ZeroAccess Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en995
pt1
de1
sv1
it1

Country

vn1000

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Microsoft Windows Remote Procedure Call Runtime Remote Code Execution9.88.5$100k and more$25k-$100kUnprovenOfficial Fix10.00CVE-2022-26809
2Vmware Workspace ONE Access/Identity Manager Template injection9.88.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix6.59CVE-2022-22954
3CODESYS Control CmpUserMgr improper authorization5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-22518
4livehelperchat Password Reset behavioral workflow7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-0935
5Asus RT-AC56U out-of-bounds write8.88.6$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2022-25596
6Microprogram Parking Lot Management System URL information disclosure5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2022-25594
7CODESYS Control Runtime System Webserver buffer overflow6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-22519
8CODESYS Control Runtime System Configuration File exposure of resource7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-22515
9aEnrich a+HRD API Function privileges management9.89.6$0-$5k$0-$5kNot DefinedNot Defined0.19CVE-2022-26676
10JerryScript js-parser-statm.c parser_parse_for_statement_start heap-based overflow5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-43453
11D-Link DIR-878 Input Field os command injection8.88.6$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2022-26670
12Asus RT-AC86U Request denial of service6.56.4$0-$5k$0-$5kNot DefinedNot Defined0.15CVE-2022-25595
13Asus RT-AX56U sql injection7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.15CVE-2022-23972
14Asus RT-AX56U PORT path traversal7.27.1$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-23971
15CODESYS Products CmpSettings uninitialized pointer6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-22514
16BitDefender Endpoint Security Tools Update Server denial of service7.57.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-0677
17aEnrich a+HRD URL path traversal6.46.3$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-26675
18Vmware Workspace ONE Access OAuth2 ACS Framework improper authentication9.89.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.15CVE-2022-22956
19Microsoft Windows User Profile Service Privilege Escalation7.36.8$25k-$100k$25k-$100kFunctionalOfficial Fix1.92CVE-2022-26904
20Microsoft Windows Common Log File System Driver Privilege Escalation8.37.7$100k and more$25k-$100kFunctionalOfficial Fix2.64CVE-2022-24521

IOC - Indicator of Compromise (190)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
113.107.21.200ZeroaccessHigh
213.107.213.70ZeroaccessHigh
313.107.246.70ZeroaccessHigh
420.36.253.92ZeroaccessHigh
523.10.130.155a23-10-130-155.deploy.static.akamaitechnologies.comZeroAccessHigh
623.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comZeroAccessMedium
723.36.85.183a23-36-85-183.deploy.static.akamaitechnologies.comZeroaccessHigh
823.78.173.83a23-78-173-83.deploy.static.akamaitechnologies.comZeroaccessHigh
924.35.22.12c-24-35-22-12.customer.broadstripe.netZeroAccessHigh
1024.112.60.78host-24-112-60-78.vyvebroadband.netZeroAccessHigh
1127.252.253.254254.253.252.27.dyn.cust.vf.net.nzZeroAccessHigh
1231.19.213.221ip1f13d5dd.dynamic.kabel-deutschland.deZeroAccessHigh
1336.3.96.243static-36-3-96-243.xxxxx.svips.gol.ne.jpZeroAccessHigh
1438.121.20.199ZeroAccessHigh
1540.91.78.9ZeroaccessHigh
1646.47.98.47ZeroAccessHigh
1746.194.56.24c-2ec23818-74736162.cust.telenor.seZeroAccessHigh
1846.246.253.25446.246.253.254.dsl.dyn.forthnet.grZeroAccessHigh
1950.4.85.69d4-50-69-85.nap.wideopenwest.comZeroAccessHigh
2050.151.53.179c-50-151-53-179.hsd1.il.comcast.netZeroAccessHigh
2152.24.23.122ec2-52-24-23-122.us-west-2.compute.amazonaws.comZeroaccessMedium
2252.34.145.111ec2-52-34-145-111.us-west-2.compute.amazonaws.comZeroaccessMedium
2352.85.144.35server-52-85-144-35.iad89.r.cloudfront.netZeroaccessHigh
2454.81.163.76ec2-54-81-163-76.compute-1.amazonaws.comZeroaccessMedium
2554.160.67.78ec2-54-160-67-78.compute-1.amazonaws.comZeroaccessMedium
2662.60.251.244ZeroAccessHigh
2764.4.54.254ZeroaccessHigh
2864.210.151.32ZeroAccessHigh
2965.25.8.238cpe-65-25-8-238.neo.res.rr.comZeroAccessHigh
3065.30.151.36cpe-65-30-151-36.wi.res.rr.comZeroAccessHigh
3165.55.44.109ZeroaccessHigh
3266.233.105.136ZeroAccessHigh
3367.61.64.8667-61-67-61-64-86.cpe.sparklight.netZeroAccessHigh
3467.225.218.50lb01.parklogic.comZeroAccessHigh
3568.43.104.31c-68-43-104-31.hsd1.mi.comcast.netZeroAccessHigh
3668.61.104.80c-68-61-104-80.hsd1.mi.comcast.netZeroAccessHigh
3768.64.113.104dynamic-68-64-113-104.tvscable.comZeroAccessHigh
3868.173.181.191cpe-68-173-181-191.nyc.res.rr.comZeroAccessHigh
39XX.XXX.XX.XXxxx-xx-xxx-xx-xx.xxxxxx.xxx.xx.xxxXxxxxxxxxxHigh
40XX.XX.XX.XXXxx-xx-xx-xx-xxx.xxx.xxxxxxxxx.xxxXxxxxxxxxxHigh
41XX.XX.XX.XXxxxx-xx-xx-xx-xx.xxxxxxx.xxxXxxxxxxxxxHigh
42XX.XX.XX.XXxxxxxxxxxxxxxxxxx.xx.xxxxxxxxx.xxxXxxxxxxxxxHigh
43XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxx.xxx.xx.xxxXxxxxxxxxxHigh
44XX.XXX.XXX.XXxxxx-xxx-xxx-xx.xx.xx.xxx.xxxXxxxxxxxxxHigh
45XX.XXX.X.XXXx-xx-xxx-x-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
46XX.XXX.XXX.XXXxxxx-xx-xxx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxxxHigh
47XX.XXX.XXX.XXXxxxx-xx-xxx-xxx-xxx.xxxxxx.xxx-x.xxxxxxx.xxxXxxxxxxxxxHigh
48XX.XX.XX.XXXXxxxxxxxxxHigh
49XX.XX.XXX.XXXxxxxxxxxxHigh
50XX.XX.XXX.XXXxxxx.xxxxxxxxx.xxxXxxxxxxxxxHigh
51XX.XXX.XX.XXxxxx-xxx-xx-xx.xx.xx.xxx.xxxXxxxxxxxxxHigh
52XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxxHigh
53XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxxxx.xxx.xxx.xxxxxxxxxx.xxxXxxxxxxxxxHigh
54XX.XXX.XXX.XXXXxxxxxxxxxHigh
55XX.XX.X.XXXx-xx-xx-x-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
56XX.XXX.XXX.XXxx.xxx-xx-xxx-xxx.xxxxx.xxxXxxxxxxxxxHigh
57XX.XX.XXX.XXxxxxxxx-xxx-xxx-xxx-xxx.xx.xx.xxxx.xxxxxxxxxx.xxXxxxxxxxxxHigh
58XX.XX.XX.XXXxx-xx-xx-xxx.xxxxxxxx.xx-xx.xxxXxxxxxxxxxHigh
59XX.XX.XX.XXXxxxxx-xx-xx-xx-xxx.xx.xxXxxxxxxxxxHigh
60XX.XXX.XXX.XXxxxxx-x_xxxx-xx-xxx-xxx-xx.xxx.xxxxxx.xxxXxxxxxxxxxHigh
61XX.XXX.XXX.XXxx-xxx-xxx-xx.xxxxxx.xxXxxxxxxxxxHigh
62XX.XXX.XXX.XXXxxxxxxxxx.xxxx.x-xxxxxxxxx.xxXxxxxxxxxxHigh
63XX.XX.XX.XXxxxxxxxxx-xxxxxx-x-x-xxxxxx.x-x.xxxxx.xxxxxxx.xxxXxxxxxxxxxHigh
64XX.XXX.XXX.XXxxxx.xxxxxx.xxxXxxxxxxxxxHigh
65XX.XXX.XXX.XXxxxx-xx-xxx-xxx-xx.xxxxx.xxx.xxXxxxxxxxxxHigh
66XX.XXX.XX.XXxx-xxx-xx-xx.xxxxx-xxxxxx.xxXxxxxxxxxxHigh
67XX.XX.X.XXXxxx.x.xx.xx.xxx.xxx.xxxXxxxxxxxxxHigh
68XX.XX.XX.XXXxxxx-xx-xx-xx-xxx.xxxxxxxx.xxxxxxxxxxxxx.xxXxxxxxxxxxHigh
69XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxxx.xxxxxxx.xxXxxxxxxxxxHigh
70XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxxxxx.xxxxxx.xxXxxxxxxxxxHigh
71XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxx.xxxxx.xxx.xxXxxxxxxxxxHigh
72XX.XXX.XXX.XXXXxxxxxxxxxHigh
73XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxxx.xxxxx.xxx.xxXxxxxxxxxxHigh
74XX.XXX.XX.XXxxxx-xx-xxx-xx-xx.xxxxxxx.xx.xxXxxxxxxxxxHigh
75XX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxXxxxxxxxxxHigh
76XX.XX.XXX.XXxxxxxxxxxx.xxxxxxx.xxxxx-xxxxxxxxxxx.xxXxxxxxxxxxHigh
77XX.XXX.X.XXxxx.xxxxxxxx.xxxXxxxxxxxxxHigh
78XX.XXX.XXX.XXXXxxxxxxxxxHigh
79XX.XXX.XX.XXXXxxxxxxxxxHigh
80XX.XXX.XXX.XXXXxxxxxxxxxHigh
81XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxxxxx.xxxxxxx.xxXxxxxxxxxxHigh
82XX.X.XX.Xxxx-x-xx-x.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxHigh
83XX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxHigh
84XX.XX.XXX.XXXxxxxxxxxxHigh
85XX.XX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxxxxxxxHigh
86XX.XXX.XXX.XXXx-xx-xxx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
87XX.XXX.XXX.XXx-xx-xxx-xxx-xx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
88XX.XXX.XXX.XXXx-xx-xxx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
89XX.XXX.XXX.XXXx-xx-xxx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
90XXX.XX.XX.XXXxxxxxxxxxHigh
91XXX.XX.XX.XXXxxxxxxxxxHigh
92XXX.XX.XX.XXXxxxxxxxxxHigh
93XXX.XX.XX.XXXXxxxxxxxxxHigh
94XXX.XX.XX.XXXXxxxxxxxxxHigh
95XXX.XX.XX.XXXxxxxxxxxxHigh
96XXX.XXX.XX.XXXxxxx-xxx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxHigh
97XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxx.xxx.xx.xxxXxxxxxxxxxHigh
98XXX.XX.XXX.XXXXxxxxxxxxxHigh
99XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxxxxMedium
100XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxMedium
101XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxxxxHigh
102XXX.XXX.XXX.XXXxxxx-xxx-xxx-xxx-xxx.xxxx-xxxxxxxx.xxXxxxxxxxxxHigh
103XXX.XXX.XX.XXxx-xx-xxx-xxx-xx-xxxx.xxxXxxxxxxxxxHigh
104XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xx-xxxx.xxxXxxxxxxxxxHigh
105XXX.XX.XX.XXxxxx-xx-xx-xx.xxxx.xxx.xxxxxxxx.xxx.xxXxxxxxxxxxHigh
106XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxx.xxx.xxxXxxxxxxxxxHigh
107XXX.XXX.XXX.XXXXxxxxxxxxxHigh
108XXX.XXX.XXX.XXXXxxxxxxxxxHigh
109XXX.XXX.XXX.XXXXxxxxxxxxxHigh
110XXX.XXX.XXX.XXXXxxxxxxxxxHigh
111XXX.XXX.XX.XXXxxxxxxxxxHigh
112XXX.XXX.XXX.XXXXxxxxxxxxxHigh
113XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxxxxxx.xxxxxxx.xxXxxxxxxxxxHigh
114XXX.XXX.XXX.XXXXxxxxxxxxxHigh
115XXX.XXX.XXX.XXXXxxxxxxxxxHigh
116XXX.XXX.XXX.XXXXxxxxxxxxxHigh
117XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxHigh
118XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxHigh
119XXX.XXX.X.XXXXxxxxxxxxxHigh
120XXX.XXX.XX.XXxxxxxxxx.xxxx.xxxx.xxx.xxXxxxxxxxxxHigh
121XXX.XXX.XXX.XXXXxxxxxxxxxHigh
122XXX.XXX.XXX.XXXXxxxxxxxxxHigh
123XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxx.xxXxxxxxxxxxHigh
124XXX.XXX.XXX.XXXxxxxxxxxxHigh
125XXX.XXX.XXX.XXXXxxxxxxxxxHigh
126XXX.XXX.XXX.XXXxxx.xxx-xxx-xxx-xxx.xxxxx.xxxXxxxxxxxxxHigh
127XXX.XXX.XXX.XXXXxxxxxxxxxHigh
128XXX.XXX.XXX.XXXxxxxxxx-xx-xxxx.xxxxxxx.xxXxxxxxxxxxHigh
129XXX.XXX.XXX.XXXxxxxxxx-xx-xxxx.xxxxxxx.xxXxxxxxxxxxHigh
130XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxxHigh
131XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxxHigh
132XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxxHigh
133XXX.XXX.X.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxxHigh
134XXX.XXX.XX.Xxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxxHigh
135XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxxHigh
136XXX.XXX.XX.XXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxxxxxxHigh
137XXX.XXX.XXX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxxxxxxHigh
138XXX.XXX.XX.XXxxx-xxx-xx-xx.xxx.xxx.xxxXxxxxxxxxxHigh
139XXX.XXX.XX.XXxxxxxxxxxxxxx.xx-xxx-xxx.xx.xxxxxxxxx.xxXxxxxxxxxxHigh
140XXX.XXX.XXX.XXxxxxxxxxxxxxx.xxx-xxx-xxx.xx.xxxxxxxxx.xxXxxxxxxxxxHigh
141XXX.XXX.XXX.XXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxxxxxxHigh
142XXX.XXX.XX.XXXxxx-xxx-xx-xxx-xxxx.xxx.xxx.xxxxxxxxxx.xxxXxxxxxxxxxHigh
143XXX.XX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxxxxxxxHigh
144XXX.XX.XX.XXx-xxx-xx-xx-xx.xxxx.xx.xxxxxxx.xxxXxxxxxxxxxHigh
145XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xxxxx.xxxxxxxxxxxxxxx.xxXxxxxxxxxxHigh
146XXX.XXX.XXX.XXxxxxx-xxx-xxx-xxx-xx.xxxxxxx.xxx.xxXxxxxxxxxxHigh
147XXX.XXX.XXX.XXXXxxxxxxxxxHigh
148XXX.XXX.XXX.XXXXxxxxxxxxxHigh
149XXX.XXX.XXX.XXXXxxxxxxxxxHigh
150XXX.XXX.XXX.XXXXxxxxxxxxxHigh
151XXX.XX.XXX.XXXxxx-xxx-xx-xxx.xxxxxxxx.xxx.xxXxxxxxxxxxHigh
152XXX.XXX.XXX.XXXXxxxxxxxxxHigh
153XXX.XXX.XXX.XXXXxxxxxxxxxHigh
154XXX.XX.XXX.XXXXxxxxxxxxxHigh
155XXX.XX.XXX.XXxxxxxx-xxx-xx-xxx-xx.xx.xxxxxx.xxxXxxxxxxxxxHigh
156XXX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxx.xxxxxx.xxxxxxx.xxxXxxxxxxxxxHigh
157XXX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxx.xxxxxx.xxxxxxx.xxxXxxxxxxxxxHigh
158XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxxxxx.xxxXxxxxxxxxxHigh
159XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxx.xxx.xxxxxxxxxxx.xxx.xxXxxxxxxxxxHigh
160XXX.X.X.XXxx.x.x.xxx.xxx.xxx.xxxXxxxxxxxxxHigh
161XXX.XX.XXX.XXxxxx-xxx-xx-xxx-xx.xxxxxxxx.xxxxxxxxxxxxx.xxXxxxxxxxxxHigh
162XXX.XX.X.XXxxxxxxxxxHigh
163XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xx.xxxxxxxxxxx.xxXxxxxxxxxxHigh
164XXX.XX.XX.XXxxxxxxxx.xxxxxx.xxx.xxXxxxxxxxxxHigh
165XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxx.xxx.xxXxxxxxxxxxHigh
166XXX.XXX.XXX.XXXXxxxxxxxxxHigh
167XXX.XX.XXX.XXxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxHigh
168XXX.XXX.XXX.XXXxxxxxxxxxHigh
169XXX.XX.XXX.XXxx-xxx-xx-xxx.xxxx.xx.xxXxxxxxxxxxHigh
170XXX.XXX.XXX.XXXXxxxxxxxxxHigh
171XXX.XX.XXX.XXxxx-xx-xxx-xx.xxx.xxxxxxxxxxx.xxxXxxxxxxxxxHigh
172XXX.XX.XX.XXxx-xxx-xx-xx-xx.xxxxxxx.xxxxx.xxXxxxxxxxxxHigh
173XXX.XX.XXX.XXXXxxxxxxxxxHigh
174XXX.XX.XXX.XXXXxxxxxxxxxHigh
175XXX.XX.XXX.XXXxxxxxxxxxHigh
176XXX.XXX.XXX.XXXxxxx-xxx-xxx-xxx.xxxxxxxx.xxxXxxxxxxxxxHigh
177XXX.XXX.XXX.XXXXxxxxxxxxxHigh
178XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxxxxxxHigh
179XXX.XXX.XXX.XXXXxxxxxxxxxHigh
180XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxHigh
181XXX.XX.XX.XXXXxxxxxxxxxHigh
182XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxxxxxHigh
183XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxxxxx.xxxXxxxxxxxxxHigh
184XXX.XX.XXX.XXXxxxxxxxxxHigh
185XXX.XXX.XXX.XXXxxxx-xxx-xxx-xxx-xxx.xxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxHigh
186XXX.XXX.XXX.XXXxxxxxxxxx.xxx.xxXxxxxxxxxxHigh
187XXX.XXX.XXX.XXXXxxxxxxxxxHigh
188XXX.XX.XX.XXXxxxxxxxxxHigh
189XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxx.xxx.xxXxxxxxxxxxHigh
190XXX.XXX.XXX.XXXxxxxxx.xxxx.xxXxxxxxxxxxHigh

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (148)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/admin/index.phpHigh
2File/admin/index.php?slidesHigh
3File/admin/login.phpHigh
4File/admin/uploads.phpHigh
5File/apply.cgiMedium
6File/AvalancheWeb/imageHigh
7File/customer_register.phpHigh
8File/devices/acurite.cHigh
9File/etc/master.passwdHigh
10File/example/editorHigh
11File/goform/login_processHigh
12File/goform/rlmswitchr_processHigh
13File/goforms/rlminfoHigh
14File/include/chart_generator.phpHigh
15File/index.php?page=homeHigh
16File/index.php?page=reserveHigh
17File/ofcms/company-c-47High
18File/xxxxxx_xxxx/xxxxxxxHigh
19File/xxxxxx_xxxx/xxxxx_xxxxxxxHigh
20File/xxx/xxxxxxxxx.xxHigh
21File/xxxx/xxxxx/Medium
22File/xxxx/xxxxxxx/xxxxx.xxx?x=xxxx_xxxxHigh
23File/xxxxxxxxxx/xxxxxxx/xxxxxxxxxxx?xxx=xxx=High
24File/xxx/xxx_xxxxxx.xHigh
25File/xxx/xxx_xxxx.xxHigh
26File/xxxxxxx/xxxxx-xxxxxx.xHigh
27File/xxxxxxx/xxxxxxxx.xHigh
28File/xxx/xxxxx.xxxxHigh
29File/xxxxxxx/Medium
30File/xxxxxx/xxxxx/xxx_xxxxxxx.xxxHigh
31Filexx/x/xxxxMedium
32Filexxxxxxxxxxxxxx.xxxxHigh
33Filexxxxxxxxxx.xxxxHigh
34Filexxxxxxxxxx.xxxHigh
35Filexxx_xxxx.xxxMedium
36Filexx_xxxxxx.xxxHigh
37Filexxx/xxxxxxx.xxxHigh
38Filexxxxx.xxxxxxxxx.xxxxxxHigh
39Filexxxx.xxx_xxxxx_xxxx_xxxx-xxxx.xxxHigh
40Filexxxx.xxx_xxxxx_xxxx_xxxxxxxxxx.xxxHigh
41Filexxxxxxxxxxxxxxxxx.xxxxHigh
42Filexxxxxxxx.xxx.xxxHigh
43Filexxxx_xxxx_xx.xxHigh
44Filexxxxxx.xxxMedium
45Filexxxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxxHigh
46Filexxxxxxxxxxxxxx.xxxHigh
47Filexxxxxxxxxxxx.xxxHigh
48Filexxxxxxx/xxxxxxxHigh
49Filexxxxxx.xxxMedium
50Filexxxxxx.xxxMedium
51Filexxxxxxxxx.xxxxxxx.xxxHigh
52Filexxx-xxx.xMedium
53Filexxxxxxx/xxx/xxx/xxx_xxxxx.xHigh
54Filexxxxxxx/xxxxxxxxxx/xxx/xxxx/xxxx-xxx.xHigh
55Filexxxxxxx/xxxx/xxx/xxxx_xxx_xxxxx.xHigh
56Filexxx/xxxx/xxxx.xHigh
57Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxHigh
58Filexxxxxxxxxxxxxxx.xxxHigh
59Filexxxx.xxxxMedium
60Filexxxxx.xxxxMedium
61Filexxxxx.xxx/xxxxxxxxx/xxxxxxHigh
62Filexxx-xxxxx.xMedium
63Filexx-xxxxxx-xxxxx.xHigh
64Filexxxxxxxxxxxxx.xxxHigh
65Filexxx_xxx.xxMedium
66Filexxxxxxxxxxxx.xxxxHigh
67Filexxxxxx\xxxxxxxxx\xxxxxx\xxxxxxx\xxxxxxxxxxxxxHigh
68Filexxxxxxxx/xxx/xxxxxx.xHigh
69Filexxxxxxxx/xxx/xxxxx.xHigh
70Filexxxxx.xxxMedium
71Filexxxxxxx.xMedium
72Filexxxxxx_xxxxxx_xxxx.xxxHigh
73Filexxxxxxxxxxxxx.xxxxHigh
74Filexxxxxxxxxxxxxxx.xxxHigh
75Filexxxxxxxx.xMedium
76Filexxx/xxxxxxxxx/xx_xxx_xxxxxx.xHigh
77Filexxxxxxxx_xxxxxxxx.xxxHigh
78Filexxxxxxxxxxxxxxxxx.xxxxHigh
79Filexxxxxx.xxxMedium
80Filexxxxxxxxxxxxxxxxxxxx.xxxHigh
81Filexxxxxxxxxxxxxxxx.xxxxHigh
82Filexxxxxx/xxxxxxx/xxxxxx/xxx_xxxx_xxxx_xxxxx.xxHigh
83Filexxxx-xxxxxx.xHigh
84Filexxxxx/xxxxxxx/xxxxxxHigh
85Filexxxxxxxx.xxxMedium
86Filexxx/xxxxx_xxxx.xxHigh
87Filexxx/xxxx_xxxxxxx.xxHigh
88Filexxx/xxxx_xxxxxxxxx.xxHigh
89Filexxx/xxx_xxxxx.xxHigh
90Filexxx/xxx_xxxxxx.xxHigh
91Filexxx/xxxx/xxx/xxxx.xHigh
92Filexxxxxxxxxxxxxxxxx.xxxxHigh
93Filexxxxxx_xxx/xxxxHigh
94Filexxxxxxxx_xxxxx.xxxHigh
95Filexxxx_xxx_xxxxxxxx.xxxHigh
96Filexx-xxxxxxx/xxxxxxx/xxxxx-xxxxxxxx-xxxx-xxx/xxxxx_xxxxx/xxxxxxxx/xxxxxxxxx/xx_xxx_xxxxx_xxxxxxxx.xxxxxxxx.xxxHigh
97Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxHigh
98Filexxxxxxxxxxx.xxxHigh
99File\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
100File~/xxxxxxxx/xxxxxx/xxxxxx.xxxHigh
101Libraryxxxxxx.xxxMedium
102ArgumentxxxxxxxxMedium
103ArgumentxxLow
104ArgumentxxxxxxxxMedium
105Argumentxxxxx_xxMedium
106ArgumentxxxxxxxxMedium
107ArgumentxxxxxxLow
108Argumentxxxxxxxxxxx[xxxxxxxxxxx]High
109ArgumentxxxxxxxxxxxxMedium
110ArgumentxxxxxxxxxxMedium
111ArgumentxxxxxLow
112ArgumentxxxxLow
113ArgumentxxxxxxxxxxxMedium
114Argumentx/xx/x/xxxx_xxxxxxxx_xxxxxx/xxxx_xxxxxxHigh
115ArgumentxxxxxxxLow
116Argumentxxxxxx_xxxx_xxxHigh
117ArgumentxxxxLow
118ArgumentxxLow
119ArgumentxxxxxxxxxxxxxHigh
120Argumentxxxx_xxxxxx_xxxHigh
121ArgumentxxxxLow
122ArgumentxxxxxxLow
123ArgumentxxxxLow
124Argumentxxxx/xxxxxxxxxxxHigh
125ArgumentxxxxLow
126ArgumentxxxxxxxxMedium
127Argumentxxxx_xxxMedium
128Argumentxxxx xxxxxMedium
129Argumentxxxx_xxxxxMedium
130ArgumentxxxxLow
131ArgumentxxxxxxLow
132Argumentxxxxxx-xxxMedium
133Argumentxxxxxxx_xxMedium
134ArgumentxxxxxxxxMedium
135Argumentxxx_xxxxMedium
136Argumentxxxx xxxxxxxxxxxHigh
137ArgumentxxxxxLow
138ArgumentxxxxxxxLow
139ArgumentxxxxxxxxxxxxxxxxHigh
140ArgumentxxxLow
141ArgumentxxxLow
142ArgumentxxxxLow
143ArgumentxxxxxxxxMedium
144Argumentxxxx_xxLow
145Argumentxxx_xxxxMedium
146Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxHigh
147Input Value\' xxxxx xxxxxx x,x,xxxxxx(xxxxxxxx,xxxx,xxxxxxxx),x,x,x,x,x,x,xx xxxx xxxxx xxxxx xx \'High
148Pattern|xx|Low

References (11)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!