Rocket Kitten Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (715)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en680
es10
ja6
de6
pl4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us482
ir68
es44
ru14
gb10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Magic Hound5
Thamar Reservoir3
Conti1
Pawn Storm1
MuddyWater1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined224
Operating System26
Content Management System20
Web Server20
WordPress Plugin16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined176
Microsoft38
Oracle26
Apache20
D-Link14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows22
GPAC8
WordPress6
Apache Tomcat6
Apache HTTP Server6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2Microsoft Windows Win32k Local Privilege Escalation7.87.4$25k-$100k$0-$5kHighOfficial Fix0.001280.04CVE-2023-29336
3Hikvision Product Message command injection5.55.5$0-$5k$0-$5kHighNot Defined0.974850.05CVE-2021-36260
4Google Chrome WebRTC heap-based overflow6.36.0$25k-$100k$5k-$25kHighOfficial Fix0.011520.00CVE-2022-2294
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.18CVE-2010-0966
6SourceCodester Canteen Management System food.php query cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000590.00CVE-2022-4091
7MINMAX newsDia.php sql injection6.35.8$0-$5k$0-$5kNot DefinedNot Defined0.000830.05CVE-2020-36535
8SourceCodester Canteen Management System POST Request ajax_invoice.php query sql injection6.66.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.003160.11CVE-2022-4222
9SourceCodester Event Registration System cross site scripting3.63.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.00CVE-2022-4233
10SourceCodester Apartment Visitor Management System action-visitor.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001420.11CVE-2022-2772
11HTC One/Sense Mail Client certificate validation4.84.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.001330.00CVE-2013-10001
12SourceCodester Online Tours & Travels Management System disapprove_delete.php exec sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000730.05CVE-2023-2619
13WordPress do_trackbacks sql injection6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001220.00CVE-2010-4257
14Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.00CVE-2017-0055
15wordpress-gallery-transformation gallery.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002110.00CVE-2017-1002028
16Fortinet FortiOS SSL VPN Web Portal path traversal8.18.0$0-$5k$0-$5kHighOfficial Fix0.974100.04CVE-2018-13379
17Campcodes Online Thesis Archiving System view_department.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001460.03CVE-2023-2144
18OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.59CVE-2016-6210
19Redis XAUTOCLAIM Command integer overflow6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.017190.01CVE-2022-35951
20Roku RokuOS Realtek WiFi Chip unknown vulnerability4.64.5$0-$5k$0-$5kNot DefinedNot Defined0.000440.00CVE-2022-27152

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Rocket Kitten

IOC - Indicator of Compromise (91)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.39.223.227Magic HoundRocket Kitten12/17/2020verifiedHigh
25.145.151.1ip-5-145-151-1.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
35.145.151.2ip-5-145-151-2.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
45.145.151.3ip-5-145-151-3.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
55.145.151.4ip-5-145-151-4.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
65.145.151.5ip-5-145-151-5.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
75.145.151.6ip-5-145-151-6.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
85.145.151.7ip-5-145-151-7.hosts.businesscomnetworks.comMagic HoundRocket Kitten12/17/2020verifiedHigh
931.192.105.10Magic HoundRocket Kitten12/17/2020verifiedHigh
1083.170.33.37host-83-170-33-37.customer.teleport-iabg.deRocket Kitten04/07/2022verifiedHigh
1183.170.33.60host-83-170-33-60.customer.teleport-iabg.deRocket Kitten04/07/2022verifiedHigh
1283.170.33.80host-83-170-33-80.customer.teleport-iabg.deRocket Kitten04/07/2022verifiedHigh
1383.170.43.67host-83-170-43-67.customer.teleport-iabg.deRocket Kitten04/07/2022verifiedHigh
1484.11.75.220host-84-11-75-220.customer.teleport-iabg.deRocket Kitten04/07/2022verifiedHigh
1584.11.146.52host-84-11-146-52.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
1684.11.146.53host-84-11-146-53.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
1784.11.146.54host-84-11-146-54.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
1884.11.146.55host-84-11-146-55.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
1984.11.146.56host-84-11-146-56.customer.teleport-iabg.deMagic HoundRocket Kitten12/17/2020verifiedHigh
20XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
21XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
22XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
23XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
24XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
25XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
26XX.XX.XXX.XXxxxx-xx-xx-xxx-xx.xxxxxxxx.xxxxxxxx-xxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
27XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
28XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
29XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
30XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
31XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
32XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
33XXX.X.XXX.XXXxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
34XXX.X.XXX.XXXxxxxxxx.xxxxxxxx.xxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
35XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
36XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
37XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
38XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
39XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
40XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
41XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
42XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
43XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
44XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
45XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
46XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
47XXX.X.XXX.XXxx-xxxxxxxxxx.xxxxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
48XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
49XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
50XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
51XXX.X.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
52XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
53XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
54XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
55XXX.X.XXX.XXXxxxxxx.xxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
56XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
57XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
58XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
59XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
60XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
61XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
62XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
63XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
64XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
65XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
66XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
67XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
68XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
69XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
70XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
71XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
72XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
73XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
74XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
75XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
76XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
77XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
78XXX.X.XXX.XXXxxx.xxx.x.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
79XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
80XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
81XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
82XXX.XXX.XX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
83XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
84XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
85XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
86XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
87XXX.XXX.XX.XXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
88XXX.XXX.XXX.XXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
89XXX.XXX.XX.XXXxxxx.xxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
90XXX.XXX.XX.XXXxxxx.xxxxxx.xxxXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh
91XXX.XXX.XXX.XXXXxxxx XxxxxXxxxxx Xxxxxx12/17/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-50CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
19TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-157CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
23TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
24TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (252)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/admin.phppredictiveMedium
3File/admin/book/create/predictiveHigh
4File/admin/curriculum/view_curriculum.phppredictiveHigh
5File/admin/departments/view_department.phppredictiveHigh
6File/Admin/login.phppredictiveHigh
7File/admin/loginc.phppredictiveHigh
8File/admin/students/manage.phppredictiveHigh
9File/admin/user/manage_user.phppredictiveHigh
10File/auditLogAction.dopredictiveHigh
11File/cgi-bin/wapopenpredictiveHigh
12File/devices/acurite.cpredictiveHigh
13File/DocSystem/Repos/getReposAllUsers.dopredictiveHigh
14File/etc/ajenti/config.ymlpredictiveHigh
15File/etc/sudoerspredictiveMedium
16File/event/admin/?page=user/listpredictiveHigh
17File/example/editorpredictiveHigh
18File/foms/place-order.phppredictiveHigh
19File/getcfg.phppredictiveMedium
20File/GetCSSashx/?CP=%2fwebconfigpredictiveHigh
21File/goform/login_processpredictiveHigh
22File/goform/rlmswitchr_processpredictiveHigh
23File/goforms/rlminfopredictiveHigh
24File/newsDia.phppredictiveMedium
25File/pluginpredictiveLow
26File/pms/index.phppredictiveHigh
27File/rating.phppredictiveMedium
28File/reviewer/system/system/admins/manage/users/user-update.phppredictiveHigh
29File/scas/admin/predictiveMedium
30File/scas/classes/Users.php?f=save_userpredictiveHigh
31File/xxxxxxxx/xxxxx.xxxpredictiveHigh
32File/xxx/xxx_xxxxxx.xpredictiveHigh
33File/xxxxxxx/predictiveMedium
34File/xxxxxxxxx-xxxxxxx-xxxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
35Filexxxxxx-xxxxxxx.xxxpredictiveHigh
36Filexxxxxxx.xxxpredictiveMedium
37Filexxx_xx_xxxx.xxxpredictiveHigh
38Filexxxxx.xxxpredictiveMedium
39Filexxxxx/xxxxxx/xxxxxxx.xxxpredictiveHigh
40Filexxxxx/xxxxx.xxxpredictiveHigh
41Filexxxxx/xxxxxx.xxxpredictiveHigh
42Filexxxxx_xxxxxxx.xxxpredictiveHigh
43Filexx_xxxxxx.xxxpredictiveHigh
44Filexxxxx/xxxxxxxx/xx-xxx/xx_xxxxxxx.xpredictiveHigh
45Filexxxx_xxxxxxx.xxxpredictiveHigh
46Filexxx/xxxxx/xxxx/xxxxpredictiveHigh
47Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
48Filexxxx-xxxxxx.xpredictiveHigh
49Filexxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxx.xxpredictiveMedium
51Filexxxxx.xxxpredictiveMedium
52Filexxxxxxxx.xxxpredictiveMedium
53Filexxx-xxx/xxxxxxpredictiveHigh
54Filexxx.xxpredictiveLow
55Filexxxxxx/xxx.xpredictiveMedium
56Filexxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
57Filexxx?xxx=xxxxxpredictiveHigh
58Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
59Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxpredictiveHigh
60Filexxxxxx.xxxpredictiveMedium
61Filexxxxxxxxxx_xxxxxx.xxxpredictiveHigh
62Filexxxxx/xxxx/xxxxxxxxpredictiveHigh
63Filexxxxxxx/xxx/xxx-xxx.xpredictiveHigh
64Filexxxxxxx/xxxxxxxxxx/xxx/xxxx/xxxx-xxx.xpredictiveHigh
65Filexxxxxxx/xxx/xxxx/xxxxx.xpredictiveHigh
66Filexxxxxxxxxx.xxxxpredictiveHigh
67Filexxxxx.xxxpredictiveMedium
68Filexxx/xxxx/xxx/xxxxx_xxxx.xpredictiveHigh
69Filexxx/xxxx/xxx_xxx.xpredictiveHigh
70Filexxxxxxxx.xpredictiveMedium
71Filexxxx.xxxpredictiveMedium
72Filexxxxx.xxxpredictiveMedium
73Filexxxxxxx.xxxpredictiveMedium
74Filexxxx.xxxpredictiveMedium
75Filexxxxxxx-xxxxxx/xxxxxxxx/xxxxx/xxxx/xxxxxx_xxxx.xxxpredictiveHigh
76Filexxx_xxxx.xxxpredictiveMedium
77Filexxxx.xxxpredictiveMedium
78Filexxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
80Filexxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxxxxx.xxxpredictiveHigh
82Filexxx/xxxxxx.xxxpredictiveHigh
83Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
84Filexxxxxxx/xxxxxxxxx.xxxpredictiveHigh
85Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
86Filexxxxx.xxxpredictiveMedium
87Filexxxxx.xxxpredictiveMedium
88Filexxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxxpredictiveHigh
89Filexxxx_xxxx.xxxpredictiveHigh
90Filexxxxxx.xpredictiveMedium
91Filexxxxx.xxx.xxx.xxpredictiveHigh
92Filexxxxxxxx/xxx/xxxxxx.xpredictiveHigh
93Filexxxxxxxx/xxx/xxxxx.xpredictiveHigh
94Filexxxxxx.xxxpredictiveMedium
95Filexxxx-xxxxxxxx.xxxpredictiveHigh
96Filexxxxx.xxxpredictiveMedium
97Filexxxxx.xxxpredictiveMedium
98Filexxxxx.xxxpredictiveMedium
99Filexxxxx_xxx.xxxpredictiveHigh
100Filexxxxx_xx.xxxxpredictiveHigh
101Filexx-xxxxx/xxxx-xxxx.xxxpredictiveHigh
102Filexxx_xxxxx.xpredictiveMedium
103Filexxxxxxx.xxxpredictiveMedium
104Filexxx/xxxxxxxxx/xxxxx_xxxx.xpredictiveHigh
105Filexxxx_xxxxxx.xxxpredictiveHigh
106Filexxx/xxxxx.xxxxpredictiveHigh
107Filexxxx.xxxpredictiveMedium
108Filexxxxxxxx.xxxpredictiveMedium
109Filexxxxxxxx_xxxxxxxx.xxxpredictiveHigh
110Filexxxxxxx.xxxpredictiveMedium
111Filexxxxxxxxxxxxx-xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx/xxx/xxxxx_xxx/xx_xxxxxxx.xxxpredictiveHigh
112Filexxxxxx_xxxxxxxxxx_xxxxx.xxxpredictiveHigh
113Filexxxx.xxxpredictiveMedium
114Filexxxxxxx.xxxpredictiveMedium
115Filexxxxxx.xxxpredictiveMedium
116Filexxxxxxxxxx.xxxpredictiveHigh
117Filexxxxxxxx.xxxpredictiveMedium
118Filexxx_xxxx_xxxxxxxxx.xxpredictiveHigh
119Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
120Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
121Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
122Filexxxxx.xxxpredictiveMedium
123Filexxxx.xxxpredictiveMedium
124Filexxx/xxxxxxx.xpredictiveHigh
125Filexxx/xxxx/xxx/xxxx.xpredictiveHigh
126Filexxx_xxxxx.xpredictiveMedium
127Filexxxxxx_xxxxxxx.xxxpredictiveHigh
128Filexxxxxxxxxx.xxxpredictiveHigh
129Filexxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxx.xxxpredictiveMedium
131Filexxxx/xxx-xxx.xxxpredictiveHigh
132Filexxxxx/xxxxxx.xxxpredictiveHigh
133Filexxxx_xxxxx.xxxpredictiveHigh
134Filexxx.xxxpredictiveLow
135FilexxxxxxpredictiveLow
136Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
137Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveHigh
138Filexx-xxxxxxxx/xx/xxxxxxxxxxxxpredictiveHigh
139Filexx-xxxxx.xxxpredictiveMedium
140Filexx-xxxxxxxxxxx.xxxpredictiveHigh
141Filexxxxxx.xxxpredictiveMedium
142File\xxxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
143File\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
144File\xxxx\xxxxxxxxxx\xxxx.xxxpredictiveHigh
145File_xxxxxx.xxxpredictiveMedium
146Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
147Libraryxxxxxx.xxxpredictiveMedium
148Libraryxxx/xx_xxx.xpredictiveMedium
149Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
150Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
151Argument$_xxxxxxx['xxxxxxx']['xxxx']predictiveHigh
152Argumentxxx_xxxxpredictiveMedium
153Argumentxxxxxx/xxxxxxpredictiveHigh
154ArgumentxxxxxxxxpredictiveMedium
155ArgumentxxxxxxpredictiveLow
156Argumentxxx_xxxpredictiveLow
157ArgumentxxxpredictiveLow
158Argumentxxx_xxpredictiveLow
159ArgumentxxxpredictiveLow
160ArgumentxxxpredictiveLow
161Argumentxxxx_xxpredictiveLow
162ArgumentxxxxxxxxxxxxxxxpredictiveHigh
163ArgumentxxxxxxpredictiveLow
164ArgumentxxxxxxxxxxxxxxpredictiveHigh
165ArgumentxxxxpredictiveLow
166ArgumentxxxpredictiveLow
167ArgumentxxxxpredictiveLow
168Argumentxxxxxx/xxxxxxpredictiveHigh
169ArgumentxxxxpredictiveLow
170ArgumentxxxxxxxxxxpredictiveMedium
171ArgumentxxxxxxxxpredictiveMedium
172ArgumentxxxxxxpredictiveLow
173Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
174ArgumentxxxxpredictiveLow
175Argumentx/xx/x/xxxx_xxxxxxxx_xxxxxx/xxxx_xxxxxxpredictiveHigh
176Argumentxxxxx/xxxxxxxxxxxxxxpredictiveHigh
177ArgumentxxxxpredictiveLow
178ArgumentxxxxpredictiveLow
179ArgumentxxxxxxxxxpredictiveMedium
180ArgumentxxxxxxxxxxpredictiveMedium
181ArgumentxxxxpredictiveLow
182Argumentxxxx/xxxxxxxpredictiveMedium
183ArgumentxxxxpredictiveLow
184ArgumentxxpredictiveLow
185ArgumentxxxxxxxxpredictiveMedium
186ArgumentxxxxxxxpredictiveLow
187Argumentxxxx_xxpredictiveLow
188ArgumentxxxxpredictiveLow
189ArgumentxxxpredictiveLow
190ArgumentxxxxxxxpredictiveLow
191Argumentxxx_xxxxpredictiveMedium
192ArgumentxxxpredictiveLow
193Argumentxxxxxx_xxxx_xxxxpredictiveHigh
194Argumentxxxxxx_xxpredictiveMedium
195ArgumentxxxxpredictiveLow
196ArgumentxxxxxxxpredictiveLow
197ArgumentxxxxxxxpredictiveLow
198Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
199Argumentxxxxx/xxxxxxxpredictiveHigh
200ArgumentxxxxxxpredictiveLow
201ArgumentxxxxpredictiveLow
202ArgumentxxxxpredictiveLow
203ArgumentxxxxxxxxpredictiveMedium
204ArgumentxxxxpredictiveLow
205Argumentxxxx_xxxxpredictiveMedium
206Argumentxxxx_xxpredictiveLow
207Argumentxxxxxxx_xxpredictiveMedium
208Argumentxxxxxxx_xxxxpredictiveMedium
209ArgumentxxxxxxpredictiveLow
210ArgumentxxxxxxxxpredictiveMedium
211ArgumentxxxxxxxpredictiveLow
212ArgumentxxxxxxxxxxpredictiveMedium
213ArgumentxxxxxxpredictiveLow
214ArgumentxxxxxxpredictiveLow
215Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
216Argumentxxxxxxxxxx/xxxxxxxpredictiveHigh
217ArgumentxxxxxxxxpredictiveMedium
218Argumentxxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]predictiveHigh
219ArgumentxxxxpredictiveLow
220ArgumentxxxpredictiveLow
221ArgumentxxxxxxxxxpredictiveMedium
222Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
223ArgumentxxxxxxxxxxpredictiveMedium
224ArgumentxxxxxxxxpredictiveMedium
225ArgumentxxxxxpredictiveLow
226ArgumentxxxxxxxxxxxpredictiveMedium
227ArgumentxxxxxpredictiveLow
228ArgumentxxxpredictiveLow
229ArgumentxxxpredictiveLow
230Argumentxxxx/xxxxpredictiveMedium
231ArgumentxxxxxxxxpredictiveMedium
232Argumentxxxx_xxpredictiveLow
233Argumentxxxx_xxxxpredictiveMedium
234ArgumentxxxxxpredictiveLow
235Argument\xxx\predictiveLow
236Argument\xxxxxx\predictiveMedium
237Argument_xxxxxpredictiveLow
238Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
239Input Value-xpredictiveLow
240Input Value../predictiveLow
241Input Value../..predictiveLow
242Input Value.xxxpredictiveLow
243Input Valuexx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --predictiveHigh
244Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
245Input Valuexxxxx' xx 'x'='xpredictiveHigh
246Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
247Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
248Input Value\xpredictiveLow
249Pattern|xx xx xx|predictiveMedium
250Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
251Network Portxxx/xxx (xxx)predictiveHigh
252Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!