GandCrab 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

语言

en	928
es	14
fr	12
it	12
zh	8

国家/地区

us	982
cn	12

演员

RedLine Stealer	4
AsyncRAT	1
NjRAT	1
Venom RAT	1
Bronze Silhouette	1

利益

类型

Not Defined	172
Content Management System	22
Forum Software	14
Operating System	14
Cloud Software	12

供应商

Not Defined	100
Oracle	18
Cisco	16
Microsoft	10
SourceCodester	8

产品

Pearlinger Products	6
Microsoft Windows	6
Google Android	4
Xoops	4
PHP	4

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	LogicBoard CMS away.php Redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	3.04
2	DZCP deV!L`z Clanportal config.php 权限升级	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.14	CVE-2010-0966
3	FLDS redir.php SQL注入	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00203	0.09	CVE-2008-5928
4	Bitrix Site Manager redirect.php 权限升级	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00113	0.03	CVE-2008-2052
5	Tiki Admin Password tiki-login.php 弱身份验证	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00936	3.77	CVE-2020-15906
6	My Link Trader out.php SQL注入	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.18
7	SAS Web Report Studio javascript: URL logonAndRender.do 跨网站脚本	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00089	0.00	CVE-2022-25256
8	Vunet VU Web Visitor Analyst redir.asp SQL注入	7.3	7.1	$0-$5k	$0-$5k	High	Workaround	0.00119	0.09	CVE-2010-2338
9	Serendipity exit.php 权限升级	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.27
10	OpenX adclick.php Redirect	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00440	0.82	CVE-2014-2230
11	vBulletin redirector.php Redirect	6.6	6.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00122	0.18	CVE-2018-6200
12	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 信息公开	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
13	Microsoft Windows Roaming Security Rights Management Services Remote Code Execution	8.1	7.4	$100k 以及更多	$5k-$25k	Unproven	Official Fix	0.00306	0.00	CVE-2022-21974
14	GetSimpleCMS index.php Redirect	6.6	6.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00123	0.00	CVE-2019-9915
15	PHPWind goto.php Redirect	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00348	0.09	CVE-2015-4134
16	Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa 跨网站脚本	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00054	0.00	CVE-2021-43943
17	Openads adclick.php Remote Code Execution	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01871	0.41	CVE-2007-2046
18	Atlassian JIRA Server/Data Center Thread Contention/CPU Monitoring Service ViewInstrumentation.jspa 跨网站请求伪造	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00074	0.00	CVE-2021-43953
19	vu Mass Mailer Login Page redir.asp SQL注入	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00181	0.03	CVE-2007-6138
20	Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation	8.1	7.4	$100k 以及更多	$5k-$25k	Unproven	Official Fix	0.00043	0.02	CVE-2022-24507

IOC - Indicator of Compromise (181)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	Hostname	参与者	Identified	类型	可信度
1	3.64.163.50	ec2-3-64-163-50.eu-central-1.compute.amazonaws.com	GandCrab	2021-10-24	verified	中
2	3.215.23.197	ec2-3-215-23-197.compute-1.amazonaws.com	GandCrab	2022-05-05	verified	中
3	5.23.49.81	1241393-cn03460.tw1.ru	GandCrab	2019-05-24	verified	高
4	5.39.221.60		GandCrab	2021-07-17	verified	高
5	5.135.183.146	freya.stelas.de	GandCrab	2021-10-24	verified	高
6	5.144.168.210	mail.xdeers.com	GandCrab	2022-04-13	verified	高
7	13.37.189.21	ec2-13-37-189-21.eu-west-3.compute.amazonaws.com	GandCrab	2023-02-20	verified	中
8	13.76.158.123		GandCrab	2021-07-17	verified	高
9	13.107.21.200		GandCrab	2022-04-08	verified	高
10	15.188.214.230	ec2-15-188-214-230.eu-west-3.compute.amazonaws.com	GandCrab	2023-02-20	verified	中
11	20.42.65.92		GandCrab	2022-05-07	verified	高
12	20.42.73.29		GandCrab	2022-05-07	verified	高
13	20.50.64.11		GandCrab	2021-10-09	verified	高
14	20.189.173.20		GandCrab	2022-05-07	verified	高
15	23.56.169.147	a23-56-169-147.deploy.static.akamaitechnologies.com	GandCrab	2023-02-20	verified	高
16	23.56.169.152	a23-56-169-152.deploy.static.akamaitechnologies.com	GandCrab	2023-02-20	verified	高
17	23.100.15.180		GandCrab	2022-04-14	verified	高
18	23.205.105.157	a23-205-105-157.deploy.static.akamaitechnologies.com	GandCrab	2022-05-07	verified	高
19	23.221.227.165	a23-221-227-165.deploy.static.akamaitechnologies.com	GandCrab	2023-02-20	verified	高
20	23.221.227.172	a23-221-227-172.deploy.static.akamaitechnologies.com	GandCrab	2023-02-20	verified	高
21	23.236.62.147	147.62.236.23.bc.googleusercontent.com	GandCrab	2022-04-14	verified	中
22	34.102.136.180	180.136.102.34.bc.googleusercontent.com	GandCrab	2021-10-09	verified	中
23	35.205.61.67	67.61.205.35.bc.googleusercontent.com	GandCrab	2021-10-09	verified	中
24	39.107.34.197		GandCrab	2021-10-09	verified	高
25	45.33.91.79	li1037-79.members.linode.com	GandCrab	2022-04-08	verified	高
26	45.118.145.96		GandCrab	2021-10-09	verified	高
27	46.32.228.22	720808.vps-10.com	GandCrab	2022-04-13	verified	高
28	47.75.206.148		GandCrab	2022-04-14	verified	高
29	50.63.202.89	ip-50-63-202-89.ip.secureserver.net	GandCrab	2022-04-08	verified	高
30	50.87.58.165	50-87-58-165.unifiedlayer.com	GandCrab	2022-04-08	verified	高
31	51.15.229.127	127-229-15-51.instances.scw.cloud	GandCrab	2023-02-20	verified	高
32	51.68.50.168	ip168.ip-51-68-50.eu	GandCrab	2022-04-08	verified	高
33	51.254.25.115	ip115.ip-51-254-25.eu	GandCrab	2021-10-24	verified	高
34	51.255.48.78	vps-ede152ed.vps.ovh.net	GandCrab	2021-10-24	verified	高
35	52.17.9.185	ec2-52-17-9-185.eu-west-1.compute.amazonaws.com	GandCrab	2022-04-13	verified	中
36	52.29.192.136	ec2-52-29-192-136.eu-central-1.compute.amazonaws.com	GandCrab	2022-04-08	verified	中
37	52.58.78.16	ec2-52-58-78-16.eu-central-1.compute.amazonaws.com	GandCrab	2022-04-29	verified	中
38	XX.XXX.XXX.XX	xxxx.xxxx.xxxxx	Xxxxxxxx	2021-10-09	verified	高
39	XX.XXX.XXX.XXX		Xxxxxxxx	2022-05-07	verified	高
40	XX.XXX.XXX.XXX		Xxxxxxxx	2022-05-07	verified	高
41	XX.XX.XXX.XX	xxxx.xx-xx-xx-xxx.xx	Xxxxxxxx	2021-10-09	verified	高
42	XX.XXX.XX.XXX	xx-xxx-xx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx	2022-04-14	verified	高
43	XX.XX.XXX.XX	xx.xxx.xx.xx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
44	XX.XX.XXX.XXX	xxx.xxx.xx.xx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
45	XX.XXX.XXX.XXX	xxxx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	2021-07-15	verified	高
46	XX.XXX.XXX.XXX		Xxxxxxxx	2022-05-06	verified	高
47	XX.XXX.XXX.XX	xxxxxxxxxxxx.xx.xxxxxxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
48	XX.XX.XXX.XXX	xxxxx.xxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
49	XX.XXX.XXX.XXX	xxxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
50	XX.XX.XXX.XX	xx-xx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
51	XX.XX.XX.XXX		Xxxxxxxx	2022-05-07	verified	高
52	XX.XX.XXX.XX	xxxxxx-xxxxx.xx-xxxxxxx.xx	Xxxxxxxx	2022-05-07	verified	高
53	XX.XXX.XXX.XX	xx-xx-xxx-xxx-xx.xxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
54	XX.XXX.XXX.XXX	xx-xx-xxx-xxx-xxx.xxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
55	XX.XXX.XXX.X	xxxxx.xx	Xxxxxxxx	2018-02-15	verified	高
56	XX.XX.XXX.XX	xxxxx.xxxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
57	XX.X.XXX.XXX	xxxx-xxx.xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	2022-04-08	verified	高
58	XX.XXX.XX.XXX	xxxxxx.xxx-xxxx.xxx	Xxxxxxxx	2022-04-13	verified	高
59	XX.XXX.XXX.X	xxxxxxx.xxxxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
60	XX.XXX.XXX.XX	xx-xxxxxx.xxxxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
61	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
62	XX.XXX.XX.XX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
63	XX.XXX.XX.XX	xxx.xxxxx.xxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
64	XX.XXX.XX.XXX	xxx.xxxxxxx.xxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
65	XX.XXX.XX.XXX	xxx.xxxx.xxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
66	XX.XXX.XX.XXX	xx.xxxxx.xxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
67	XX.XXX.XX.XX		Xxxxxxxx	2021-07-15	verified	高
68	XX.XXX.XXX.X	xxxxxxx.xxxxx.xxx.xx	Xxxxxxxx	2021-10-09	verified	高
69	XX.XXX.XXX.XX	xxxxxxxx.xxxxx.xxx.xx	Xxxxxxxx	2022-04-08	verified	高
70	XX.XXX.XXX.XX	xxxxxx.xxxxx.xxxxxxxxx.xx	Xxxxxxxx	2019-05-24	verified	高
71	XX.XX.XX.XXX	xxxxx.xxxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
72	XX.XXX.XX.XX	xxxx.xxxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
73	XX.XXX.XX.XXX	xxxxx.xxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
74	XX.XX.XXX.XX	xxxxxx.xxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
75	XX.XXX.XX.XX	xxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
76	XX.XXX.XXX.XXX	xxxxxxx.xxxxxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
77	XX.XX.XX.XXX	xx-xx-xx-xxx.xx.xxx-xxx.xx	Xxxxxxxx	2022-04-08	verified	高
78	XX.XXX.XX.XXX	xxxxxxxx.xxxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
79	XX.XXX.XX.XX	xxxx-xx-xxx-xx-xx.xxxxxx-xx-xxxxxx.xx	Xxxxxxxx	2022-07-21	verified	高
80	XX.XXX.XXX.XX		Xxxxxxxx	2022-04-08	verified	高
81	XX.XXX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
82	XX.XX.XXX.XXX	xxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxxx	2021-07-15	verified	高
83	XXX.XXX.XX.XXX		Xxxxxxxx	2018-02-15	verified	高
84	XXX.XX.XXX.XX		Xxxxxxxx	2022-04-08	verified	高
85	XXX.XXX.XX.XXX		Xxxxxxxx	2022-04-08	verified	高
86	XXX.XX.XX.XXX		Xxxxxxxx	2021-10-24	verified	高
87	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
88	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-14	verified	高
89	XXX.XX.XXX.XX		Xxxxxxxx	2022-04-08	verified	高
90	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-14	verified	高
91	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
92	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
93	XXX.XX.XX.XXX		Xxxxxxxx	2022-04-08	verified	高
94	XXX.XX.XX.XXX		Xxxxxxxx	2022-04-08	verified	高
95	XXX.XX.XX.XXX		Xxxxxxxx	2022-04-14	verified	高
96	XXX.XX.XX.XXX		Xxxxxxxx	2022-04-13	verified	高
97	XXX.XX.XX.XXX		Xxxxxxxx	2022-04-14	verified	高
98	XXX.XX.XX.XX		Xxxxxxxx	2022-04-08	verified	高
99	XXX.XXX.XX.XX		Xxxxxxxx	2022-05-07	verified	高
100	XXX.XXX.XXX.XXX	xx.xxxx.xxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
101	XXX.XX.XXX.XXX	xx-xxx.xxxxxxxxx.xx	Xxxxxxxx	2022-05-06	verified	高
102	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
103	XXX.XX.XXX.XXX		Xxxxxxxx	2018-02-15	verified	高
104	XXX.XX.XXX.XX		Xxxxxxxx	2022-03-31	verified	高
105	XXX.XXX.XX.XX	xxxxxxx.xxx	Xxxxxxxx	2021-10-24	verified	高
106	XXX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
107	XXX.XXX.XXX.XXX	xxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
108	XXX.XX.XXX.XX	xxxx.xx-xxx-xx-xxx.xx	Xxxxxxxx	2022-04-08	verified	高
109	XXX.XXX.XX.XXX	xxxxxx.xxx.xx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
110	XXX.XX.XXX.XXX		Xxxxxxxx	2021-10-24	verified	高
111	XXX.XX.X.XXX		Xxxxxxxx	2022-04-14	verified	高
112	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx	2021-10-24	verified	高
113	XXX.XX.XX.XX	xx-xxx-xx-xx-xx.xxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
114	XXX.XXX.XXX.XX		Xxxxxxxx	2021-10-09	verified	高
115	XXX.XX.XXX.XXX	xxxx.xxxxxx.xxx	Xxxxxxxx	2022-04-14	verified	高
116	XXX.XXX.X.XX	xxxx.xxxx.xxx	Xxxxxxxx	2022-04-13	verified	高
117	XXX.XXX.X.XX	xxxx.xxxx.xxx	Xxxxxxxx	2022-04-13	verified	高
118	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx	2022-03-31	verified	高
119	XXX.XX.XXX.XX		Xxxxxxxx	2022-04-08	verified	高
120	XXX.XXX.XXX.XXX		Xxxxxxxx	2021-10-09	verified	高
121	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxxxxx.xxx	Xxxxxxxx	2021-10-24	verified	高
122	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxxxxx.xxx	Xxxxxxxx	2021-10-24	verified	高
123	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xx	Xxxxxxxx	2021-10-24	verified	高
124	XXX.XXX.XX.XXX		Xxxxxxxx	2021-10-09	verified	高
125	XXX.XX.XX.XXX		Xxxxxxxx	2021-07-17	verified	高
126	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xxxxxx	Xxxxxxxx	2022-04-08	verified	高
127	XXX.XX.XXX.XXX	xxxxxxxx.xx-xxx-xx-xxx.xx	Xxxxxxxx	2022-04-08	verified	高
128	XXX.XXX.XX.XXX	xxxxxx.xxxxxxx.xx	Xxxxxxxx	2021-10-24	verified	高
129	XXX.XXX.XX.XXX	xxxxx.xxxxxx.xx	Xxxxxxxx	2022-04-08	verified	高
130	XXX.XXX.XX.XXX	xxxxx.xxxxxx.xx	Xxxxxxxx	2021-10-09	verified	高
131	XXX.XXX.XX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	2022-04-08	verified	高
132	XXX.XX.XXX.XX	xxxxxxxxxxxx.xxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
133	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-13	verified	高
134	XXX.XX.XXX.X	xxxx.xxx.xxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
135	XXX.XXX.XXX.XX		Xxxxxxxx	2021-10-24	verified	高
136	XXX.XXX.XXX.XXX	xxxxxx.xxxxx.xx	Xxxxxxxx	2021-10-24	verified	高
137	XXX.XXX.XX.XXX	xxxxxx.xx.xx	Xxxxxxxx	2022-04-08	verified	高
138	XXX.XXX.XX.XXX	xxxxxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
139	XXX.XXX.XX.XXX	xxxxxxxxxx.xx.xxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
140	XXX.XXX.XXX.XX		Xxxxxxxx	2022-04-08	verified	高
141	XXX.XXX.XXX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	2022-04-14	verified	高
142	XXX.XXX.XXX.XXX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	2022-04-08	verified	高
143	XXX.XXX.XXX.XX		Xxxxxxxx	2021-10-09	verified	高
144	XXX.XX.XXX.XX	xxxxx.xxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
145	XXX.XXX.XX.XXX	xxx.xxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
146	XXX.XXX.XX.XXX	xxxxxxxxxx.xxxxxxx.xxx.xxx	Xxxxxxxx	2022-04-08	verified	高
147	XXX.XX.XXX.XX		Xxxxxxxx	2021-07-15	verified	高
148	XXX.XX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
149	XXX.XXX.XX.XX	xxxxxx.xxxxxxx.xxx.xx	Xxxxxxxx	2022-04-08	verified	高
150	XXX.XX.XXX.XX	xxxx.xxxxxxxxxxx.xxx	Xxxxxxxx	2022-05-06	verified	高
151	XXX.XX.XXX.XX	xxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xx	Xxxxxxxx	2021-10-24	verified	高
152	XXX.XX.XXX.XX	xxxx-xxxxxx-xx-xxxxxxxxx-xx.xxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
153	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx	2022-04-08	verified	高
154	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxxx	2022-05-06	verified	高
155	XXX.XXX.XXX.XXX	xxxxx.xxxxxxxxxxxxxx.xxx	Xxxxxxxx	2022-04-13	verified	高
156	XXX.X.XXX.XXX	xxxxxxxxx.xxx-xxxx.xx	Xxxxxxxx	2022-04-08	verified	高
157	XXX.XXX.XX.XX		Xxxxxxxx	2021-10-24	verified	高
158	XXX.XXX.XXX.X		Xxxxxxxx	2022-04-13	verified	高
159	XXX.XXX.XX.XXX	xxxxx.xxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
160	XXX.XX.XXX.XX		Xxxxxxxx	2022-04-13	verified	高
161	XXX.XX.XXX.XX		Xxxxxxxx	2022-04-13	verified	高
162	XXX.XX.XX.XX		Xxxxxxxx	2022-04-08	verified	高
163	XXX.XXX.XXX.XX	xxxxxxx-xxxxx.xx.xx	Xxxxxxxx	2022-04-08	verified	高
164	XXX.XXX.XXX.XXX	xxx.xxxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
165	XXX.XXX.XXX.XXX	xxxxxxxxx.xxx-xxxxxxx.xxx	Xxxxxxxx	2022-04-14	verified	高
166	XXX.XX.XX.XXX	xxxxx-xxxxx-xx.xxxxxxxxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
167	XXX.XX.XX.XX		Xxxxxxxx	2022-04-29	verified	高
168	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxxxxxxx	2021-07-17	verified	高
169	XXX.XX.XX.XXX	xxx-xx-xx-xxx.xxx.xxxxxxxxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
170	XXX.XXX.XXX.XXX		Xxxxxxxx	2022-04-08	verified	高
171	XXX.XXX.XX.X	xxxxxxxxxx.xxx.xxx	Xxxxxxxx	2021-10-09	verified	高
172	XXX.XXX.XX.X	xxxxxxxx.xxx.xxx	Xxxxxxxx	2021-10-09	verified	高
173	XXX.XXX.XX.XXX	xxxx-xxx-xx.xxxxxxxxxx.xxxxxxx.xxx.xxx	Xxxxxxxx	2022-04-08	verified	高
174	XXX.XXX.XXX.XXX	xxx.xxx.xxx.xxx.xxxxxx.xxxxxx.xxx	Xxxxxxxx	2021-10-24	verified	高
175	XXX.XX.XX.XX	xxxx.xxx.xxxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
176	XXX.XX.XX.XXX	xxxxx.xxx.xxxxxxxxx.xx	Xxxxxxxx	2022-04-13	verified	高
177	XXX.XX.XXX.XX	xxxxxxxx.xxx.xxxxx.xxx	Xxxxxxxx	2021-10-09	verified	高
178	XXX.XXX.X.XX	xxx-xxx-x-xx.xxxxxxx-xxx.xx-x.xxx	Xxxxxxxx	2022-04-08	verified	高
179	XXX.XXX.X.XXX	xxx-xxx-x-xxx.xxxxxxx-xxx.xx-x.xxx	Xxxxxxxx	2022-04-08	verified	高
180	XXX.XXX.XXX.XXX	xxxxxx.xxx.xx	Xxxxxxxx	2021-10-09	verified	高
181	XXX.XX.XX.XX		Xxxxxxxx	2022-04-08	verified	高

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	漏洞	访问向量	类型	可信度
1	T1006	CWE-21, CWE-22, CWE-23	Path Traversal	predictive	高
2	T1040	CWE-319	Authentication Bypass by Capture-replay	predictive	高
3	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	高
4	T1059	CWE-94	Argument Injection	predictive	高
5	TXXXX.XXX	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	高
6	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
7	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	高
8	TXXXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	高
9	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	高
10	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	高
11	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	高
12	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	高
13	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
14	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	高
15	TXXXX.XXX	CWE-XXX	Xxxxxxxx	predictive	高
16	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高
17	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	高
18	TXXXX.XXX	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	高
19	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	高

IOA - Indicator of Attack (297)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	分类	Indicator	类型	可信度
1	File	/../conf/config.properties	predictive	高
2	File	/admin/general.cgi	predictive	高
3	File	/admin/reminders/manage_reminder.php	predictive	高
4	File	/CCMAdmin/serverlist.asp	predictive	高
5	File	/cgi/get_param.cgi	predictive	高
6	File	/csms/admin/inquiries/view_details.php	predictive	高
7	File	/cstecgi.cgi	predictive	中
8	File	/files.md5	predictive	中
9	File	/forum/away.php	predictive	高
10	File	/hrm/employeeview.php	predictive	高
11	File	/images/	predictive	中
12	File	/include/chart_generator.php	predictive	高
13	File	/librarian/bookdetails.php	predictive	高
14	File	/login	predictive	低
15	File	/messageboard/view.php	predictive	高
16	File	/modules/profile/index.php	predictive	高
17	File	/one_church/userregister.php	predictive	高
18	File	/out.php	predictive	中
19	File	/owa/auth/logon.aspx	predictive	高
20	File	/public/plugins/	predictive	高
21	File	/SAP_Information_System/controllers/add_admin.php	predictive	高
22	File	/SASWebReportStudio/logonAndRender.do	predictive	高
23	File	/secure/admin/InsightDefaultCustomFieldConfig.jspa	predictive	高
24	File	/secure/admin/ViewInstrumentation.jspa	predictive	高
25	File	/SVFE2/pages/feegroups/country_group.jsf	predictive	高
26	File	/textpattern/index.php	predictive	高
27	File	/upfile.cgi	predictive	中
28	File	/v2/quantum/save-data-upload-big-file	predictive	高
29	File	/wordpress/wp-admin/admin.php	predictive	高
30	File	4.edu.php	predictive	中
31	File	account_footer.php	predictive	高
32	File	adclick.php	predictive	中
33	File	add_edit_cat.asp	predictive	高
34	File	add_edit_user.asp	predictive	高
35	File	admin.cropcanvas.php	predictive	高
36	File	admin.jcomments.php	predictive	高
37	File	xxxxx/xxxxxxxxxxx.xxx	predictive	高
38	File	xxxxx/xxxx_xxxxxxxx.xxx	predictive	高
39	File	xxxxx/xxxxx.xxx	predictive	高
40	File	xxxxx/xxxxxxxxxxxxx.xxx	predictive	高
41	File	xxxxxxxxxxxxxxxx.xxx	predictive	高
42	File	xxxxxxxxxxx.xxx	predictive	高
43	File	xxxxxxxxxxx.xxx	predictive	高
44	File	xxxx_xxxx_xxxxxxxx.xxx	predictive	高
45	File	xx_xxxxxxxxxx.xxx	predictive	高
46	File	xxx/xxxxxx/xxxx_xxxxxx.xxx	predictive	高
47	File	xxxxxxxxxxxxxx.xxx	predictive	高
48	File	xxxxxxxx.xxxxxxx.xxx	predictive	高
49	File	xx_xxxxx_xxxxx.xxx	predictive	高
50	File	xx_xxxx.xxx	predictive	中
51	File	xxx_xxxxxxxxx.xxx	predictive	高
52	File	x:\xxxx	predictive	低
53	File	xxxxxx/xxxxx/xxxxx.xxx	predictive	高
54	File	xxxx_xxxxxxx.xxx	predictive	高
55	File	xxxxxxxx.xxx	predictive	中
56	File	xxxxxxxx.xxx	predictive	中
57	File	xxx-xxx/xxxxxxxxxxxx.xxx	predictive	高
58	File	xxx-xxx/xxx/xxxxxxxx_xxx.xxx	predictive	高
59	File	xxxxxxxxxxx.xxx	predictive	高
60	File	xxxxx.xxxxx.xxx	predictive	高
61	File	xxxxx/xxxxx_xxxxxx.xxx	predictive	高
62	File	xxxxxxxxxx_xxxxx.xxx	predictive	高
63	File	xxxxx_xx_xxxxxxxxx.xxx	predictive	高
64	File	xxxxx_xxxx.xxx	predictive	高
65	File	xxxxx.xxx	predictive	中
66	File	xxx.xxx?xxx=xxxxx_xxxx	predictive	高
67	File	xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx	predictive	高
68	File	xxxxxxx.xxx	predictive	中
69	File	xxxxxxxxxx.xxx	predictive	高
70	File	xxxxxxxxxxxxxxxxxxx.xx	predictive	高
71	File	xxxxxxxxx.xxx	predictive	高
72	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	高
73	File	xx.xxx	predictive	低
74	File	xxxxxxx.xxx	predictive	中
75	File	xxxxxx.xxx	predictive	中
76	File	xxxxxx.xxx	predictive	中
77	File	xxxxxxxx.xxx	predictive	中
78	File	xxxxxxxxxx-xxxxxxxxxxxxx.xxx	predictive	高
79	File	xxxxxxx/xxxxx/xxxxx.x	predictive	高
80	File	xxxxx.xxx	predictive	中
81	File	xxxxx.xxx	predictive	中
82	File	xxxx.xxx	predictive	中
83	File	xxxxxxxx.xxx	predictive	中
84	File	xxxxxxxx.xxx	predictive	中
85	File	xxxxxxxxx.xxx	predictive	高
86	File	xxxxxx.xxxx	predictive	中
87	File	xxxx.xxx	predictive	中
88	File	xxxx.xxx	predictive	中
89	File	xxxxxxxxxx.xxx	predictive	高
90	File	xxxxx_xxxxxx.xxx	predictive	高
91	File	xxxxxxxxx.xxx	predictive	高
92	File	xxx/xxxxxxxx.xxx	predictive	高
93	File	xxx/xxxxxx.xxx	predictive	高
94	File	xxx/xxxxxxxxxxx/xxxxxxx.xxx	predictive	高
95	File	xxx/xxxxxxx/xxxxxxxxxxxx.xxx	predictive	高
96	File	xxxxxxx.xxx	predictive	中
97	File	xxxxxxx/xxxx.xxx	predictive	高
98	File	xxxxxxxx/xxxx.xxx	predictive	高
99	File	xxxxx.xxx	predictive	中
100	File	xxxx.xxxx	predictive	中
101	File	xxxxxxxxxxxxx.xxx	predictive	高
102	File	xxxxxx/xxxx/xxxxxx_xxx.xxx	predictive	高
103	File	xxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxx	predictive	高
104	File	xxxx_xxxx.xxx	predictive	高
105	File	xxx.xxxx	predictive	中
106	File	xxxxxx/xxxxxx/xxxxxx-xx.x	predictive	高
107	File	xxxx/xx.xxx	predictive	中
108	File	xxxxxx.xxx	predictive	中
109	File	xxxxx.xxxx	predictive	中
110	File	xxxxx.xxx	predictive	中
111	File	xxxxx.xxxx	predictive	中
112	File	xxxxx_xxxxxxx.xxx	predictive	高
113	File	xxx_xxxxxxxx.xxx	predictive	高
114	File	xxx/xxxx_xxx.xxx	predictive	高
115	File	xxxxxxx/xxx.xxx	predictive	高
116	File	xxx/xxxxxxxxx/xx_xxx_xxxxxx.x	predictive	高
117	File	xxx.xxx	predictive	低
118	File	xxxxxx_xx.xxx	predictive	高
119	File	xxx/xxxxx.xxxx	predictive	高
120	File	x-xxxx.xxx	predictive	中
121	File	xxxx.xxxxxxxxx.xxx	predictive	高
122	File	xxxxxxxxx.xxx.xxx	predictive	高
123	File	xxxxxx.xxx	predictive	中
124	File	xxxx.xxx	predictive	中
125	File	xxxx.xxx	predictive	中
126	File	xxxxx/xxxxxxx.xxx	predictive	高
127	File	xxxxxxxxx/xxxxxxxxxxxxxx.xxxx	predictive	高
128	File	xxxxx.xxx	predictive	中
129	File	xxxxx.xxx	predictive	中
130	File	xxxxxxxx.xxx	predictive	中
131	File	xxxxxxxxxx.xxx	predictive	高
132	File	xxxxxxxx.xxx	predictive	中
133	File	xxxxxxxx.xxx	predictive	中
134	File	xxxxxxxx_xxxxxxxxxxxx_xxxxxx.xx	predictive	高
135	File	xxxxxxxx_xxxx.xxx	predictive	高
136	File	xxxxxxxxxxxx_xxxxxxxx.xxx.xxx	predictive	高
137	File	xxxxxx.xxx	predictive	中
138	File	xxxxxxxx.x	predictive	中
139	File	xx_xxxx.x	predictive	中
140	File	xxxx_xxxx_xxxxxx.xxx	predictive	高
141	File	xxxxxx.xxx	predictive	中
142	File	xxxxxx.xxx	predictive	中
143	File	xxxx/xxxxxxx/xxxxxxxxxxxxx_xxx.xxx	predictive	高
144	File	xxxxxx.xxxx	predictive	中
145	File	xxxxxxxx-xxxxxx_xxxxx.xxx	predictive	高
146	File	xxxx.xxx	predictive	中
147	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	高
148	File	xxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxx	predictive	高
149	File	xxxxxxxxxxx.xxx	predictive	高
150	File	xxxxxxx.xxx	predictive	中
151	File	xxx/xxx/xxxxxxx/xxxx.xxx	predictive	高
152	File	xxxxx_xxxxx.xxx	predictive	高
153	File	xxxx-xxxxx.xxx	predictive	高
154	File	xxxx-xxxxxxxx.xxx	predictive	高
155	File	xxxxx.xx	predictive	中
156	File	xxxxx.xxx	predictive	中
157	File	xxxxxx.xxx	predictive	中
158	File	xxxx.xxx	predictive	中
159	File	xxxxx-xxxxxxxx-xxxxx-xxxxxxxxxxx-xxx-xxxxx.xxx	predictive	高
160	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	高
161	File	xxxxx.xxxx	predictive	中
162	File	xxxxxxxxx.xxxx	predictive	高
163	File	xxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxx	predictive	高
164	File	xxxxxxx.xxx	predictive	中
165	File	xx-xxxxx/xxxxx.xxx	predictive	高
166	File	xx.xxx	predictive	低
167	File	xxxxxxxxxxxx.xxx	predictive	高
168	File	~/xxxxx-xxxxx.xxx	predictive	高
169	File	~/xxxxxxxx-xxxxxxxx.xxx	predictive	高
170	Library	xxxxxx[xxxxxx_xxxx	predictive	高
171	Library	xxxxxx.xxxxxxxxx.xxxxxxx.xxxxx_xxxxx.xxx	predictive	高
172	Library	xxxx/xxxxxxx/xxxx/xxxxxxxxx/xxxxx.xxx	predictive	高
173	Library	xxxxxxxx.xxx	predictive	中
174	Library	~/xxx/xxxxx-xxxxxxxx-xxxxxxxxxx.xxx	predictive	高
175	Argument	$_xxxxxx	predictive	中
176	Argument	xxx_xxxx	predictive	中
177	Argument	xxxxx	predictive	低
178	Argument	xx_xx	predictive	低
179	Argument	xxxxxx	predictive	低
180	Argument	xx	predictive	低
181	Argument	xxx_xx	predictive	低
182	Argument	xx	predictive	低
183	Argument	xx	predictive	低
184	Argument	xxxxxxxx	predictive	中
185	Argument	xxxxxxxx	predictive	中
186	Argument	xxxxx	predictive	低
187	Argument	xxxx	predictive	低
188	Argument	xxxx_xxx_xxxx	predictive	高
189	Argument	xxx	predictive	低
190	Argument	xxxxxxxxxx	predictive	中
191	Argument	xxxxxxxx_xxxx	predictive	高
192	Argument	xxx_xx	predictive	低
193	Argument	xx_xxxxxx	predictive	中
194	Argument	xxx	predictive	低
195	Argument	xxxx	predictive	低
196	Argument	xxxx_xx	predictive	低
197	Argument	xxxxxxxxxx	predictive	中
198	Argument	xxxxxx[xxxxxx_xxxx]	predictive	高
199	Argument	xxxxxx	predictive	低
200	Argument	xxxx_xx	predictive	低
201	Argument	xxxxxxxxxxxx	predictive	中
202	Argument	xxx	predictive	低
203	Argument	xxxxxxxx	predictive	中
204	Argument	xxxxx	predictive	低
205	Argument	xxxx	predictive	低
206	Argument	xxxxxxxxxxxxxxx	predictive	高
207	Argument	xxxxx_xxxx_xxxx	predictive	高
208	Argument	xxxxxxx=xxxxxxxx	predictive	高
209	Argument	xxxx	predictive	低
210	Argument	xxxxxxx	predictive	低
211	Argument	xxxxxxx_xxxxxxx	predictive	高
212	Argument	xxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]	predictive	高
213	Argument	xxxxxxxx	predictive	中
214	Argument	xxxx	predictive	低
215	Argument	xx	predictive	低
216	Argument	xx/xx_xxxxxx_xxxx/xx_xxxx_xxxxxx	predictive	高
217	Argument	xxxxxxxxx	predictive	中
218	Argument	xx_xxxxx	predictive	中
219	Argument	xxxxx	predictive	低
220	Argument	xxxxx_xxxx	predictive	中
221	Argument	xxxxxx	predictive	低
222	Argument	xxxx_xx	predictive	低
223	Argument	xxxx	predictive	低
224	Argument	xxxxxxxx_xxx	predictive	中
225	Argument	xxx_xxx	predictive	低
226	Argument	xxxxxxx	predictive	低
227	Argument	xxx	predictive	低
228	Argument	xxxx	predictive	低
229	Argument	xxxxxxx	predictive	低
230	Argument	xxx_xxxx_xxxx	predictive	高
231	Argument	xxxxxxxxxx	predictive	中
232	Argument	xxx	predictive	低
233	Argument	xx_xxxx	predictive	低
234	Argument	xxx/xxxxxxxxx	predictive	高
235	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	高
236	Argument	xxxxx	predictive	低
237	Argument	xxxxxxx_xxxx	predictive	中
238	Argument	xxxx	predictive	低
239	Argument	xxxx/xxxxxxxx/xxx/xxx/xxxxxxxx/xxxxxxx	predictive	高
240	Argument	xxxxxxx_xx	predictive	中
241	Argument	xxxxxx xxxxxx	predictive	高
242	Argument	xxxx	predictive	低
243	Argument	xxx_xxx[]	predictive	中
244	Argument	xxxxxxxx	predictive	中
245	Argument	xxxx_xxxxx	predictive	中
246	Argument	xxxx_xx_xx_xxx	predictive	高
247	Argument	xxxxxxx	predictive	低
248	Argument	xxxxxxxxxxxxx	predictive	高
249	Argument	xxxxxxxxx	predictive	中
250	Argument	xxxxx_xxxx_xxxx	predictive	高
251	Argument	xxxxx	predictive	低
252	Argument	xxxx	predictive	低
253	Argument	xx_xxxx	predictive	低
254	Argument	xx_xxxx	predictive	低
255	Argument	xxxxxx	predictive	低
256	Argument	xxxxxxx_xx	predictive	中
257	Argument	xxxxx	predictive	低
258	Argument	xxxxxxxx	predictive	中
259	Argument	xxxxxxxxxx	predictive	中
260	Argument	xxxxx	predictive	低
261	Argument	xxxxxxx_xx	predictive	中
262	Argument	xxxxxxxxxx	predictive	中
263	Argument	xxxxxxx	predictive	低
264	Argument	xxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxx	predictive	高
265	Argument	xxx	predictive	低
266	Argument	xxxxxx	predictive	低
267	Argument	xxx	predictive	低
268	Argument	xxxxxx_xxx	predictive	中
269	Argument	xxxx_xxxx	predictive	中
270	Argument	xxxxxxx	predictive	低
271	Argument	xxxxxx_xx	predictive	中
272	Argument	xxxxxxx_xx	predictive	中
273	Argument	xxxxxx	predictive	低
274	Argument	xx_xxxxx_xxxx_xxxx	predictive	高
275	Argument	xx	predictive	低
276	Argument	xxxxxxxxx	predictive	中
277	Argument	xxxxxxx	predictive	低
278	Argument	xxxxxxxxxx	predictive	中
279	Argument	x_xx	predictive	低
280	Argument	xxxxxxxxxx_xx	predictive	高
281	Argument	xxxx	predictive	低
282	Argument	xxxx_xx	predictive	低
283	Argument	xxx	predictive	低
284	Argument	xxx	predictive	低
285	Argument	xxxx.xxxxx	predictive	中
286	Argument	xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx/xxxxxxxx:x_xxxx	predictive	高
287	Argument	xxxxxx	predictive	低
288	Argument	xxxxxxxx	predictive	中
289	Argument	xxxx_xx	predictive	低
290	Argument	xx_xxxx	predictive	低
291	Input Value	' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxx	predictive	高
292	Input Value	..	predictive	低
293	Input Value	x%xxxxxxx%xxxxxxxx%xxx,xxxxxx_xx%xxxxxx,xx_xxxxxxx,xxxxxxxx%xx,x,x,x,x,x,x,x,xx,xx,xx,xx,xx,xx,xx,xx,xx%xxxxxx%xxxxxxxxxx%xxxxxxx%xxxx%xxx	predictive	高
294	Input Value	<xxx%xxxxx='xxxx://xxx.xxxx.xx/xxxx.xxx'%xxxxxxx='xxxxxx:%xxxxx%xxxxxxx%xxxxxxx;'>	predictive	高
295	Input Value	\xxx../../../../xxx/xxxxxx	predictive	高
296	Pattern	xxxxxxx-xxxx\|xx\| xxxx/xxxx	predictive	高
297	Pattern	xxxx /x	predictive	低

参考 (21)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!