16/2021verifiedLow
190XXX.XXX.XXX.XXxxxxxxxx.xxxx.xxxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
191XXX.XXX.XX.XXXxx-xxxx.xxxxxxxxx.xxxXxxxxx Xxxxxxxxxx03/16/2022verifiedLow
192XXX.XXX.XX.Xxxxxxxxxxx.xxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
193XXX.XXX.XXX.XXXxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx03/22/2022verifiedMedium
194XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/17/2022verifiedMedium
195XXX.XXX.XXX.XXXxxxxx.xxxxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
196XXX.XXX.XXX.XXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxx Xxxxxxxxxx12/31/2021verifiedLow
197XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx10/16/2023verifiedHigh
198XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx10/16/2023verifiedHigh
199XXX.XXX.XXX.XXXXxxxxx Xxxxxxxxxx04/28/2022verifiedMedium
200XXX.XX.XX.XXxxxxxxxxxx.xx.xxXxxxxx Xxxxxxxxxx05/24/2022verifiedMedium
201XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx04/23/2022verifiedMedium
202XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx04/22/2022verifiedMedium
203XXX.XX.XX.XXXXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
204XXX.XXX.XXX.XXxxx.xxxxxxx.xxxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
205XXX.XXX.XXX.XXxxxxx-xxxx.xxxxx.xxxXxxxxx Xxxxxxxxxx04/21/2022verifiedMedium
206XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
207XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx03/16/2022verifiedMedium
208XXX.XX.XXX.XXXXxxxxx Xxxxxxxxxx06/12/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/apply.cgipredictiveMedium
2File/cgi-bin/cstecgi.cgipredictiveHigh
3File/mhds/clinic/view_details.phppredictiveHigh
4File/php/ping.phppredictiveHigh
5File/rest/api/latest/projectvalidate/keypredictiveHigh
6File/scripts/unlock_tasks.phppredictiveHigh
7File/xxxxxxxx.xxxpredictiveHigh
8File/xxxxxxx_xxxx.xxxpredictiveHigh
9File/xxxxxx/xxxxxxxx/xxxxxxxxxxxxpredictiveHigh
10File/xxxxxx/xxxx/xxxxxxx/xxx_xxxxx/xxxxxxxxxx.xxxpredictiveHigh
11File/xxxx/xxx/xxxxxxx/xxx_xxxxxx.xxxpredictiveHigh
12Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxx/xxxx.xxxpredictiveHigh
14Filexxxxxx/xxxxxxx/xxxx/xxxxx.xxxpredictiveHigh
15Filexxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/predictiveHigh
16Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxx/xxxxxxxxxxxpredictiveHigh
18Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictiveHigh
19Filexxxxx.xxxpredictiveMedium
20Filexxx_xxxx.xxxpredictiveMedium
21Filexxxxxxxxxxx.xxxpredictiveHigh
22Filexxxxxxxx.xxxpredictiveMedium
23Filexxxx.xxxxxxxx.xxxpredictiveHigh
24Filexxxxxxxxx.xxxpredictiveHigh
25Filexxxxxxxxx.xxxpredictiveHigh
26Libraryxxx/xxxxxx.xpredictiveMedium
27ArgumentxxxxxxpredictiveLow
28Argumentxxxxxxx_xxxxpredictiveMedium
29ArgumentxxxxxxxxxpredictiveMedium
30ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
31ArgumentxxxxxpredictiveLow
32ArgumentxxxxxxxpredictiveLow
33ArgumentxxxxxpredictiveLow
34ArgumentxxxxxpredictiveLow
35ArgumentxxxxpredictiveLow
36Argumentxxxxxxxx[xx]predictiveMedium
37ArgumentxxxpredictiveLow
38ArgumentxxxxpredictiveLow
39ArgumentxxxxxxxxpredictiveMedium
40ArgumentxxxxxxxpredictiveLow
41Argumentxxxxxxx/xxxxxpredictiveHigh
42Argumentxxxx_xxpredictiveLow
43ArgumentxxxxxxxxpredictiveMedium
44ArgumentxxxxxpredictiveLow
45Input Valuexxxxxxx -xxxpredictiveMedium
46Network PortxxxxpredictiveLow
47Network Portxxx/xxxxpredictiveMedium

References (7)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!