GRU Analyse
IOB - Indicator of Behavior (400)
Activités
Intérêt
Vulnérabilités
IOC - Indicator of Compromise (10)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
ID | adresse IP | Hostname | Acteur | Campagnes | Identified | Taper | Confiance |
---|---|---|---|---|---|---|---|
1 | 77.83.247.81 | GRU | 16/02/2022 | verified | Élevé | ||
2 | 93.115.28.161 | GRU | 16/02/2022 | verified | Élevé | ||
3 | XX.XXX.XX.XXX | xxxxxxx.xxxxxxx.xx | Xxx | 16/02/2022 | verified | Élevé | |
4 | XXX.XX.XXX.XX | xxxxxx-xx.xxx.xx.xxx.xxxxxx.xxx | Xxx | 16/02/2022 | verified | Élevé | |
5 | XXX.XXX.XX.XX | Xxx | 16/02/2022 | verified | Élevé | ||
6 | XXX.XXX.XXX.XX | Xxx | 16/02/2022 | verified | Élevé | ||
7 | XXX.XXX.XX.XX | xxx.xxxxxxxxxxx.xxx | Xxx | 16/02/2022 | verified | Élevé | |
8 | XXX.XXX.XXX.XX | Xxx | 16/02/2022 | verified | Élevé | ||
9 | XXX.XX.XXX.XX | xxxx-xxxxx.xxxxxxxxx.xxx | Xxx | 16/02/2022 | verified | Élevé | |
10 | XXX.XXX.XXX.XX | xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx | Xxx | 16/02/2022 | verified | Élevé |
TTP - Tactics, Techniques, Procedures (18)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (118)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | Classe | Indicator | Taper | Confiance |
---|---|---|---|---|
1 | File | .htaccess | predictive | Moyen |
2 | File | /?ajax-request=jnews | predictive | Élevé |
3 | File | /admin/students/view_student.php | predictive | Élevé |
4 | File | /admin_ping.htm | predictive | Élevé |
5 | File | /CommunitySSORedirect.jsp | predictive | Élevé |
6 | File | /loginLess/../../etc/passwd | predictive | Élevé |
7 | File | /see_more_details.php | predictive | Élevé |
8 | File | /system/proxy | predictive | Élevé |
9 | File | /uncpath/ | predictive | Moyen |
10 | File | /usr/local/nagios/bin/npcd | predictive | Élevé |
11 | File | accountancy/customer/card.php | predictive | Élevé |
12 | File | addentry.php | predictive | Moyen |
13 | File | add_comment.php | predictive | Élevé |
14 | File | admin.php | predictive | Moyen |
15 | File | admin/create-package.php | predictive | Élevé |
16 | File | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | Élevé |
17 | File | xxxxxxx.xxx | predictive | Moyen |
18 | File | xxxxxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | Élevé |
19 | File | xxxxxx.xxx | predictive | Moyen |
20 | File | xxxxxxx.xxx | predictive | Moyen |
21 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | Élevé |
22 | File | xxxxxxx.xxxxx.xxx | predictive | Élevé |
23 | File | xxxxxxxxxxxx.xxx | predictive | Élevé |
24 | File | xxxxx.xxx | predictive | Moyen |
25 | File | xxxxxxxxxxxxx/xxxxxx/xxxxxxxxxxx/xxxx_xxx.xxx | predictive | Élevé |
26 | File | xxxxxxxxxxxxx/xxxxxx/xxxx/xxxx.xxx | predictive | Élevé |
27 | File | xxx/xxxxxx/xxxxxx.x | predictive | Élevé |
28 | File | xxxxxxxxx.xxx | predictive | Élevé |
29 | File | xxx/xxxxxxxxx-xxxxx.xxx | predictive | Élevé |
30 | File | xxx/xxxxxx.xxx | predictive | Élevé |
31 | File | xxxxx.xxx | predictive | Moyen |
32 | File | xxxx_xxxx.xxx | predictive | Élevé |
33 | File | xxxx_xxxxxx/xxxxxxxxx.xx | predictive | Élevé |
34 | File | xxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxx | predictive | Élevé |
35 | File | xxxxxxxxx/xxxxxx/xxxxxxxx.xxx.xxx | predictive | Élevé |
36 | File | xxxxx.xxx | predictive | Moyen |
37 | File | xxxxx.xxxx | predictive | Moyen |
38 | File | xxx_xxx.x | predictive | Moyen |
39 | File | xxxx_xxxxxx.xxx | predictive | Élevé |
40 | File | xxx_xxxxxxxxx.xx | predictive | Élevé |
41 | File | xxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxx | predictive | Élevé |
42 | File | xxxx.xxx | predictive | Moyen |
43 | File | xxxxx_xxxxxx_xxx.xxx | predictive | Élevé |
44 | File | xxxxxxxx.xxx | predictive | Moyen |
45 | File | xxxxxxx.xxx | predictive | Moyen |
46 | File | xxxxxx_xxxxxxx.xxx | predictive | Élevé |
47 | File | xxxx_xxxxxx.xxx | predictive | Élevé |
48 | File | xxxxxxxxx xxxxx | predictive | Élevé |
49 | File | xxxxx/xxxxxxxxxxxx/xxxxx.xxxx | predictive | Élevé |
50 | File | xxxxxx_xxx/xxxx | predictive | Élevé |
51 | File | xxxxxx_xxxxxxxx.xxx | predictive | Élevé |
52 | File | xxxxxxxx.xxx | predictive | Moyen |
53 | File | xxxxxxxxx.xxx | predictive | Élevé |
54 | File | xxxxxxxx.xxx | predictive | Moyen |
55 | File | xxxx_xxx_xxx_xxxx.xxx | predictive | Élevé |
56 | File | xxxxxxxxxxxxx.xxx | predictive | Élevé |
57 | File | xxxxxx/xxxxxxxxxxx/xxxxx_xxxxxx.xxx | predictive | Élevé |
58 | File | xx-xxxxx/xxxxx.xxx | predictive | Élevé |
59 | File | xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx | predictive | Élevé |
60 | File | xx-xxxxx.xxx | predictive | Moyen |
61 | File | xx-xxxxxxxxxxx.xxx | predictive | Élevé |
62 | File | ~/xxxx-xxxxxxx.xxx | predictive | Élevé |
63 | Library | xxxxxxx.xxx | predictive | Moyen |
64 | Library | xxx.xxx | predictive | Faible |
65 | Library | xxx/xxxx.xx | predictive | Moyen |
66 | Library | xxx/xxxxx/xxxxxxxx.xx | predictive | Élevé |
67 | Argument | $xxx_xxxx_xxxx) | predictive | Élevé |
68 | Argument | *xxxx | predictive | Faible |
69 | Argument | xxxxxxxxxxx | predictive | Moyen |
70 | Argument | xxxxxx | predictive | Faible |
71 | Argument | xxx_xxxxx_xxxx | predictive | Élevé |
72 | Argument | xxxxxxxx | predictive | Moyen |
73 | Argument | xxx | predictive | Faible |
74 | Argument | xxxxx | predictive | Faible |
75 | Argument | xxx_xx | predictive | Faible |
76 | Argument | xxxx | predictive | Faible |
77 | Argument | xxx | predictive | Faible |
78 | Argument | xxxx_xx | predictive | Faible |
79 | Argument | xxxxxxx | predictive | Faible |
80 | Argument | xxxxxxxxx | predictive | Moyen |
81 | Argument | xxx | predictive | Faible |
82 | Argument | xxxxxxxx | predictive | Moyen |
83 | Argument | xxxx_xxxx | predictive | Moyen |
84 | Argument | xxxxxx | predictive | Faible |
85 | Argument | xxxx | predictive | Faible |
86 | Argument | xxxx | predictive | Faible |
87 | Argument | xx | predictive | Faible |
88 | Argument | xxxx_xxxx/xxxx_xxxx | predictive | Élevé |
89 | Argument | xxxxxxxx | predictive | Moyen |
90 | Argument | xxxxxxxx_xxxx | predictive | Élevé |
91 | Argument | xxxxxx_xxxx_xxx | predictive | Élevé |
92 | Argument | xxxxxx_xx | predictive | Moyen |
93 | Argument | xxx | predictive | Faible |
94 | Argument | xxxx | predictive | Faible |
95 | Argument | xxxx[] | predictive | Faible |
96 | Argument | xxx | predictive | Faible |
97 | Argument | xxxxxxxxxxx/xxxxxxxxx | predictive | Élevé |
98 | Argument | xxxxx_xx | predictive | Moyen |
99 | Argument | xxxxx_xx/xxxxx | predictive | Élevé |
100 | Argument | xxx | predictive | Faible |
101 | Argument | xxxxx | predictive | Faible |
102 | Argument | xxxxxxxxxxx | predictive | Moyen |
103 | Argument | xxxxxx_xx | predictive | Moyen |
104 | Argument | xxxxxxxxx | predictive | Moyen |
105 | Argument | xxxxxx_xx | predictive | Moyen |
106 | Argument | xxx-xxxxxx | predictive | Moyen |
107 | Argument | xxx | predictive | Faible |
108 | Argument | xxxxxxxxx_xxxxxx_xxx | predictive | Élevé |
109 | Argument | xxxx | predictive | Faible |
110 | Argument | xxx | predictive | Faible |
111 | Argument | xxxxxx | predictive | Faible |
112 | Argument | xxxxxxxx | predictive | Moyen |
113 | Argument | xxxxxx_xxxxxx | predictive | Élevé |
114 | Input Value | ../ | predictive | Faible |
115 | Input Value | <xxxxxx>xxxxx(x)</xxxxxx> | predictive | Élevé |
116 | Input Value | xxx%xx(xxxxxx*xxxx(xxxxxx(xxxxx(x)))x) | predictive | Élevé |
117 | Network Port | xxx/xx (xxxxxx) | predictive | Élevé |
118 | Network Port | xxx/xx (xxx) | predictive | Moyen |
Références (2)
The following list contains external sources which discuss the actor and the associated activities: