SquirtDanger Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	108
pl	102
zh	102
de	82
ar	82

Country

pl	102
de	82
ar	82
pt	78
ru	78

Actors

Unknown	1

Activities

Interest

Timeline

Type

Not Defined	62
WordPress Plugin	32
E-Commerce Management Software	12
Cloud Software	2
Content Management System	2

Vendor

Not Defined	36
Tenda	20
Kashipara	6
Dell	4
Apache	4

Product

Kashipara Online Furniture Shopping Ecommerce Webs ...	6
MailCleaner	6
Tenda TX9	4
Tenda 4G300	4
Tenda W15E	4

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Apryse WebViewer PDF Document cross site scripting	3.5	3.2	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00045	0.14	CVE-2024-4327
2	MailCleaner Email os command injection	9.8	9.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00046	0.17	CVE-2024-3191
3	osCommerce all-products cross site scripting	4.3	3.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00065	0.17	CVE-2024-4348
4	MailCleaner Admin Interface cross site scripting	6.5	6.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00045	0.12	CVE-2024-3192
5	SourceCodester Pisay Online E-Learning System controller.php unrestricted upload	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.14	CVE-2024-4349
6	MailCleaner Admin Endpoints os command injection	8.8	8.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00046	0.07	CVE-2024-3193
7	BloomPixel Max Addons Pro for Bricks Plugin authorization	6.5	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.08	CVE-2024-32951
8	Extend Themes Teluro Plugin cross-site request forgery	4.3	4.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2024-33688
9	Apache HTTP Server mod_lua Multipart Parser r:parsebody out-of-bounds write	8.5	8.4	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.08808	0.03	CVE-2021-44790
10	Elementor ImageBox Plugin cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.08	CVE-2024-3074
11	Dell Wyse Proprietary OS Telemetry Dashboard information disclosure	4.7	4.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2024-28963
12	Apache Parquet Parquet-MR denial of service	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00089	0.00	CVE-2021-41561
13	Pavex Embed Google Photos Album Plugin server-side request forgery	5.6	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.08	CVE-2024-32775
14	Foliovision FV Flowplayer Video Player Plugin server-side request forgery	5.6	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2024-32955
15	Tenda i21 formQosManageDouble_auto stack-based overflow	8.8	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.07	CVE-2024-4246
16	Dell Repository Manager API Module improper authorization	8.3	8.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.00	CVE-2024-28976
17	Jegstudio Financio Plugin cross-site request forgery	4.3	4.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2024-33690
18	ThemeNcode Fan Page Widget by Plugin cross site scripting	4.1	4.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2024-33695
19	AnnounceKit Plugin cross site scripting	2.4	2.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.04	CVE-2024-3023
20	Repute Infosystems ARMember Plugin authorization	7.8	7.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.07	CVE-2024-32948

IOC - Indicator of Compromise (119)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	5.188.231.107		SquirtDanger	08/29/2021	verified	High
2	5.188.231.246		SquirtDanger	08/29/2021	verified	High
3	37.252.14.159		SquirtDanger	08/29/2021	verified	High
4	62.141.42.190	mail.borengo.com	SquirtDanger	08/29/2021	verified	High
5	62.210.139.234	web3.groupe-nlcl.com	SquirtDanger	08/29/2021	verified	High
6	62.210.142.233	62-210-142-233.rev.poneytelecom.eu	SquirtDanger	08/29/2021	verified	High
7	77.220.212.78	vm3071969.33ssd.had.wf	SquirtDanger	08/29/2021	verified	High
8	81.4.104.135	ramnode.schmidtie.net	SquirtDanger	08/29/2021	verified	High
9	81.177.139.248		SquirtDanger	08/29/2021	verified	High
10	82.202.231.21		SquirtDanger	08/29/2021	verified	High
11	86.110.118.102		SquirtDanger	08/29/2021	verified	High
12	92.53.90.11		SquirtDanger	08/29/2021	verified	High
13	92.63.197.19		SquirtDanger	08/29/2021	verified	High
14	93.171.138.195	host-195.primonet.com.ua	SquirtDanger	08/29/2021	verified	High
15	94.23.20.210	ovh7.siscomvigo.com	SquirtDanger	08/29/2021	verified	High
16	95.47.137.169		SquirtDanger	08/29/2021	verified	High
17	136.243.88.145	static.145.88.243.136.clients.your-server.de	SquirtDanger	08/29/2021	verified	High
18	136.243.94.27	static.27.94.243.136.clients.your-server.de	SquirtDanger	08/29/2021	verified	High
19	136.243.102.157	static.157.102.243.136.clients.your-server.de	SquirtDanger	08/29/2021	verified	High
20	151.236.30.50	50.30.236.151.in-addr.arpa	SquirtDanger	08/29/2021	verified	High
21	176.9.0.89	static.89.0.9.176.clients.your-server.de	SquirtDanger	08/29/2021	verified	High
22	176.9.47.243	raphinida.de	SquirtDanger	08/29/2021	verified	High
23	178.158.17.134		SquirtDanger	08/29/2021	verified	High
24	185.48.56.223		SquirtDanger	08/29/2021	verified	High
25	XXX.XX.XX.XX	xx.xxxxxx.xxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
26	XXX.XXX.XX.XX	.	Xxxxxxxxxxxx	08/29/2021	verified	High
27	XXX.XXX.XX.XXX	xxxxxxxx.xxxxxx-xx.xxxxxxxxxx.xxxxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
28	XXX.XXX.XXX.XX	xxxx.xxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
29	XXX.XXX.XXX.XXX	xxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
30	XXX.XXX.XXX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
31	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
32	XXX.XXX.XXX.XXX	xxxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
33	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
34	XXX.XXX.XX.XXX	xxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
35	XXX.XXX.XX.XXX	xxxxxxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
36	XXX.XXX.XX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
37	XXX.XXX.XX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
38	XXX.XXX.XX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
39	XXX.XXX.XX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
40	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
41	XXX.XXX.XXX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
42	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
43	XXX.XXX.XXX.XXX	xxxxxxxxxxxxxx.xxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
44	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
45	XXX.XXX.XX.XX	xxxx.xxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
46	XXX.XXX.XX.XXX	xxxxxxxx.xxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
47	XXX.XXX.XXX.XX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
48	XXX.XXX.XXX.XXX	xxxxxxxx-xxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
49	XXX.XXX.XXX.XX	xxxxxxxxx.xxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
50	XXX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
51	XXX.XXX.XXX.XXX	xxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
52	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
53	XXX.XXX.XXX.XX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
54	XXX.XXX.XX.XX	xxxxx-xxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
55	XXX.XXX.XX.XX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
56	XXX.XXX.XX.XXX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
57	XXX.XXX.XX.XXX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
58	XXX.XXX.XX.XXX	xxxx.xxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
59	XXX.XXX.XX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
60	XXX.XXX.XX.XXX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
61	XXX.XXX.XX.XX		Xxxxxxxxxxxx	08/29/2021	verified	High
62	XXX.XXX.XXX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
63	XXX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
64	XXX.XXX.XXX.XX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
65	XXX.XXX.XXX.XXX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
66	XXX.XXX.XXX.XXX	xxxx.xxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
67	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
68	XXX.XXX.XXX.XXX	xxxxx.xxxxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
69	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
70	XXX.XXX.XX.XXX	xxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
71	XXX.XXX.XX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
72	XXX.XXX.XX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
73	XXX.XXX.XX.XX	xxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
74	XXX.XXX.XX.XXX	xxxx.x-xxx.xxxxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
75	XXX.XXX.XX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
76	XXX.XXX.XXX.XX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
77	XXX.XXX.XXX.XX	xxxxxxxx.xxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
78	XXX.XXX.XX.XX	xxx.xxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
79	XXX.XXX.XX.XX	xxxxxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
80	XXX.XXX.XX.XXX	xxxxxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
81	XXX.XXX.XX.XXX	xxx.xxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
82	XXX.XXX.XXX.XXX	xxx.xxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
83	XXX.XXX.XXX.XX	xxx.xxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
84	XXX.XX.XXX.XX	xxxx-xx-xxx-xx-xxx.xxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
85	XXX.XX.XXX.XX	xxxxxxxxx.xxxx-xxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
86	XXX.XX.XX.XXX	xxx.xxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
87	XXX.XX.XXX.XX	xxxxxxxxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
88	XXX.XXX.XXX.XX	xxx-xxxxxx.xxxxxx-xx-xxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
89	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
90	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
91	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
92	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
93	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
94	XXX.XXX.XXX.XXX	xxxxxxxxxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
95	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
96	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
97	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
98	XXX.XXX.XXX.XXX	xxxxxx.xxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
99	XXX.XXX.XXX.XX	xxxxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
100	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
101	XXX.XXX.XXX.XX	xxx.xxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
102	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
103	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
104	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
105	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
106	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
107	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
108	XXX.XXX.XXX.XX	xxxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
109	XXX.XXX.XXX.XX	xxxxxxx.xxx	Xxxxxxxxxxxx	08/29/2021	verified	High
110	XXX.XXX.XXX.XX	xxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
111	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
112	XXX.XXX.XXX.XXX	xxxxxxxxx-xxx.xxxxxxx.xxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
113	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
114	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
115	XXX.XX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
116	XXX.XX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
117	XXX.XX.XXX.XXX	xxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxxxx	08/29/2021	verified	High
118	XXX.XX.XXX.XXX	xx----xxxxxxxxxxxxxxxxx.xx--xxxx	Xxxxxxxxxxxx	08/29/2021	verified	High
119	XXX.XXX.XXX.XXX	xxxxxxxx.xxxx.xxxxxxxxx.xxxxxx-xxxxxxx.xxxxxx	Xxxxxxxxxxxx	08/29/2021	verified	High

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
4	TXXXX.XXX	CAPEC-209	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
8	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
9	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	High
10	TXXXX	CAPEC-102	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
11	TXXXX	CAPEC-37	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
12	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
13	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
14	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (64)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/catalog/all-products	predictive	High
2	File	/changePassword	predictive	High
3	File	/goform/addIpMacBind	predictive	High
4	File	/goform/DelDhcpRule	predictive	High
5	File	/goform/delIpMacBind	predictive	High
6	File	/goform/DelPortMapping	predictive	High
7	File	/goform/modifyDhcpRule	predictive	High
8	File	/goform/modifyIpMacBind	predictive	High
9	File	/xxxxxx/xxxxxxxxxxxx	predictive	High
10	File	/xxxxxx/xxxxxxxxxx	predictive	High
11	File	/xxxxxx/xxxxxxxxx	predictive	High
12	File	/xxxxxx/xxxxxxxxxxxxxxxx	predictive	High
13	File	/xxxxxx/xxxxxxxxxxxxxx	predictive	High
14	File	/xxxxxx/xxxxxxxxxxxxxxxxxx	predictive	High
15	File	/xxxxxx/xxxxxxxxxxxxxx	predictive	High
16	File	/xxxxxx/xxxxxxxxxxxxx	predictive	High
17	File	/xxxxxx/xxxxxxxxxxxxxxxxxxx	predictive	High
18	File	/xxxxxx/xxxxxxxxxxx	predictive	High
19	File	/xxxxxx/xxxxxxxxxx.xxx	predictive	High
20	File	/xxxxxxxxxxx.xxx/xxxxxxxx	predictive	High
21	File	/xxx/xxxxxxx/xxx	predictive	High
22	File	/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxx	predictive	High
23	File	xxxxx/xxxxxxx/xxxxxxxxxxxxx.xx	predictive	High
24	File	xxxxxxxxxxxx.xxx	predictive	High
25	File	xxxxxxxxxxxxxxxxxxx.xxx	predictive	High
26	File	xxxxxxx/xxxxxxxx.xxx	predictive	High
27	File	xx/xxxxxx/xxxxxxxxxx	predictive	High
28	File	xxxxx.xxx	predictive	Medium
29	File	xxxxxxxx.xxx	predictive	Medium
30	File	xxxxxxxx.xxx	predictive	Medium
31	File	xxxxxxxx.xxx	predictive	Medium
32	File	xxxxxxxxxxxxxxx.xxx	predictive	High
33	Argument	xxxxx_xxxxx	predictive	Medium
34	Argument	xxxxxxxxxxxxx	predictive	High
35	Argument	xxx	predictive	Low
36	Argument	xxxxxxxxx	predictive	Medium
37	Argument	xxxxxxxxxxxx	predictive	Medium
38	Argument	xxxxxxxxxx	predictive	Medium
39	Argument	xxxxxxx	predictive	Low
40	Argument	xxxx	predictive	Low
41	Argument	xxxxxxxxxxxxxxxxxxxxxx	predictive	High
42	Argument	xx/xxxx	predictive	Low
43	Argument	xxxxxxx	predictive	Low
44	Argument	xx	predictive	Low
45	Argument	xxxxxxxxxxxxxx	predictive	High
46	Argument	xxxxxxxxxxxxx	predictive	High
47	Argument	xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx	predictive	High
48	Argument	xxxx	predictive	Low
49	Argument	xxxxxxxxxx	predictive	Medium
50	Argument	xxxxxxxxxxxx	predictive	Medium
51	Argument	xxxx	predictive	Low
52	Argument	xxxxxxxxxxxxxxxx	predictive	High
53	Argument	xxxxxxx_xxxxxxx_xxxxx_xxxxx_xxxxx	predictive	High
54	Argument	xxxxxx	predictive	Low
55	Argument	xxxxxxxx	predictive	Medium
56	Argument	xxxxxxxxxxxxxxxxxx	predictive	High
57	Argument	xxxxxxxxxx	predictive	Medium
58	Argument	xxxxxxxx	predictive	Medium
59	Argument	xxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxx	predictive	High
60	Argument	xxxxxxxxx	predictive	Medium
61	Argument	xxxxxxxxxxxxxxxx	predictive	High
62	Argument	xxxx	predictive	Low
63	Argument	xxxxxxxxxx	predictive	Medium
64	Argument	xxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxx	predictive	High

References (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!