Meduza Stealer Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (88)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en52
es14
sv8
ru6
pt4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us82
ru6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

RedLine Stealer2
DCRat2
Cobalt Strike2
Stealc2
Raccoon2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined48
Content Management System12
Programming Language Software6
File Transfer Software2
Network Management Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined32
CCBill4
SourceCodester4
GetSimple2
Clip-bucket2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

SPiD4
Zentrack4
GetSimple CMS2
Clip-bucket ClipBucket2
Mambo2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1OkayCMS ProductsView.php injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.221550.04CVE-2019-16885
2MacCMS index.php command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.859250.02CVE-2017-17733
3myPHPNuke print.php cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002200.01CVE-2008-4089
4phpBB XS bb_usage_stats.php file inclusion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.079550.02CVE-2006-4893
5PHPOutsourcing IdeaBox include.php code injection7.36.4$0-$5k$0-$5kUnprovenUnavailable0.174100.04CVE-2008-5199
6CCBill whereami.cgi privileges management6.35.8$0-$5k$0-$5kProof-of-ConceptWorkaround0.000000.04
7Zentrack index.php path traversal7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.08
8Zentrack index.php privileges management7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.03
9Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.966100.00CVE-2023-4966
10MK-AUTH arp.php sql injection7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.000680.00CVE-2020-14069
11VideoLAN VLC Media Player FLV File picture_pool.c picture_pool_Delete input validation7.36.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.121520.00CVE-2014-9597
12noobaa-operator RPC AuthTokens log file3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000870.00CVE-2021-3528
13jQuery html cross site scripting5.85.1$0-$5k$0-$5kNot DefinedOfficial Fix0.019000.05CVE-2020-11023
14e107 CMS tinymce_imglib_include Remote Code Execution7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.008770.00CVE-2006-4548
15Duware Duclassmate Account account.asp cross site scripting5.45.0$0-$5k$0-$5kProof-of-ConceptWorkaround0.016680.04CVE-2004-2198
16DUware DUclassmate default.asp sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.002210.05CVE-2005-2049
17SPiD lang.php memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.016650.04CVE-2005-2198
18SPiD scan_lang_insert.php path traversal5.34.7$0-$5k$0-$5kProof-of-ConceptUnavailable0.017370.05CVE-2006-0976
19mxBB Kb Mods path traversal9.88.6$0-$5k$0-$5kUnprovenUnavailable0.007260.00CVE-2006-6568
20DUware DUpaypal detail.asp sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004210.02CVE-2006-6365

IOC - Indicator of Compromise (157)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.56.109.134Meduza Stealer02/01/2024verifiedHigh
25.42.72.7disillusioned-letter.aeza.networkMeduza Stealer02/04/2024verifiedHigh
35.42.72.48affable-team.aeza.oneMeduza Stealer02/04/2024verifiedHigh
45.42.73.150Serverfortest.aeza.networkMeduza Stealer02/24/2024verifiedHigh
55.42.73.251RGF2aWQgQm9yaXNv.aeza.oneMeduza Stealer02/03/2024verifiedHigh
65.42.77.121repulsive-blow.aeza.networkMeduza Stealer11/04/2023verifiedHigh
75.42.78.61waggish-aftermath.aeza.networkMeduza Stealer02/04/2024verifiedHigh
85.42.94.65shrewd-sleet.aeza.networkMeduza Stealer12/07/2023verifiedHigh
95.42.106.1645-42-106-164.colomna.netMeduza Stealer03/22/2024verifiedHigh
105.182.86.32general-scarecrow.aeza.networkMeduza Stealer12/07/2023verifiedHigh
115.182.86.194colorful-lake.aeza.networkMeduza Stealer01/30/2024verifiedHigh
125.182.86.229early-writer.aeza.networkMeduza Stealer04/03/2024verifiedHigh
135.182.87.270M.aeza.networkMeduza Stealer02/04/2024verifiedHigh
145.182.87.130TestCrypt.aeza.networkMeduza Stealer12/05/2023verifiedHigh
155.182.87.145careless-scarecrow.aeza.networkMeduza Stealer02/11/2024verifiedHigh
165.182.87.160DVD.aeza.networkMeduza Stealer11/08/2023verifiedHigh
178.217.23.144Meduza Stealer02/04/2024verifiedHigh
1820.0.25.177Meduza Stealer02/04/2024verifiedHigh
1937.110.19.55broadband-37-110-19-55.ip.moscow.rt.ruMeduza Stealer01/09/2024verifiedHigh
2037.221.93.99.93.221.37.in-addr.arpaMeduza Stealer04/08/2024verifiedHigh
2145.15.158.144disillusioned-eyes.aeza.networkMeduza Stealer04/12/2024verifiedHigh
2245.15.159.130mundane-spade.aeza.networkMeduza Stealer02/05/2024verifiedHigh
2345.74.19.107Meduza Stealer02/04/2024verifiedHigh
2445.93.20.207Meduza Stealer01/04/2024verifiedHigh
2545.120.177.167vpsmike123.example.comMeduza Stealer03/20/2024verifiedHigh
2645.138.16.132Meduza Stealer02/21/2024verifiedHigh
2745.138.74.228shy-laborer.aeza.oneMeduza Stealer02/24/2024verifiedHigh
2845.141.215.173Meduza Stealer01/04/2024verifiedHigh
2945.150.64.135vm2407211.stark-industries.solutionsMeduza Stealer04/24/2024verifiedHigh
3045.150.65.121vm1757649.stark-industries.solutionsMeduza Stealer02/04/2024verifiedHigh
3146.226.164.150Meduza Stealer03/16/2024verifiedHigh
3246.226.166.200Meduza Stealer03/05/2024verifiedHigh
33XX.XX.XXX.XXXxxxxxxxxx.xx-xx-xx-xxx.xxXxxxxx Xxxxxxx02/04/2024verifiedHigh
34XX.XXX.XX.XXXxxxxx.xx-xx-xxx-xx.xxXxxxxx Xxxxxxx01/17/2024verifiedHigh
35XX.XX.XX.XXXxxxxx Xxxxxxx02/04/2024verifiedHigh
36XX.XX.XX.XXXxxxxxxxxxx.xxxxxxx-xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
37XX.XX.XXX.XXxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/19/2024verifiedHigh
38XX.XX.XX.XXXxxxxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/26/2024verifiedHigh
39XX.XXX.XXX.XXXxxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/03/2024verifiedHigh
40XX.XXX.XXX.XXxxxxxx-xxxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/08/2023verifiedHigh
41XX.XXX.XXX.XXXxxxxxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
42XX.XXX.XXX.XXXxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/25/2024verifiedHigh
43XX.XXX.XXX.XXXxxxxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
44XX.XXX.XXX.XXXxxxxx Xxxxxxx03/24/2024verifiedHigh
45XX.XXX.XXX.XXXxxxxx Xxxxxxx04/22/2024verifiedHigh
46XX.XXX.XXX.Xxxxxxxxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/17/2024verifiedHigh
47XX.XXX.XXX.XXXxxxxx Xxxxxxx12/07/2023verifiedHigh
48XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
49XX.XXX.XXX.XXXxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/24/2023verifiedHigh
50XX.XXX.XXX.XXXxxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/24/2023verifiedHigh
51XX.XXX.XXX.Xxxxxx-xxxxxxx.xxxx.xxxXxxxxx Xxxxxxx02/02/2024verifiedHigh
52XX.XXX.XXX.XXXxxxxxxxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/11/2024verifiedHigh
53XX.XXX.XXX.XXXxxxxx.xxxxxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
54XX.XXX.XXX.XXxxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
55XX.XXX.XXX.XXxxxxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/03/2024verifiedHigh
56XX.XXX.XXX.XXxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/25/2024verifiedHigh
57XX.XXX.XXX.XXXxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/18/2024verifiedHigh
58XX.XXX.XXX.XXXxxxxxxx-xxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/06/2023verifiedHigh
59XX.XXX.XXX.XXxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/29/2023verifiedHigh
60XX.XXX.XXX.XXxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
61XX.XXX.XXX.XXXxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/11/2023verifiedHigh
62XX.XXX.XXX.XXXxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/20/2023verifiedHigh
63XX.XXX.XXX.XXXxxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/18/2023verifiedHigh
64XX.XXX.XXX.XXxxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/13/2024verifiedHigh
65XX.XXX.XXX.XXxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
66XX.XXX.XXX.XXXxxxxx-xxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx03/04/2024verifiedHigh
67XX.XXX.XXX.XXXxxxx-xxxx_xx.xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
68XX.XXX.XXX.XXXxxxxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/14/2023verifiedHigh
69XX.XX.XXX.XXXxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/04/2023verifiedHigh
70XX.XXX.XX.XXXxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx03/05/2024verifiedHigh
71XX.XXX.XX.XXxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/23/2023verifiedHigh
72XX.XXX.XX.XXxxxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/19/2023verifiedHigh
73XX.XXX.XX.XXxxxxxxxx-xxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/04/2024verifiedHigh
74XX.XXX.XX.XXxxxxx-xxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/07/2023verifiedHigh
75XX.XXX.XX.XXXxxxxxxxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/04/2023verifiedHigh
76XX.XXX.XX.XXxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/07/2023verifiedHigh
77XX.XXX.XX.XXXxxxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
78XX.XXX.XX.XXXxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/28/2024verifiedHigh
79XX.XXX.XXX.XXxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
80XX.XXX.XXX.XXXXxxxxx Xxxxxxx01/26/2024verifiedHigh
81XX.XXX.XXX.XXXxxxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/24/2024verifiedHigh
82XX.XXX.XXX.XXXxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/14/2024verifiedHigh
83XX.XXX.XXX.XXXxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/29/2023verifiedHigh
84XX.XX.XXX.XXXXxxxxx Xxxxxxx12/31/2023verifiedHigh
85XX.XXX.XXX.XXXxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/03/2024verifiedHigh
86XX.XXX.XXX.XXXxxxxxx-xxx.xxxx.xxxxxxxXxxxxx Xxxxxxx12/19/2023verifiedHigh
87XX.XXX.XXX.XXXXxxxxx Xxxxxxx02/13/2024verifiedHigh
88XX.XXX.XXX.XXXxxxxxxxx.xxxXxxxxx Xxxxxxx04/03/2024verifiedHigh
89XX.XXX.XXX.XXXXxxxxx Xxxxxxx03/09/2024verifiedHigh
90XX.XXX.XXX.XXXxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/10/2024verifiedHigh
91XX.XXX.XXX.XXXxxxxxxxx-xxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/14/2024verifiedHigh
92XX.XXX.XX.XXXXxxxxx Xxxxxxx03/24/2024verifiedHigh
93XX.XXX.XX.XXXXxxxxx Xxxxxxx02/12/2024verifiedHigh
94XX.XXX.XXX.Xxxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/18/2024verifiedHigh
95XX.XXX.XXX.XXxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx11/30/2023verifiedHigh
96XX.XXX.XXX.XXXXxxxxx Xxxxxxx01/17/2024verifiedHigh
97XX.XXX.XXX.XXXxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx01/06/2024verifiedHigh
98XX.XXX.XXX.XXXxxxxx Xxxxxxx02/04/2024verifiedHigh
99XX.XXX.XXX.Xxxxxxxxxx-xxxxxxxx.xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
100XX.XXX.XXX.XXXxxxxx Xxxxxxx11/03/2023verifiedHigh
101XX.XXX.XXX.XXXxxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx03/08/2024verifiedHigh
102XX.XXX.XXX.XXXxxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
103XX.XXX.XXX.XXXxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
104XX.XXX.XXX.XXXXxxxxx Xxxxxxx02/04/2024verifiedHigh
105XX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxx Xxxxxxx11/19/2023verifiedHigh
106XXX.XXX.XXX.XXXXxxxxx Xxxxxxx03/22/2024verifiedHigh
107XXX.XXX.XX.XXXxxxxx Xxxxxxx12/20/2023verifiedHigh
108XXX.XX.XX.XXXXxxxxx Xxxxxxx02/26/2024verifiedHigh
109XXX.XX.XX.XXXxxxxx Xxxxxxx02/26/2024verifiedHigh
110XXX.XXX.XXX.XXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxx Xxxxxxx02/04/2024verifiedHigh
111XXX.XXX.XXX.XXxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/09/2024verifiedHigh
112XXX.XXX.XXX.XXxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/19/2024verifiedHigh
113XXX.XXX.XXX.XXXxxxxxxx-xxxxx.xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
114XXX.XXX.XXX.XXXxxxxx Xxxxxxx04/11/2024verifiedHigh
115XXX.XXX.XXX.XXXxxxxx Xxxxxxx04/20/2024verifiedHigh
116XXX.XXX.XXX.XXXxxxxx Xxxxxxx04/25/2024verifiedHigh
117XXX.XXX.XXX.XXXxxxxx Xxxxxxx04/27/2024verifiedHigh
118XXX.XXX.XXX.XXXXxxxxx Xxxxxxx04/06/2024verifiedHigh
119XXX.XXX.XXX.XXXXxxxxx Xxxxxxx04/09/2024verifiedHigh
120XXX.XXX.XXX.XXXxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/08/2024verifiedHigh
121XXX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxx Xxxxxxx11/11/2023verifiedHigh
122XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxx Xxxxxxx12/19/2023verifiedHigh
123XXX.XX.XX.XXXXxxxxx Xxxxxxx01/05/2024verifiedHigh
124XXX.XXX.XX.XXXXxxxxx Xxxxxxx03/05/2024verifiedHigh
125XXX.XX.XXX.XXXxxxxx Xxxxxxx02/04/2024verifiedHigh
126XXX.XX.XX.XXxxxxxx-xxxx.xxxx.xxxXxxxxx Xxxxxxx01/31/2024verifiedHigh
127XXX.XX.XX.XXXxxxxxxxxx.xxxx.xxxXxxxxx Xxxxxxx02/02/2024verifiedHigh
128XXX.XX.XX.XXxxxxx-xxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/16/2024verifiedHigh
129XXX.XX.XX.XXXxxxxxxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/08/2024verifiedHigh
130XXX.XX.XX.XXXxxxxx-xxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/13/2024verifiedHigh
131XXX.XX.XXX.XXXxxxxx Xxxxxxx02/26/2024verifiedHigh
132XXX.XX.XXX.XXXXxxxxx Xxxxxxx02/26/2024verifiedHigh
133XXX.XXX.XXX.XXXxxxxx Xxxxxxx02/14/2024verifiedHigh
134XXX.XX.XX.XXXxxxx-xxx-xx-xx-xxx.xxxxxx-xx-xxxxxx.xxXxxxxx Xxxxxxx02/04/2024verifiedHigh
135XXX.XX.XX.XXXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxx Xxxxxxx02/04/2024verifiedHigh
136XXX.XXX.XXX.XXxxxxx-xxxx.xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
137XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
138XXX.XXX.XXX.Xxxxx.xxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
139XXX.XX.X.XXXXxxxxx Xxxxxxx02/04/2024verifiedHigh
140XXX.XX.XXX.XXXxxx.xxx.xx.xxx.xx-xxxx.xxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
141XXX.XXX.XX.XXxxxxx-xxxxxx.xxxx.xxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
142XXX.XXX.XX.XXxxxxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
143XXX.XXX.XXX.XXXXxxxxx Xxxxxxx11/10/2023verifiedHigh
144XXX.XXX.XXX.XXXXxxxxx Xxxxxxx02/28/2024verifiedHigh
145XXX.XXX.XXX.XXXXxxxxx Xxxxxxx01/05/2024verifiedHigh
146XXX.XXX.XXX.XXxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
147XXX.XXX.XXX.XXxxxxxx-xxxxxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
148XXX.XXX.XXX.Xxxxxx-xxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx04/13/2024verifiedHigh
149XXX.XXX.XXX.XXxxxxxx-xx.xxxxxxxxx.xxxXxxxxx Xxxxxxx01/19/2024verifiedHigh
150XXX.XX.XX.XXXxxxxx Xxxxxxx11/26/2023verifiedHigh
151XXX.XX.XX.XXXXxxxxx Xxxxxxx02/04/2024verifiedHigh
152XXX.XX.XXX.XXxxxxx Xxxxxxx02/26/2024verifiedHigh
153XXX.XXX.XXX.XXxxxxxxxxx-xxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx02/04/2024verifiedHigh
154XXX.XXX.XXX.XXXXxxxxx Xxxxxxx01/23/2024verifiedHigh
155XXX.XXX.XX.XXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxx Xxxxxxx02/04/2024verifiedHigh
156XXX.XXX.XX.XXXxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx03/25/2024verifiedHigh
157XXX.XXX.XXX.XXXxxxxx-xxxxxx.xxxx.xxxxxxxXxxxxx Xxxxxxx03/01/2024verifiedHigh

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3TXXXXCAPEC-242CWE-XXXxxxxxxx XxxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
9TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (110)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/delete_user.phppredictiveHigh
2File/film-rating.phppredictiveHigh
3File/index.phppredictiveMedium
4File/librarian/bookdetails.phppredictiveHigh
5File/oauth/idp/.well-known/openid-configurationpredictiveHigh
6File/student/bookdetails.phppredictiveHigh
7Fileaccount.asppredictiveMedium
8Fileadmin.phppredictiveMedium
9Fileadmin/establishment/manage.phppredictiveHigh
10Fileadmin/inquiries/view_details.phppredictiveHigh
11Filealbum_portal.phppredictiveHigh
12Fileannounce.phppredictiveMedium
13Filebb_usage_stats.phppredictiveHigh
14Filecategory.cfmpredictiveMedium
15Filexxxxxxxx_xxxx.xxxpredictiveHigh
16Filexxxxx.xxxxx.xxxpredictiveHigh
17Filexxxxxx.xxx.xxxpredictiveHigh
18Filexxxxxxx.xxxpredictiveMedium
19Filexxxxxx.xxxpredictiveMedium
20Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxxx.xxxpredictiveMedium
22Filexxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
23Filexxxxxxx.xxxpredictiveMedium
24Filexxxxxxxxxxxx_xxxx.xxxpredictiveHigh
25Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
26Filexxxxxx.xxxpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxxxx_xxxxxx.xxxpredictiveHigh
29Filexxx/xxxxxxxxx.xxx.xxxpredictiveHigh
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxxx.xxxpredictiveMedium
32Filexxxxxxx/xxxxxx.xxxpredictiveHigh
33Filexxxx_xxxx.xxxpredictiveHigh
34Filexxxx.xxxpredictiveMedium
35Filexxxxx.xxxpredictiveMedium
36Filexxxx/xxxxxxx_xxxx.xpredictiveHigh
37Filexxx/xxx.xxxpredictiveMedium
38Filexxxxxxx/xxx_xxxxxxxx.xxxpredictiveHigh
39Filexxx_xxxxxxxx.xxxpredictiveHigh
40Filexxxx-xxxxxx.xxxpredictiveHigh
41Filexxxxxxxx.xxxpredictiveMedium
42Filexxxxx.xxxpredictiveMedium
43Filexxxxxxxx.xxxpredictiveMedium
44Filexxxxx/xxxxxxx.xxxpredictiveHigh
45Filexxxxx.xxxpredictiveMedium
46Filexxxx.xxxpredictiveMedium
47Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
48Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
49Filexxxxx.xxxpredictiveMedium
50Filexxxxx_xxxxx.xxxpredictiveHigh
51Filexxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxxpredictiveHigh
52Filexxxxx-xxxx.xxxpredictiveHigh
53Filexxxxxx.xxxpredictiveMedium
54Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
55Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
56Filexxxx_xxxx.xxxpredictiveHigh
57Filexxxx_xxxxxxx.xxxpredictiveHigh
58Filexxx/xxxxxxx.xxxpredictiveHigh
59Filexxxxxx.xxxpredictiveMedium
60Libraryxxxxxx[xxxxxx_xxxxpredictiveHigh
61Libraryxxxxxxx_xxxxxx_xxxxxxxpredictiveHigh
62ArgumentxxxxxxxxpredictiveMedium
63Argumentxxxx_xxxpredictiveMedium
64Argumentxxx_xxxpredictiveLow
65ArgumentxxxpredictiveLow
66Argumentxxx_xxpredictiveLow
67ArgumentxxxpredictiveLow
68Argumentxxxx_xxpredictiveLow
69ArgumentxxxxxxxpredictiveLow
70ArgumentxxxxxxpredictiveLow
71ArgumentxxxxxxxxxxpredictiveMedium
72Argumentxxxxxx[xxxxxx_xxxx]predictiveHigh
73Argumentxxxxxx[xxx_xxxx_xxxx]predictiveHigh
74Argumentxxxx_xxxxxxxxpredictiveHigh
75ArgumentxxxxxpredictiveLow
76ArgumentxxxxxpredictiveLow
77Argumentxx_xxxxpredictiveLow
78ArgumentxxxxxxxpredictiveLow
79ArgumentxxpredictiveLow
80ArgumentxxxxxxxxpredictiveMedium
81ArgumentxxpredictiveLow
82ArgumentxxpredictiveLow
83Argumentxxxxx/xxxxpredictiveMedium
84Argumentxxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxxpredictiveHigh
85ArgumentxxxxpredictiveLow
86ArgumentxxxxpredictiveLow
87ArgumentxxxxpredictiveLow
88Argumentxxxx_xxxxpredictiveMedium
89Argumentxxxxx_xxxxpredictiveMedium
90Argumentxxx_xxxxxxx_xxxpredictiveHigh
91Argumentxx_xxxxxxxxpredictiveMedium
92Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
93ArgumentxxxxxpredictiveLow
94ArgumentxxxxpredictiveLow
95Argumentxxxx_xx_xx_xxxpredictiveHigh
96Argumentxxxxx_xxxx_xxxxpredictiveHigh
97ArgumentxxxxxpredictiveLow
98ArgumentxxxxxxxxpredictiveMedium
99Argumentxxxxxxx_xxpredictiveMedium
100ArgumentxxxxxxxxpredictiveMedium
101ArgumentxxxpredictiveLow
102ArgumentxxxpredictiveLow
103ArgumentxxxxxxxxxxpredictiveMedium
104ArgumentxxxxpredictiveLow
105Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
106ArgumentxxpredictiveLow
107Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
108Input Value'xx''='predictiveLow
109Input Value\xxx../../../../xxx/xxxxxxpredictiveHigh
110Network Portxxx/xxxxpredictiveMedium

References (104)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!