Magic Hound Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (594)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en554
es14
fr6
sv4
it4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us434
ir60
gb2
fr2
af2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Magic Hound2
Conti1
MuddyWater1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined194
WordPress Plugin22
Web Server14
Content Management System14
Operating System14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined160
Microsoft20
Apache20
IBM16
Cisco14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows8
Apache Tomcat8
Campcodes Online Thesis Archiving System6
Google Android6
GPAC6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2Hikvision Product Message command injection5.55.5$0-$5k$0-$5kHighNot Defined0.974850.00CVE-2021-36260
3Google Chrome WebRTC heap-based overflow6.36.0$25k-$100k$5k-$25kHighOfficial Fix0.011520.00CVE-2022-2294
4SourceCodester Canteen Management System food.php query cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000660.04CVE-2022-4091
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.34CVE-2010-0966
6MINMAX newsDia.php sql injection6.35.8$0-$5k$0-$5kNot DefinedNot Defined0.000830.00CVE-2020-36535
7SourceCodester Canteen Management System POST Request ajax_invoice.php query sql injection6.66.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.003160.08CVE-2022-4222
8SourceCodester Event Registration System cross site scripting3.63.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.05CVE-2022-4233
9SourceCodester Apartment Visitor Management System action-visitor.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001420.07CVE-2022-2772
10HTC One/Sense Mail Client certificate validation4.84.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.001330.07CVE-2013-10001
11SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.04CVE-2023-2619
12WordPress do_trackbacks sql injection6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001220.00CVE-2010-4257
13Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.08CVE-2017-0055
14wordpress-gallery-transformation gallery.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002110.00CVE-2017-1002028
15Fortinet FortiOS SSL VPN Web Portal path traversal8.18.0$0-$5k$0-$5kHighOfficial Fix0.974100.04CVE-2018-13379
16Campcodes Online Thesis Archiving System view_department.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001460.07CVE-2023-2144
17OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.34CVE-2016-6210
18Redis XAUTOCLAIM Command integer overflow6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.017190.04CVE-2022-35951
19Roku RokuOS Realtek WiFi Chip unknown vulnerability4.64.5$0-$5k$0-$5kNot DefinedNot Defined0.000440.00CVE-2022-27152
20Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.001370.04CVE-2008-4879

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (102)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.9.244.151static.151.244.9.5.clients.your-server.deMagic HoundSaffron Rose01/01/2021verifiedHigh
25.39.223.227Magic HoundRocket Kitten12/17/2020verifiedHigh
35.145.151.1ip-5-145-151-1.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
45.145.151.2ip-5-145-151-2.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
55.145.151.3ip-5-145-151-3.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
65.145.151.4ip-5-145-151-4.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
75.145.151.5ip-5-145-151-5.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
85.145.151.6ip-5-145-151-6.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
95.145.151.7ip-5-145-151-7.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
1031.192.105.10Magic HoundRocket Kitten12/17/2020verifiedHigh
1145.32.186.3345.32.186.33.vultr.comMagic HoundPupyRAT12/17/2020verifiedMedium
1245.56.123.129li941-129.members.linode.comMagic Hound12/17/2020verifiedHigh
1345.58.37.142Magic Hound12/17/2020verifiedHigh
1445.76.128.16545.76.128.165.vultr.comMagic Hound12/17/2020verifiedMedium
1569.87.223.26Magic Hound12/17/2020verifiedHigh
1681.17.28.227Magic HoundSaffron Rose12/17/2020verifiedHigh
1781.17.28.229Magic HoundSaffron Rose12/17/2020verifiedHigh
1881.17.28.231Magic HoundSaffron Rose12/17/2020verifiedHigh
1981.17.28.235Magic HoundSaffron Rose01/01/2021verifiedHigh
2084.11.146.52host-84-11-146-52.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
2184.11.146.53host-84-11-146-53.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
22XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
23XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
24XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
25XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
26XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
27XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
28XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
29XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
30XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
31XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
32XX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxx.xxxxxxxxxx.xx.xxXxxxx XxxxxXxxxxxx Xxxx01/01/2021verifiedHigh
33XX.XXX.XX.XXXxxxx Xxxxx12/17/2020verifiedHigh
34XX.XXX.XX.XXXxxxx XxxxxXxxxxxx12/17/2020verifiedHigh
35XXX.XXX.XXX.XXXXxxxx Xxxxx12/17/2020verifiedHigh
36XXX.XXX.XXX.XXXxxx-xx.xxxxx.xxxXxxxx Xxxxx12/17/2020verifiedHigh
37XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
38XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
39XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
40XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
41XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
42XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
43XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
44XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
45XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
46XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
47XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
48XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
49XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
50XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
51XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
52XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
53XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
54XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
55XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
56XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
57XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
58XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
59XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
60XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
61XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
62XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
63XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
64XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
65XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
66XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
67XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
68XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
69XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
70XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
71XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
72XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
73XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
74XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
75XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
76XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
77XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
78XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
79XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
80XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
81XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
82XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
83XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
84XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
85XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
86XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
87XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
88XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
89XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
90XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
91XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
92XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
93XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
94XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
95XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
96XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
97XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
98XXX.XX.XX.XXXXxxxx XxxxxXxxxxxx12/17/2020verifiedHigh
99XXX.XXX.XXX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
100XXX.XXX.XX.XXXxxxx.xxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
101XXX.XXX.XX.XXXxxxx.xxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
102XXX.XXX.XXX.XXXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-50CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
19TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
23TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
24TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (231)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/admin.phppredictiveMedium
3File/admin/book/create/predictiveHigh
4File/admin/curriculum/view_curriculum.phppredictiveHigh
5File/admin/departments/view_department.phppredictiveHigh
6File/Admin/login.phppredictiveHigh
7File/admin/loginc.phppredictiveHigh
8File/admin/students/manage.phppredictiveHigh
9File/admin/user/manage_user.phppredictiveHigh
10File/auditLogAction.dopredictiveHigh
11File/cgi-bin/wapopenpredictiveHigh
12File/devices/acurite.cpredictiveHigh
13File/DocSystem/Repos/getReposAllUsers.dopredictiveHigh
14File/etc/ajenti/config.ymlpredictiveHigh
15File/event/admin/?page=user/listpredictiveHigh
16File/example/editorpredictiveHigh
17File/foms/place-order.phppredictiveHigh
18File/getcfg.phppredictiveMedium
19File/GetCSSashx/?CP=%2fwebconfigpredictiveHigh
20File/goform/login_processpredictiveHigh
21File/goform/rlmswitchr_processpredictiveHigh
22File/goforms/rlminfopredictiveHigh
23File/newsDia.phppredictiveMedium
24File/pluginpredictiveLow
25File/pms/index.phppredictiveHigh
26File/rating.phppredictiveMedium
27File/reviewer/system/system/admins/manage/users/user-update.phppredictiveHigh
28File/scas/admin/predictiveMedium
29File/xxxx/xxxxxxx/xxxxx.xxx?x=xxxx_xxxxpredictiveHigh
30File/xxxxxxxx/xxxxx.xxxpredictiveHigh
31File/xxx/xxx_xxxxxx.xpredictiveHigh
32File/xxxxxxx/predictiveMedium
33File/xxxxxxxxx-xxxxxxx-xxxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
34Filexxxxxx-xxxxxxx.xxxpredictiveHigh
35Filexxxxxxx.xxxpredictiveMedium
36Filexxx_xx_xxxx.xxxpredictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexxxxx/xxxxxx/xxxxxxx.xxxpredictiveHigh
39Filexxxxx/xxxxx.xxxpredictiveHigh
40Filexxxxx/xxxxxx.xxxpredictiveHigh
41Filexxxxx_xxxxxxx.xxxpredictiveHigh
42Filexx_xxxxxx.xxxpredictiveHigh
43Filexxxxx/xxxxxxxx/xx-xxx/xx_xxxxxxx.xpredictiveHigh
44Filexxxx_xxxxxxx.xxxpredictiveHigh
45Filexxx/xxxxx/xxxx/xxxxpredictiveHigh
46Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
47Filexxxx-xxxxxx.xpredictiveHigh
48Filexxxxxxxxx.xxxpredictiveHigh
49Filexxxxxxx.xxpredictiveMedium
50Filexxxxx.xxxpredictiveMedium
51Filexxxxxxxx.xxxpredictiveMedium
52Filexxx-xxx/xxxxxxpredictiveHigh
53Filexxx.xxpredictiveLow
54Filexxxxxx/xxx.xpredictiveMedium
55Filexxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
56Filexxx?xxx=xxxxxpredictiveHigh
57Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
58Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxpredictiveHigh
59Filexxxxxx.xxxpredictiveMedium
60Filexxxxxxxxxx_xxxxxx.xxxpredictiveHigh
61Filexxxxx/xxxx/xxxxxxxxpredictiveHigh
62Filexxxxxxx/xxx/xxx-xxx.xpredictiveHigh
63Filexxxxxxx/xxxxxxxxxx/xxx/xxxx/xxxx-xxx.xpredictiveHigh
64Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveHigh
65Filexxxxxxxxxx.xxxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxxxxx.xpredictiveMedium
68Filexxxx.xxxpredictiveMedium
69Filexxxxx.xxxpredictiveMedium
70Filexxxxxxx.xxxpredictiveMedium
71Filexxxx.xxxpredictiveMedium
72Filexxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxx/xxxxxx_xxxx.xxxpredictiveHigh
73Filexxx_xxxx.xxxpredictiveMedium
74Filexxxxxxxxx.xxxpredictiveHigh
75Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
76Filexxxxxxxxxxxx.xxxpredictiveHigh
77Filexxx/xxxxxx.xxxpredictiveHigh
78Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
79Filexxxxxxx/xxxxxxxxx.xxxpredictiveHigh
80Filexxxxx.xxxpredictiveMedium
81Filexxxxx.xxxpredictiveMedium
82Filexxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxxpredictiveHigh
83Filexxxx_xxxx.xxxpredictiveHigh
84Filexxxxx.xxx.xxx.xxpredictiveHigh
85Filexxxxxxxx/xxx/xxxxxx.xpredictiveHigh
86Filexxxxxxxx/xxx/xxxxx.xpredictiveHigh
87Filexxxxxx.xxxpredictiveMedium
88Filexxxx-xxxxxxxx.xxxpredictiveHigh
89Filexxxxx.xxxpredictiveMedium
90Filexxxxx.xxxpredictiveMedium
91Filexxxxx.xxxpredictiveMedium
92Filexxxxx_xxx.xxxpredictiveHigh
93Filexxxxx_xx.xxxxpredictiveHigh
94Filexx-xxxxx/xxxx-xxxx.xxxpredictiveHigh
95Filexxx_xxxxx.xpredictiveMedium
96Filexxxxxxx.xxxpredictiveMedium
97Filexxx/xxxxxxxxx/xxxxx_xxxx.xpredictiveHigh
98Filexxxx_xxxxxx.xxxpredictiveHigh
99Filexxx/xxxxx.xxxxpredictiveHigh
100Filexxxx.xxxpredictiveMedium
101Filexxxxxxxx.xxxpredictiveMedium
102Filexxxxxxxx_xxxxxxxx.xxxpredictiveHigh
103Filexxxxxxx.xxxpredictiveMedium
104Filexxxxxx_xxxxxxxxxx_xxxxx.xxxpredictiveHigh
105Filexxxx.xxxpredictiveMedium
106Filexxxxxxx.xxxpredictiveMedium
107Filexxxxxx.xxxpredictiveMedium
108Filexxxxxxxxxx.xxxpredictiveHigh
109Filexxxxxxxx.xxxpredictiveMedium
110Filexxx_xxxx_xxxxxxxxx.xxpredictiveHigh
111Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
112Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
113Filexxxxx.xxxpredictiveMedium
114Filexxxx.xxxpredictiveMedium
115Filexxx/xxxxxxx.xpredictiveHigh
116Filexxx/xxxx/xxx/xxxx.xpredictiveHigh
117Filexxx_xxxxx.xpredictiveMedium
118Filexxxxxx_xxxxxxx.xxxpredictiveHigh
119Filexxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
120Filexxxxxx.xxxpredictiveMedium
121Filexxxx/xxx-xxx.xxxpredictiveHigh
122Filexxxxx/xxxxxx.xxxpredictiveHigh
123Filexxx.xxxpredictiveLow
124FilexxxxxxpredictiveLow
125Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
126Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveHigh
127Filexx-xxxxxxxx/xx/xxxxxxxxxxxxpredictiveHigh
128Filexx-xxxxx.xxxpredictiveMedium
129Filexx-xxxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxx.xxxpredictiveMedium
131File\xxxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
132File\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
133File\xxxx\xxxxxxxxxx\xxxx.xxxpredictiveHigh
134File_xxxxxx.xxxpredictiveMedium
135Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
136Libraryxxx/xx_xxx.xpredictiveMedium
137Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
138Argument$_xxxxxxx['xxxxxxx']['xxxx']predictiveHigh
139Argumentxxx_xxxxpredictiveMedium
140Argumentxxxxxx/xxxxxxpredictiveHigh
141ArgumentxxxxxxxxpredictiveMedium
142ArgumentxxxxxxpredictiveLow
143Argumentxxx_xxxpredictiveLow
144ArgumentxxxpredictiveLow
145Argumentxxx_xxpredictiveLow
146ArgumentxxxpredictiveLow
147ArgumentxxxpredictiveLow
148Argumentxxxx_xxpredictiveLow
149ArgumentxxxxxxxxxxxxxxxpredictiveHigh
150ArgumentxxxxxxpredictiveLow
151ArgumentxxxxpredictiveLow
152ArgumentxxxpredictiveLow
153ArgumentxxxxpredictiveLow
154Argumentxxxxxx/xxxxxxpredictiveHigh
155ArgumentxxxxpredictiveLow
156ArgumentxxxxxxxxxxpredictiveMedium
157ArgumentxxxxxxpredictiveLow
158Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
159Argumentx/xx/x/xxxx_xxxxxxxx_xxxxxx/xxxx_xxxxxxpredictiveHigh
160Argumentxxxxx/xxxxxxxxxxxxxxpredictiveHigh
161ArgumentxxxxpredictiveLow
162ArgumentxxxxpredictiveLow
163ArgumentxxxxxxxxxxpredictiveMedium
164ArgumentxxxxpredictiveLow
165Argumentxxxx/xxxxxxxpredictiveMedium
166ArgumentxxxxpredictiveLow
167ArgumentxxpredictiveLow
168ArgumentxxxxxxxxpredictiveMedium
169ArgumentxxxxxxxpredictiveLow
170Argumentxxxx_xxpredictiveLow
171ArgumentxxxxpredictiveLow
172ArgumentxxxpredictiveLow
173Argumentxxx_xxxxpredictiveMedium
174ArgumentxxxpredictiveLow
175Argumentxxxxxx_xxxx_xxxxpredictiveHigh
176Argumentxxxxxx_xxpredictiveMedium
177ArgumentxxxxpredictiveLow
178ArgumentxxxxxxxpredictiveLow
179ArgumentxxxxxxxpredictiveLow
180Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
181Argumentxxxxx/xxxxxxxpredictiveHigh
182ArgumentxxxxxxpredictiveLow
183ArgumentxxxxpredictiveLow
184ArgumentxxxxpredictiveLow
185ArgumentxxxxxxxxpredictiveMedium
186ArgumentxxxxpredictiveLow
187Argumentxxxx_xxxxpredictiveMedium
188Argumentxxxx_xxpredictiveLow
189Argumentxxxxxxx_xxpredictiveMedium
190Argumentxxxxxxx_xxxxpredictiveMedium
191ArgumentxxxxxxpredictiveLow
192ArgumentxxxxxxxxpredictiveMedium
193ArgumentxxxxxxxpredictiveLow
194ArgumentxxxxxxxxxxpredictiveMedium
195ArgumentxxxxxxpredictiveLow
196ArgumentxxxxxxpredictiveLow
197Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
198Argumentxxxxxxxxxx/xxxxxxxpredictiveHigh
199ArgumentxxxxxxxxpredictiveMedium
200Argumentxxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]predictiveHigh
201ArgumentxxxxpredictiveLow
202ArgumentxxxpredictiveLow
203ArgumentxxxxxxxxxpredictiveMedium
204Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
205ArgumentxxxxxxxxpredictiveMedium
206ArgumentxxxxxpredictiveLow
207ArgumentxxxxxxxxxxxpredictiveMedium
208ArgumentxxxxxpredictiveLow
209ArgumentxxxpredictiveLow
210ArgumentxxxpredictiveLow
211Argumentxxxx/xxxxpredictiveMedium
212ArgumentxxxxxxxxpredictiveMedium
213Argumentxxxx_xxpredictiveLow
214Argumentxxxx_xxxxpredictiveMedium
215ArgumentxxxxxpredictiveLow
216Argument\xxx\predictiveLow
217Argument\xxxxxx\predictiveMedium
218Argument_xxxxxpredictiveLow
219Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
220Input Value../predictiveLow
221Input Value../..predictiveLow
222Input Value.xxxpredictiveLow
223Input Valuexx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --predictiveHigh
224Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
225Input Valuexxxxx' xx 'x'='xpredictiveHigh
226Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
227Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
228Input Value\xpredictiveLow
229Pattern|xx xx xx|predictiveMedium
230Network Portxxx/xxx (xxx)predictiveHigh
231Network Portxxx xxxxxx xxxxpredictiveHigh

References (6)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!