Rocket Kitten Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (715)

Idioma

en	684
es	10
de	6
ja	4
fr	4

País

us	514
ir	62
es	42
ru	8
gb	6

Actores

Magic Hound	4
Conti	1
MuddyWater	1
Pawn Storm	1
CopyKittens	1

Interesse

Tipo

Not Defined	206
Operating System	38
WordPress Plugin	20
Content Management System	20
Web Server	20

Fabricante

Not Defined	166
Microsoft	42
Oracle	22
Apache	12
SourceCodester	12

Produto

Microsoft Windows	28
Oracle MySQL Server	10
libsixel	8
WordPress	8
nginx	6

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	Microsoft Windows Win32k Local Privilege Escalation	7.8	7.1	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00211	0.04	CVE-2023-29336
3	Hikvision Product Message direitos alargados	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.97493	0.02	CVE-2021-36260
4	Google Chrome WebRTC Excesso de tampão	6.3	6.0	$25k-$100k	$5k-$25k	High	Official Fix	0.01152	0.05	CVE-2022-2294
5	DZCP deV!L`z Clanportal config.php direitos alargados	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.45	CVE-2010-0966
6	SourceCodester Canteen Management System food.php query Roteiro Cruzado de Sítios	4.4	4.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00059	0.07	CVE-2022-4091
7	MINMAX newsDia.php Injecção SQL	6.3	5.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00083	0.02	CVE-2020-36535
8	SourceCodester Canteen Management System POST Request ajax_invoice.php query Injecção SQL	6.6	6.5	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00316	0.05	CVE-2022-4222
9	SourceCodester Event Registration System Roteiro Cruzado de Sítios	3.6	3.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.04	CVE-2022-4233
10	SourceCodester Apartment Visitor Management System action-visitor.php Injecção SQL	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00142	0.07	CVE-2022-2772
11	HTC One/Sense Mail Client Fraca autenticação	4.8	4.4	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00133	0.02	CVE-2013-10001
12	SourceCodester Online Tours & Travels Management System disapprove_delete.php exec Injecção SQL	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00073	0.03	CVE-2023-2619
13	WordPress do_trackbacks Injecção SQL	6.3	5.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00122	0.00	CVE-2010-4257
14	Microsoft IIS Roteiro Cruzado de Sítios	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00548	0.07	CVE-2017-0055
15	wordpress-gallery-transformation gallery.php Injecção SQL	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00211	0.00	CVE-2017-1002028
16	Fortinet FortiOS SSL VPN Web Portal Directório Traversal	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.97410	0.03	CVE-2018-13379
17	Campcodes Online Thesis Archiving System view_department.php Injecção SQL	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00073	0.02	CVE-2023-2144
18	OpenSSH Authentication Username Divulgação de Informação	5.3	4.8	$5k-$25k	$0-$5k	High	Official Fix	0.10737	0.31	CVE-2016-6210
19	Redis XAUTOCLAIM Command Excesso de tampão	6.0	5.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01458	0.01	CVE-2022-35951
20	Roku RokuOS Realtek WiFi Chip vulnerabilidade desconhecida	4.6	4.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00044	0.00	CVE-2022-27152

Campanhas (1)

These are the campaigns that can be associated with the actor:

Rocket Kitten

IOC - Indicator of Compromise (91)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Campanhas	Identified	Tipo	Aceitação
1	5.39.223.227		Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
2	5.145.151.1	ip-5-145-151-1.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
3	5.145.151.2	ip-5-145-151-2.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
4	5.145.151.3	ip-5-145-151-3.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
5	5.145.151.4	ip-5-145-151-4.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
6	5.145.151.5	ip-5-145-151-5.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
7	5.145.151.6	ip-5-145-151-6.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
8	5.145.151.7	ip-5-145-151-7.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
9	31.192.105.10		Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
10	83.170.33.37	host-83-170-33-37.customer.teleport-iabg.de	Rocket Kitten		07/04/2022	verified	Alto
11	83.170.33.60	host-83-170-33-60.customer.teleport-iabg.de	Rocket Kitten		07/04/2022	verified	Alto
12	83.170.33.80	host-83-170-33-80.customer.teleport-iabg.de	Rocket Kitten		07/04/2022	verified	Alto
13	83.170.43.67	host-83-170-43-67.customer.teleport-iabg.de	Rocket Kitten		07/04/2022	verified	Alto
14	84.11.75.220	host-84-11-75-220.customer.teleport-iabg.de	Rocket Kitten		07/04/2022	verified	Alto
15	84.11.146.52	host-84-11-146-52.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
16	84.11.146.53	host-84-11-146-53.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
17	84.11.146.54	host-84-11-146-54.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
18	84.11.146.55	host-84-11-146-55.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
19	84.11.146.56	host-84-11-146-56.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17/12/2020	verified	Alto
20	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
21	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
22	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
23	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
24	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
25	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
26	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
27	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
28	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
29	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
30	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
31	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
32	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
33	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
34	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
35	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
36	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
37	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
38	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
39	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
40	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
41	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
42	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
43	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
44	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
45	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
46	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
47	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
48	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
49	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
50	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
51	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
52	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
53	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
54	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
55	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
56	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
57	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
58	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
59	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
60	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
61	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
62	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
63	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
64	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
65	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
66	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
67	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
68	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
69	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
70	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
71	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
72	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
73	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
74	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
75	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
76	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
77	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
78	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
79	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
80	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
81	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
82	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
83	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
84	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
85	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
86	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
87	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
88	XXX.XXX.XXX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
89	XXX.XXX.XX.XXX	xxxx.xxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
90	XXX.XXX.XX.XXX	xxxx.xxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto
91	XXX.XXX.XXX.XXX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17/12/2020	verified	Alto

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1040	CWE-319	Authentication Bypass by Capture-replay	predictive	Alto
3	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
4	T1059	CWE-88, CWE-94	Argument Injection	predictive	Alto
5	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Alto
6	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
7	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Alto
8	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
9	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
10	TXXXX	CWE-XXX, CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Alto
11	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Alto
12	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
13	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Alto
14	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
15	TXXXX	CWE-XXX	Xxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxx	predictive	Alto
16	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Alto
17	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
18	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	Alto
19	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
20	TXXXX.XXX	CWE-XX	Xxxxxxxxxxxxx	predictive	Alto
21	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto
22	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Alto
23	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Alto
24	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxx	predictive	Alto

IOA - Indicator of Attack (252)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	.htaccess	predictive	Médio
2	File	/admin.php	predictive	Médio
3	File	/admin/book/create/	predictive	Alto
4	File	/admin/curriculum/view_curriculum.php	predictive	Alto
5	File	/admin/departments/view_department.php	predictive	Alto
6	File	/Admin/login.php	predictive	Alto
7	File	/admin/loginc.php	predictive	Alto
8	File	/admin/students/manage.php	predictive	Alto
9	File	/admin/user/manage_user.php	predictive	Alto
10	File	/auditLogAction.do	predictive	Alto
11	File	/cgi-bin/wapopen	predictive	Alto
12	File	/devices/acurite.c	predictive	Alto
13	File	/DocSystem/Repos/getReposAllUsers.do	predictive	Alto
14	File	/etc/ajenti/config.yml	predictive	Alto
15	File	/etc/sudoers	predictive	Médio
16	File	/event/admin/?page=user/list	predictive	Alto
17	File	/example/editor	predictive	Alto
18	File	/foms/place-order.php	predictive	Alto
19	File	/getcfg.php	predictive	Médio
20	File	/GetCSSashx/?CP=%2fwebconfig	predictive	Alto
21	File	/goform/login_process	predictive	Alto
22	File	/goform/rlmswitchr_process	predictive	Alto
23	File	/goforms/rlminfo	predictive	Alto
24	File	/newsDia.php	predictive	Médio
25	File	/plugin	predictive	Baixo
26	File	/pms/index.php	predictive	Alto
27	File	/rating.php	predictive	Médio
28	File	/reviewer/system/system/admins/manage/users/user-update.php	predictive	Alto
29	File	/scas/admin/	predictive	Médio
30	File	/scas/classes/Users.php?f=save_user	predictive	Alto
31	File	/xxxxxxxx/xxxxx.xxx	predictive	Alto
32	File	/xxx/xxx_xxxxxx.x	predictive	Alto
33	File	/xxxxxxx/	predictive	Médio
34	File	/xxxxxxxxx-xxxxxxx-xxxxxxxxxxxxxx/xxxxxxx.xxx	predictive	Alto
35	File	xxxxxx-xxxxxxx.xxx	predictive	Alto
36	File	xxxxxxx.xxx	predictive	Médio
37	File	xxx_xx_xxxx.xxx	predictive	Alto
38	File	xxxxx.xxx	predictive	Médio
39	File	xxxxx/xxxxxx/xxxxxxx.xxx	predictive	Alto
40	File	xxxxx/xxxxx.xxx	predictive	Alto
41	File	xxxxx/xxxxxx.xxx	predictive	Alto
42	File	xxxxx_xxxxxxx.xxx	predictive	Alto
43	File	xx_xxxxxx.xxx	predictive	Alto
44	File	xxxxx/xxxxxxxx/xx-xxx/xx_xxxxxxx.x	predictive	Alto
45	File	xxxx_xxxxxxx.xxx	predictive	Alto
46	File	xxx/xxxxx/xxxx/xxxx	predictive	Alto
47	File	xxxxxxxxxxxxxxx.xxxx	predictive	Alto
48	File	xxxx-xxxxxx.x	predictive	Alto
49	File	xxxxxxxxx.xxx	predictive	Alto
50	File	xxxxxxx.xx	predictive	Médio
51	File	xxxxx.xxx	predictive	Médio
52	File	xxxxxxxx.xxx	predictive	Médio
53	File	xxx-xxx/xxxxxx	predictive	Alto
54	File	xxx.xx	predictive	Baixo
55	File	xxxxxx/xxx.x	predictive	Médio
56	File	xxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxx	predictive	Alto
57	File	xxx?xxx=xxxxx	predictive	Alto
58	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Alto
59	File	xxxx/xxxxxxxx.xxxx.xxxxxxx.xxx	predictive	Alto
60	File	xxxxxx.xxx	predictive	Médio
61	File	xxxxxxxxxx_xxxxxx.xxx	predictive	Alto
62	File	xxxxx/xxxx/xxxxxxxx	predictive	Alto
63	File	xxxxxxx/xxx/xxx-xxx.x	predictive	Alto
64	File	xxxxxxx/xxxxxxxxxx/xxx/xxxx/xxxx-xxx.x	predictive	Alto
65	File	xxxxxxx/xxx/xxxx/xxxxx.x	predictive	Alto
66	File	xxxxxxxxxx.xxxx	predictive	Alto
67	File	xxxxx.xxx	predictive	Médio
68	File	xxx/xxxx/xxx/xxxxx_xxxx.x	predictive	Alto
69	File	xxx/xxxx/xxx_xxx.x	predictive	Alto
70	File	xxxxxxxx.x	predictive	Médio
71	File	xxxx.xxx	predictive	Médio
72	File	xxxxx.xxx	predictive	Médio
73	File	xxxxxxx.xxx	predictive	Médio
74	File	xxxx.xxx	predictive	Médio
75	File	xxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxx/xxxxxx_xxxx.xxx	predictive	Alto
76	File	xxx_xxxx.xxx	predictive	Médio
77	File	xxxx.xxx	predictive	Médio
78	File	xxxxxxxxx.xxx	predictive	Alto
79	File	xxxxxxxxxxxxxxxxxxxx.xxxx	predictive	Alto
80	File	xxxxxxxxxxxx.xxx	predictive	Alto
81	File	xxxxxxxxx.xxx	predictive	Alto
82	File	xxx/xxxxxx.xxx	predictive	Alto
83	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Alto
84	File	xxxxxxx/xxxxxxxxx.xxx	predictive	Alto
85	File	xxxxxxxx/xxxxx-xx-xxxxxxxxx.xxx	predictive	Alto
86	File	xxxxx.xxx	predictive	Médio
87	File	xxxxx.xxx	predictive	Médio
88	File	xxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxx	predictive	Alto
89	File	xxxx_xxxx.xxx	predictive	Alto
90	File	xxxxxx.x	predictive	Médio
91	File	xxxxx.xxx.xxx.xx	predictive	Alto
92	File	xxxxxxxx/xxx/xxxxxx.x	predictive	Alto
93	File	xxxxxxxx/xxx/xxxxx.x	predictive	Alto
94	File	xxxxxx.xxx	predictive	Médio
95	File	xxxx-xxxxxxxx.xxx	predictive	Alto
96	File	xxxxx.xxx	predictive	Médio
97	File	xxxxx.xxx	predictive	Médio
98	File	xxxxx.xxx	predictive	Médio
99	File	xxxxx_xxx.xxx	predictive	Alto
100	File	xxxxx_xx.xxxx	predictive	Alto
101	File	xx-xxxxx/xxxx-xxxx.xxx	predictive	Alto
102	File	xxx_xxxxx.x	predictive	Médio
103	File	xxxxxxx.xxx	predictive	Médio
104	File	xxx/xxxxxxxxx/xxxxx_xxxx.x	predictive	Alto
105	File	xxxx_xxxxxx.xxx	predictive	Alto
106	File	xxx/xxxxx.xxxx	predictive	Alto
107	File	xxxx.xxx	predictive	Médio
108	File	xxxxxxxx.xxx	predictive	Médio
109	File	xxxxxxxx_xxxxxxxx.xxx	predictive	Alto
110	File	xxxxxxx.xxx	predictive	Médio
111	File	xxxxxxxxxxxxx-xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx/xxx/xxxxx_xxx/xx_xxxxxxx.xxx	predictive	Alto
112	File	xxxxxx_xxxxxxxxxx_xxxxx.xxx	predictive	Alto
113	File	xxxx.xxx	predictive	Médio
114	File	xxxxxxx.xxx	predictive	Médio
115	File	xxxxxx.xxx	predictive	Médio
116	File	xxxxxxxxxx.xxx	predictive	Alto
117	File	xxxxxxxx.xxx	predictive	Médio
118	File	xxx_xxxx_xxxxxxxxx.xx	predictive	Alto
119	File	xxxx/xxx/xxx_xxxx.x	predictive	Alto
120	File	xxxxxxxxxxxxxxxx.xxx	predictive	Alto
121	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	Alto
122	File	xxxxx.xxx	predictive	Médio
123	File	xxxx.xxx	predictive	Médio
124	File	xxx/xxxxxxx.x	predictive	Alto
125	File	xxx/xxxx/xxx/xxxx.x	predictive	Alto
126	File	xxx_xxxxx.x	predictive	Médio
127	File	xxxxxx_xxxxxxx.xxx	predictive	Alto
128	File	xxxxxxxxxx.xxx	predictive	Alto
129	File	xxxxx-xxxxxxxxxxxx.xxx	predictive	Alto
130	File	xxxxxx.xxx	predictive	Médio
131	File	xxxx/xxx-xxx.xxx	predictive	Alto
132	File	xxxxx/xxxxxx.xxx	predictive	Alto
133	File	xxxx_xxxxx.xxx	predictive	Alto
134	File	xxx.xxx	predictive	Baixo
135	File	xxxxxx	predictive	Baixo
136	File	xx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxx	predictive	Alto
137	File	xx-xxxxx/xxxxx-xxxxxx.xxx	predictive	Alto
138	File	xx-xxxxxxxx/xx/xxxxxxxxxxxx	predictive	Alto
139	File	xx-xxxxx.xxx	predictive	Médio
140	File	xx-xxxxxxxxxxx.xxx	predictive	Alto
141	File	xxxxxx.xxx	predictive	Médio
142	File	\xxxxx\xxxxxxxxxx\xxxxxxxx.xxx	predictive	Alto
143	File	\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxx	predictive	Alto
144	File	\xxxx\xxxxxxxxxx\xxxx.xxx	predictive	Alto
145	File	_xxxxxx.xxx	predictive	Médio
146	Library	/_xxx_xxx/xxxxx.xxx	predictive	Alto
147	Library	xxxxxx.xxx	predictive	Médio
148	Library	xxx/xx_xxx.x	predictive	Médio
149	Library	xxxxxxxx/xxxxxxx/xxxxx/xxx.xxx	predictive	Alto
150	Argument	$_xxxxxx['xxxxx_xxxxxx']	predictive	Alto
151	Argument	$_xxxxxxx['xxxxxxx']['xxxx']	predictive	Alto
152	Argument	xxx_xxxx	predictive	Médio
153	Argument	xxxxxx/xxxxxx	predictive	Alto
154	Argument	xxxxxxxx	predictive	Médio
155	Argument	xxxxxx	predictive	Baixo
156	Argument	xxx_xxx	predictive	Baixo
157	Argument	xxx	predictive	Baixo
158	Argument	xxx_xx	predictive	Baixo
159	Argument	xxx	predictive	Baixo
160	Argument	xxx	predictive	Baixo
161	Argument	xxxx_xx	predictive	Baixo
162	Argument	xxxxxxxxxxxxxxx	predictive	Alto
163	Argument	xxxxxx	predictive	Baixo
164	Argument	xxxxxxxxxxxxxx	predictive	Alto
165	Argument	xxxx	predictive	Baixo
166	Argument	xxx	predictive	Baixo
167	Argument	xxxx	predictive	Baixo
168	Argument	xxxxxx/xxxxxx	predictive	Alto
169	Argument	xxxx	predictive	Baixo
170	Argument	xxxxxxxxxx	predictive	Médio
171	Argument	xxxxxxxx	predictive	Médio
172	Argument	xxxxxx	predictive	Baixo
173	Argument	xxxxx xxxx/xxxx xxxx	predictive	Alto
174	Argument	xxxx	predictive	Baixo
175	Argument	x/xx/x/xxxx_xxxxxxxx_xxxxxx/xxxx_xxxxxx	predictive	Alto
176	Argument	xxxxx/xxxxxxxxxxxxxx	predictive	Alto
177	Argument	xxxx	predictive	Baixo
178	Argument	xxxx	predictive	Baixo
179	Argument	xxxxxxxxx	predictive	Médio
180	Argument	xxxxxxxxxx	predictive	Médio
181	Argument	xxxx	predictive	Baixo
182	Argument	xxxx/xxxxxxx	predictive	Médio
183	Argument	xxxx	predictive	Baixo
184	Argument	xx	predictive	Baixo
185	Argument	xxxxxxxx	predictive	Médio
186	Argument	xxxxxxx	predictive	Baixo
187	Argument	xxxx_xx	predictive	Baixo
188	Argument	xxxx	predictive	Baixo
189	Argument	xxx	predictive	Baixo
190	Argument	xxxxxxx	predictive	Baixo
191	Argument	xxx_xxxx	predictive	Médio
192	Argument	xxx	predictive	Baixo
193	Argument	xxxxxx_xxxx_xxxx	predictive	Alto
194	Argument	xxxxxx_xx	predictive	Médio
195	Argument	xxxx	predictive	Baixo
196	Argument	xxxxxxx	predictive	Baixo
197	Argument	xxxxxxx	predictive	Baixo
198	Argument	xxxxxxx/xxxx/xxxxxxxx	predictive	Alto
199	Argument	xxxxx/xxxxxxx	predictive	Alto
200	Argument	xxxxxx	predictive	Baixo
201	Argument	xxxx	predictive	Baixo
202	Argument	xxxx	predictive	Baixo
203	Argument	xxxxxxxx	predictive	Médio
204	Argument	xxxx	predictive	Baixo
205	Argument	xxxx_xxxx	predictive	Médio
206	Argument	xxxx_xx	predictive	Baixo
207	Argument	xxxxxxx_xx	predictive	Médio
208	Argument	xxxxxxx_xxxx	predictive	Médio
209	Argument	xxxxxx	predictive	Baixo
210	Argument	xxxxxxxx	predictive	Médio
211	Argument	xxxxxxx	predictive	Baixo
212	Argument	xxxxxxxxxx	predictive	Médio
213	Argument	xxxxxx	predictive	Baixo
214	Argument	xxxxxx	predictive	Baixo
215	Argument	xxxxxx/xxxxxx_xxxxxx	predictive	Alto
216	Argument	xxxxxxxxxx/xxxxxxx	predictive	Alto
217	Argument	xxxxxxxx	predictive	Médio
218	Argument	xxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]	predictive	Alto
219	Argument	xxxx	predictive	Baixo
220	Argument	xxx	predictive	Baixo
221	Argument	xxxxxxxxx	predictive	Médio
222	Argument	xxxxxxxxxxxx/xxxxxxxxxxxxxxxx	predictive	Alto
223	Argument	xxxxxxxxxx	predictive	Médio
224	Argument	xxxxxxxx	predictive	Médio
225	Argument	xxxxx	predictive	Baixo
226	Argument	xxxxxxxxxxx	predictive	Médio
227	Argument	xxxxx	predictive	Baixo
228	Argument	xxx	predictive	Baixo
229	Argument	xxx	predictive	Baixo
230	Argument	xxxx/xxxx	predictive	Médio
231	Argument	xxxxxxxx	predictive	Médio
232	Argument	xxxx_xx	predictive	Baixo
233	Argument	xxxx_xxxx	predictive	Médio
234	Argument	xxxxx	predictive	Baixo
235	Argument	\xxx\	predictive	Baixo
236	Argument	\xxxxxx\	predictive	Médio
237	Argument	_xxxxx	predictive	Baixo
238	Input Value	%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xx	predictive	Alto
239	Input Value	-x	predictive	Baixo
240	Input Value	../	predictive	Baixo
241	Input Value	../..	predictive	Baixo
242	Input Value	.xxx	predictive	Baixo
243	Input Value	xx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --	predictive	Alto
244	Input Value	::$xxxxx_xxxxxxxxxx	predictive	Alto
245	Input Value	xxxxx' xx 'x'='x	predictive	Alto
246	Input Value	xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx	predictive	Alto
247	Input Value	xxxxxxxxx' xxx 'x'='x	predictive	Alto
248	Input Value	\x	predictive	Baixo
249	Pattern	\|xx xx xx\|	predictive	Médio
250	Network Port	xxx/xx (xxx xxxxxxxx)	predictive	Alto
251	Network Port	xxx/xxx (xxx)	predictive	Alto
252	Network Port	xxx xxxxxx xxxx	predictive	Alto

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Do you know our Splunk app?

Download it now for free!