Iran Unknown تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (376)

التسلسل الزمني

اللغة

en314
es22
fr8
sv6
ru6

البلد

us274
ru24
es18
pt14
fr8

الفاعلين

Cobalt Strike2
SideWinder1
SystemBC1
TA5051
Scar1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined104
Content Management System32
Operating System26
WordPress Plugin14
Router Operating System12

المجهز

Not Defined84
Microsoft28
Apache12
Oracle10
Google8

منتج

Microsoft Windows20
WordPress10
Apache HTTP Server6
Oracle MySQL Server6
Magento4

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1TikiWiki tiki-register.php تجاوز الصلاحيات7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix7.880.01009CVE-2006-6168
2LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable4.050.00000
3AWStats Config awstats.pl سكربتات مشتركة4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.160.00587CVE-2006-3681
4Tiki Admin Password tiki-login.php توثيق ضعيف8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix4.910.00936CVE-2020-15906
5Serendipity exit.php تجاوز الصلاحيات6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.130.00000
6Void Contact Form 7 Widget for Elementor Page Builder Plugin void_cf7_opt_in_user_data_track طلب تزوير مشترك4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00062CVE-2022-47166
7SPIP spip.php سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.190.00132CVE-2022-28959
8nginx تجاوز الصلاحيات6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.070.00241CVE-2020-12440
9Lars Ellingsen Guestserver guestbook.cgi سكربتات مشتركة4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.070.00169CVE-2005-4222
10SourceCodester Library Management System index.php حقن إس كيو إل7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00114CVE-2022-2492
11Composer URL تجاوز الصلاحيات6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.06299CVE-2021-29472
12Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.460.01871CVE-2007-2046
13MGB OpenSource Guestbook email.php حقن إس كيو إل7.37.3$0-$5k$0-$5kHighUnavailable1.010.01302CVE-2007-0354
14WordPress WP_Query حقن إس كيو إل6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.93536CVE-2022-21661
15Magento Search Module حقن إس كيو إل7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00070CVE-2021-21024
16ZoneMinder Language Privilege Escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.38401CVE-2022-29806
17WordPress AdServe adclick.php حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00073CVE-2008-0507
18SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php تجاوز الصلاحيات6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00045CVE-2024-1875
19Google Chrome Intents Remote Code Execution6.36.0$25k-$100k$5k-$25kHighOfficial Fix0.040.00404CVE-2021-38000
20Nordex Control 2 SCADA Wind Farm Portal Application سكربتات مشتركة4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.020.00277CVE-2015-6477

حملات (1)

These are the campaigns that can be associated with the actor:

  • Albanian Government

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
146.30.189.66Iran UnknownAlbanian Government09/09/2022verifiedعالي
251.89.181.64ip64.ip-51-89-181.euIran Unknown21/11/2022verifiedعالي
366.219.22.235core96.hostingmadeeasy.comIran Unknown12/10/2022verifiedعالي
483.171.238.62558.cluster-nbg1.deIran Unknown12/10/2022verifiedعالي
5XX.XXX.XXX.XXXXxxx Xxxxxxx21/11/2021verifiedعالي
6XXX.XX.X.XXxxxxxx.xx.x.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
7XXX.XX.XXX.XXXxxxxxxxx.xxXxxx Xxxxxxx21/11/2022verifiedعالي
8XXX.XXX.XXX.XXXxxxx-xxxxxxx.xxxxx.xxxxx.xxXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
9XXX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
10XXX.XX.XXX.XXXxxx Xxxxxxx21/11/2021verifiedعالي
11XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx Xxxxxxx21/11/2021verifiedعالي
12XXX.X.XX.XXXxxxxxx.xxx.xx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
13XXX.XX.XXX.XXxxx Xxxxxxx21/11/2022verifiedعالي
14XXX.XX.XX.XXXXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
15XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxx.xxxxxxxx.xxxXxxx Xxxxxxx12/10/2022verifiedعالي
16XXX.XXX.XX.XXXxxxxxxx.xxxxxxx.xx.xxXxxx Xxxxxxx12/10/2022verifiedعالي
17XXX.XX.XXX.XXXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي
18XXX.XX.XXX.XXXxxx XxxxxxxXxxxxxxx Xxxxxxxxxx09/09/2022verifiedعالي

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22Path Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
4T1059CWE-94Argument Injectionpredictiveعالي
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictiveعالي
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
12TXXXXCWE-XX, CWE-XXXxx Xxxxxxxxxpredictiveعالي
13TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
14TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx Xxxxpredictiveعالي
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveعالي
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
19TXXXXCWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
20TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictiveعالي
21TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (173)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File//etc/RT2870STA.datpredictiveعالي
2File/admin/maintenance/view_designation.phppredictiveعالي
3File/administration/theme.phppredictiveعالي
4File/api/index.phppredictiveعالي
5File/boafrm/formFilterpredictiveعالي
6File/cgi-bin/webprocpredictiveعالي
7File/check_availability.phppredictiveعالي
8File/clinic/medical_records_view.phppredictiveعالي
9File/coreframe/app/pay/admin/index.phppredictiveعالي
10File/dashboard/Cinvoice/manage_invoicepredictiveعالي
11File/forum/away.phppredictiveعالي
12File/importexport.phppredictiveعالي
13File/index.phppredictiveمتوسط
14File/mobileredir/openApp.jsppredictiveعالي
15File/ofrs/admin/?page=requests/manage_requestpredictiveعالي
16File/searchpredictiveواطئ
17File/spip.phppredictiveمتوسط
18File/usr/www/ja/mnt_cmd.cgipredictiveعالي
19File/wp-admin/admin-ajax.phppredictiveعالي
20Fileactive.logpredictiveمتوسط
21Fileactivenews_view.asppredictiveعالي
22Filexxxxxxx.xxxpredictiveمتوسط
23Filexxxxx.xxxpredictiveمتوسط
24Filexxxxxxx/xxxx/xxxxxx.xxxpredictiveعالي
25Filexxxxxxxxxxxx.xxxpredictiveعالي
26Filexxxxxxxx.xxxpredictiveمتوسط
27Filexxx_xxxxxxx.xxxpredictiveعالي
28Filexxxxxxxxxx.xxxpredictiveعالي
29Filexxxx-xxxx.xpredictiveمتوسط
30Filexxxxx.xxxpredictiveمتوسط
31Filexxxx_xxxx_xx.xxpredictiveعالي
32Filexxxxxxx.xxpredictiveمتوسط
33Filexxxxx/xxxx-xxxx.xpredictiveعالي
34Filexxxxxxxxxxx.xxxpredictiveعالي
35Filexxx.xxxpredictiveواطئ
36Filexxxxxxx.xxxpredictiveمتوسط
37Filexxx-xxx/xxx_xxx_xxxxxx.xxxpredictiveعالي
38Filexxx-xxx/xxxxx/xxxxx/xxxxx/xxx_xxxx/xxxx_xxxx/predictiveعالي
39Filexxxxx.xxxpredictiveمتوسط
40Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveعالي
41Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveعالي
42Filexxxxxxxxx/xxx/xxxxx/xxxxx/xxxxx.xxxpredictiveعالي
43Filexxxxx.xxxxpredictiveمتوسط
44Filexxxxxxx.xxxpredictiveمتوسط
45Filexxxxxx.xxxpredictiveمتوسط
46Filexxxxx.xxxpredictiveمتوسط
47Filexx/xxxxx/xxxxxx_xxxxx.xxxpredictiveعالي
48Filexxxx.xxxpredictiveمتوسط
49Filexxxxxxx.xxxpredictiveمتوسط
50Filexxx/xxx-xxxxx.xpredictiveعالي
51Filexxxxxxx.xxxpredictiveمتوسط
52Filexxxx/xxxxpredictiveمتوسط
53Filexxx_xxxx.xxxpredictiveمتوسط
54Filexxxx.xxxpredictiveمتوسط
55Filexxxxxxxxx.xxxpredictiveعالي
56Filexx/xxx/xxxx_xxxxx.xpredictiveعالي
57Filexxxxxx.xxxpredictiveمتوسط
58Filexxx/xxxxxx.xxxpredictiveعالي
59Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveعالي
60Filexxxxx.xxxxpredictiveمتوسط
61Filexxxxx.xxxpredictiveمتوسط
62Filexxxxxx.xxxpredictiveمتوسط
63Filexxxx_xxxx.xxxpredictiveعالي
64Filexxxxxx/xxxxxx.xpredictiveعالي
65Filexxxxxxx.xxxpredictiveمتوسط
66Filexxxxx_xx.xxxxpredictiveعالي
67Filexxxxxx_xxxx.xxxpredictiveعالي
68Filexxx/xxxxxxxxx/x_xxxxxx.xpredictiveعالي
69Filexxxx.xxxpredictiveمتوسط
70Filexxxx_xxxx.xxxpredictiveعالي
71Filexxx_xxxx.xxxpredictiveمتوسط
72Filexxxxxx.xpredictiveمتوسط
73Filexxxxxxxxx.xxx.xxxpredictiveعالي
74Filexxxxxxx_xxxxxx_xxx.xxxxpredictiveعالي
75Filexxxxxxxxxxxxx.xxxpredictiveعالي
76Filexxxxx/xxxxxxx.xxxpredictiveعالي
77Filexxxxxxxx.xxxpredictiveمتوسط
78Filexxxxxxxx.xxxpredictiveمتوسط
79Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveعالي
80Filexxxxxxxxxxxxxxx.xxxpredictiveعالي
81Filexxxxxx.xxxpredictiveمتوسط
82Filexxxxxxxxxxxxx.xxxpredictiveعالي
83Filexxxxxx_xxxx.xxxpredictiveعالي
84Filexxxxx.xxxxpredictiveمتوسط
85Filexxxx-xxxxxx.xpredictiveعالي
86Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveعالي
87Filexxxxxxxxxxx.xxxpredictiveعالي
88Filexxxx.xxxpredictiveمتوسط
89Filexxxxxxx-xxxxxxx.xxxpredictiveعالي
90Filexxxx.xpredictiveواطئ
91Filexxxx-xxxxxxxx.xxxpredictiveعالي
92Filexxxx-xxxxx.xxxpredictiveعالي
93Filexxxx-xxxxxxxx.xxxpredictiveعالي
94Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveعالي
95Filexxx_xxxxxx.xxxpredictiveعالي
96Filexxxxxxxx.xxxpredictiveمتوسط
97Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveعالي
98Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveعالي
99Filexx-xxxxxxxx/xx/xxxxxxxxxxxxpredictiveعالي
100Filexx-xxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveعالي
101Filexxxx.xxxpredictiveمتوسط
102Filexxxxxxxxxxx.xxxpredictiveعالي
103File\xxxxx\xxxxx\xxxxxxxxx.xxxpredictiveعالي
104File~/xxxxxxxx/xxxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveعالي
105Argumentxxxxxx/xxxxxxxxpredictiveعالي
106Argumentxxxxpredictiveواطئ
107Argumentxxxxxpredictiveواطئ
108Argumentxxxxxxxxxpredictiveمتوسط
109Argumentxxxxxxxxxxxxxxpredictiveعالي
110Argumentxxxxxxxxpredictiveمتوسط
111Argumentxxxpredictiveواطئ
112Argumentxxxxxxxxxxpredictiveمتوسط
113Argumentxxxxxpredictiveواطئ
114Argumentxxx_xxpredictiveواطئ
115Argumentxxxxxxxxxxpredictiveمتوسط
116Argumentxxxpredictiveواطئ
117Argumentxxxx_xxpredictiveواطئ
118Argumentxxxxx/xxx_xxxxx/xxxxx/xxxxxxxxxxxpredictiveعالي
119Argumentxxxxxxpredictiveواطئ
120Argumentxxxxxxxxxxxx/xxxxxxxxxxxpredictiveعالي
121Argumentxxxxxxxxx[x]predictiveمتوسط
122Argumentxxxxxxxxxxx/xxxx/xxxxxxxpredictiveعالي
123Argumentxxxxpredictiveواطئ
124Argumentxxxxxxxpredictiveواطئ
125Argumentxxxxpredictiveواطئ
126Argumentxxxxpredictiveواطئ
127Argumentxxxxxx[xxxxxxx]predictiveعالي
128Argumentxxxxxxxxxxxpredictiveمتوسط
129Argumentxxxxxxxpredictiveواطئ
130Argumentxxxxpredictiveواطئ
131Argumentxxpredictiveواطئ
132Argumentxxxxxxxxxpredictiveمتوسط
133Argumentxx_xxxxxxxxpredictiveمتوسط
134Argumentxx_xxxxxpredictiveمتوسط
135Argumentxx_xxxxpredictiveواطئ
136Argumentxxxxxxxxxxpredictiveمتوسط
137Argumentxxxxx[xxxxx][xx]predictiveعالي
138Argumentxxxxxxxxpredictiveمتوسط
139Argumentxxxxxxxxpredictiveمتوسط
140Argumentxxxxxxxxpredictiveمتوسط
141Argumentxxxxpredictiveواطئ
142Argumentxxxxxxpredictiveواطئ
143Argumentxxxxxxxxxxpredictiveمتوسط
144Argumentxxxxxx xxxxxpredictiveمتوسط
145Argumentxxxxxxpredictiveواطئ
146Argumentxxxx_xxpredictiveواطئ
147Argumentxxxxxxxxxxxpredictiveمتوسط
148Argumentxxxxpredictiveواطئ
149Argumentxxxxxxxxpredictiveمتوسط
150Argumentxxxx_xxxpredictiveمتوسط
151Argumentxxxxxxxxxpredictiveمتوسط
152Argumentxxxxxxx_xxpredictiveمتوسط
153Argumentxxxxxxxxpredictiveمتوسط
154Argumentxxxxxxxxxxx/xxxxpredictiveعالي
155Argumentxxxxxxxx_xxx/xxxxxx_xxpredictiveعالي
156Argumentxxxxxxxxpredictiveمتوسط
157Argumentxxxxxxpredictiveواطئ
158Argumentxxxxxxxxxxxxpredictiveمتوسط
159Argumentxxxxxxxpredictiveواطئ
160Argumentxxxxx_xxxpredictiveمتوسط
161Argumentxxxxxpredictiveواطئ
162Argumentxxxxxpredictiveواطئ
163Argumentxxxxxpredictiveواطئ
164Argumentxxxxxxxxxxxxxxxpredictiveعالي
165Argumentxxxxxxxxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxpredictiveعالي
166Argumentxxxpredictiveواطئ
167Argumentxxxxxxxx/xxxxpredictiveعالي
168Argumentxx_xxxx_xxxxxx_xxxxxxxxxxpredictiveعالي
169Input Value"><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveعالي
170Input Value<xxx xxxxxx=xxxxx(xxxx)>predictiveعالي
171Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveعالي
172Network Portxxx/xxxxxpredictiveمتوسط
173Network Portxxx/xxx, xxx/xxx, xxx/xxxx, xxx/xxxxpredictiveعالي

المصادر (5)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!