Shuckworm Analysis

IOB - Indicator of Behavior (205)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en148
zh50
fr6
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn114
us58
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Joomla CMS6
Microsoft Windows6
WordPress6
Cacti4
Microsoft Exchange Server4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Atmail Remote Code Execution9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00251CVE-2013-5033
2Palo Alto PAN-OS GlobalProtect Clientless VPN buffer overflow8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00112CVE-2021-3056
3ALPACA improper authentication5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.120.00110CVE-2021-3618
4WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00467CVE-2022-21664
5VeronaLabs wp-statistics Plugin API Endpoint Blind sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00324CVE-2019-13275
6Teclib GLPI unlock_tasks.php sql injection8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.060.14229CVE-2019-10232
7WordPress path traversal5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.090.00174CVE-2023-2745
8Essential Addons for Elementor Plugin password recovery8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.040.03567CVE-2023-32243
9Proxmox Virtual Environment/Mail Gateway HTTP Request server-side request forgery8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00146CVE-2022-35508
10Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.97067CVE-2022-1040
11CutePHP CuteNews unrestricted upload7.56.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.02413CVE-2019-11447
12WordPress Object injection5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00334CVE-2022-21663
13Microsoft Windows Active Directory Domain Services Privilege Escalation8.88.1$100k and more$0-$5kProof-of-ConceptOfficial Fix0.070.10802CVE-2022-26923
14QNAP QTS Media Library access control8.58.2$0-$5k$0-$5kHighOfficial Fix0.030.01394CVE-2017-13067
15Fortinet FortiOS SSH Server access control9.89.6$25k-$100k$0-$5kHighOfficial Fix0.050.68188CVE-2016-1909
16Avaya Aura Device Services Web Application unrestricted upload8.68.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00196CVE-2023-3722
17PrestaShop sql injection7.97.8$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00107CVE-2023-39526
18WordPress Private Post access control4.64.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00227CVE-2020-11028
19cPanel jailshell Escape improper authorization5.14.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00047CVE-2018-20927
20Microsoft SQL Server input validation7.57.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.080.02204CVE-2019-1068

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Ukraine

IOC - Indicator of Compromise (217)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.63.157.115-63-157-11.cloudvps.regruhosting.ruShuckworm04/25/2022verifiedHigh
25.199.161.29ShuckwormUkraine06/16/2023verifiedHigh
35.252.178.1155-252-178-115.mivocloud.comShuckworm04/25/2022verifiedHigh
45.252.178.120no-rdns.mivocloud.comShuckworm04/25/2022verifiedHigh
55.252.178.1455-252-178-145.mivocloud.comShuckworm04/25/2022verifiedHigh
624.199.84.132db-mongodb-nyc1-91523-8f6b55f3.mongo.ondigitalocean.comShuckwormUkraine06/16/2023verifiedHigh
724.199.107.218ShuckwormUkraine06/16/2023verifiedHigh
831.31.203.6131-31-203-61.cloudvps.regruhosting.ruShuckworm04/25/2022verifiedHigh
931.129.22.464SER-1680255122.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
1031.129.22.48pt-isaam.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
1131.129.22.50pts-15.vip-svr.comShuckwormUkraine06/16/2023verifiedHigh
1237.140.197.16537-140-197-165.cloudvps.regruhosting.ruShuckworm04/25/2022verifiedHigh
1337.140.197.25137-140-197-251.cloudvps.regruhosting.ruShuckworm04/25/2022verifiedHigh
1445.32.41.11545.32.41.115.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
1545.32.62.10045.32.62.100.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
1645.32.88.9045.32.88.90.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
1745.32.94.5845.32.94.58.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
1845.32.101.645.32.101.6.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
1945.32.117.6245.32.117.62.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2045.32.158.9645.32.158.96.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2145.32.184.14045.32.184.140.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2245.76.141.16645.76.141.166.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2345.76.169.6245.76.169.62.vultrusercontent.comShuckworm04/25/2022verifiedHigh
2445.76.202.10245.76.202.102.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2545.77.115.6745.77.115.67.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
2645.82.13.22local.hostShuckwormUkraine06/16/2023verifiedHigh
2745.82.13.234SER-1676030694_1.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
2845.82.13.84noback.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
2945.95.232.29Win10-112.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3045.95.232.33switz.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3145.95.232.511-1_4.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3245.95.232.74new_2.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3345.95.232.924SER-1681567184.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3445.95.233.804SER-1683019177.ip-ptr.techShuckwormUkraine06/16/2023verifiedHigh
3546.101.127.147ShuckwormUkraine06/16/2023verifiedHigh
3664.226.84.229webmeppel.comShuckwormUkraine06/16/2023verifiedHigh
3764.227.64.163ShuckwormUkraine06/16/2023verifiedHigh
3864.227.72.210ShuckwormUkraine06/16/2023verifiedHigh
3966.42.104.15866.42.104.158.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
4066.42.126.12166.42.126.121.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
4168.183.200.0htb-kuvpw3yoen.htb-cloud.comShuckwormUkraine06/16/2023verifiedHigh
4270.34.217.070.34.217.0.vultrusercontent.comShuckworm04/25/2022verifiedHigh
4378.141.238.13678.141.238.136.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
4478.141.239.2478.141.239.24.vultrusercontent.comShuckwormUkraine06/16/2023verifiedHigh
45XX.XXX.XXX.Xxx-xxxx.xx-xxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
46XX.XX.XXX.XXxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
47XX.XX.XXX.XXXxxxx.xxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
48XX.XX.XXX.XXxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
49XX.XX.XXX.XXXxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
50XX.XX.XXX.XXXxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
51XX.XX.XXX.XXXxxxxx-xxxxxxxxxx.xxxxxxx.xxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
52XX.XX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
53XX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
54XX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
55XX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
56XX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
57XX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
58XX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
59XX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
60XX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
61XX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
62XX.XXX.XXX.XXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
63XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
64XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
65XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
66XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
67XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
68XX.XXX.XX.XXXxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
69XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
70XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
71XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
72XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
73XX.XXX.XXX.XXxx-xxx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
74XX.XXX.XX.XXxxx-x.xxx-xxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
75XX.XXX.XX.XXxxxxx_xxxxxx.xx-xxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
76XX.XXX.XX.XXxxxxxxxxxxxxxx.xx-xxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
77XX.XXX.XX.XXxxxx-xxxxxxxxxx_x.xx-xxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
78XX.XXX.XXX.XXxx-xxx-xxx-xx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
79XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
80XX.XXX.XXX.XXXxx-xxxx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
81XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
82XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
83XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
84XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
85XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
86XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
87XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
88XXX.X.XXX.XXxxx-x-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
89XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
90XXX.XXX.XX.XXxxxxxxxxxxxxxxxxxx.xxxxxxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
91XXX.XXX.X.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
92XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
93XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
94XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
95XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
96XXX.XX.XXX.XXxxxx.xxxxx.xxxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
97XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
98XXX.XX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
99XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
100XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
101XXX.XX.XX.XXxxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
102XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
103XXX.XX.XX.XXxxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
104XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
105XXX.XX.XX.XXxxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
106XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
107XXX.XX.XXX.XXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
108XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
109XXX.XXX.XX.XXXxxxxxxx-xxxxxxxx.xxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
110XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
111XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
112XXX.XXX.XXX.XXXxxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxx.xxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
113XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
114XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
115XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
116XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
117XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
118XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
119XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
120XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
121XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
122XXX.XX.XXX.XXxxx.xx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
123XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
124XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
125XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
126XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
127XXX.XXX.XXX.XXXxxx.xxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
128XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
129XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
130XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
131XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
132XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
133XXX.XX.XXX.XXXxxxxxxxxxxxxxx.xxxxxxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
134XXX.XX.XXX.XXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
135XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
136XXX.XXX.XX.XXxxxxxx.xxxxxxxxxxxxxxxxx.xxxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
137XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
138XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
139XXX.XX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
140XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
141XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
142XXX.XX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
143XXX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
144XXX.XX.XXX.XXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
145XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
146XXX.XX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
147XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
148XXX.XXX.XX.XXxxx.xxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
149XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
150XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
151XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
152XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
153XXX.XX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
154XXX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
155XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
156XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
157XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
158XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
159XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
160XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
161XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
162XXX.XX.XXX.XXXxxxx.xxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
163XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
164XXX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
165XXX.XX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
166XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
167XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
168XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
169XXX.XX.XX.XXxxx-xx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
170XXX.XX.XX.XXXxxx-xx-xx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
171XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
172XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
173XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
174XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
175XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
176XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
177XXX.XX.XX.XXxxx-xx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
178XXX.XX.XX.XXxxx-xx-xx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
179XXX.XXX.XX.XXxx-xxx-xxx-xx-xx.xx-xxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
180XXX.XXX.XX.XXXxx-xxx-xxx-xx-xxx.xx-xxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
181XXX.XXX.XX.XXXxxxxxx.xxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
182XXX.XXX.XX.XXXXxxxxxxxx04/25/2022verifiedHigh
183XXX.XXX.XX.XXXxx-xxx-xxx-xx-xxx.xx-xxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
184XXX.XXX.X.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
185XXX.XXX.X.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
186XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
187XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
188XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
189XXX.XXX.XXX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
190XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
191XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
192XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
193XXX.XX.XX.XXXxxxxxx-xx.xxxxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
194XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
195XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
196XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
197XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxx.xxXxxxxxxxx04/25/2022verifiedHigh
198XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
199XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
200XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxx.xxxXxxxxxxxx04/25/2022verifiedHigh
201XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
202XXX.XXX.XX.XXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
203XXX.XXX.X.XXXxxx.xxx.x.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
204XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
205XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
206XXX.XX.XX.XXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
207XXX.XXX.X.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
208XXX.XXX.XX.XXxxxx.xxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
209XXX.XXX.XX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
210XXX.XXX.XXX.XXXxxx.xxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
211XXX.XXX.XXX.XXXxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
212XXX.XXX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
213XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
214XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
215XXX.XX.XXX.XXXXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
216XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh
217XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxxxXxxxxxx06/16/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (78)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/action/import_cert_file/predictiveHigh
2File/admin/scripts/pi-hole/phpqueryads.phppredictiveHigh
3File/api/RecordingList/DownloadRecord?file=predictiveHigh
4File/api/user/password/sent-reset-emailpredictiveHigh
5File/api/v1/terminal/sessions/?limit=1predictiveHigh
6File/apply.cgipredictiveMedium
7File/debug/pprofpredictiveMedium
8File/file/upload/1predictiveHigh
9File/rapi/read_urlpredictiveHigh
10File/xxxxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
11File/xxxxxx/xxxx/xxxxxxx/xxx_xxxxx/xxxxxxxxxx.xxxpredictiveHigh
12File/xx-xxxxx/xxxxx-xxxx.xxx?xx_xxxx=x&xxxxxx_xxxxpredictiveHigh
13Filexxx.xxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
14Filexxx/xxxxxxx/xxxxxxxxxx/xxxxx.xxxpredictiveHigh
15Filexxxxxxx/xxxx.xxxpredictiveHigh
16Filexxxxxxxx_xxxxxxx.xxxpredictiveHigh
17Filexxxxxx/xxx.xpredictiveMedium
18Filexxxxxxxxx.xxx.xxxpredictiveHigh
19Filexxxxx/xxxxx.xxxpredictiveHigh
20Filexxxx_xxxxx.xxxpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx.xpredictiveHigh
23Filexx/xx-xx.xpredictiveMedium
24Filexxx/xxxx_xxxx.xpredictiveHigh
25Filexxxx_xxxxxx.xpredictiveHigh
26Filexxxx/xxxxxxx.xpredictiveHigh
27Filexxxxxxxx/xxxxx-xxxxxx-xxxx-xxxxxxx.xxxpredictiveHigh
28Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictiveHigh
29Filexxxxx.xxx?xxx=xxxx&xxx=xxxxxxxxpredictiveHigh
30Filexxxxxxxxxx.xxxpredictiveHigh
31Filexxxxx.xxxpredictiveMedium
32Filexxxx-xxxxxxxx.xxxx.xxxpredictiveHigh
33Filexxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
34Filexxx/xxx.xxxpredictiveMedium
35Filexxxx.xxxxxx.xxpredictiveHigh
36Filexxxxx-xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
37Filexxxxxx.xpredictiveMedium
38Filexxxx.xxxpredictiveMedium
39Filexxxxx.xxxpredictiveMedium
40Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
41Filexxxx.xxxpredictiveMedium
42Filexxxxx/xxxxx.xxxpredictiveHigh
43Filexxxxxxxx.xxxpredictiveMedium
44FilexxxxxxxxxxpredictiveMedium
45Filexxxxxxx/xxxxx.xxxpredictiveHigh
46ArgumentxxxxxxpredictiveLow
47Argumentxxxxxxx_xxxxpredictiveMedium
48Argumentxxxxxx_xxxxpredictiveMedium
49ArgumentxxxpredictiveLow
50ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
51ArgumentxxxxxpredictiveLow
52Argumentxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxpredictiveHigh
53Argumentxxxxxx_xxpredictiveMedium
54ArgumentxxxxxxxxpredictiveMedium
55ArgumentxxxxxxpredictiveLow
56ArgumentxxxxpredictiveLow
57ArgumentxxxxpredictiveLow
58ArgumentxxpredictiveLow
59ArgumentxxxxxxpredictiveLow
60ArgumentxxxxxxxpredictiveLow
61Argumentxxx_xxxxpredictiveMedium
62ArgumentxxxxxxxxpredictiveMedium
63Argumentxxxxxxx/xxxxxpredictiveHigh
64Argumentxxxxxx_xxxpredictiveMedium
65Argumentxxxx_xxpredictiveLow
66Argumentxxxxxxxx_xxxxxxxxpredictiveHigh
67ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
68ArgumentxxxxxxxxxpredictiveMedium
69ArgumentxxxpredictiveLow
70ArgumentxxxxpredictiveLow
71ArgumentxxxxxxxxpredictiveMedium
72Argumentxxxx/xx/xxxx/xxxpredictiveHigh
73Input Value.%xx.../.%xx.../predictiveHigh
74Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
75Input ValuexxxxxxxxxxpredictiveMedium
76Network PortxxxxpredictiveLow
77Network Portxxxx xxxxpredictiveMedium
78Network Portxxx/xxxpredictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!