BazarLoader Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (248)

Curso de tempo

Idioma

en198
zh32
de6
fr4
ja2

País

us88
cn72
ru24
gb4
fr2

Actores

Cobalt Strike7
Conti4
BazarBackdoor4
BazarLoader3
IcedID3

Actividades

Interesse

Curso de tempo

Tipo

Not Defined112
Content Management System16
Operating System10
Programming Language Software8
WordPress Plugin8

Fabricante

Not Defined100
Microsoft8
Cisco6
Google6
DUware6

Produto

Magento6
Google Android6
Crestron AM-1004
Crestron AM-1014
PHP4

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2Zyxel NAS326/NAS542 Web Server direitos alargados9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00068CVE-2023-4473
3phpMyAdmin Privileges.php Injecção SQL7.16.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00145CVE-2020-10804
4Linux Kernel fbcon vt.c KD_FONT_OP_COPY Divulgação de Informação5.04.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2020-28974
5Magento Sitemap direitos alargados5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00264CVE-2019-7932
6CKFinder File Name direitos alargados7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00155CVE-2019-15862
7Cisco IOS XE Web UI Remote Code Execution9.99.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.090.89428CVE-2023-20198
8Linux Kernel OverlayFS Subsystem direitos alargados6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00042CVE-2021-3847
9Magento Search Module Injecção SQL7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00070CVE-2021-21024
10Oracle JavaFX Remote Code Execution9.89.4$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.01240CVE-2013-1477
11Mavili Guestbook direitos alargados5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00506CVE-2012-5298
12Mavili Guestbook edit.asp direitos alargados7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00934CVE-2012-5299
13Saphp SaphpLesson misc.php Injecção SQL7.37.3$0-$5k$0-$5kNot DefinedUnavailable0.000.00572CVE-2006-3161
14Zoho ManageEngine ServiceDesk Plus FileDownload.jsp Directório Traversal5.35.0$0-$5kCalculadoProof-of-ConceptNot Defined0.000.00556CVE-2011-2757
15Netwave IP Camera Network Configuration kcore Divulgação de Informação4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00219CVE-2018-17240
16linlinjava litemall AdminOrdercontroller.java Injecção SQL6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.020.00043CVE-2024-24323
17Yii Yii2 Directório Traversal7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00091CVE-2015-5467
18Linux Kernel seq_buf.c seq_buf_putmem_hex Excesso de tampão6.66.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00042CVE-2023-28772
19mailcow direitos alargados8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00055CVE-2023-34108
20ZhiCms giftcontroller.php direitos alargados8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00064CVE-2024-0603

Campanhas (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (162)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
13.101.57.185ec2-3-101-57-185.us-west-1.compute.amazonaws.comBazarLoader26/04/2022verifiedMédio
25.45.97.127v22018107054674935.goodsrv.deBazarLoader11/05/2022verifiedAlto
35.135.183.146freya.stelas.deBazarLoader11/05/2022verifiedAlto
413.56.161.214ec2-13-56-161-214.us-west-1.compute.amazonaws.comContiBazarLoader26/04/2022verifiedMédio
513.225.230.232server-13-225-230-232.jfk51.r.cloudfront.netBazarLoader19/02/2022verifiedAlto
613.226.32.216server-13-226-32-216.ewr53.r.cloudfront.netBazarLoader19/02/2022verifiedAlto
718.67.60.164server-18-67-60-164.iad89.r.cloudfront.netBazarLoader19/02/2022verifiedAlto
823.56.10.219a23-56-10-219.deploy.static.akamaitechnologies.comBazarLoader19/02/2022verifiedAlto
923.62.25.178a23-62-25-178.deploy.static.akamaitechnologies.comBazarLoader19/02/2022verifiedAlto
1023.82.19.173BazarLoader26/04/2022verifiedAlto
1123.94.51.8023-94-51-80-host.colocrossing.comBazarLoaderAnchor26/04/2022verifiedAlto
1223.95.238.12223-95-238-122-host.colocrossing.comBazarLoader19/03/2022verifiedAlto
1323.106.160.77BazarLoader26/04/2022verifiedAlto
1423.106.215.61BazarLoader26/04/2022verifiedAlto
1523.106.223.174BazarLoader25/03/2022verifiedAlto
1623.152.0.22anahiem.netBazarLoaderDiavol26/04/2022verifiedAlto
1723.160.193.217unknown.ip-xfer.netBazarLoader19/02/2022verifiedAlto
1823.193.217.119a23-193-217-119.deploy.static.akamaitechnologies.comBazarLoader19/02/2022verifiedAlto
1931.14.40.160perico.cavepanel.comContiBazarLoader26/04/2022verifiedAlto
2031.41.44.153rodion.oftin.93.example.comBazarLoader06/01/2023verifiedAlto
2131.171.251.118ch.ns.mon0.liBazarLoader22/07/2021verifiedAlto
2231.214.240.203BazarLoader22/07/2021verifiedAlto
2334.209.40.84ec2-34-209-40-84.us-west-2.compute.amazonaws.comBazarLoader08/01/2021verifiedMédio
2434.210.71.206ec2-34-210-71-206.us-west-2.compute.amazonaws.comBazarLoaderAnchor26/04/2022verifiedMédio
2534.219.130.241ec2-34-219-130-241.us-west-2.compute.amazonaws.comContiBazarLoader26/04/2022verifiedMédio
2634.221.188.35ec2-34-221-188-35.us-west-2.compute.amazonaws.comBazarLoader22/07/2021verifiedMédio
2734.222.222.126ec2-34-222-222-126.us-west-2.compute.amazonaws.comBazarLoader19/03/2022verifiedMédio
2835.165.197.209ec2-35-165-197-209.us-west-2.compute.amazonaws.comBazarLoader26/04/2022verifiedMédio
2940.76.4.15BazarLoader19/02/2022verifiedAlto
3040.112.72.205BazarLoader19/02/2022verifiedAlto
3140.113.200.201BazarLoader19/02/2022verifiedAlto
3245.14.226.23BazarLoader19/02/2022verifiedAlto
3345.71.112.70host-45-71-112-70.nedetel.netBazarLoader22/07/2021verifiedAlto
34XX.XX.XXX.XXxx.xx.xxx.xx.xxxxx.xxxXxxxxxxxxxx22/07/2021verifiedMédio
35XX.XX.XX.XXXxxxxxxxx.xx.xxxxxxxXxxxxxxxxxx26/04/2022verifiedAlto
36XX.XX.XX.XXXxxxxxxxx.xx.xxxxxxxXxxxxxxxxxx25/03/2022verifiedAlto
37XX.XX.XX.XXXxxxxxxxx.xx.xxxxxxxXxxxxxxxxxx25/03/2022verifiedAlto
38XX.XX.XX.XXXxxxxxxxx.xx.xxxxxxxXxxxxxxxxxx25/03/2022verifiedAlto
39XX.XX.XX.XXXxxxx.xxXxxxxxxxxxx25/03/2022verifiedAlto
40XX.XX.XX.XXXxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx25/03/2022verifiedAlto
41XX.XX.XX.XXXxxxxxxx.xxxXxxxxxxxxxx25/03/2022verifiedAlto
42XX.XXX.XXX.XXXXxxxxxxxxxx26/04/2022verifiedAlto
43XX.XXX.XX.XXXxxxxx.xx-xx-xxx-xx.xxXxxxxxxxxxx19/03/2022verifiedAlto
44XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxxxxxxx-xxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
45XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxXxxxxx26/04/2022verifiedMédio
46XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxx26/04/2022verifiedMédio
47XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxx25/03/2022verifiedMédio
48XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxx08/01/2021verifiedMédio
49XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxXxxxxx26/04/2022verifiedMédio
50XX.XXX.XX.XXXxxxxxxxxxx19/02/2022verifiedAlto
51XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxxXxxxxx26/04/2022verifiedMédio
52XX.XXX.XX.XXXXxxxxxxxxxx13/07/2022verifiedAlto
53XX.XXX.XX.XXXxxxx.xxxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto
54XX.XXX.XXX.XXXxxxxxxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxxxxx06/01/2023verifiedAlto
55XX.XXX.XXX.XXXxxxxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxxxxx06/01/2023verifiedAlto
56XX.XXX.XXX.XXXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
57XX.XXX.XX.XXXxxxxxxxxxx26/04/2022verifiedAlto
58XX.XXX.XX.XXxxxxx-xxx-xxxxxx-xxxxxxxx.xxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxxx26/04/2022verifiedAlto
59XX.XXX.XXX.XXxx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
60XX.XX.XX.XXXXxxxxxxxxxx22/07/2021verifiedAlto
61XX.X.XXX.XXxxxxx-xxxxxx-xxxx.xxxx.xxxxx.xxx.xxx.xxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
62XX.X.XXX.XXxxxxx-xxxxxx-xxxx.xxxx.xxxxx.xxx.xxx.xxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
63XX.X.XXX.XXxxxxx-xxxxxx-xxxx.xxxx.xxxxx.xxx.xxx.xxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
64XX.XXX.XXX.XXxxxxxxxxx.xxxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto
65XX.XX.XXX.XXXxxxxxxxxxxxxxx.xxxx.xxxxxxxXxxxxxxxxxx06/07/2022verifiedAlto
66XX.XX.XX.XXXXxxxxxxxxxx22/07/2021verifiedAlto
67XX.XXX.XX.XXxxxxxxxxxx.xxxxx.xxXxxxxxxxxxx11/05/2022verifiedAlto
68XX.XXX.XXX.XXXXxxxxxxxxxx13/07/2022verifiedAlto
69XX.XX.XXX.XXXxxxxxxxxxx19/03/2022verifiedAlto
70XX.XX.XX.XXXxxxxxxxxxx11/05/2022verifiedAlto
71XX.XX.XXX.XXXXxxxxxxxxxx25/03/2022verifiedAlto
72XX.XXX.XXX.XXxxxx.xxxxxxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
73XX.XXX.XX.XXXxxxxx.xx-xx-xxx-xx.xxXxxxxxxxxxx22/07/2021verifiedAlto
74XX.XX.XXX.XXXxxxx.xxxxxx-xxxxxxx.xxXxxxxxxxxxx19/03/2022verifiedAlto
75XX.XXX.XXX.XXXXxxxxxxxxxx11/05/2022verifiedAlto
76XX.XXX.XXX.XXXxxxxxxxxxx12/06/2022verifiedAlto
77XX.XXX.XX.XXXxxxxxxxx.xxx-xxxxxxxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
78XX.XXX.XX.XXXXxxxxxxxxxx19/03/2022verifiedAlto
79XX.XX.XX.XXXxxx-xx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
80XX.XXX.XX.XXXxxxxx-xxxxxx-xxxx.xxxx.xxxxx.xxx.xxx.xxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
81XX.XXX.XX.XXXxxxxx-xxxxxx-xxxx.xxxx.xxxxx.xxx.xxx.xxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
82XXX.XX.XX.XXxxxxxxxxxx25/03/2022verifiedAlto
83XXX.XX.XX.XXXXxxxxxxxxxx12/06/2022verifiedAlto
84XXX.XX.XX.XXXXxxxxxxxxxx25/03/2022verifiedAlto
85XXX.XX.XXX.XXXxxx.xxx.xx.xxx.xx-xxxx.xxxxXxxxxxxxxxx22/07/2021verifiedAlto
86XXX.XX.XX.XXXxxxx-xx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
87XXX.XXX.XXX.XXxxxx-xxx-xxx-xx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
88XXX.XXX.XX.XXXxxxx-xxx-xx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
89XXX.XXX.XX.XXXXxxxxxxxxxx06/07/2022verifiedAlto
90XXX.XXX.XXX.XXXxxxxxxxxxx19/02/2022verifiedAlto
91XXX.XXX.XX.XXXXxxxxxxxxxx11/06/2022verifiedAlto
92XXX.XXX.XX.Xxx-xxxxxxx-xxxx-xxxxxx-xxx-xxxxxxxx.xxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxxxx11/06/2022verifiedAlto
93XXX.XXX.XX.XXXXxxxxxxxxxx11/05/2022verifiedAlto
94XXX.XXX.XX.XXXxxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
95XXX.XXX.XX.XXXxxxxxxxxxx25/03/2022verifiedAlto
96XXX.X.XXX.XXXxxxxx.xx-xxx-x-xxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
97XXX.X.XXX.XXxxxxx.xx-xxx.xxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
98XXX.XX.XXX.XXxxxxxxx.xxxx.xxxXxxxxxxxxxx19/03/2022verifiedAlto
99XXX.XXX.XX.XXXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
100XXX.XX.XXX.XXXXxxxxxxxxxx26/04/2022verifiedAlto
101XXX.XX.XXX.XXXxxxxxxxxxx.xxxxxxx.xxxxXxxxxxxxxxx25/03/2022verifiedAlto
102XXX.XX.XXX.XXXxxxxxxxxxx26/04/2022verifiedAlto
103XXX.XX.XXX.XXXXxxxxxxxxxx06/07/2022verifiedAlto
104XXX.XX.XXX.XXXXxxxxxxxxxx06/07/2022verifiedAlto
105XXX.XX.XX.XXXxxxxxx.xxx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxx06/07/2022verifiedAlto
106XXX.XXX.XX.XXXxxxx.xxxxxxxxxxxxx.xx.xxXxxxxXxxxxxxxxxx26/04/2022verifiedAlto
107XXX.XXX.XXX.XXxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
108XXX.XX.XXX.XXXxxxxxxxx.xxxxxxxxx.xxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
109XXX.XXX.XXX.XXxx-xxx-xxx-xxx.xxxxxxxxx.xxx.xxxxxXxxxxxxxxxx22/07/2021verifiedAlto
110XXX.XX.XXX.XXXxxxxxxxxxx12/06/2022verifiedAlto
111XXX.XX.XXX.XXxxxxxxxx.xxxXxxxxxxxxxx12/06/2022verifiedAlto
112XXX.XX.XXX.XXXxxxxxxxxxx06/07/2022verifiedAlto
113XXX.XX.XXX.XXXXxxxxxxxxxx22/07/2021verifiedAlto
114XXX.XXX.XXX.XXXxxxx.xxxxxx.xxxXxxxxxxxxxx11/06/2022verifiedAlto
115XXX.XXX.XXX.XXxxxxxxxxxxx.xx-xxxxxXxxxxxxxxxx11/06/2022verifiedAlto
116XXX.XXX.XX.XXXxxxxxxxxxx06/07/2022verifiedAlto
117XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxxxxx11/05/2022verifiedAlto
118XXX.XX.XXX.XXXXxxxxxxxxxx25/03/2022verifiedAlto
119XXX.XX.XXX.XXXXxxxxxxxxxx12/06/2022verifiedAlto
120XXX.XX.XXX.XXXXxxxxxxxxxx25/03/2022verifiedAlto
121XXX.XX.XXX.XXXxxxxxxxxxx22/07/2021verifiedAlto
122XXX.XX.XXX.XXxxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto
123XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto
124XXX.XX.XXX.XXXXxxxxxxxxxx19/02/2022verifiedAlto
125XXX.XX.XXX.XXxxxxxxxxxx06/01/2023verifiedAlto
126XXX.XX.XXX.XXxxxxxxxxxx06/01/2023verifiedAlto
127XXX.XXX.XXX.XXXxxxxxxxxxx25/03/2022verifiedAlto
128XXX.XXX.XX.XXXxxxxxxx.xxxx.xxxxXxxxxxxxxxx19/03/2022verifiedAlto
129XXX.XX.XXX.XXXxxxxxxx.xxxXxxxxxxxxxx19/03/2022verifiedAlto
130XXX.XX.X.XXXxxx-xxx-xx-x-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxxxxx25/03/2022verifiedMédio
131XXX.XX.XXX.XXXXxxxxxxxxxx11/05/2022verifiedAlto
132XXX.XX.XXX.XXXxxx.xx.xxxxxxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
133XXX.XXX.XXX.XXXxxxxxxxxxxxxx.xxxxxxx.xxXxxxxxxxxxx19/03/2022verifiedAlto
134XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxxxxx19/03/2022verifiedAlto
135XXX.XXX.XX.XXXxxxxxxx.xxxXxxxxxxxxxx06/07/2022verifiedAlto
136XXX.XXX.XXX.XXXXxxxxxxxxxx11/05/2022verifiedAlto
137XXX.XXX.XXX.XXXxxxxx.xxxXxxxxxxxxxx10/08/2022verifiedAlto
138XXX.XX.XXX.XXXxxxx.xxxxxxxxxxxxxx.xxXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
139XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxxxxxx.xxxXxxxxxxxxxx19/03/2022verifiedAlto
140XXX.XX.XX.XXXxxxxx.xx-xxx-xx-xx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
141XXX.XXX.XXX.XXXxxxx.xxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
142XXX.XXX.XX.XXXXxxxxxxxxxx26/04/2022verifiedAlto
143XXX.XXX.XXX.XXXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
144XXX.X.XXX.XXXxxxxxxxxx.xxx-xxxx.xxXxxxxxxxxxx06/01/2023verifiedAlto
145XXX.XXX.XX.XXXxxxxxxxxxx19/03/2022verifiedAlto
146XXX.X.XXX.XXXXxxxxxxxxxx22/07/2021verifiedAlto
147XXX.XX.XXX.XXXXxxxxxxxxxx11/06/2022verifiedAlto
148XXX.XX.XXX.XXXxxxxx.xxxXxxxxxxxxxx06/07/2022verifiedAlto
149XXX.XX.XXX.XXXxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxx25/03/2022verifiedAlto
150XXX.XX.XXX.XXxxxx.xxxxxxxxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
151XXX.XX.XXX.XXXXxxxxxxxxxx19/03/2022verifiedAlto
152XXX.XXX.XXX.XXxxxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
153XXX.XXX.XXX.Xxxxxxxxxxxxxxxxxx.xxxxxxx.xxXxxxxxxxxxx22/07/2021verifiedAlto
154XXX.XX.XXX.XXXxxx.xx.xxx.xxxxxxx.xxxxxxxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto
155XXX.XXX.XXX.XXxxxx.xx-xxx-xxx-xxx.xxXxxxxxxxxxx25/03/2022verifiedAlto
156XXX.XXX.XXX.XXXxx-xxxxxxx-xx-xxxxxxxx.xxxxxxx.xxx.xxxxxx.xxxXxxxxxxxxxx19/02/2022verifiedAlto
157XXX.XXX.XX.XXXXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
158XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
159XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
160XXX.XXX.XX.XXXxxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxXxxxxx26/04/2022verifiedAlto
161XXX.XX.XXX.XXxxxxx.xxxxxxx.xxxXxxxxxxxxxx11/05/2022verifiedAlto
162XXX.XX.XX.XXXxxxxxxxxxxxxxxxxxxxx.xxxxx.xxxXxxxxxxxxxx22/07/2021verifiedAlto

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1006CWE-21, CWE-22, CWE-23Path TraversalpredictiveAlto
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1059CWE-94Argument InjectionpredictiveAlto
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
5TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveAlto
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
9TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
10TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
11TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
12TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
13TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveAlto
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
17TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
18TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (118)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File//proc/kcorepredictiveMédio
2File/apipredictiveBaixo
3File/api/sys_username_passwd.cmdpredictiveAlto
4File/forum/away.phppredictiveAlto
5File/home/cavesConsolepredictiveAlto
6File/inc/parser/xhtml.phppredictiveAlto
7File/include/makecvs.phppredictiveAlto
8File/PluXml/core/admin/parametres_edittpl.phppredictiveAlto
9File/requests.phppredictiveAlto
10File/usr/local/psa/admin/sbin/wrapperpredictiveAlto
11File/wp-admin/admin.php?page=wp_file_manager_propertiespredictiveAlto
12Fileadd.phppredictiveBaixo
13Fileadmin/admin.shtmlpredictiveAlto
14FileAdminOrdercontroller.javapredictiveAlto
15Filexxxxx_xxx.xxxpredictiveAlto
16Filexxx/xxxx/xxxxxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveAlto
17Filexxxxxxxx\xxxxx.xxxpredictiveAlto
18Filexxxxxxxxxxxxxxxx.xxxxpredictiveAlto
19Filexxx-xxxxxx-xxxxxx.xpredictiveAlto
20Filexxx.xxxpredictiveBaixo
21Filexxx.xxxpredictiveBaixo
22Filexxxxxxx/xxxxx.xxxpredictiveAlto
23Filexxxxx.xxxxxxxxx.xxxpredictiveAlto
24Filexxxxxxxxxx.xxxpredictiveAlto
25Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveAlto
26Filexxx.xxxpredictiveBaixo
27Filexxxxxxxx/xxx.xxx?xxxx=xxxxxxxpredictiveAlto
28Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
29Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveAlto
30Filexxxxxx/xx/xx_xxxxx.xpredictiveAlto
31Filexxxx:x.x/xx:x/xx:x/xx:x/xx:x/x:x/x:x/x:x/x:xpredictiveAlto
32Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
33Filexxxxxxx.xxxpredictiveMédio
34Filexxxxxx.xxxpredictiveMédio
35Filexxxxx_xxxxxxx_xxxx.xxxxx.xxxpredictiveAlto
36Filexxxxxxx/xxx/xx/xx.xpredictiveAlto
37Filexxxx.xxxpredictiveMédio
38Filexxxxx.xxxpredictiveMédio
39Filexxx.xpredictiveBaixo
40Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxxxxx.xpredictiveAlto
41Filexxxxxx.xxxpredictiveMédio
42Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
43Filexxxxxxxxxxxx.xxxpredictiveAlto
44Filexxxx.xxxpredictiveMédio
45Filexxxxxxx/xxxxxx.xxxpredictiveAlto
46Filexxx/xxxxxx.xxxpredictiveAlto
47Filexxxxx.xxxpredictiveMédio
48Filexxxx.xxxpredictiveMédio
49Filexxxxxx\xxxxxxxxx\xxxxxx\xxxxxxx\xxxxxxxxxpredictiveAlto
50Filexx.xxxpredictiveBaixo
51Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveAlto
52Filexxxxx_xx.xxxxpredictiveAlto
53Filexxxxxxxx_xxxxxxx.xxxpredictiveAlto
54Filexxxx.xxxpredictiveMédio
55Filexxxxxxx.xxxpredictiveMédio
56Filexxxxxx.xxx/xxxx_xxxx_xxxx.xxxpredictiveAlto
57Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveAlto
58Filexxxxxxx.xxxpredictiveMédio
59Filexxxxxxx/xxx/xxxxx/xxxxx.xxxxxx.xxxpredictiveAlto
60Filexxxxx_xxxxxxxx.xxxpredictiveAlto
61Filexxxxxxx.xxxpredictiveMédio
62Filexxxxxxxxxxx.xxxpredictiveAlto
63Filexxxxx.xxxpredictiveMédio
64Filexxxxxxxx.xxxpredictiveMédio
65Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveAlto
66Filexx_xxx.xxpredictiveMédio
67Filexxxxxxxx.xx?xxxxxxxxxxxx=xxxxxxxx&xxxx=x-xxxx&xxxxxxxx=xxxxxxxxxx&xxpredictiveAlto
68Filexxxx.xxxpredictiveMédio
69Filexxxxxx.xxxxx.xxxpredictiveAlto
70Filexxxxxx/xxxxx/xx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxpredictiveAlto
71Filexxxx-xxxxx.xxxpredictiveAlto
72Filexxxxxxxx.xxxpredictiveMédio
73Filexx-xxxxx/xxxxxxx.xxxpredictiveAlto
74Filexx-xxxxxx.xxxpredictiveAlto
75Filexx-xxxxxxxx.xxxpredictiveAlto
76File~/xxxxxxxxx/predictiveMédio
77Libraryxxx/xxxxxx.xxpredictiveAlto
78Libraryxxx/xxx_xxx.xpredictiveAlto
79Libraryxxxxxxxxx/xxx-xxxxxx/xxxxxxxx.xxxpredictiveAlto
80ArgumentxxxxxxpredictiveBaixo
81ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
82ArgumentxxxxxxxxpredictiveMédio
83ArgumentxxxpredictiveBaixo
84ArgumentxxxxxxxpredictiveBaixo
85ArgumentxxxxpredictiveBaixo
86Argumentxxxxxxxxxxx(xxxxxx)predictiveAlto
87Argumentxxxx/xxxxxx/xxxpredictiveAlto
88ArgumentxxxxxpredictiveBaixo
89ArgumentxxxxxxxxpredictiveMédio
90ArgumentxxxxxxxxxxxxpredictiveMédio
91Argumentxxxxx_xxpredictiveMédio
92ArgumentxxxxpredictiveBaixo
93ArgumentxxpredictiveBaixo
94Argumentxx_xxxxxxxxpredictiveMédio
95ArgumentxxxxpredictiveBaixo
96ArgumentxxxxxxpredictiveBaixo
97ArgumentxxxxxxpredictiveBaixo
98Argumentxxxxx[xxxxx][xx]predictiveAlto
99ArgumentxxxxxpredictiveBaixo
100ArgumentxxxxpredictiveBaixo
101Argumentxxxx_xxxxpredictiveMédio
102ArgumentxxxxpredictiveBaixo
103ArgumentxxxxxxxxpredictiveMédio
104ArgumentxxxxxxxxxpredictiveMédio
105ArgumentxxxxxxpredictiveBaixo
106Argumentxxxxxxxx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxxpredictiveAlto
107ArgumentxxxxpredictiveBaixo
108ArgumentxxxxxxxxpredictiveMédio
109ArgumentxxxxxxxxxxpredictiveMédio
110Argumentxxxxxxxxxx_xxxxpredictiveAlto
111ArgumentxxxpredictiveBaixo
112ArgumentxxxpredictiveBaixo
113Argumentxxxx-xxxxxpredictiveMédio
114Argumentxxxx_xxxxxpredictiveMédio
115ArgumentxxxxpredictiveBaixo
116ArgumentxxxxxxxxxxxxxxxxpredictiveAlto
117Argumentxxxx->xxxxxxxpredictiveAlto
118Network Portxxx/xxx (xxxx)predictiveAlto

Referências (27)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!