TeslaCrypt Analysis

IOB - Indicator of Behavior (674)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en618
de18
fr10
es6
pl6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us276
gb208
gr74
ru24
in10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

TeslaCrypt1
Carbanak1
Emotet1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined192
Operating System90
Content Management System42
Web Server30
Smartphone Operating System22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined194
Microsoft86
Apple52
Google22
Apache14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Apple Mac OS X48
Microsoft Windows36
Google Android20
WordPress14
Microsoft Office12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined5.050.00000CVE-2020-12440
3SourceCodester Library Management System index.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00885CVE-2022-2492
4Bitrix Site Manager Vote Module Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.140.01156CVE-2022-27228
5Bram Korsten Note editor.php Reflected cross site scripting5.25.0$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2017-9289
6Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.040.00986CVE-2008-4879
7X2Engine X2CRM File Upload ProfileController.php actionUploadPhoto unrestricted upload7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.04695CVE-2014-2664
8Microsoft Windows improper authentication6.56.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.03884CVE-2004-0540
9Elegant Themes Bloom Plugin privileges management7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2016-11003
10PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.280.01213CVE-2015-4134
11Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.01319CVE-2004-1386
12OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.350.49183CVE-2016-6210
13DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.350.04187CVE-2010-0966
14Apache HTTP Server HTTP Digest Authentication Challenge improper authentication8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.080.07767CVE-2018-1312
15Alinto SOGo Identity SOGoUserDefaults.m _migrateMailIdentities cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.210.03283CVE-2022-4556
16Apache HTTP Server Inbound Connection request smuggling7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.110.05242CVE-2022-22720
17SquirrelMail webmail.php code injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01974CVE-2005-0103
18liquibase xml external entity reference7.37.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00954CVE-2022-0839
19OneNav index.php path traversal5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.120.00885CVE-2022-26276
20Nginx Open Source/Plus/Ingress Controller Resolver off-by-one5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.060.48051CVE-2021-23017

IOC - Indicator of Compromise (146)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
12.57.138.47s27.zenbox.plTeslaCryptverifiedHigh
23.33.152.147a4ec4c6ea1c92e2e6.awsglobalaccelerator.comTeslaCryptverifiedHigh
33.93.124.54ec2-3-93-124-54.compute-1.amazonaws.comTeslaCryptverifiedMedium
43.225.189.10ec2-3-225-189-10.compute-1.amazonaws.comTeslaCryptverifiedMedium
53.229.167.115ec2-3-229-167-115.compute-1.amazonaws.comTeslaCryptverifiedMedium
65.79.68.109TeslaCryptverifiedHigh
75.79.68.110TeslaCryptverifiedHigh
813.107.21.200TeslaCryptverifiedHigh
915.197.142.173a4ec4c6ea1c92e2e6.awsglobalaccelerator.comTeslaCryptverifiedHigh
1018.232.18.135ec2-18-232-18-135.compute-1.amazonaws.comTeslaCryptverifiedMedium
1120.42.65.92TeslaCryptverifiedHigh
1220.189.173.20TeslaCryptverifiedHigh
1320.189.173.22TeslaCryptverifiedHigh
1423.3.13.129a23-3-13-129.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
1523.3.13.152a23-3-13-152.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
1623.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comTeslaCryptverifiedMedium
1723.63.245.19a23-63-245-19.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
1823.63.245.50a23-63-245-50.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
1923.196.73.160a23-196-73-160.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2023.199.63.11a23-199-63-11.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2123.199.63.83a23-199-63-83.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2223.218.119.73a23-218-119-73.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2323.221.227.165a23-221-227-165.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2423.221.227.169a23-221-227-169.deploy.static.akamaitechnologies.comTeslaCryptverifiedHigh
2523.236.62.147147.62.236.23.bc.googleusercontent.comTeslaCryptverifiedMedium
2627.254.33.44da80.hostneverdie.comTeslaCryptverifiedHigh
2727.254.87.155cs56.hostneverdie.comTeslaCryptverifiedHigh
2834.98.99.3030.99.98.34.bc.googleusercontent.comTeslaCryptverifiedMedium
2934.117.59.8181.59.117.34.bc.googleusercontent.comTeslaCryptverifiedMedium
3034.160.111.145145.111.160.34.bc.googleusercontent.comTeslaCryptverifiedMedium
31XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
32XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
33XX.XXX.XX.XXxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
34XX.XXX.XX.XXXxxx.xx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
35XX.XXX.XX.XXXxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
36XX.XX.X.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
37XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
38XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
39XX.XX.XX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
40XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
41XX.XX.XX.XXxxxxx-xx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
42XX.XX.XX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
43XX.XX.XX.Xxxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
44XX.XX.XXX.XXxx-xx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
45XX.X.XXX.XXXxxx-xx-x-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
46XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
47XX.XXX.XX.XXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
48XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
49XX.XXX.XXX.XXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
50XX.XXX.XXX.XXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
51XX.XXX.XX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
52XX.XXX.XX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
53XX.XXX.XX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
54XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
55XX.XXX.XXX.XXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
56XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
57XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
58XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
59XX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
60XX.XXX.XXX.XXxx-xxxxxxx-xx-xxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
61XX.XX.XX.XXxxx-xx-xx-xx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxxverifiedMedium
62XX.XX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
63XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxx.xxx.xxxx.xxXxxxxxxxxxverifiedHigh
64XX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
65XX.XX.XX.XXXxxx-xxxxxxx-x.xxxxxxxx.xxxXxxxxxxxxxverifiedHigh
66XX.XX.XXX.XXXxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
67XX.XX.XXX.XXxxxx-xx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
68XX.XX.XX.XXxxxxxxxxxverifiedHigh
69XX.XXX.XXX.Xxxxxxxx.xxxxxxxx.xxxXxxxxxxxxxverifiedHigh
70XX.XXX.XXX.XXXxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
71XX.X.XX.XXxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
72XX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
73XX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
74XX.XX.XXX.XXXxxxx.xxxxxxxxx.xxXxxxxxxxxxverifiedHigh
75XX.X.XXX.XXXxxx.xxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
76XX.XX.XXX.Xxxxxx.xxxx.xxXxxxxxxxxxverifiedHigh
77XX.XXX.XXX.XXxxxx.xxxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
78XX.XXX.XXX.XXxxxx.xxxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
79XX.XXX.XXX.XXXxxxxxx-xxxxxx.xxx.xxxxx.xxXxxxxxxxxxverifiedHigh
80XX.XXX.XX.XXxxxxx.xxxxx.xxXxxxxxxxxxverifiedHigh
81XX.XXX.XXX.XXXxxxxxxxxxxxxxxxxx.xxxx.xxXxxxxxxxxxverifiedHigh
82XX.XXX.XX.XXXxx.xxxx.xxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
83XX.XXX.XX.XXXxx.xxxx.xxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
84XX.X.XX.XXxxx-x-xx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
85XX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
86XX.XX.XXX.XXXxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
87XXX.XX.XX.XXXxxxxxxxxxverifiedHigh
88XXX.XX.XX.XXXXxxxxxxxxxverifiedHigh
89XXX.XX.XX.XXXxxxxxxxxxverifiedHigh
90XXX.XX.XX.XXXxxxxxxxxxverifiedHigh
91XXX.XX.XX.XXxxxx-xx-xx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
92XXX.XXX.XX.XXxxxx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
93XXX.XXX.XX.XXXxxxxxxxxxverifiedHigh
94XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
95XXX.XXX.XX.XXXxxxxxxxxxverifiedHigh
96XXX.X.XXX.XXXxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
97XXX.XXX.XX.XXxx-xxx-xxx-xx-xx.xx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
98XXX.XX.XXX.XXXxx-xxx-xx-xxx-xxx.xxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
99XXX.XX.XXX.XXXXxxxxxxxxxverifiedHigh
100XXX.XX.XX.XXXXxxxxxxxxxverifiedHigh
101XXX.XX.XX.XXXxxxxxxxxxverifiedHigh
102XXX.XX.XXX.XXXxxxxxxxx.xxxx.xxXxxxxxxxxxverifiedHigh
103XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
104XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
105XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
106XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
107XXX.XXX.XXX.XXXxxxxxxx.xxxxxxxx.xxxXxxxxxxxxxverifiedHigh
108XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
109XXX.XX.XX.XXxx-xxx-xx-xx-xx.xx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
110XXX.XX.XXX.XXXXxxxxxxxxxverifiedHigh
111XXX.XX.XXX.XXXxxxxxxxxxverifiedHigh
112XXX.XXX.XX.Xxxxxxxxxxxxx.xxx.xxxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
113XXX.XXX.XXX.XXxxxxxxx-xxxxx.xxxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
114XXX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
115XXX.XX.XXX.XXxxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
116XXX.XX.XXX.XXxxxxx.xxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
117XXX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
118XXX.XX.XXX.XXXxxxxx.xxxxxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
119XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxxxxverifiedHigh
120XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxxxxverifiedHigh
121XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxxxxverifiedHigh
122XXX.XX.XXX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
123XXX.XXX.XXX.XXXxxxxxxxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
124XXX.XXX.XX.XXXxxxxxxx.xxxXxxxxxxxxxverifiedHigh
125XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
126XXX.XXX.XXX.XXxx-xxx-xx.xxxxxxx.xxxxx.xxxXxxxxxxxxxverifiedHigh
127XXX.X.XX.XXxxx-x-xx-xx.xxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
128XXX.XX.XX.XXXXxxxxxxxxxverifiedHigh
129XXX.XX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
130XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
131XXX.XX.XXX.XXXXxxxxxxxxxverifiedHigh
132XXX.XX.XX.XXXxxxxxxxxxverifiedHigh
133XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxxxxverifiedHigh
134XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
135XXX.XX.XXX.XXXxxxxxxxxxverifiedHigh
136XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
137XXX.XXX.XX.XXXxxxxxxxxxverifiedHigh
138XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
139XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxverifiedHigh
140XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxverifiedHigh
141XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxverifiedHigh
142XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxverifiedHigh
143XXX.XXX.XXX.XXxx-xxx-xxx-xxx.xxxxxx.xxxxxxx.xxxx.xxxXxxxxxxxxxverifiedHigh
144XXX.XXX.XXX.XXXxxx.xxxxxx.xxxXxxxxxxxxxverifiedHigh
145XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
146XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1055CWE-74InjectionpredictiveHigh
3T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (334)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.procmailrcpredictiveMedium
2File/about.phppredictiveMedium
3File/admin-ajax.php?action=eps_redirect_savepredictiveHigh
4File/admin.phppredictiveMedium
5File/admin/predictiveLow
6File/Admin/add-student.phppredictiveHigh
7File/admin/api/theme-edit/predictiveHigh
8File/admin/photo.phppredictiveHigh
9File/authpredictiveLow
10File/catcompany.phppredictiveHigh
11File/cms/category/listpredictiveHigh
12File/dashboard/view-chair-list.phppredictiveHigh
13File/Default/BdpredictiveMedium
14File/ebics-server/ebics.aspxpredictiveHigh
15File/egroupware/index.phppredictiveHigh
16File/etc/hostspredictiveMedium
17File/GponForm/device_Form?script/predictiveHigh
18File/GponForm/fsetup_FormpredictiveHigh
19File/GponForm/usb_restore_Form?script/predictiveHigh
20File/hrm/employeeview.phppredictiveHigh
21File/includes/decorators/global-translations.jsppredictiveHigh
22File/index.phppredictiveMedium
23File/product_list.phppredictiveHigh
24File/public_html/users.phppredictiveHigh
25File/secure/QueryComponent!Default.jspapredictiveHigh
26File/see_more_details.phppredictiveHigh
27File/server-statuspredictiveHigh
28File/setSystemAdminpredictiveHigh
29File/tmppredictiveLow
30File/uncpath/predictiveMedium
31File/user/s.phppredictiveMedium
32File/usr/local/WowzaStreamingEngine/bin/predictiveHigh
33File/WEB-INF/web.xmlpredictiveHigh
34Fileadd-locker-form.phppredictiveHigh
35Fileaddentry.phppredictiveMedium
36Fileadmin.phppredictiveMedium
37Fileadmin/booking_report.phppredictiveHigh
38Fileadmin/executar_login.phppredictiveHigh
39Fileadmin/expense_report.phppredictiveHigh
40Filexxxxx/xxxxx_xxx_xxxxxx.xxxpredictiveHigh
41Filexxxxx/xxxxxxx.xxxpredictiveHigh
42Filexxxxx_xxxxx.xxxpredictiveHigh
43Filexxxx-xxxxxxx.xxxpredictiveHigh
44Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxx.xxxpredictiveMedium
46Filexxxxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
47Filexxxx.xxx.xxxpredictiveMedium
48Filexxxx.xxpredictiveLow
49Filexxxxx-xxx.xpredictiveMedium
50Filexxxxxxx.xxxxpredictiveMedium
51Filexxxxxxx.xxpredictiveMedium
52Filexxxxxx.xpredictiveMedium
53Filexxxxx.xxxpredictiveMedium
54Filexxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
55Filexxxxxx.xxxpredictiveMedium
56Filexxx_xxxx.xxpredictiveMedium
57Filexxxx.xpredictiveLow
58Filexxxxxxxx.xxxpredictiveMedium
59Filexxxxxxxx.xxxpredictiveMedium
60Filexxx-xxx/xxxxxxxxxxxx.xxx/xxxxxxxxxxxxpredictiveHigh
61Filexxxxx-xxxxxxxxx-xxxxxxxxxx-xxxxxxx-xxxx-xxxxx.xxxpredictiveHigh
62Filexxx.xxxpredictiveLow
63Filexxx-xxx/xxxxxxxxx/xxxx/xxxxxxxx.xxxxpredictiveHigh
64Filexxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxxx.xpredictiveLow
66Filexxxx/xxxxx.xxxxpredictiveHigh
67Filexxxxxx.xxxpredictiveMedium
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxx.xxxpredictiveMedium
70Filexxxxx.xxxpredictiveMedium
71Filexxxxxxxx.xxxpredictiveMedium
72Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
73Filexxxxxxx.xxx/xxxxxxxxx.xxxpredictiveHigh
74Filexxxxxx.xxxpredictiveMedium
75Filexxxxxx.xxxpredictiveMedium
76Filexxxxxxxxx.xxxpredictiveHigh
77Filexxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxxx.xxxpredictiveMedium
79Filexxxxxxxx_xxxxxx.xxxxpredictiveHigh
80Filexxxxxxx/xxxx/xxxxxx_xxxxxxx.xpredictiveHigh
81Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
82Filexxxxx.xxxpredictiveMedium
83Filexxxxxxx.xxxpredictiveMedium
84Filexxxx_xxx_xxx.xxxpredictiveHigh
85Filexxxxx.xxxpredictiveMedium
86Filexxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
87Filexxxxxx.xxxpredictiveMedium
88Filexxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.xpredictiveHigh
89Filexxx/xxxxxxxx/xxx.xpredictiveHigh
90Filexxx/xxxx/xxxx.xpredictiveHigh
91Filexxx.xxxpredictiveLow
92Filexxxx.xxxpredictiveMedium
93Filexxxxxxxxxxxx.xxxpredictiveHigh
94Filexxxxxxx.xxxpredictiveMedium
95Filexxxxx.xxxpredictiveMedium
96Filexxxxx.xxxpredictiveMedium
97Filexxxxxxx.xxxpredictiveMedium
98Filexxxxxxxxx/xxxx-xxxxxxx-xxx.xxxpredictiveHigh
99Filexxxxxxx.xxxpredictiveMedium
100Filexxxxx.xxxpredictiveMedium
101Filexxxxxxx.xxpredictiveMedium
102Filexx.xxxpredictiveLow
103Filexxxx.xxxpredictiveMedium
104Filexxxx_xxxxxx.xpredictiveHigh
105Filexxxxxx.xxxpredictiveMedium
106Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
107Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
108Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
109Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
110Filexxxx_xxxx.xpredictiveMedium
111Filexxxxxx_xxxxx_xxxxxx.xpredictiveHigh
112Filexxx/xxxxxx.xxxpredictiveHigh
113Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
114Filexxxxxxxx/xxxx/xxxxx-xxxxx.xxxpredictiveHigh
115Filexxxxxxxx/xxxxx.xxx.xxxpredictiveHigh
116Filexxxxx.xxpredictiveMedium
117Filexxxxx.xxxpredictiveMedium
118Filexxxxxxx.xxxpredictiveMedium
119Filexxxxxxxxxxx-xxxxxxx-xxxx.xxxx.xxxpredictiveHigh
120Filexxxxxxxxxx.xxxpredictiveHigh
121Filexxxxxx.xpredictiveMedium
122Filexxx/xxxxxx/xxxx_xx.xxpredictiveHigh
123Filexxx/xxxxxxx/xxxxxx.xxpredictiveHigh
124Filexxxxxxxxxx/xxxx.xpredictiveHigh
125Filexxxxxxxxxx/xxxxx.xpredictiveHigh
126Filexxxxxxxxxx/xxxx.xpredictiveHigh
127Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
128Filexxxxxx-xxx.xxpredictiveHigh
129Filexxxxxx.xpredictiveMedium
130Filexxxx/xxxxx.xxxpredictiveHigh
131Filexxxxxxxxxxxx.xxxpredictiveHigh
132Filexxxxxxxx/xxxx?xxxxxx=xxpredictiveHigh
133Filexxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
134Filexxx_xxxxx.xpredictiveMedium
135Filexxx_xxxxx_xxxx.xpredictiveHigh
136Filexxxx.xxxxpredictiveMedium
137Filexxxxxxxx/xxxxxxxx.xxxpredictiveHigh
138Filexxxx.xxxxxx.xxpredictiveHigh
139Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
140Filexxxxxxx.xxxpredictiveMedium
141Filexxxx-xxxxxx\xx\xxxxxx.xxxpredictiveHigh
142Filexxxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
143Filexxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxx/xxxxxxx_xxxxx.xxxxpredictiveHigh
144Filexxx.xxxxxxxxxx.xxxpredictiveHigh
145Filexxxxx.xxxx.xxxpredictiveHigh
146Filexxxxxxxx.xxxxxpredictiveHigh
147Filexxxx.xxxpredictiveMedium
148Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
149Filexxxxxxx/xxx/xxxxx/xxxxx.xxxxxx.xxxpredictiveHigh
150Filexxxxxxxx.xxxxx.xxxpredictiveHigh
151Filexxxxx_xxxxxx.xxxpredictiveHigh
152Filexxxxxxx/xxxxxxx.xpredictiveHigh
153Filexxxxxxxx.xxpredictiveMedium
154Filexxxxx.xpredictiveLow
155Filexxxx.xxxpredictiveMedium
156Filexxxxxxxx.xxxpredictiveMedium
157Filexxxxxxxxxx.xxxpredictiveHigh
158Filexxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
159Filexxxxxxxx.xpredictiveMedium
160Filexxxx_xxxx.xxxpredictiveHigh
161Filexxxxxxxx.xxxpredictiveMedium
162Filexxxxx/xx/xxxxxxxxx/predictiveHigh
163Filexxxxxxxx.xxxpredictiveMedium
164Filexxxxxxx.xxxpredictiveMedium
165Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
166Filexxxxxxxxx/xxxxx/xxxxxxxx/xxxx.xxxx.xxxpredictiveHigh
167Filexxxxxx.xxxpredictiveMedium
168Filexxxxxx_xxxx.xxxpredictiveHigh
169Filexxx.xxxpredictiveLow
170Filexxxx.xxxpredictiveMedium
171Filexxxx_xxxx_xxxxpredictiveHigh
172Filexxxx.xxxpredictiveMedium
173Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
174Filexxxxxxxxxxxxxx.xxxpredictiveHigh
175Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
176Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
177Filexxxxxxxxx/xxxx/xxxxxxxxxxxxxxxx.xpredictiveHigh
178Filexxxxxxxxxxxxxx.xxxpredictiveHigh
179Filexxxxxxxxxx.xpredictiveMedium
180Filexxxxxx.xpredictiveMedium
181Filexxxxxxxxxxx.xxxpredictiveHigh
182Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
183Filexxxxxxxxx.xxxpredictiveHigh
184Filexxxxxx.xxxpredictiveMedium
185Filexxxxxxxxx.xxxpredictiveHigh
186Filexxxx-xxxxxxxx.xxxpredictiveHigh
187Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
188Filexxx.xpredictiveLow
189Filexxxxx.xxxpredictiveMedium
190Filexxxxxxxxx.xxxpredictiveHigh
191Filexxxxxx.xxxpredictiveMedium
192Filexxxxxxxxxxxx/xxxxxx_xxxxxx.xxxpredictiveHigh
193Filexxxxxxx.xxxpredictiveMedium
194Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
195Filexxxxxxx.xxxpredictiveMedium
196Filexxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxxpredictiveHigh
197Filexxxxxxx.xxxpredictiveMedium
198Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
199Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
200Filexx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxxpredictiveHigh
201Filexxx.xxxpredictiveLow
202File__xxxx_xxxxxxxx.xxxpredictiveHigh
203File~/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
204File~/xxxxxx-xxxxxxx-xxxxxxx.xxxpredictiveHigh
205Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
206Libraryxxxx.xxxpredictiveMedium
207LibraryxxxxxxxxxxxxxxxxxpredictiveHigh
208Libraryxxxxxx-xx/xxx/xxx-xxxxxx-xxxxx-xx.xxxpredictiveHigh
209Libraryxx/xxx.xxx.xxxpredictiveHigh
210Libraryxxx/xxxxxxx.xxxxxx.xxx/xxx/xxxxxxxxxxxxx.xxpredictiveHigh
211Libraryxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
212Libraryxxxxxxx.xxx/xxxxxx.xxxpredictiveHigh
213Argument$_xxxxxx['xxx_xxxx']predictiveHigh
214ArgumentxxxxxxxpredictiveLow
215ArgumentxxxxxxxpredictiveLow
216ArgumentxxxxxxpredictiveLow
217ArgumentxxxxxpredictiveLow
218ArgumentxxxxxpredictiveLow
219ArgumentxxxxxxxxxxxxxxpredictiveHigh
220ArgumentxxxxxxxpredictiveLow
221ArgumentxxxxxxxxpredictiveMedium
222ArgumentxxxxxxpredictiveLow
223Argumentxxxxx_xxxxpredictiveMedium
224Argumentxxx_xxxpredictiveLow
225ArgumentxxxpredictiveLow
226ArgumentxxxxxxxxxpredictiveMedium
227ArgumentxxxxxpredictiveLow
228Argumentxxx_xxpredictiveLow
229ArgumentxxxpredictiveLow
230ArgumentxxxpredictiveLow
231ArgumentxxxxxxpredictiveLow
232Argumentxxxxxxxxxxxx/xxxxxxxpredictiveHigh
233ArgumentxxxxxxxxxxpredictiveMedium
234ArgumentxxxxxxpredictiveLow
235Argumentxxxxxx_xxpredictiveMedium
236ArgumentxxxxpredictiveLow
237ArgumentxxxxxxxxxxxpredictiveMedium
238ArgumentxxxxxxxxxpredictiveMedium
239ArgumentxxxxxxxxxxxxpredictiveMedium
240Argumentxxx_xxxxpredictiveMedium
241Argumentxxxxxx xx xxxx xxxpredictiveHigh
242ArgumentxxxxpredictiveLow
243Argumentxx_xxpredictiveLow
244ArgumentxxxxpredictiveLow
245ArgumentxxxxxxxxpredictiveMedium
246ArgumentxxxxxxxxpredictiveMedium
247Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
248ArgumentxxxxxxxpredictiveLow
249Argumentxxxx_xxxxpredictiveMedium
250ArgumentxxxxxxxxpredictiveMedium
251ArgumentxxxxpredictiveLow
252Argumentxxx_xxxxpredictiveMedium
253ArgumentxxxxxxxxpredictiveMedium
254Argumentxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
255ArgumentxxxxpredictiveLow
256ArgumentxxxxxxxxpredictiveMedium
257ArgumentxxxxpredictiveLow
258Argumentxxxx_xxpredictiveLow
259Argumentxxxx_xxxxxpredictiveMedium
260ArgumentxxpredictiveLow
261ArgumentxxpredictiveLow
262ArgumentxxxxxxxxxxpredictiveMedium
263ArgumentxxxxxxxpredictiveLow
264ArgumentxxxxxxxxxpredictiveMedium
265ArgumentxxxxxpredictiveLow
266Argumentxxxxxxx_xxxxpredictiveMedium
267ArgumentxxxxxxpredictiveLow
268Argumentxxxx_xxpredictiveLow
269ArgumentxxxxxpredictiveLow
270Argumentxx_xxxpredictiveLow
271ArgumentxxxpredictiveLow
272ArgumentxxxxxxxxpredictiveMedium
273Argumentxxxx_xxpredictiveLow
274Argumentxxx_xxxxxx[xxxxxxx_xxxpredictiveHigh
275Argumentxxxxxxx/xxxxxx_xxpredictiveHigh
276ArgumentxxxxxpredictiveLow
277ArgumentxxxpredictiveLow
278Argumentxxx_xxxxpredictiveMedium
279ArgumentxxxpredictiveLow
280ArgumentxxpredictiveLow
281Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
282ArgumentxxxxxxxpredictiveLow
283Argumentx_xxpredictiveLow
284ArgumentxxxxxxxxpredictiveMedium
285Argumentxxxx_xxxxpredictiveMedium
286ArgumentxxxxxxxxxxxxxpredictiveHigh
287Argumentxx_xxxxpredictiveLow
288ArgumentxxxxpredictiveLow
289Argumentxxxxxxxxx_predictiveMedium
290ArgumentxxxxxxxxpredictiveMedium
291Argumentxxxx xxxxxpredictiveMedium
292Argumentxxxxxx_xxpredictiveMedium
293ArgumentxxxxxxxxpredictiveMedium
294ArgumentxxxxxxpredictiveLow
295ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
296ArgumentxxxxxxpredictiveLow
297Argumentxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
298ArgumentxxxxxxxpredictiveLow
299Argumentxxxx_xxx_xxxxpredictiveHigh
300Argumentxxxx.xxx/xxxx.xxxpredictiveHigh
301ArgumentxxxxxxxxpredictiveMedium
302ArgumentxxxpredictiveLow
303ArgumentxxxxxxpredictiveLow
304Argumentxxxxxxxxxx[xxxx]predictiveHigh
305Argumentxxxxx_xxpredictiveMedium
306ArgumentxxxxxpredictiveLow
307ArgumentxxxxxpredictiveLow
308Argumentxx_xxxxpredictiveLow
309ArgumentxxxxpredictiveLow
310Argumentxxxx_xxpredictiveLow
311ArgumentxxxpredictiveLow
312ArgumentxxxxpredictiveLow
313ArgumentxxxxxxxxpredictiveMedium
314ArgumentxxxxxxxxpredictiveMedium
315Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
316Argumentxxxx_xxpredictiveLow
317Argumentxxx_xxxxxx_xxxxxxx_xx_xxxpredictiveHigh
318Argument\xxxxxx\predictiveMedium
319Argument__xxxxxxpredictiveMedium
320Input Value"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
321Input Value%xxpredictiveLow
322Input Value'xx''='predictiveLow
323Input Value../predictiveLow
324Input Value/%xxpredictiveLow
325Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
326Input Value</xxxxx><xxx xxx=xx xxxxxxx=xxxxx(x)>predictiveHigh
327Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
328Input ValuexxxxxxxxpredictiveMedium
329PatternxxpredictiveLow
330Patternx|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|.|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|predictiveHigh
331PatternxxxxxxxxxxxxxpredictiveHigh
332Pattern|xx|predictiveLow
333Network Portxxx/xxxpredictiveLow
334Network Portxxx/xxxxpredictiveMedium

References (23)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!