Rocket Kitten Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (715)

Язык

en	684
ja	8
fr	6
es	6
ru	4

Страна

us	490
ir	72
es	46
ru	12
gb	4

Акторы

Magic Hound	5
Thamar Reservoir	2
Conti	1
Pawn Storm	1
MuddyWater	1

Интерес

Тип

Not Defined	194
Operating System	36
Content Management System	26
WordPress Plugin	18
Web Server	14

Поставщик

Not Defined	164
Microsoft	50
Oracle	28
Apache	16
Cisco	12

Продукт

Microsoft Windows	26
GPAC	8
Oracle MySQL Server	6
WordPress	6
PHP	6

Уязвимости

#	Уязвимости	Base	Temp	0day	Сегодня	Э�	Rem	CTI	EPSS	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash раскрытие информации	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02	0.02016	CVE-2007-1192
2	Microsoft Windows Win32k Local Privilege Escalation	7.8	7.1	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.04	0.00264	CVE-2023-29336
3	Hikvision Product Message эскалация привилегий	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02	0.97493	CVE-2021-36260
4	Google Chrome WebRTC повреждение памяти	6.3	6.0	$25k-$100k	$5k-$25k	High	Official Fix	0.00	0.01152	CVE-2022-2294
5	DZCP deV!L`z Clanportal config.php эскалация привилегий	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.62	0.00943	CVE-2010-0966
6	SourceCodester Canteen Management System food.php query межсайтовый скриптинг	4.4	4.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	0.00059	CVE-2022-4091
7	MINMAX newsDia.php sql-инъекция	6.3	5.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.08	0.00083	CVE-2020-36535
8	SourceCodester Canteen Management System POST Request ajax_invoice.php query sql-инъекция	6.6	6.5	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.04	0.00316	CVE-2022-4222
9	SourceCodester Event Registration System межсайтовый скриптинг	3.6	3.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.06	0.00063	CVE-2022-4233
10	SourceCodester Apartment Visitor Management System action-visitor.php sql-инъекция	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.04	0.00142	CVE-2022-2772
11	HTC One/Sense Mail Client слабая аутентификация	4.8	4.4	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.04	0.00133	CVE-2013-10001
12	SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql-инъекция	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00	0.00063	CVE-2023-2619
13	WordPress do_trackbacks sql-инъекция	6.3	5.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	0.00122	CVE-2010-4257
14	Microsoft IIS межсайтовый скриптинг	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.04	0.00548	CVE-2017-0055
15	wordpress-gallery-transformation gallery.php sql-инъекция	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00211	CVE-2017-1002028
16	Fortinet FortiOS SSL VPN Web Portal обход каталога	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.03	0.97410	CVE-2018-13379
17	Campcodes Online Thesis Archiving System view_department.php sql-инъекция	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.05	0.00073	CVE-2023-2144
18	OpenSSH Authentication Username раскрытие информации	5.3	4.8	$5k-$25k	$0-$5k	High	Official Fix	0.04	0.10737	CVE-2016-6210
19	Redis XAUTOCLAIM Command повреждение памяти	6.0	5.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01	0.01156	CVE-2022-35951
20	Roku RokuOS Realtek WiFi Chip неизвестная уязвимость	4.6	4.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	0.00044	CVE-2022-27152

Кампании (1)

These are the campaigns that can be associated with the actor:

Rocket Kitten

IOC - Indicator of Compromise (91)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-адрес	Hostname	Актор	Кампании	Identified	Тип	Уверенность
1	5.39.223.227		Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
2	5.145.151.1	ip-5-145-151-1.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
3	5.145.151.2	ip-5-145-151-2.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
4	5.145.151.3	ip-5-145-151-3.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
5	5.145.151.4	ip-5-145-151-4.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
6	5.145.151.5	ip-5-145-151-5.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
7	5.145.151.6	ip-5-145-151-6.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
8	5.145.151.7	ip-5-145-151-7.hosts.businesscomnetworks.com	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
9	31.192.105.10		Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
10	83.170.33.37	host-83-170-33-37.customer.teleport-iabg.de	Rocket Kitten		07.04.2022	verified	Высокий
11	83.170.33.60	host-83-170-33-60.customer.teleport-iabg.de	Rocket Kitten		07.04.2022	verified	Высокий
12	83.170.33.80	host-83-170-33-80.customer.teleport-iabg.de	Rocket Kitten		07.04.2022	verified	Высокий
13	83.170.43.67	host-83-170-43-67.customer.teleport-iabg.de	Rocket Kitten		07.04.2022	verified	Высокий
14	84.11.75.220	host-84-11-75-220.customer.teleport-iabg.de	Rocket Kitten		07.04.2022	verified	Высокий
15	84.11.146.52	host-84-11-146-52.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
16	84.11.146.53	host-84-11-146-53.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
17	84.11.146.54	host-84-11-146-54.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
18	84.11.146.55	host-84-11-146-55.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
19	84.11.146.56	host-84-11-146-56.customer.teleport-iabg.de	Magic Hound	Rocket Kitten	17.12.2020	verified	Высокий
20	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
21	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
22	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
23	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
24	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
25	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
26	XX.XX.XXX.XX	xxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
27	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
28	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
29	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
30	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
31	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
32	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
33	XXX.X.XXX.XXX	xxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
34	XXX.X.XXX.XXX	xxxxxxx.xxxxxxxx.xx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
35	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
36	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
37	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
38	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
39	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
40	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
41	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
42	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
43	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
44	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
45	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
46	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
47	XXX.X.XXX.XX	xx-xxxxxxxxxx.xxxxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
48	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
49	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
50	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
51	XXX.X.XXX.XX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
52	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
53	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
54	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
55	XXX.X.XXX.XXX	xxxxxx.xxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
56	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
57	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
58	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
59	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
60	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
61	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
62	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
63	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
64	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
65	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
66	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
67	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
68	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
69	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
70	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
71	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
72	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
73	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
74	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
75	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
76	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
77	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
78	XXX.X.XXX.XXX	xxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
79	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
80	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
81	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
82	XXX.XXX.XX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
83	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
84	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
85	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
86	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
87	XXX.XXX.XX.X		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
88	XXX.XXX.XXX.XX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
89	XXX.XXX.XX.XXX	xxxx.xxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
90	XXX.XXX.XX.XXX	xxxx.xxxxxx.xxx	Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий
91	XXX.XXX.XXX.XXX		Xxxxx Xxxxx	Xxxxxx Xxxxxx	17.12.2020	verified	Высокий

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Уязвимости	Вектор доступа	Тип	Уверенность
1	T1006	CWE-22	Path Traversal	predictive	Высокий
2	T1040	CWE-319	Authentication Bypass by Capture-replay	predictive	Высокий
3	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Высокий
4	T1059	CWE-88, CWE-94	Argument Injection	predictive	Высокий
5	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Высокий
6	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
7	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Высокий
8	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Высокий
9	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Высокий
10	TXXXX	CWE-XXX, CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Высокий
11	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	Высокий
12	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Высокий
13	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Высокий
14	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
15	TXXXX	CWE-XXX	Xxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxx	predictive	Высокий
16	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Высокий
17	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
18	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	Высокий
19	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Высокий
20	TXXXX.XXX	CWE-XX	Xxxxxxxxxxxxx	predictive	Высокий
21	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Высокий
22	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Высокий
23	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Высокий
24	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxx	predictive	Высокий

IOA - Indicator of Attack (252)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Класс	Indicator	Тип	Уверенность
1	File	.htaccess	predictive	Средний
2	File	/admin.php	predictive	Средний
3	File	/admin/book/create/	predictive	Высокий
4	File	/admin/curriculum/view_curriculum.php	predictive	Высокий
5	File	/admin/departments/view_department.php	predictive	Высокий
6	File	/Admin/login.php	predictive	Высокий
7	File	/admin/loginc.php	predictive	Высокий
8	File	/admin/students/manage.php	predictive	Высокий
9	File	/admin/user/manage_user.php	predictive	Высокий
10	File	/auditLogAction.do	predictive	Высокий
11	File	/cgi-bin/wapopen	predictive	Высокий
12	File	/devices/acurite.c	predictive	Высокий
13	File	/DocSystem/Repos/getReposAllUsers.do	predictive	Высокий
14	File	/etc/ajenti/config.yml	predictive	Высокий
15	File	/etc/sudoers	predictive	Средний
16	File	/event/admin/?page=user/list	predictive	Высокий
17	File	/example/editor	predictive	Высокий
18	File	/foms/place-order.php	predictive	Высокий
19	File	/getcfg.php	predictive	Средний
20	File	/GetCSSashx/?CP=%2fwebconfig	predictive	Высокий
21	File	/goform/login_process	predictive	Высокий
22	File	/goform/rlmswitchr_process	predictive	Высокий
23	File	/goforms/rlminfo	predictive	Высокий
24	File	/newsDia.php	predictive	Средний
25	File	/plugin	predictive	Низкий
26	File	/pms/index.php	predictive	Высокий
27	File	/rating.php	predictive	Средний
28	File	/reviewer/system/system/admins/manage/users/user-update.php	predictive	Высокий
29	File	/scas/admin/	predictive	Средний
30	File	/scas/classes/Users.php?f=save_user	predictive	Высокий
31	File	/xxxxxxxx/xxxxx.xxx	predictive	Высокий
32	File	/xxx/xxx_xxxxxx.x	predictive	Высокий
33	File	/xxxxxxx/	predictive	Средний
34	File	/xxxxxxxxx-xxxxxxx-xxxxxxxxxxxxxx/xxxxxxx.xxx	predictive	Высокий
35	File	xxxxxx-xxxxxxx.xxx	predictive	Высокий
36	File	xxxxxxx.xxx	predictive	Средний
37	File	xxx_xx_xxxx.xxx	predictive	Высокий
38	File	xxxxx.xxx	predictive	Средний
39	File	xxxxx/xxxxxx/xxxxxxx.xxx	predictive	Высокий
40	File	xxxxx/xxxxx.xxx	predictive	Высокий
41	File	xxxxx/xxxxxx.xxx	predictive	Высокий
42	File	xxxxx_xxxxxxx.xxx	predictive	Высокий
43	File	xx_xxxxxx.xxx	predictive	Высокий
44	File	xxxxx/xxxxxxxx/xx-xxx/xx_xxxxxxx.x	predictive	Высокий
45	File	xxxx_xxxxxxx.xxx	predictive	Высокий
46	File	xxx/xxxxx/xxxx/xxxx	predictive	Высокий
47	File	xxxxxxxxxxxxxxx.xxxx	predictive	Высокий
48	File	xxxx-xxxxxx.x	predictive	Высокий
49	File	xxxxxxxxx.xxx	predictive	Высокий
50	File	xxxxxxx.xx	predictive	Средний
51	File	xxxxx.xxx	predictive	Средний
52	File	xxxxxxxx.xxx	predictive	Средний
53	File	xxx-xxx/xxxxxx	predictive	Высокий
54	File	xxx.xx	predictive	Низкий
55	File	xxxxxx/xxx.x	predictive	Средний
56	File	xxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxx	predictive	Высокий
57	File	xxx?xxx=xxxxx	predictive	Высокий
58	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Высокий
59	File	xxxx/xxxxxxxx.xxxx.xxxxxxx.xxx	predictive	Высокий
60	File	xxxxxx.xxx	predictive	Средний
61	File	xxxxxxxxxx_xxxxxx.xxx	predictive	Высокий
62	File	xxxxx/xxxx/xxxxxxxx	predictive	Высокий
63	File	xxxxxxx/xxx/xxx-xxx.x	predictive	Высокий
64	File	xxxxxxx/xxxxxxxxxx/xxx/xxxx/xxxx-xxx.x	predictive	Высокий
65	File	xxxxxxx/xxx/xxxx/xxxxx.x	predictive	Высокий
66	File	xxxxxxxxxx.xxxx	predictive	Высокий
67	File	xxxxx.xxx	predictive	Средний
68	File	xxx/xxxx/xxx/xxxxx_xxxx.x	predictive	Высокий
69	File	xxx/xxxx/xxx_xxx.x	predictive	Высокий
70	File	xxxxxxxx.x	predictive	Средний
71	File	xxxx.xxx	predictive	Средний
72	File	xxxxx.xxx	predictive	Средний
73	File	xxxxxxx.xxx	predictive	Средний
74	File	xxxx.xxx	predictive	Средний
75	File	xxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxx/xxxxxx_xxxx.xxx	predictive	Высокий
76	File	xxx_xxxx.xxx	predictive	Средний
77	File	xxxx.xxx	predictive	Средний
78	File	xxxxxxxxx.xxx	predictive	Высокий
79	File	xxxxxxxxxxxxxxxxxxxx.xxxx	predictive	Высокий
80	File	xxxxxxxxxxxx.xxx	predictive	Высокий
81	File	xxxxxxxxx.xxx	predictive	Высокий
82	File	xxx/xxxxxx.xxx	predictive	Высокий
83	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	Высокий
84	File	xxxxxxx/xxxxxxxxx.xxx	predictive	Высокий
85	File	xxxxxxxx/xxxxx-xx-xxxxxxxxx.xxx	predictive	Высокий
86	File	xxxxx.xxx	predictive	Средний
87	File	xxxxx.xxx	predictive	Средний
88	File	xxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxx	predictive	Высокий
89	File	xxxx_xxxx.xxx	predictive	Высокий
90	File	xxxxxx.x	predictive	Средний
91	File	xxxxx.xxx.xxx.xx	predictive	Высокий
92	File	xxxxxxxx/xxx/xxxxxx.x	predictive	Высокий
93	File	xxxxxxxx/xxx/xxxxx.x	predictive	Высокий
94	File	xxxxxx.xxx	predictive	Средний
95	File	xxxx-xxxxxxxx.xxx	predictive	Высокий
96	File	xxxxx.xxx	predictive	Средний
97	File	xxxxx.xxx	predictive	Средний
98	File	xxxxx.xxx	predictive	Средний
99	File	xxxxx_xxx.xxx	predictive	Высокий
100	File	xxxxx_xx.xxxx	predictive	Высокий
101	File	xx-xxxxx/xxxx-xxxx.xxx	predictive	Высокий
102	File	xxx_xxxxx.x	predictive	Средний
103	File	xxxxxxx.xxx	predictive	Средний
104	File	xxx/xxxxxxxxx/xxxxx_xxxx.x	predictive	Высокий
105	File	xxxx_xxxxxx.xxx	predictive	Высокий
106	File	xxx/xxxxx.xxxx	predictive	Высокий
107	File	xxxx.xxx	predictive	Средний
108	File	xxxxxxxx.xxx	predictive	Средний
109	File	xxxxxxxx_xxxxxxxx.xxx	predictive	Высокий
110	File	xxxxxxx.xxx	predictive	Средний
111	File	xxxxxxxxxxxxx-xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx/xxx/xxxxx_xxx/xx_xxxxxxx.xxx	predictive	Высокий
112	File	xxxxxx_xxxxxxxxxx_xxxxx.xxx	predictive	Высокий
113	File	xxxx.xxx	predictive	Средний
114	File	xxxxxxx.xxx	predictive	Средний
115	File	xxxxxx.xxx	predictive	Средний
116	File	xxxxxxxxxx.xxx	predictive	Высокий
117	File	xxxxxxxx.xxx	predictive	Средний
118	File	xxx_xxxx_xxxxxxxxx.xx	predictive	Высокий
119	File	xxxx/xxx/xxx_xxxx.x	predictive	Высокий
120	File	xxxxxxxxxxxxxxxx.xxx	predictive	Высокий
121	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	Высокий
122	File	xxxxx.xxx	predictive	Средний
123	File	xxxx.xxx	predictive	Средний
124	File	xxx/xxxxxxx.x	predictive	Высокий
125	File	xxx/xxxx/xxx/xxxx.x	predictive	Высокий
126	File	xxx_xxxxx.x	predictive	Средний
127	File	xxxxxx_xxxxxxx.xxx	predictive	Высокий
128	File	xxxxxxxxxx.xxx	predictive	Высокий
129	File	xxxxx-xxxxxxxxxxxx.xxx	predictive	Высокий
130	File	xxxxxx.xxx	predictive	Средний
131	File	xxxx/xxx-xxx.xxx	predictive	Высокий
132	File	xxxxx/xxxxxx.xxx	predictive	Высокий
133	File	xxxx_xxxxx.xxx	predictive	Высокий
134	File	xxx.xxx	predictive	Низкий
135	File	xxxxxx	predictive	Низкий
136	File	xx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxx	predictive	Высокий
137	File	xx-xxxxx/xxxxx-xxxxxx.xxx	predictive	Высокий
138	File	xx-xxxxxxxx/xx/xxxxxxxxxxxx	predictive	Высокий
139	File	xx-xxxxx.xxx	predictive	Средний
140	File	xx-xxxxxxxxxxx.xxx	predictive	Высокий
141	File	xxxxxx.xxx	predictive	Средний
142	File	\xxxxx\xxxxxxxxxx\xxxxxxxx.xxx	predictive	Высокий
143	File	\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxx	predictive	Высокий
144	File	\xxxx\xxxxxxxxxx\xxxx.xxx	predictive	Высокий
145	File	_xxxxxx.xxx	predictive	Средний
146	Library	/_xxx_xxx/xxxxx.xxx	predictive	Высокий
147	Library	xxxxxx.xxx	predictive	Средний
148	Library	xxx/xx_xxx.x	predictive	Средний
149	Library	xxxxxxxx/xxxxxxx/xxxxx/xxx.xxx	predictive	Высокий
150	Argument	$_xxxxxx['xxxxx_xxxxxx']	predictive	Высокий
151	Argument	$_xxxxxxx['xxxxxxx']['xxxx']	predictive	Высокий
152	Argument	xxx_xxxx	predictive	Средний
153	Argument	xxxxxx/xxxxxx	predictive	Высокий
154	Argument	xxxxxxxx	predictive	Средний
155	Argument	xxxxxx	predictive	Низкий
156	Argument	xxx_xxx	predictive	Низкий
157	Argument	xxx	predictive	Низкий
158	Argument	xxx_xx	predictive	Низкий
159	Argument	xxx	predictive	Низкий
160	Argument	xxx	predictive	Низкий
161	Argument	xxxx_xx	predictive	Низкий
162	Argument	xxxxxxxxxxxxxxx	predictive	Высокий
163	Argument	xxxxxx	predictive	Низкий
164	Argument	xxxxxxxxxxxxxx	predictive	Высокий
165	Argument	xxxx	predictive	Низкий
166	Argument	xxx	predictive	Низкий
167	Argument	xxxx	predictive	Низкий
168	Argument	xxxxxx/xxxxxx	predictive	Высокий
169	Argument	xxxx	predictive	Низкий
170	Argument	xxxxxxxxxx	predictive	Средний
171	Argument	xxxxxxxx	predictive	Средний
172	Argument	xxxxxx	predictive	Низкий
173	Argument	xxxxx xxxx/xxxx xxxx	predictive	Высокий
174	Argument	xxxx	predictive	Низкий
175	Argument	x/xx/x/xxxx_xxxxxxxx_xxxxxx/xxxx_xxxxxx	predictive	Высокий
176	Argument	xxxxx/xxxxxxxxxxxxxx	predictive	Высокий
177	Argument	xxxx	predictive	Низкий
178	Argument	xxxx	predictive	Низкий
179	Argument	xxxxxxxxx	predictive	Средний
180	Argument	xxxxxxxxxx	predictive	Средний
181	Argument	xxxx	predictive	Низкий
182	Argument	xxxx/xxxxxxx	predictive	Средний
183	Argument	xxxx	predictive	Низкий
184	Argument	xx	predictive	Низкий
185	Argument	xxxxxxxx	predictive	Средний
186	Argument	xxxxxxx	predictive	Низкий
187	Argument	xxxx_xx	predictive	Низкий
188	Argument	xxxx	predictive	Низкий
189	Argument	xxx	predictive	Низкий
190	Argument	xxxxxxx	predictive	Низкий
191	Argument	xxx_xxxx	predictive	Средний
192	Argument	xxx	predictive	Низкий
193	Argument	xxxxxx_xxxx_xxxx	predictive	Высокий
194	Argument	xxxxxx_xx	predictive	Средний
195	Argument	xxxx	predictive	Низкий
196	Argument	xxxxxxx	predictive	Низкий
197	Argument	xxxxxxx	predictive	Низкий
198	Argument	xxxxxxx/xxxx/xxxxxxxx	predictive	Высокий
199	Argument	xxxxx/xxxxxxx	predictive	Высокий
200	Argument	xxxxxx	predictive	Низкий
201	Argument	xxxx	predictive	Низкий
202	Argument	xxxx	predictive	Низкий
203	Argument	xxxxxxxx	predictive	Средний
204	Argument	xxxx	predictive	Низкий
205	Argument	xxxx_xxxx	predictive	Средний
206	Argument	xxxx_xx	predictive	Низкий
207	Argument	xxxxxxx_xx	predictive	Средний
208	Argument	xxxxxxx_xxxx	predictive	Средний
209	Argument	xxxxxx	predictive	Низкий
210	Argument	xxxxxxxx	predictive	Средний
211	Argument	xxxxxxx	predictive	Низкий
212	Argument	xxxxxxxxxx	predictive	Средний
213	Argument	xxxxxx	predictive	Низкий
214	Argument	xxxxxx	predictive	Низкий
215	Argument	xxxxxx/xxxxxx_xxxxxx	predictive	Высокий
216	Argument	xxxxxxxxxx/xxxxxxx	predictive	Высокий
217	Argument	xxxxxxxx	predictive	Средний
218	Argument	xxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]	predictive	Высокий
219	Argument	xxxx	predictive	Низкий
220	Argument	xxx	predictive	Низкий
221	Argument	xxxxxxxxx	predictive	Средний
222	Argument	xxxxxxxxxxxx/xxxxxxxxxxxxxxxx	predictive	Высокий
223	Argument	xxxxxxxxxx	predictive	Средний
224	Argument	xxxxxxxx	predictive	Средний
225	Argument	xxxxx	predictive	Низкий
226	Argument	xxxxxxxxxxx	predictive	Средний
227	Argument	xxxxx	predictive	Низкий
228	Argument	xxx	predictive	Низкий
229	Argument	xxx	predictive	Низкий
230	Argument	xxxx/xxxx	predictive	Средний
231	Argument	xxxxxxxx	predictive	Средний
232	Argument	xxxx_xx	predictive	Низкий
233	Argument	xxxx_xxxx	predictive	Средний
234	Argument	xxxxx	predictive	Низкий
235	Argument	\xxx\	predictive	Низкий
236	Argument	\xxxxxx\	predictive	Средний
237	Argument	_xxxxx	predictive	Низкий
238	Input Value	%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xx	predictive	Высокий
239	Input Value	-x	predictive	Низкий
240	Input Value	../	predictive	Низкий
241	Input Value	../..	predictive	Низкий
242	Input Value	.xxx	predictive	Низкий
243	Input Value	xx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --	predictive	Высокий
244	Input Value	::$xxxxx_xxxxxxxxxx	predictive	Высокий
245	Input Value	xxxxx' xx 'x'='x	predictive	Высокий
246	Input Value	xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx	predictive	Высокий
247	Input Value	xxxxxxxxx' xxx 'x'='x	predictive	Высокий
248	Input Value	\x	predictive	Низкий
249	Pattern	\|xx xx xx\|	predictive	Средний
250	Network Port	xxx/xx (xxx xxxxxxxx)	predictive	Высокий
251	Network Port	xxx/xxx (xxx)	predictive	Высокий
252	Network Port	xxx xxxxxx xxxx	predictive	Высокий

Ссылки (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ ПредыдущийОбзорДалее ▸

Do you know our Splunk app?

Download it now for free!