Fareit Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (434)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	322
zh	62
ru	34
pl	4
de	4

Country

la	226
us	100
ru	66
cn	30
gb	8

Actors

RedLine Stealer	12
Cobalt Strike	12
TrickBot	11
Ave Maria	9
AsyncRAT	7

Activities

Interest

Timeline

Type

Not Defined	152
Content Management System	38
Operating System	26
WordPress Plugin	14
Application Server Software	12

Vendor

Not Defined	164
Microsoft	22
Apache	16
Atlassian	10
Linux	8

Product

Microsoft Windows	16
WordPress	10
phpMyAdmin	8
Linux Kernel	8
Revive Adserver	6

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	Calculating	High	Workaround	0.02016	0.02	CVE-2007-1192
2	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.77	CVE-2010-0966
3	TikiWiki tiki-register.php input validation	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01075	6.81	CVE-2006-6168
4	nginx request smuggling	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	1.38	CVE-2020-12440
5	Tiki Admin Password tiki-login.php improper authentication	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00936	2.09	CVE-2020-15906
6	Bitrix Site Manager Vote Module Remote Code Execution	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00668	0.04	CVE-2022-27228
7	jQuery html cross site scripting	5.8	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01900	0.00	CVE-2020-11023
8	Esri ArcGIS Server sql injection	8.1	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00123	0.05	CVE-2021-29114
9	ILIAS Cloze Test Text gap Persistent cross site scripting	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00193	0.06	CVE-2019-1010237
10	OpenX adclick.php redirect	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00440	0.17	CVE-2014-2230
11	Drupal Sanitization API cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00056	0.02	CVE-2020-13672
12	LogicBoard CMS away.php redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	2.43
13	Harbor improper authentication	6.9	6.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02074	0.05	CVE-2022-46463
14	LiteSpeed Cache Plugin Shortcode cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00051	0.03	CVE-2023-4372
15	WebTitan Appliance Extensions Persistent cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.00
16	ipTIME NAS-I Bulletin Manage unrestricted upload	7.1	7.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00988	0.05	CVE-2020-7847
17	Jitsi Meet hard-coded credentials	8.5	7.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00196	0.03	CVE-2020-11878
18	request-baskets API Request {name} server-side request forgery	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.08109	0.00	CVE-2023-27163
19	PHP phpinfo cross site scripting	4.3	3.9	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.01960	0.03	CVE-2007-1287
20	Microsoft Windows Scripting Engine Remote Code Execution	5.9	5.1	$25k-$100k	$5k-$25k	Unproven	Official Fix	0.33048	0.00	CVE-2021-34480

IOC - Indicator of Compromise (183)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	2.59.41.199	man-spb.ru	Fareit	04/12/2022	verified	High
2	5.77.32.186	horwich.eukhosting.net	Fareit	05/05/2022	verified	High
3	17.173.66.181		Fareit	05/05/2022	verified	High
4	20.42.73.29		Fareit	04/23/2022	verified	High
5	20.189.173.22		Fareit	04/23/2022	verified	High
6	23.21.126.66	ec2-23-21-126-66.compute-1.amazonaws.com	Fareit	07/24/2021	verified	Medium
7	23.21.252.4	ec2-23-21-252-4.compute-1.amazonaws.com	Fareit	07/24/2021	verified	Medium
8	23.96.24.107		Fareit	05/05/2022	verified	High
9	23.247.23.36		Fareit	04/08/2022	verified	High
10	34.117.168.233	233.168.117.34.bc.googleusercontent.com	Fareit	10/24/2021	verified	Medium
11	34.200.198.80	ec2-34-200-198-80.compute-1.amazonaws.com	Fareit	05/05/2022	verified	Medium
12	35.171.65.219	ec2-35-171-65-219.compute-1.amazonaws.com	Fareit	05/05/2022	verified	Medium
13	35.223.217.188	188.217.223.35.bc.googleusercontent.com	Fareit	05/05/2022	verified	Medium
14	37.10.116.208		Fareit	04/29/2022	verified	High
15	37.48.104.71		Fareit	05/05/2022	verified	High
16	37.57.15.7	7.15.57.37.triolan.net	Fareit	05/07/2022	verified	High
17	38.18.228.192		Fareit	04/08/2022	verified	High
18	46.37.195.5	5.pool-46.37.195.icn.ua	Fareit	05/07/2022	verified	High
19	46.101.56.69		Fareit	05/05/2022	verified	High
20	46.101.122.232		Fareit	05/05/2022	verified	High
21	46.118.147.54	46-118-147-54.broadband.kyivstar.net	Fareit	05/07/2022	verified	High
22	46.211.74.79	46-211-74-79.mobile.kyivstar.net	Fareit	05/07/2022	verified	High
23	46.216.100.4		Fareit	05/07/2022	verified	High
24	46.250.3.88	46.250.3.88.pool.breezein.net	Fareit	05/07/2022	verified	High
25	50.87.236.238	50-87-236-238.unifiedlayer.com	Fareit	10/24/2021	verified	High
26	50.97.212.250	fa.d4.6132.ip4.static.sl-reverse.com	Fareit	04/08/2022	verified	High
27	51.15.44.251	tor-13.dc6jgk.de	Fareit	04/08/2022	verified	High
28	52.1.79.244	ec2-52-1-79-244.compute-1.amazonaws.com	Fareit	05/05/2022	verified	Medium
29	52.8.196.60	ec2-52-8-196-60.us-west-1.compute.amazonaws.com	Fareit	05/05/2022	verified	Medium
30	52.54.24.134	ec2-52-54-24-134.compute-1.amazonaws.com	Fareit	04/08/2022	verified	Medium
31	52.86.54.255	ec2-52-86-54-255.compute-1.amazonaws.com	Fareit	05/05/2022	verified	Medium
32	52.182.143.212		Fareit	04/23/2022	verified	High
33	62.75.224.4	prag239.dedicatedpanel.com	Fareit	05/05/2022	verified	High
34	62.173.140.44	itkn.planetahost.ru	Fareit	04/12/2022	verified	High
35	62.210.204.55	62-210-204-55.rev.poneytelecom.eu	Fareit	04/08/2022	verified	High
36	62.212.132.148	62.212.132.148.xenosite.net	Fareit	10/02/2023	verified	High
37	63.141.242.46		Fareit	11/16/2021	verified	High
38	XX.XXX.XXX.XXX	xxxx-xx-xxx-xxx-xxx.xxx.xxxxxx.xxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
39	XX.XXX.XXX.XXX	xx-xxx-xxx-xxx.xxxxxxx.xxxx.xxx	Xxxxxx	05/05/2022	verified	High
40	XX.XXX.XX.XXX	xxxxx-xxx.xxxxxxx.xxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
41	XX.XX.X.XXX		Xxxxxx	05/05/2022	verified	High
42	XX.XXX.XXX.XXX	xxxxxxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
43	XX.XXX.XXX.XX	xx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
44	XX.XX.XX.XXX	xxxx-xx-xx-xx-xxx.xx.xxx.xx.xxx	Xxxxxx	10/24/2021	verified	High
45	XX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	11/16/2021	verified	High
46	XX.XX.XXX.XXX	xxxxxx.xxxxxxxxx.xxx	Xxxxxx	10/16/2021	verified	High
47	XX.XX.XX.XXX	xx-xx-xx-xxx.xx-xxxxx.xxxxxx.xx	Xxxxxx	10/02/2023	verified	High
48	XX.XX.XX.XXX	xxxx-xxxx.xxxxxx.xxxxx-x.xxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
49	XX.XXX.XXX.XX	xxxxxxxxxxx.xxxxxxxx-xxxx.xxx.xxx	Xxxxxx	04/14/2022	verified	High
50	XX.XXX.XX.XX	xx.xxx.xx.xx.xxx.xxxxx.xxx	Xxxxxx	05/07/2022	verified	High
51	XX.XXX.XX.X	xx.xxx.xx.x.xxx.xxxxx.xxx	Xxxxxx	05/07/2022	verified	High
52	XX.XXX.XXX.XXX		Xxxxxx	04/12/2022	verified	High
53	XX.XX.XX.XX	xxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
54	XX.XX.XX.XXX	xxxxxx.xxx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
55	XX.XX.XXX.XXX	xxxx.xxxxxxxxx.xx	Xxxxxx	04/08/2022	verified	High
56	XX.XXX.XXX.XX		Xxxxxx	07/24/2021	verified	High
57	XX.XX.XX.X	xxxxx-xxxx.xx.xx	Xxxxxx	04/12/2022	verified	High
58	XX.XXX.XX.XX	xxxxxx-xx-xxx-xx.xxxxxxxxxxxxxx.xxxxx.xx	Xxxxxx	04/30/2022	verified	High
59	XX.XX.XX.XXX		Xxxxxx	11/16/2021	verified	High
60	XX.XX.XX.XXX		Xxxxxx	11/16/2021	verified	High
61	XX.XXX.XXX.XX	xxx.xxxxx.xx	Xxxxxx	10/24/2021	verified	High
62	XX.XXX.XXX.XXX	xxx.xxxxx.xx	Xxxxxx	10/24/2021	verified	High
63	XX.XXX.XXX.XX	xxxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxx	10/02/2023	verified	High
64	XX.XXX.XXX.XXX	xxxxxx.xx	Xxxxxx	10/02/2023	verified	High
65	XX.XXX.XX.XX	xxxxxxxxxxxx.xxxxxxxx.xxxxxxxxx.xx	Xxxxxx	05/07/2022	verified	High
66	XX.XXX.XX.XX	xxxxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
67	XX.XXX.XXX.XX	xx.xxx.xxx.xx.xx.xxxxx.xx	Xxxxxx	05/07/2022	verified	High
68	XX.XXX.XX.XX		Xxxxxx	10/24/2021	verified	High
69	XX.XXX.XXX.XX	xxxxxxxx.xxxxxx.xx	Xxxxxx	10/02/2023	verified	High
70	XX.XXX.XXX.XX		Xxxxxx	05/07/2022	verified	High
71	XX.XX.XXX.XXX	xxxxxxx.xxxxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
72	XX.XX.XXX.XX	xxxxxxx.xxxxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
73	XX.XX.XXX.X		Xxxxxx	05/05/2022	verified	High
74	XX.XX.XXX.XXX	xxxxxx-xx-xx-xx-xxx-xxx.xxxxxx.xx-xxxx.xxx	Xxxxxx	05/05/2022	verified	High
75	XX.XXX.XXX.XXX	xxxxxx-xxxxxx.xxx.xxxxx.xx	Xxxxxx	10/24/2021	verified	High
76	XX.XXX.XXX.XXX	xx.xxx.xxx.xxx.xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
77	XX.XXX.XXX.XX	xxxxx.xxxxx-xxxxxxxxxxx.xxx	Xxxxxx	10/02/2023	verified	High
78	XX.XXX.XX.XXX	xxx.xxxxxxxxx.xx	Xxxxxx	10/24/2021	verified	High
79	XX.XXX.XX.XX		Xxxxxx	10/02/2023	verified	High
80	XX.XX.XX.XX	xxxxxx.xx.xx.xx.xx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
81	XX.XXX.XX.XXX		Xxxxxx	04/12/2022	verified	High
82	XX.XXX.XXX.XXX		Xxxxxx	07/24/2021	verified	High
83	XX.XXX.XXX.XX	xxxxx.xxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
84	XX.XXX.XX.XX	xxxxxxx.xxxxxxxxxx.xx	Xxxxxx	10/24/2021	verified	High
85	XX.XX.XXX.XX	xx.xx.xxx.xx.xxx.xxxxx.xxx	Xxxxxx	05/07/2022	verified	High
86	XX.XXX.XXX.XXX		Xxxxxx	04/12/2022	verified	High
87	XX.XXX.XXX.XX		Xxxxxx	04/08/2022	verified	High
88	XX.XXX.XXX.XX		Xxxxxx	04/08/2022	verified	High
89	XXX.XX.XX.XXX	xxxxxxx.xxxxx.xx	Xxxxxx	04/08/2022	verified	High
90	XXX.XX.XX.XXX	xxxxxxx.xxxxx.xx	Xxxxxx	11/16/2021	verified	High
91	XXX.XX.XX.XX	xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
92	XXX.XX.XXX.XXX	xxx-xx-xxx-xxx.xxxxxxx.xxx	Xxxxxx	05/11/2022	verified	High
93	XXX.XX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
94	XXX.XX.XX.XXX		Xxxxxx	04/30/2022	verified	High
95	XXX.XX.XX.XXX		Xxxxxx	04/30/2022	verified	High
96	XXX.XX.XXX.XXX		Xxxxxx	04/08/2022	verified	High
97	XXX.XX.XX.XXX		Xxxxxx	05/11/2022	verified	High
98	XXX.XX.XX.XXX		Xxxxxx	05/11/2022	verified	High
99	XXX.XXX.XXX.XXX	xxxx-xxx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
100	XXX.XXX.XX.XX		Xxxxxx	04/23/2022	verified	High
101	XXX.XXX.XXX.XX		Xxxxxx	05/05/2022	verified	High
102	XXX.XXX.XXX.XXX	xx-xxxxxxxx.xxxxx.xxx	Xxxxxx	10/24/2021	verified	High
103	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxx	07/24/2021	verified	High
104	XXX.XXX.XXX.XX		Xxxxxx	05/05/2022	verified	High
105	XXX.XX.XX.X	x.xx.xx.xxx.xxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
106	XXX.XXX.X.XX	xxx-xxx-x-xx.xxxxxxxxx.xxxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
107	XXX.XX.XX.XXX		Xxxxxx	10/23/2022	verified	High
108	XXX.XXX.XXX.XXX	xx.xxxxxxxxxxx.xx.xx	Xxxxxx	10/24/2021	verified	High
109	XXX.XXX.XXX.XXX	xxxxxx.xxxxxxxx.xxx	Xxxxxx	10/16/2021	verified	High
110	XXX.XXX.XXX.X		Xxxxxx	05/07/2022	verified	High
111	XXX.XX.XX.X	xxxxxxxxx.xxxxxxx.xx	Xxxxxx	04/08/2022	verified	High
112	XXX.XXX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
113	XXX.XX.XXX.XX	xx-xxx-xx-xxx-xx.xx.xxxxxxxxxxxx.xxx	Xxxxxx	10/16/2021	verified	High
114	XXX.XX.XXX.XXX	xxx.xxxxxxx.xxx	Xxxxxx	04/12/2022	verified	High
115	XXX.XXX.XX.XXX		Xxxxxx	10/01/2022	verified	High
116	XXX.XX.XXX.XX		Xxxxxx	04/30/2022	verified	High
117	XXX.XX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
118	XXX.XX.XXX.XX		Xxxxxx	04/30/2022	verified	High
119	XXX.XX.XXX.XXX		Xxxxxx	05/11/2022	verified	High
120	XXX.XXX.XX.XX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
121	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	05/05/2022	verified	High
122	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	05/05/2022	verified	High
123	XXX.XXX.XX.X	x.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
124	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
125	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
126	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	11/16/2021	verified	High
127	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	11/16/2021	verified	High
128	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	11/16/2021	verified	High
129	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
130	XXX.XXX.XXX.XX		Xxxxxx	05/05/2022	verified	High
131	XXX.XXX.XXX.XX		Xxxxxx	10/24/2021	verified	High
132	XXX.XXX.XXX.XXX		Xxxxxx	04/30/2022	verified	High
133	XXX.XXX.XXX.XXX		Xxxxxx	04/30/2022	verified	High
134	XXX.X.XX.XXX	xxx-x-xx-xxx.xxxxxxxxx.xxxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
135	XXX.XXX.X.XX	xxx-xxx-x-xx.xxxxxxx.xx	Xxxxxx	05/07/2022	verified	High
136	XXX.XX.XX.X	xxx.xx-xxx-xx-xx.xx	Xxxxxx	10/02/2023	verified	High
137	XXX.XX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
138	XXX.XXX.XXX.XXX		Xxxxxx	04/12/2022	verified	High
139	XXX.XXX.XXX.XX	xx.xxx.xxx.xxx.xxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
140	XXX.XXX.XX.X	x.xx.xxx.xxx.xxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
141	XXX.XXX.XXX.XX	xx.xxx.xxx.xxx.xxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High
142	XXX.XXX.XX.XX	xxx-xxx-xx-xx-xx.xxxxxx.xx	Xxxxxx	05/07/2022	verified	High
143	XXX.XXX.XX.XX	xxxxx-xxx-xx.xxxxxx.xx	Xxxxxx	05/07/2022	verified	High
144	XXX.XX.XXX.XXX	xxxx-xx-xxx-xxx.xxxxxx.xxxxxx.xxxxxxxxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
145	XXX.XXX.XXX.XXX	xx-xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
146	XXX.XX.XXX.X	xxx.xx.xxx.x.xxxxxxxxx-xxx	Xxxxxx	04/08/2022	verified	High
147	XXX.XXX.XXX.XXX	xxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxx.xx	Xxxxxx	04/08/2022	verified	High
148	XXX.XXX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
149	XXX.XXX.XX.XXX	xxxxxxxxxx.xx.xxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
150	XXX.XXX.XX.XX	xxxx-xxx-xxx-xx-xx.xx.xxx.xx	Xxxxxx	05/07/2022	verified	High
151	XXX.XXX.XXX.XX		Xxxxxx	05/07/2022	verified	High
152	XXX.XXX.XX.XXX	xxxxx-xxx.xxxxxxx.xxxxxx.xxx	Xxxxxx	04/30/2022	verified	High
153	XXX.XXX.XX.XX	xxxxx-xx.xxxxxxx.xxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
154	XXX.XXX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
155	XXX.XXX.XXX.XXX	xxx.xxxxx.xxxx	Xxxxxx	11/16/2021	verified	High
156	XXX.XX.XXX.XXX	xxxxxxxxxx.xxxxxxx.xx	Xxxxxx	04/08/2022	verified	High
157	XXX.XX.XX.XXX	xxx.xx.xx.xxx.xxxxxx.xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
158	XXX.XXX.XXX.XX		Xxxxxx	05/05/2022	verified	High
159	XXX.XX.XXX.XXX		Xxxxxx	05/05/2022	verified	High
160	XXX.XXX.XXX.XXX	xxx.xxxxx.xxx	Xxxxxx	04/12/2022	verified	High
161	XXX.XXX.XXX.XXX	xxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxx	05/05/2022	verified	High
162	XXX.XX.XX.XXX		Xxxxxx	04/30/2022	verified	High
163	XXX.XX.XX.X	xxxxxx.xxxxxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
164	XXX.XX.XXX.XX	xxxxxxxxxx-x.xxx-xxxxxxx.xxx	Xxxxxx	10/24/2021	verified	High
165	XXX.XX.XXX.XX	xxxxx-xx.xxxxxxx.xxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
166	XXX.XXX.XXX.XXX		Xxxxxx	04/30/2022	verified	High
167	XXX.XXX.XX.XXX	xxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
168	XXX.XX.XXX.XXX	x-xxxx.x-xxxxxx.xxx	Xxxxxx	05/11/2022	verified	High
169	XXX.XXX.XXX.XX	xxxxx.xxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
170	XXX.XX.XXX.X	xx-xxx.xxx	Xxxxxx	05/05/2022	verified	High
171	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	11/16/2021	verified	High
172	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
173	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxx	07/24/2021	verified	High
174	XXX.XX.XXX.XXX		Xxxxxx	10/02/2023	verified	High
175	XXX.XXX.XXX.XXX		Xxxxxx	04/08/2022	verified	High
176	XXX.X.XX.XXX	xxxxxxxxxxx-xxxxx.xxxxxxxxx-xxxxx.xx	Xxxxxx	10/24/2021	verified	High
177	XXX.XXX.XX.XX	xxxxxxxx.xxxxx.xxxxx	Xxxxxx	04/12/2022	verified	High
178	XXX.XXX.XXX.XXX	xxx-xxxxxxx.xxxxxxx.xx	Xxxxxx	04/12/2022	verified	High
179	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxx	05/05/2022	verified	High
180	XXX.XXX.X.XX	xxx-xxx-x-xx.xxxxxxx-xxx.xx-x.xxx	Xxxxxx	10/24/2021	verified	High
181	XXX.XXX.X.XXX	xxx-xxx-x-xxx.xxxxxxx-xxx.xx-x.xxx	Xxxxxx	10/24/2021	verified	High
182	XXX.XXX.XXX.XX	xxxxxxxxxxxxx.xx	Xxxxxx	04/08/2022	verified	High
183	XXX.XX.XXX.XX	xxxx-xxx-xx-xxx-xx.xxxxxxx.xxxxxxxxx.xxx	Xxxxxx	05/07/2022	verified	High

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-21, CWE-22, CWE-24	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-137	CWE-88, CWE-94, CWE-1321	Argument Injection	predictive	High
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	High
5	T1068	CAPEC-122	CWE-264, CWE-269, CWE-284	Execution with Unnecessary Privileges	predictive	High
6	TXXXX	CAPEC-150	CWE-XXX	Xxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxx	predictive	High
7	TXXXX.XXX	CAPEC-16	CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	High
8	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
9	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
10	TXXXX	CAPEC-	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
11	TXXXX	CAPEC-1	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
12	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
13	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	High
14	TXXXX	CAPEC-112	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
15	TXXXX	CAPEC-37	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
16	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
17	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
18	TXXXX.XXX	CAPEC-	CWE-XX	Xxxxxxxxxxxxx	predictive	High
19	TXXXX	CAPEC-112	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
20	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	High
21	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (216)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin/dl_sendmail.php	predictive	High
2	File	/admin/login.php	predictive	High
3	File	/adminPage/conf/reload	predictive	High
4	File	/api/baskets/{name}	predictive	High
5	File	/api/v2/cli/commands	predictive	High
6	File	/app/Http/Controllers/Admin/NEditorController.php	predictive	High
7	File	/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=	predictive	High
8	File	/DXR.axd	predictive	Medium
9	File	/forum/away.php	predictive	High
10	File	/mfsNotice/page	predictive	High
11	File	/mgmt/tm/util/bash	predictive	High
12	File	/mifs/c/i/reg/reg.html	predictive	High
13	File	/novel/bookSetting/list	predictive	High
14	File	/novel/userFeedback/list	predictive	High
15	File	/owa/auth/logon.aspx	predictive	High
16	File	/secure/ViewCollectors	predictive	High
17	File	/Session	predictive	Medium
18	File	/spip.php	predictive	Medium
19	File	/usr/bin/pkexec	predictive	High
20	File	/xAdmin/html/cm_doclist_view_uc.jsp	predictive	High
21	File	/x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3	predictive	High
22	File	/zm/index.php	predictive	High
23	File	adclick.php	predictive	Medium
24	File	add_comment.php	predictive	High
25	File	xxxxx.xxxxxxxxx.xxx	predictive	High
26	File	xxxxx/xxxxxxx.xxx	predictive	High
27	File	xxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxx	predictive	High
28	File	xxxx/xxxxxxxxxxxx.xxx	predictive	High
29	File	xxxx.xxx	predictive	Medium
30	File	xx_xxxx_xx_xxxx_xxxx.xxx	predictive	High
31	File	xxxx_xxxxxxx.xxx	predictive	High
32	File	xxx.xxx	predictive	Low
33	File	xxx-xxx/xxxxxxx.xx	predictive	High
34	File	xxxxxxxx.xxx	predictive	Medium
35	File	xxxxx.xxx	predictive	Medium
36	File	xxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxx	predictive	High
37	File	xxxxx-xxxxxxx.xxx	predictive	High
38	File	xxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxx	predictive	High
39	File	xxxxxx.xxx	predictive	Medium
40	File	xxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxx	predictive	High
41	File	xxxxxxxxxx\xxxx.xxx	predictive	High
42	File	xxxxxxxxxxx.xxx	predictive	High
43	File	x_xxxxxx	predictive	Medium
44	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
45	File	xxxxxxx_xxxxx.xxx	predictive	High
46	File	xxxx-xxxxxx.xxx	predictive	High
47	File	xxxxx.xxx	predictive	Medium
48	File	xxxxxxxxxxx.xxxxx.xxx	predictive	High
49	File	xxxx_xxxxxxxx.xxx	predictive	High
50	File	xxxxxxxxxxxxxxxxx.xxx	predictive	High
51	File	xxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxx	predictive	High
52	File	xxxxxxxxxxx.x	predictive	High
53	File	xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	High
54	File	xxxx.xxx	predictive	Medium
55	File	xxxxx_xxxx.xxx	predictive	High
56	File	xxxxxxxxx.xxx	predictive	High
57	File	xxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxx	predictive	High
58	File	xxx/xxxxxx.xxx	predictive	High
59	File	xxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxx	predictive	High
60	File	xxxxx.xxxx	predictive	Medium
61	File	xxxxx.xxx	predictive	Medium
62	File	xxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxx	predictive	High
63	File	xxxxx.xxx/xxxxxxx/xxxxx	predictive	High
64	File	xxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxx	predictive	High
65	File	xxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxx	predictive	High
66	File	xxxxx.xx	predictive	Medium
67	File	xxxxxxx.xxx	predictive	Medium
68	File	xxxx.xxx	predictive	Medium
69	File	xxxx_xxxxxxx.xxx	predictive	High
70	File	xxxxxxxxx/xxxxxx.xxx.xxx	predictive	High
71	File	xxx.xxx	predictive	Low
72	File	xxxxx-xxxx-xxxx.xxx	predictive	High
73	File	xxxxx.xxxx	predictive	Medium
74	File	xxxxx.xxx	predictive	Medium
75	File	xxxx.xxxx	predictive	Medium
76	File	xx_xxxx.x	predictive	Medium
77	File	xxx_xxxxx_xxxx.x	predictive	High
78	File	xxx/xxxx/xxxx_xxxxxxxxx.x	predictive	High
79	File	xxxxxxx_xxxx.xxx	predictive	High
80	File	xxxxxxxxxxxxxxxxx.xxx	predictive	High
81	File	xxxxxxx.xxx	predictive	Medium
82	File	xxxxxxx.xxx	predictive	Medium
83	File	xxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxx	predictive	High
84	File	xxxxxxx_xxxxxxx_xxxx.xxx	predictive	High
85	File	xxx_xxxxxx.xxxx	predictive	High
86	File	xxxxxxxx.xxx	predictive	Medium
87	File	xxxxxxxx.xxx	predictive	Medium
88	File	xxxxxxx.xxx	predictive	Medium
89	File	xxxxxxx/xxxxxxxxxxxxx.xxxx	predictive	High
90	File	xxxxxxxxxxxxxxx.xxx	predictive	High
91	File	xxxx_xxxx_xxxxxx.xxx	predictive	High
92	File	xxxxxx.xx	predictive	Medium
93	File	xxxxxx_xxxxxxx.xxx	predictive	High
94	File	xxxxxxxx/xxxx/xxxx.xxx?xxxxxx=xxxxxxxxxxxxxxxx	predictive	High
95	File	xxxx.xxx	predictive	Medium
96	File	xxxx.xx	predictive	Low
97	File	xxxxxxxx_xxxx.xxx	predictive	High
98	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	High
99	File	xxxx_xxxxx.xxxx	predictive	High
100	File	xxxxx.xxx	predictive	Medium
101	File	xxxxxxxxxx_xxxx.xxx	predictive	High
102	File	xxx/xxxx/xxxx	predictive	High
103	File	xxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxx	predictive	High
104	File	xxxxxxx.xxx.xx.xxxxxxxxxxx.xxx	predictive	High
105	File	xxxxxxxx.xxxxx.xxx	predictive	High
106	File	xxxxxxxxx/xxxxxxxx.xxx	predictive	High
107	File	xxxx_xxxxxx.xx	predictive	High
108	File	xxxx-xxxxx.xxx	predictive	High
109	File	xxxx-xxxxxxxx.xxx	predictive	High
110	File	xxxxxx_xxxxx.xxx	predictive	High
111	File	xxxxxx.xxx	predictive	Medium
112	File	xxxxxxx-xxxxx.xxx	predictive	High
113	File	xxxx_xxxxx.xxx	predictive	High
114	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	High
115	File	xxxxx.x	predictive	Low
116	File	xxxx.xxx	predictive	Medium
117	File	xxx-xxx/	predictive	Medium
118	File	xxxxxxx/xxx/xxxxxxx	predictive	High
119	File	xx-xxxxx-xxxxxx.xxx	predictive	High
120	File	xx-xxxx.xxx	predictive	Medium
121	File	xx-xxxxxxxxx.xxx	predictive	High
122	File	xxx/xxxxxxxx/xxxxxxxx.xxx	predictive	High
123	File	xxxx.xxx	predictive	Medium
124	File	~/xxx/xxxx-xxxxxxxxx.xxx	predictive	High
125	File	~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxx	predictive	High
126	Library	xxxxxxx/xxx.xxx.xxx.xxx	predictive	High
127	Argument	*xxxx	predictive	Low
128	Argument	xx	predictive	Low
129	Argument	xxx_xxx	predictive	Low
130	Argument	xxxx	predictive	Low
131	Argument	xxxxxxxxx	predictive	Medium
132	Argument	xxxxxxxxxxxx	predictive	Medium
133	Argument	xxxxxx	predictive	Low
134	Argument	xxxxxxxx	predictive	Medium
135	Argument	xxxxxxxx	predictive	Medium
136	Argument	xxx_xxx_xx_xxx_xxxxxxxxxx_x	predictive	High
137	Argument	xxxxx_xxxx	predictive	Medium
138	Argument	xxxxxxxx	predictive	Medium
139	Argument	xxxx_xxx_xxxx	predictive	High
140	Argument	xxxxxxxxxx	predictive	Medium
141	Argument	xxxxx	predictive	Low
142	Argument	xxx_xx	predictive	Low
143	Argument	xxx	predictive	Low
144	Argument	xxxxxxxxxxxxxxx	predictive	High
145	Argument	xxxxxx_xx	predictive	Medium
146	Argument	xxxxxx	predictive	Low
147	Argument	xxxxxxxx_xxxxxx/xxxxxxxx_xxxx/xxxxxxxx_xxxxxxxx/xxxxxxxx_xxxx	predictive	High
148	Argument	xxxx	predictive	Low
149	Argument	xxx	predictive	Low
150	Argument	xxxxxxxxxx	predictive	Medium
151	Argument	xxxxxxx	predictive	Low
152	Argument	xx_xxxx/xxxxx/xxx	predictive	High
153	Argument	xxxxxxxxx->xxxxxxxxx	predictive	High
154	Argument	xxxxxxxxx_xxxxxx	predictive	High
155	Argument	xxxxxxxxx	predictive	Medium
156	Argument	xx_xxxxxxx	predictive	Medium
157	Argument	xxxx	predictive	Low
158	Argument	xxxxxxxx	predictive	Medium
159	Argument	xxxxx	predictive	Low
160	Argument	xxxxxx_xxxxx	predictive	Medium
161	Argument	xxxxxx_xxxxx_xxx	predictive	High
162	Argument	xx_xx	predictive	Low
163	Argument	xxxxxxx[xxxxxxx]	predictive	High
164	Argument	xxxx	predictive	Low
165	Argument	xxxxxxx	predictive	Low
166	Argument	xxxxxx	predictive	Low
167	Argument	xxxxx	predictive	Low
168	Argument	xxxx_xxxxx	predictive	Medium
169	Argument	xx	predictive	Low
170	Argument	xxx	predictive	Low
171	Argument	xxxxxx	predictive	Low
172	Argument	xxxxxxx	predictive	Low
173	Argument	xxxx	predictive	Low
174	Argument	xxxx	predictive	Low
175	Argument	xxx xxxxxxxx/xxxxxxx xxxxxxxx	predictive	High
176	Argument	xxxxxxxx	predictive	Medium
177	Argument	xxxxxx/xxxxx/xxxx	predictive	High
178	Argument	xxxxxxx	predictive	Low
179	Argument	xxxxxxx/xxxxxxxxx	predictive	High
180	Argument	xxxx	predictive	Low
181	Argument	xxxxxx_xxxxxx	predictive	High
182	Argument	xxxxxxxxxxxxxxxxxxx	predictive	High
183	Argument	xxxxxxxxx	predictive	Medium
184	Argument	xxxxxxxx_xx	predictive	Medium
185	Argument	xxxxxxx xxxxx	predictive	High
186	Argument	xxxxxxxx_xx	predictive	Medium
187	Argument	xxxxxxxxxxxxxxxx	predictive	High
188	Argument	xxxxxx	predictive	Low
189	Argument	xxxxxx	predictive	Low
190	Argument	xxxxxx_xxxxx	predictive	Medium
191	Argument	xxxxxx_xxx	predictive	Medium
192	Argument	xxxxxx	predictive	Low
193	Argument	xxxx_xxxx	predictive	Medium
194	Argument	xxxx	predictive	Low
195	Argument	xxxxxx	predictive	Low
196	Argument	xxxxxxx	predictive	Low
197	Argument	xxx	predictive	Low
198	Argument	xx_xx	predictive	Low
199	Argument	xxxxx	predictive	Low
200	Argument	xxxxxxxxxxx/xxxxxxxxxxx	predictive	High
201	Argument	xxxxx	predictive	Low
202	Argument	xxx	predictive	Low
203	Argument	xxxxxxxx	predictive	Medium
204	Argument	xx	predictive	Low
205	Argument	xxxxxx	predictive	Low
206	Argument	_xxxxxx[xxxxxxxx_xxxx]	predictive	High
207	Argument	_xxx_xxxxxxxxxxx_	predictive	High
208	Input Value	/xxxxxx/..%xx	predictive	High
209	Input Value	xxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]	predictive	High
210	Input Value	xxxxxxxxx' xxx 'x'='x	predictive	High
211	Input Value	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx	predictive	High
212	Pattern	__xxxxxxxxx=	predictive	Medium
213	Pattern	\|xx xx xx xx\|	predictive	High
214	Network Port	xxxxx	predictive	Low
215	Network Port	xxxx	predictive	Low
216	Network Port	xxx xxxxxx xxxx	predictive	High

References (23)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!