Sload Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (454)

Tidslinje

Lang

en450
pl2
es2

Land

us4
gb2

Skådespelare

Sload3
Baldr1
Nemty1
GandCrab v51
CoinMiner1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined122
Web Browser38
Operating System30
Forum Software28
Smartphone Operating System24

Säljare

Not Defined146
Microsoft32
Google28
Oracle24
Apple18

Produkt

Google Android22
Adobe Acrobat Reader12
phpBB12
Microsoft Windows12
Microsoft Edge12

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1TAP Plugin kataloggenomgång7.06.8$0-$5k$0-$5kNot DefinedOfficial Fix0.004060.00CVE-2016-4986
2Moodle Administration Page sql injektion7.27.2$5k-$25k$5k-$25kNot DefinedNot Defined0.001510.00CVE-2022-40315
3Oracle BI Publisher BI Publisher Security Local Privilege Escalation7.27.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.945640.01CVE-2019-2616
4Chamilo LMS File Upload lp_upload.php import_package privilegier eskalering8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.007430.00CVE-2019-13082
5Phplinkdirectory PHP Link Directory conf_users_edit.php förfalskning på begäran över webbplatsen6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.00CVE-2011-0643
6Apache Kylin Restful API svag autentisering4.84.8$5k-$25k$5k-$25kNot DefinedNot Defined0.974210.00CVE-2020-13937
7vBulletin decodeArguments privilegier eskalering7.37.3$0-$5k$0-$5kHighNot Defined0.742370.00CVE-2015-7808
8vBulletin cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.011460.00CVE-2004-1824
9Tapatalk Plugin XMLRPC API unsubscribe_forum.php sql injektion8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002420.00CVE-2014-2023
10phpBB Perl ucp_pm_options.php message_options förfalskning på begäran över webbplatsen6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.003350.02CVE-2015-1432
11vBulletin sql injektion7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.002140.00CVE-2014-5102
12PunBB cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001990.00CVE-2010-0455
13vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001220.20CVE-2018-6200
14vBulletin Vbulletin Forum Remote Code Execution9.88.5$0-$5k$0-$5kUnprovenOfficial Fix0.006200.00CVE-2012-4328
15phpBB install.php privilegier eskalering5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.006420.03CVE-2002-1707
16PunBB register.php sql injektion7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005430.00CVE-2005-0569
17vBulletin moderation.php sql injektion7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.01CVE-2016-6195
18vBulletin XMLRPC API breadcrumbs_create.php sql injektion6.36.3$0-$5k$0-$5kHighUnavailable0.001020.02CVE-2014-2022
19vBulletin visitormessage.php privilegier eskalering7.57.4$0-$5k$0-$5kHighUnavailable0.031570.02CVE-2014-9463
20PunBB Password Reset moderate.php privilegier eskalering4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.022830.00CVE-2008-1484

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
12.59.117.6server4.poyrazhosting.comSload06/05/2022verifiedHög
251.77.231.185vps-06fdbf53.vps.ovh.netSload06/05/2022verifiedHög
351.254.205.8484.ip-51-254-205.euSload06/05/2022verifiedHög
4XX.XXX.XXX.XXXXxxxx12/04/2022verifiedHög
5XX.XXX.XXX.XXxxx.xxXxxxx06/05/2022verifiedHög
6XX.XX.XXX.XXXXxxxx12/04/2022verifiedHög
7XXX.XXX.XXX.XXxxxx.xxxx.xxxXxxxx06/05/2022verifiedHög
8XXX.XXX.XXX.XXXXxxxx06/05/2022verifiedHög
9XXX.XXX.XXX.XXXxxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxx06/05/2022verifiedHög
10XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxx12/04/2022verifiedHög
11XXX.XXX.XXX.XXxxxxxxxxxxxxxxxx.xxxxxxxx.xxxXxxxx06/05/2022verifiedHög

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22Path TraversalpredictiveHög
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHög
3T1059CWE-94Argument InjectionpredictiveHög
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHög
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHög
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHög
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
9TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHög
10TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHög
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveHög
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög
13TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHög
14TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHög
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHög
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
17TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHög
19TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHög
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHög

IOA - Indicator of Attack (183)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/adminpredictiveLåg
2File/admin/launch_message.phppredictiveHög
3File/admin/send_message.phppredictiveHög
4File/categoriesServletpredictiveHög
5File/category.phppredictiveHög
6File/cgi-bin/login_action.cgipredictiveHög
7File/dev/datum/predictiveMedium
8File/forms/web_runScriptpredictiveHög
9File/getImagepredictiveMedium
10File/html/feed.phppredictiveHög
11File/includes/rrdtool.inc.phppredictiveHög
12File/job/(job-name)/apipredictiveHög
13File/multi-vendor-shopping-script/product-list.phppredictiveHög
14File/plugin/extended-choice-parameter/js/predictiveHög
15File/src/basic/fs-util.cpredictiveHög
16File/wfo/control/emp_selector_pupredictiveHög
17Fileadmin/conf_users_edit.phppredictiveHög
18Fileadmin/settings/update/predictiveHög
19Fileadmin/tags.phppredictiveHög
20Fileadministrator.cfcpredictiveHög
21Fileajax/api/hook/decodeArgumentspredictiveHög
22Filexxxxxxxx/xxxxxxxx/xxxx/xxxx.xxpredictiveHög
23Filexx_xxxxxxxxxx.xxxpredictiveHög
24Filexxxxxxx_xxxxxx.xpredictiveHög
25Filexxxxxx_xx.xpredictiveMedium
26Filexxxxxxxxxxx_xxxxxx.xxxpredictiveHög
27Filexxxx_xxxx.xpredictiveMedium
28Filexxxxxx/xxx.xpredictiveMedium
29Filexxxxxx/xxxx.xpredictiveHög
30Filexxxxxxxxxxx/xxxxxx/xxx.xxxpredictiveHög
31Filexxxxxxx.xpredictiveMedium
32Filexxx/xxxx/xxxxxxx/xx/xxxx.xxxpredictiveHög
33Filexxxxxx/xxxxx.xpredictiveHög
34Filexxxxxx/xx/xxxxx_xxxx.xpredictiveHög
35Filexxx_xx_xxx.xpredictiveMedium
36Filexxx_xx_xxxxxx.xpredictiveHög
37Filexxx_xxx.xpredictiveMedium
38Filexxxx-xxxxx/xxxxxxx-xxxxx.xpredictiveHög
39Filexxxxxx.xxxpredictiveMedium
40Filexxxxxxxxx.xxxpredictiveHög
41Filexxxxxxx/xxx/xxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHög
42Filexxxxxxx/xxxxxxxxxx/xxx/xxxx/xx_xxxx.xpredictiveHög
43Filexxxxxxx/xxxxx/xxx/xxx-xxx/xxx-xxx-xxxxxxxx.xpredictiveHög
44Filexxxxxxx/xxx/xxxxxxxxxx/xxxxx.xpredictiveHög
45Filexxxxxxx/xxx/xxx/xxxxxxx.xpredictiveHög
46Filexxxxxxx/xxxxxxxxx/xxxxxxxxx.xpredictiveHög
47Filexxxxx_xxx_xxxxxx.xpredictiveHög
48Filexx_xxxxxxx.xpredictiveMedium
49Filexxxxx.xxxpredictiveMedium
50Filexxx/xxxxxxxx/xxx.xpredictiveHög
51Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xpredictiveHög
52Filexxx/xxxx/xxxx.xpredictiveHög
53Filexxxxx.xpredictiveLåg
54Filexxxxxxxxxx.xxxpredictiveHög
55Filexxxx.xpredictiveLåg
56Filexxxxxxxxxxxxx.xxxpredictiveHög
57Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHög
58Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHög
59Filexxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHög
60Filexxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveHög
61Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHög
62Filexx/xxxxxx/xxxxxx.xpredictiveHög
63Filexx/xxxx/xxxxx.xpredictiveHög
64Filexxxxx.xxxpredictiveMedium
65Filexxxxxx/xxxxxxxxxxxxxxpredictiveHög
66Filexxxxxx.xxxpredictiveMedium
67Filexxxxx.xxxpredictiveMedium
68Filexxx/xxxxxxxxx-xxxpredictiveHög
69Filexx/xxxx/xx.xpredictiveMedium
70Filexx/xxx/xxxxxxxx.xpredictiveHög
71Filexx/xxx/xxx-xxxx.xpredictiveHög
72Filexxxxx.xxxx.xxx_xxxxxxpredictiveHög
73Filexxx/xx/xxxx/xxxxx.xxxxxpredictiveHög
74Filexxxxxxx/xxxxx/xxxx_xxxx.xpredictiveHög
75Filexxxxxxxx/xxxxxxx.xxxpredictiveHög
76Filexxxxxxxx/xxx/xxx_xx_xxxxxxx.xxxpredictiveHög
77Filexxxxxxx.xxxpredictiveMedium
78Filexxxxxxxxx.xxxpredictiveHög
79Filexxx-xxxx.xpredictiveMedium
80Filexxxxxx_xxxx.xpredictiveHög
81Filexxx.x/xxxxxx.xpredictiveHög
82Filexxxxxx/xxxxxxxx.xxpredictiveHög
83Filexxxxx.xxxpredictiveMedium
84Filexxxxxxxx.xxxpredictiveMedium
85Filexxx_xxxxx_xxxxxx.xxxpredictiveHög
86Filexx_xxxxxx.xxxpredictiveHög
87Filexxxxxx/xxxxxx.xpredictiveHög
88Filexxxxxxxxxx/xx.xpredictiveHög
89Filexxxx.xxxpredictiveMedium
90Filexxxxxx.xxpredictiveMedium
91Filexxxxx.xxxpredictiveMedium
92Filexxxxxxxx.xxxpredictiveMedium
93Filexxxxxxx/xxxxxx.xpredictiveHög
94Filexxxxxxx.xxxpredictiveMedium
95Filexxxxxx_xxx.xpredictiveMedium
96Filexxxxxxxxxxx.xxxpredictiveHög
97Filexxxxxxxx.xxxpredictiveMedium
98Filexxx.xpredictiveLåg
99Filexxxxxxxxx.xxxpredictiveHög
100Filexxxxxxx.xxxpredictiveMedium
101Filexxxxxxxxxx.xxxpredictiveHög
102Filexxxxxxxx.xxxpredictiveMedium
103Filexxxx/xxxx/predictiveMedium
104Filexxxxxxx.xpredictiveMedium
105Filexxxxxx.xpredictiveMedium
106Filexxxxxx.xxxpredictiveMedium
107Filexxxxxxxxxx.xxxpredictiveHög
108Filexxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xxpredictiveHög
109Filexxxxxxxxxxx_xxxxx.xxxpredictiveHög
110Filexxxxxx.xxxpredictiveMedium
111Filexxxxxxxxxxxxxx.xxxpredictiveHög
112Filexxxxx_xxxxxxx.xpredictiveHög
113Filexxxxx_xxxxxxxx.xpredictiveHög
114Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxxx.xxxpredictiveHög
115Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHög
116Filexx-xxxxxxxx/xx-xxxxxxxxx.xxxpredictiveHög
117Filexx-xxxx.xxxpredictiveMedium
118Filexxx/xxxxx/xxxxx.xxxpredictiveHög
119Filexx_xxxxxxx.xpredictiveMedium
120Libraryxxx/xxxxxx.xpredictiveMedium
121Libraryxxxxxx.xxxpredictiveMedium
122Libraryxxxxxxxx.xxxpredictiveMedium
123Libraryxxxxxx.xxxpredictiveMedium
124Libraryxxx.xxxpredictiveLåg
125Argument-xpredictiveLåg
126Argument/xxx/xxxxxxxxxxx/xxxxxx/xx_xxxxxxxxxx.xxx?xxx=<xxxxx-xxx>/xxxxxxxx=x/xxxxxxxpredictiveHög
127ArgumentxxxxxxxxxpredictiveMedium
128Argumentxxxxx_xxpredictiveMedium
129ArgumentxxxxpredictiveLåg
130ArgumentxxxxxxxxxpredictiveMedium
131Argumentxxxxxxxxxxxx$xxxxxxpredictiveHög
132Argumentxxxx_xxxpredictiveMedium
133ArgumentxxxxxpredictiveLåg
134ArgumentxxxpredictiveLåg
135ArgumentxxxxxxxxpredictiveMedium
136Argumentxxx_xxxxpredictiveMedium
137Argumentxxxx_xxxxpredictiveMedium
138ArgumentxxpredictiveLåg
139Argumentxx/xxxxpredictiveLåg
140Argumentxxxxxxxx/xxxpredictiveMedium
141Argumentxx_xxxxxxx_xxxxpredictiveHög
142ArgumentxxxxxxpredictiveLåg
143Argumentxx_xxxxxxxpredictiveMedium
144ArgumentxxxxxxxxpredictiveMedium
145ArgumentxxxxxxpredictiveLåg
146ArgumentxxxxpredictiveLåg
147Argumentx_xxx/xxxxpredictiveMedium
148ArgumentxxxxxxpredictiveLåg
149Argumentxxxx_xxxxpredictiveMedium
150Argumentxxxxx_xxxx_xxxpredictiveHög
151ArgumentxxxpredictiveLåg
152ArgumentxxpredictiveLåg
153ArgumentxxxxxxxpredictiveLåg
154Argumentx/xxxxxpredictiveLåg
155Argumentxxx.xx.xxx_xxxpredictiveHög
156ArgumentxxxxxxxxxpredictiveMedium
157ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHög
158Argumentxxxxxx_xxxxpredictiveMedium
159Argumentxxxxxx_xxxxxxpredictiveHög
160Argumentxxxxxxxxxx/xxxxxx/xxxxxxxx/xxxxxx_xxxxx/xxxxxx_xxxpredictiveHög
161ArgumentxxxxpredictiveLåg
162ArgumentxxpredictiveLåg
163ArgumentxxxxxxxxxxxxxxxxpredictiveHög
164ArgumentxxxxxpredictiveLåg
165Argumentxxx_xxx_xxxxpredictiveMedium
166ArgumentxxxxpredictiveLåg
167ArgumentxxpredictiveLåg
168ArgumentxxxxxxxxxxxxpredictiveMedium
169ArgumentxxxxxpredictiveLåg
170Argumentxxxxx/xxxxxxxxpredictiveHög
171ArgumentxxxxxxpredictiveLåg
172ArgumentxxxpredictiveLåg
173ArgumentxxxpredictiveLåg
174Argumentxxxxxxxx/xxxxxxxxpredictiveHög
175ArgumentxxxxxpredictiveLåg
176Argumentxxxxx/xxxxxxpredictiveMedium
177Argumentx/xpredictiveLåg
178Input Value%x[xx]predictiveLåg
179Input Value..\predictiveLåg
180Input Value<xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHög
181Input ValuexxxxpredictiveLåg
182Network Portxxx/xx (xxx)predictiveMedium
183Network Portxxx/xx (xxxxxx)predictiveHög

Referenser (4)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Might our Artificial Intelligence support you?

Check our Alexa App!