mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-05 18:01:41 +00:00
321 lines
22 KiB
Markdown
321 lines
22 KiB
Markdown
![]() |
# Portugal Unknown - Cyber Threat Intelligence
|
||
|
|
||
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Portugal Unknown](https://vuldb.com/?actor.portugal_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||
|
|
||
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.portugal_unknown](https://vuldb.com/?actor.portugal_unknown)
|
||
|
|
||
|
## Countries
|
||
|
|
||
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Portugal Unknown:
|
||
|
|
||
|
* [US](https://vuldb.com/?country.us)
|
||
|
* [SV](https://vuldb.com/?country.sv)
|
||
|
* [FR](https://vuldb.com/?country.fr)
|
||
|
* ...
|
||
|
|
||
|
There are 19 more country items available. Please use our online service to access the data.
|
||
|
|
||
|
## IOC - Indicator of Compromise
|
||
|
|
||
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Portugal Unknown.
|
||
|
|
||
|
ID | IP address | Hostname | Campaign | Confidence
|
||
|
-- | ---------- | -------- | -------- | ----------
|
||
|
1 | [2.16.65.4](https://vuldb.com/?ip.2.16.65.4) | a2-16-65-4.deploy.static.akamaitechnologies.com | - | High
|
||
|
2 | [2.16.65.12](https://vuldb.com/?ip.2.16.65.12) | a2-16-65-12.deploy.static.akamaitechnologies.com | - | High
|
||
|
3 | [2.16.65.20](https://vuldb.com/?ip.2.16.65.20) | a2-16-65-20.deploy.static.akamaitechnologies.com | - | High
|
||
|
4 | [2.16.65.196](https://vuldb.com/?ip.2.16.65.196) | a2-16-65-196.deploy.static.akamaitechnologies.com | - | High
|
||
|
5 | [2.16.65.204](https://vuldb.com/?ip.2.16.65.204) | a2-16-65-204.deploy.static.akamaitechnologies.com | - | High
|
||
|
6 | [2.16.65.212](https://vuldb.com/?ip.2.16.65.212) | a2-16-65-212.deploy.static.akamaitechnologies.com | - | High
|
||
|
7 | [2.80.0.0](https://vuldb.com/?ip.2.80.0.0) | - | - | High
|
||
|
8 | [5.23.26.8](https://vuldb.com/?ip.5.23.26.8) | - | - | High
|
||
|
9 | [5.39.2.224](https://vuldb.com/?ip.5.39.2.224) | - | - | High
|
||
|
10 | [5.39.26.216](https://vuldb.com/?ip.5.39.26.216) | ip216.ip-5-39-26.eu | - | High
|
||
|
11 | [5.39.27.224](https://vuldb.com/?ip.5.39.27.224) | ip224.ip-5-39-27.eu | - | High
|
||
|
12 | [5.39.30.12](https://vuldb.com/?ip.5.39.30.12) | - | - | High
|
||
|
13 | [5.39.34.176](https://vuldb.com/?ip.5.39.34.176) | - | - | High
|
||
|
14 | [5.39.46.77](https://vuldb.com/?ip.5.39.46.77) | - | - | High
|
||
|
15 | [5.39.46.78](https://vuldb.com/?ip.5.39.46.78) | - | - | High
|
||
|
16 | [5.39.98.240](https://vuldb.com/?ip.5.39.98.240) | - | - | High
|
||
|
17 | [5.39.110.216](https://vuldb.com/?ip.5.39.110.216) | - | - | High
|
||
|
18 | [5.39.112.96](https://vuldb.com/?ip.5.39.112.96) | - | - | High
|
||
|
19 | [5.39.116.160](https://vuldb.com/?ip.5.39.116.160) | ip160.ip-5-39-116.eu | - | High
|
||
|
20 | [5.39.121.128](https://vuldb.com/?ip.5.39.121.128) | 05277980-idc.po.inframkt.com.br | - | High
|
||
|
21 | [5.39.124.112](https://vuldb.com/?ip.5.39.124.112) | - | - | High
|
||
|
22 | [5.43.0.0](https://vuldb.com/?ip.5.43.0.0) | 0.0.43.5.rev.vodafone.pt | - | High
|
||
|
23 | [5.62.63.176](https://vuldb.com/?ip.5.62.63.176) | r-176-63-62-5.consumer-pool.prcdn.net | - | High
|
||
|
24 | [5.62.63.216](https://vuldb.com/?ip.5.62.63.216) | r-216-63-62-5.consumer-pool.prcdn.net | - | High
|
||
|
25 | [5.132.147.0](https://vuldb.com/?ip.5.132.147.0) | - | - | High
|
||
|
26 | [5.135.12.96](https://vuldb.com/?ip.5.135.12.96) | ip96.ip-5-135-12.eu | - | High
|
||
|
27 | [5.135.14.0](https://vuldb.com/?ip.5.135.14.0) | ip0.ip-5-135-14.eu | - | High
|
||
|
28 | [5.135.59.0](https://vuldb.com/?ip.5.135.59.0) | ip0.ip-5-135-59.eu | - | High
|
||
|
29 | [5.135.60.200](https://vuldb.com/?ip.5.135.60.200) | - | - | High
|
||
|
30 | [5.135.68.64](https://vuldb.com/?ip.5.135.68.64) | - | - | High
|
||
|
31 | [5.135.77.64](https://vuldb.com/?ip.5.135.77.64) | ip64.ip-5-135-77.eu | - | High
|
||
|
32 | [5.135.80.112](https://vuldb.com/?ip.5.135.80.112) | - | - | High
|
||
|
33 | [5.135.84.192](https://vuldb.com/?ip.5.135.84.192) | tdn-5-135-84-192.gtranslate.net | - | High
|
||
|
34 | [5.135.108.64](https://vuldb.com/?ip.5.135.108.64) | ip64.ip-5-135-108.eu | - | High
|
||
|
35 | [5.135.114.96](https://vuldb.com/?ip.5.135.114.96) | ip96.ip-5-135-114.eu | - | High
|
||
|
36 | [5.135.202.212](https://vuldb.com/?ip.5.135.202.212) | ip212.ip-5-135-202.eu | - | High
|
||
|
37 | [5.135.228.96](https://vuldb.com/?ip.5.135.228.96) | - | - | High
|
||
|
38 | [5.135.237.116](https://vuldb.com/?ip.5.135.237.116) | - | - | High
|
||
|
39 | [5.135.248.236](https://vuldb.com/?ip.5.135.248.236) | - | - | High
|
||
|
40 | [5.135.250.128](https://vuldb.com/?ip.5.135.250.128) | - | - | High
|
||
|
41 | [5.135.254.128](https://vuldb.com/?ip.5.135.254.128) | ip128.ip-5-135-254.eu | - | High
|
||
|
42 | [5.154.174.0](https://vuldb.com/?ip.5.154.174.0) | - | - | High
|
||
|
43 | [5.157.20.0](https://vuldb.com/?ip.5.157.20.0) | - | - | High
|
||
|
44 | [5.158.0.0](https://vuldb.com/?ip.5.158.0.0) | 0.0.158.5.rev.vodafone.pt | - | High
|
||
|
45 | [5.183.96.0](https://vuldb.com/?ip.5.183.96.0) | 0.96.183.5.in-addr.arpa | - | High
|
||
|
46 | [5.196.33.0](https://vuldb.com/?ip.5.196.33.0) | si45.sincosta.com | - | High
|
||
|
47 | [5.196.38.176](https://vuldb.com/?ip.5.196.38.176) | goncas.goweb.pt | - | High
|
||
|
48 | [5.196.51.128](https://vuldb.com/?ip.5.196.51.128) | - | - | High
|
||
|
49 | [5.196.63.28](https://vuldb.com/?ip.5.196.63.28) | umanovidadesoparasi.com | - | High
|
||
|
50 | [5.196.96.104](https://vuldb.com/?ip.5.196.96.104) | ip104.ip-5-196-96.eu | - | High
|
||
|
51 | [5.196.97.0](https://vuldb.com/?ip.5.196.97.0) | ip0.ip-5-196-97.eu | - | High
|
||
|
52 | [5.196.125.28](https://vuldb.com/?ip.5.196.125.28) | ip28.ip-5-196-125.eu | - | High
|
||
|
53 | [5.196.143.80](https://vuldb.com/?ip.5.196.143.80) | - | - | High
|
||
|
54 | [5.196.144.144](https://vuldb.com/?ip.5.196.144.144) | ip144.ip-5-196-144.eu | - | High
|
||
|
55 | [5.196.160.120](https://vuldb.com/?ip.5.196.160.120) | ip120.ip-5-196-160.eu | - | High
|
||
|
56 | [5.196.172.16](https://vuldb.com/?ip.5.196.172.16) | ip16.ip-5-196-172.eu | - | High
|
||
|
57 | [5.196.183.188](https://vuldb.com/?ip.5.196.183.188) | ip188.ip-5-196-183.eu | - | High
|
||
|
58 | [5.196.187.0](https://vuldb.com/?ip.5.196.187.0) | ip0.ip-5-196-187.eu | - | High
|
||
|
59 | [5.196.187.160](https://vuldb.com/?ip.5.196.187.160) | - | - | High
|
||
|
60 | [5.196.203.16](https://vuldb.com/?ip.5.196.203.16) | ip16.ip-5-196-203.eu | - | High
|
||
|
61 | [5.196.212.196](https://vuldb.com/?ip.5.196.212.196) | ip196.ip-5-196-212.eu | - | High
|
||
|
62 | [5.196.246.160](https://vuldb.com/?ip.5.196.246.160) | - | - | High
|
||
|
63 | [5.206.228.0](https://vuldb.com/?ip.5.206.228.0) | - | - | High
|
||
|
64 | [5.249.0.0](https://vuldb.com/?ip.5.249.0.0) | 0.0.249.5.rev.vodafone.pt | - | High
|
||
|
65 | [5.253.128.0](https://vuldb.com/?ip.5.253.128.0) | - | - | High
|
||
|
66 | [5.253.180.0](https://vuldb.com/?ip.5.253.180.0) | - | - | High
|
||
|
67 | [8.42.245.0](https://vuldb.com/?ip.8.42.245.0) | - | - | High
|
||
|
68 | [17.72.75.0](https://vuldb.com/?ip.17.72.75.0) | - | - | High
|
||
|
69 | [17.77.44.0](https://vuldb.com/?ip.17.77.44.0) | - | - | High
|
||
|
70 | [31.6.26.128](https://vuldb.com/?ip.31.6.26.128) | - | - | High
|
||
|
71 | [31.22.128.0](https://vuldb.com/?ip.31.22.128.0) | - | - | High
|
||
|
72 | [31.133.0.84](https://vuldb.com/?ip.31.133.0.84) | vps15269.htvps.pl | - | High
|
||
|
73 | [32.22.201.105](https://vuldb.com/?ip.32.22.201.105) | - | - | High
|
||
|
74 | [32.42.29.128](https://vuldb.com/?ip.32.42.29.128) | - | - | High
|
||
|
75 | [34.99.176.0](https://vuldb.com/?ip.34.99.176.0) | 0.176.99.34.bc.googleusercontent.com | - | Medium
|
||
|
76 | [34.99.248.0](https://vuldb.com/?ip.34.99.248.0) | 0.248.99.34.bc.googleusercontent.com | - | Medium
|
||
|
77 | [34.103.192.0](https://vuldb.com/?ip.34.103.192.0) | 0.192.103.34.bc.googleusercontent.com | - | Medium
|
||
|
78 | [37.28.192.0](https://vuldb.com/?ip.37.28.192.0) | 0.192.28.37.rev.vodafone.pt | - | High
|
||
|
79 | [37.35.105.200](https://vuldb.com/?ip.37.35.105.200) | euro8.webassistcentral.net | - | High
|
||
|
80 | [37.59.86.32](https://vuldb.com/?ip.37.59.86.32) | ip32.ip-37-59-86.eu | - | High
|
||
|
81 | [37.59.89.252](https://vuldb.com/?ip.37.59.89.252) | - | - | High
|
||
|
82 | [37.59.129.88](https://vuldb.com/?ip.37.59.129.88) | 34whdstdgd02s.craftyournewcareer.com | - | High
|
||
|
83 | [37.59.130.80](https://vuldb.com/?ip.37.59.130.80) | ip80.ip-37-59-130.eu | - | High
|
||
|
84 | [37.59.135.96](https://vuldb.com/?ip.37.59.135.96) | cdkeypt.pt | - | High
|
||
|
85 | [37.59.142.136](https://vuldb.com/?ip.37.59.142.136) | 37-59-142-136.windhoosnl.nl | - | High
|
||
|
86 | [37.59.151.56](https://vuldb.com/?ip.37.59.151.56) | ip56.ip-37-59-151.eu | - | High
|
||
|
87 | [37.59.175.252](https://vuldb.com/?ip.37.59.175.252) | - | - | High
|
||
|
88 | [37.59.203.100](https://vuldb.com/?ip.37.59.203.100) | - | - | High
|
||
|
89 | [37.59.215.208](https://vuldb.com/?ip.37.59.215.208) | - | - | High
|
||
|
90 | [37.59.236.12](https://vuldb.com/?ip.37.59.236.12) | so-novidades-para-si.com | - | High
|
||
|
91 | [37.59.236.32](https://vuldb.com/?ip.37.59.236.32) | ip32.ip-37-59-236.eu | - | High
|
||
|
92 | [37.59.241.224](https://vuldb.com/?ip.37.59.241.224) | ip224.ip-37-59-241.eu | - | High
|
||
|
93 | [37.59.250.168](https://vuldb.com/?ip.37.59.250.168) | - | - | High
|
||
|
94 | [37.187.186.160](https://vuldb.com/?ip.37.187.186.160) | ip160.ip-37-187-186.eu | - | High
|
||
|
95 | [37.189.0.0](https://vuldb.com/?ip.37.189.0.0) | - | - | High
|
||
|
96 | [37.228.132.218](https://vuldb.com/?ip.37.228.132.218) | - | - | High
|
||
|
97 | [45.12.70.185](https://vuldb.com/?ip.45.12.70.185) | soundly.alltieinc.com | - | High
|
||
|
98 | [45.12.71.185](https://vuldb.com/?ip.45.12.71.185) | - | - | High
|
||
|
99 | [45.74.10.0](https://vuldb.com/?ip.45.74.10.0) | - | - | High
|
||
|
100 | [45.92.68.0](https://vuldb.com/?ip.45.92.68.0) | - | - | High
|
||
|
101 | [45.92.229.0](https://vuldb.com/?ip.45.92.229.0) | - | - | High
|
||
|
102 | [45.135.172.0](https://vuldb.com/?ip.45.135.172.0) | - | - | High
|
||
|
103 | [45.144.88.0](https://vuldb.com/?ip.45.144.88.0) | - | - | High
|
||
|
104 | [45.149.28.0](https://vuldb.com/?ip.45.149.28.0) | - | - | High
|
||
|
105 | [45.151.29.0](https://vuldb.com/?ip.45.151.29.0) | - | - | High
|
||
|
106 | [45.153.100.0](https://vuldb.com/?ip.45.153.100.0) | - | - | High
|
||
|
107 | [45.153.156.0](https://vuldb.com/?ip.45.153.156.0) | - | - | High
|
||
|
108 | [45.154.64.0](https://vuldb.com/?ip.45.154.64.0) | - | - | High
|
||
|
109 | [45.154.192.0](https://vuldb.com/?ip.45.154.192.0) | - | - | High
|
||
|
110 | [46.50.0.0](https://vuldb.com/?ip.46.50.0.0) | - | - | High
|
||
|
111 | [46.105.85.248](https://vuldb.com/?ip.46.105.85.248) | ssl.gateway232.key18-marketing.com | - | High
|
||
|
112 | [46.105.89.224](https://vuldb.com/?ip.46.105.89.224) | ip224.ip-46-105-89.eu | - | High
|
||
|
113 | [46.105.91.64](https://vuldb.com/?ip.46.105.91.64) | - | - | High
|
||
|
114 | [46.105.94.120](https://vuldb.com/?ip.46.105.94.120) | ip120.ip-46-105-94.eu | - | High
|
||
|
115 | [46.105.131.96](https://vuldb.com/?ip.46.105.131.96) | - | - | High
|
||
|
116 | [46.105.138.176](https://vuldb.com/?ip.46.105.138.176) | 176euseo.god5.net | - | High
|
||
|
117 | [46.105.143.152](https://vuldb.com/?ip.46.105.143.152) | kod21.kodsia.com | - | High
|
||
|
118 | [46.105.154.0](https://vuldb.com/?ip.46.105.154.0) | ip0.ip-46-105-154.eu | - | High
|
||
|
119 | [46.105.159.0](https://vuldb.com/?ip.46.105.159.0) | pd.foldprocesstendency.website | - | High
|
||
|
120 | [46.105.172.152](https://vuldb.com/?ip.46.105.172.152) | - | - | High
|
||
|
121 | [46.105.185.68](https://vuldb.com/?ip.46.105.185.68) | - | - | High
|
||
|
122 | [46.105.190.224](https://vuldb.com/?ip.46.105.190.224) | - | - | High
|
||
|
123 | [46.105.191.136](https://vuldb.com/?ip.46.105.191.136) | db-4.shaload.com | - | High
|
||
|
124 | [46.105.224.176](https://vuldb.com/?ip.46.105.224.176) | ip176.ip-46-105-224.eu | - | High
|
||
|
125 | [46.105.229.48](https://vuldb.com/?ip.46.105.229.48) | ip48.ip-46-105-229.eu | - | High
|
||
|
126 | [46.105.241.176](https://vuldb.com/?ip.46.105.241.176) | - | - | High
|
||
|
127 | [46.189.128.0](https://vuldb.com/?ip.46.189.128.0) | 0.128.189.46.rev.vodafone.pt | - | High
|
||
|
128 | [50.118.198.20](https://vuldb.com/?ip.50.118.198.20) | - | - | High
|
||
|
129 | [51.38.122.36](https://vuldb.com/?ip.51.38.122.36) | - | - | High
|
||
|
130 | [51.38.123.176](https://vuldb.com/?ip.51.38.123.176) | ip176.ip-51-38-123.eu | - | High
|
||
|
131 | [51.38.175.232](https://vuldb.com/?ip.51.38.175.232) | ip232.ip-51-38-175.eu | - | High
|
||
|
132 | [51.38.198.0](https://vuldb.com/?ip.51.38.198.0) | - | - | High
|
||
|
133 | [51.38.204.224](https://vuldb.com/?ip.51.38.204.224) | ip224.ip-51-38-204.eu | - | High
|
||
|
134 | [51.38.248.32](https://vuldb.com/?ip.51.38.248.32) | ip32.ip-51-38-248.eu | - | High
|
||
|
135 | [51.68.161.0](https://vuldb.com/?ip.51.68.161.0) | - | - | High
|
||
|
136 | [51.68.182.16](https://vuldb.com/?ip.51.68.182.16) | - | - | High
|
||
|
137 | [51.68.185.96](https://vuldb.com/?ip.51.68.185.96) | - | - | High
|
||
|
138 | [51.75.98.128](https://vuldb.com/?ip.51.75.98.128) | ip128.ip-51-75-98.eu | - | High
|
||
|
139 | [51.75.234.24](https://vuldb.com/?ip.51.75.234.24) | ip24.ip-51-75-234.eu | - | High
|
||
|
140 | [51.77.24.216](https://vuldb.com/?ip.51.77.24.216) | - | - | High
|
||
|
141 | [51.77.29.64](https://vuldb.com/?ip.51.77.29.64) | - | - | High
|
||
|
142 | [51.77.70.96](https://vuldb.com/?ip.51.77.70.96) | - | - | High
|
||
|
143 | [51.77.79.112](https://vuldb.com/?ip.51.77.79.112) | ip112.ip-51-77-79.eu | - | High
|
||
|
144 | [51.77.82.240](https://vuldb.com/?ip.51.77.82.240) | fo0-rtune.buildpersonalityskills.com | - | High
|
||
|
145 | [51.77.89.176](https://vuldb.com/?ip.51.77.89.176) | gourl.io | - | High
|
||
|
146 | [51.77.93.160](https://vuldb.com/?ip.51.77.93.160) | ip160.ip-51-77-93.eu | - | High
|
||
|
147 | [51.77.95.0](https://vuldb.com/?ip.51.77.95.0) | ip0.ip-51-77-95.eu | - | High
|
||
|
148 | [51.77.226.12](https://vuldb.com/?ip.51.77.226.12) | ip12.ip-51-77-226.eu | - | High
|
||
|
149 | [51.77.235.192](https://vuldb.com/?ip.51.77.235.192) | 51.77.235.192.foip.abcvg.ovh | - | High
|
||
|
150 | [51.89.9.128](https://vuldb.com/?ip.51.89.9.128) | cryt.smartdatalifts.top | - | High
|
||
|
151 | [51.89.13.176](https://vuldb.com/?ip.51.89.13.176) | ip176.ip-51-89-13.eu | - | High
|
||
|
152 | [51.89.24.160](https://vuldb.com/?ip.51.89.24.160) | ip160.ip-51-89-24.eu | - | High
|
||
|
153 | [51.89.32.80](https://vuldb.com/?ip.51.89.32.80) | msa.ao | - | High
|
||
|
154 | [51.89.54.208](https://vuldb.com/?ip.51.89.54.208) | - | - | High
|
||
|
155 | [51.89.115.48](https://vuldb.com/?ip.51.89.115.48) | ip48.ip-51-89-115.eu | - | High
|
||
|
156 | [51.89.122.160](https://vuldb.com/?ip.51.89.122.160) | ip160.ip-51-89-122.eu | - | High
|
||
|
157 | [51.91.89.160](https://vuldb.com/?ip.51.91.89.160) | - | - | High
|
||
|
158 | [51.178.4.224](https://vuldb.com/?ip.51.178.4.224) | ip224.ip-51-178-4.eu | - | High
|
||
|
159 | [51.178.229.32](https://vuldb.com/?ip.51.178.229.32) | advice.4.deltalettering.shop | - | High
|
||
|
160 | [51.254.58.96](https://vuldb.com/?ip.51.254.58.96) | - | - | High
|
||
|
161 | [51.254.64.96](https://vuldb.com/?ip.51.254.64.96) | - | - | High
|
||
|
162 | [51.254.100.124](https://vuldb.com/?ip.51.254.100.124) | 124.ip-51-254-100.eu | - | High
|
||
|
163 | [51.254.127.126](https://vuldb.com/?ip.51.254.127.126) | - | - | High
|
||
|
164 | [51.254.162.120](https://vuldb.com/?ip.51.254.162.120) | ip120.ip-51-254-162.eu | - | High
|
||
|
165 | [51.254.164.32](https://vuldb.com/?ip.51.254.164.32) | - | - | High
|
||
|
166 | [51.254.188.0](https://vuldb.com/?ip.51.254.188.0) | cloud4.qlxgg.com | - | High
|
||
|
167 | [51.254.245.184](https://vuldb.com/?ip.51.254.245.184) | - | - | High
|
||
|
168 | [51.254.254.132](https://vuldb.com/?ip.51.254.254.132) | ip132.ip-51-254-254.eu | - | High
|
||
|
169 | [51.255.13.96](https://vuldb.com/?ip.51.255.13.96) | ip96.ip-51-255-13.eu | - | High
|
||
|
170 | [51.255.18.64](https://vuldb.com/?ip.51.255.18.64) | - | - | High
|
||
|
171 | [51.255.23.96](https://vuldb.com/?ip.51.255.23.96) | perl-smtp2.p5rz.in | - | High
|
||
|
172 | [51.255.25.64](https://vuldb.com/?ip.51.255.25.64) | - | - | High
|
||
|
173 | [51.255.30.48](https://vuldb.com/?ip.51.255.30.48) | 51.255.30.48.voice.pt | - | High
|
||
|
174 | [51.255.55.96](https://vuldb.com/?ip.51.255.55.96) | - | - | High
|
||
|
175 | [51.255.61.0](https://vuldb.com/?ip.51.255.61.0) | bordic.net | - | High
|
||
|
176 | [51.255.98.224](https://vuldb.com/?ip.51.255.98.224) | ip224.ip-51-255-98.eu | - | High
|
||
|
177 | [51.255.99.96](https://vuldb.com/?ip.51.255.99.96) | ip96.ip-51-255-99.eu | - | High
|
||
|
178 | [51.255.132.240](https://vuldb.com/?ip.51.255.132.240) | - | - | High
|
||
|
179 | [51.255.140.0](https://vuldb.com/?ip.51.255.140.0) | ip0.ip-51-255-140.eu | - | High
|
||
|
180 | [51.255.140.160](https://vuldb.com/?ip.51.255.140.160) | ip160.ip-51-255-140.eu | - | High
|
||
|
181 | [51.255.146.192](https://vuldb.com/?ip.51.255.146.192) | 51.255.146.192.voice.pt | - | High
|
||
|
182 | [51.255.151.56](https://vuldb.com/?ip.51.255.151.56) | - | - | High
|
||
|
183 | [51.255.208.72](https://vuldb.com/?ip.51.255.208.72) | vpnout102-117-1-pt.ciberprotector.com | - | High
|
||
|
184 | [51.255.208.216](https://vuldb.com/?ip.51.255.208.216) | pencil3.secured-alert.info | - | High
|
||
|
185 | [51.255.210.144](https://vuldb.com/?ip.51.255.210.144) | ip144.ip-51-255-210.eu | - | High
|
||
|
186 | [51.255.211.32](https://vuldb.com/?ip.51.255.211.32) | ssl.gateway240.key19-marketing.com | - | High
|
||
|
187 | [54.36.1.0](https://vuldb.com/?ip.54.36.1.0) | ip0.ip-54-36-1.eu | - | High
|
||
|
188 | [54.36.1.64](https://vuldb.com/?ip.54.36.1.64) | pm6cz.parallelgold.co | - | High
|
||
|
189 | [54.36.20.192](https://vuldb.com/?ip.54.36.20.192) | ip192.ip-54-36-20.eu | - | High
|
||
|
190 | [54.36.31.96](https://vuldb.com/?ip.54.36.31.96) | ip96.ip-54-36-31.eu | - | High
|
||
|
191 | [54.36.84.224](https://vuldb.com/?ip.54.36.84.224) | - | - | High
|
||
|
192 | [54.36.85.96](https://vuldb.com/?ip.54.36.85.96) | ip96.ip-54-36-85.eu | - | High
|
||
|
193 | [54.36.128.96](https://vuldb.com/?ip.54.36.128.96) | ip96.ip-54-36-128.eu | - | High
|
||
|
194 | [54.36.158.192](https://vuldb.com/?ip.54.36.158.192) | - | - | High
|
||
|
195 | [54.36.193.96](https://vuldb.com/?ip.54.36.193.96) | ip96.ip-54-36-193.eu | - | High
|
||
|
196 | [54.36.200.224](https://vuldb.com/?ip.54.36.200.224) | ip224.ip-54-36-200.eu | - | High
|
||
|
197 | [54.36.203.32](https://vuldb.com/?ip.54.36.203.32) | - | - | High
|
||
|
198 | [54.37.105.176](https://vuldb.com/?ip.54.37.105.176) | ip176.ip-54-37-105.eu | - | High
|
||
|
199 | [54.37.111.128](https://vuldb.com/?ip.54.37.111.128) | relay111-128.happyforce.digital | - | High
|
||
|
200 | [54.37.118.96](https://vuldb.com/?ip.54.37.118.96) | ns5.webbsss.cloud | - | High
|
||
|
201 | [54.37.119.96](https://vuldb.com/?ip.54.37.119.96) | classic.samastmahajan.xyz | - | High
|
||
|
202 | ... | ... | ... | ...
|
||
|
|
||
|
There are 802 more IOC items available. Please use our online service to access the data.
|
||
|
|
||
|
## TTP - Tactics, Techniques, Procedures
|
||
|
|
||
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Portugal Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
||
|
|
||
|
ID | Technique | Weakness | Description | Confidence
|
||
|
-- | --------- | -------- | ----------- | ----------
|
||
|
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||
|
2 | T1055 | CWE-74 | Injection | High
|
||
|
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||
|
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||
|
5 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||
|
6 | ... | ... | ... | ...
|
||
|
|
||
|
There are 21 more TTP items available. Please use our online service to access the data.
|
||
|
|
||
|
## IOA - Indicator of Attack
|
||
|
|
||
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Portugal Unknown. This data is unique as it uses our predictive model for actor profiling.
|
||
|
|
||
|
ID | Type | Indicator | Confidence
|
||
|
-- | ---- | --------- | ----------
|
||
|
1 | File | `.github/workflows/combine-prs.yml` | High
|
||
|
2 | File | `/admin/api/admin/articles/` | High
|
||
|
3 | File | `/admin/api/theme-edit/` | High
|
||
|
4 | File | `/bsms_ci/index.php` | High
|
||
|
5 | File | `/cms/category/list` | High
|
||
|
6 | File | `/cms/notify` | Medium
|
||
|
7 | File | `/contacts/listcontacts.php` | High
|
||
|
8 | File | `/Default/Bd` | Medium
|
||
|
9 | File | `/depotHead/list` | High
|
||
|
10 | File | `/diagnostic/login.php` | High
|
||
|
11 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||
|
12 | File | `/event/admin/?page=user/list` | High
|
||
|
13 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||
|
14 | File | `/goform/editFileName` | High
|
||
|
15 | File | `/goform/editUserName` | High
|
||
|
16 | File | `/goform/L7Im` | Medium
|
||
|
17 | File | `/goform/NatStaticSetting` | High
|
||
|
18 | File | `/goform/SetIpMacBind` | High
|
||
|
19 | File | `/goform/WifiBasicSet` | High
|
||
|
20 | File | `/goform/wifiSSIDset` | High
|
||
|
21 | File | `/hrm/employeeadd.php` | High
|
||
|
22 | File | `/hrm/employeeview.php` | High
|
||
|
23 | File | `/ims/login.php` | High
|
||
|
24 | File | `/index.php?module=help_pages/pages&entities_id=24` | High
|
||
|
25 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||
|
26 | File | `/logs/sql-error.log` | High
|
||
|
27 | File | `/lookin/info` | Medium
|
||
|
28 | File | `/meetings/listmeetings.php` | High
|
||
|
29 | File | `/operations/travellers.php` | High
|
||
|
30 | File | `/proc` | Low
|
||
|
31 | File | `/proc/*/exe` | Medium
|
||
|
32 | File | `/proxy` | Low
|
||
|
33 | File | `/Redcock-Farm/farm/category.php` | High
|
||
|
34 | File | `/reports/rwservlet` | High
|
||
|
35 | File | `/spip.php` | Medium
|
||
|
36 | File | `/system/user/modules/mod_users/controller.php` | High
|
||
|
37 | File | `/timeline2.php` | High
|
||
|
38 | File | `/tmp` | Low
|
||
|
39 | File | `/ucenter/repass.php` | High
|
||
|
40 | File | `/var/log/messages` | High
|
||
|
41 | File | `/youthappam/editcategory.php` | High
|
||
|
42 | File | `AAVCAssembler.cpp` | High
|
||
|
43 | File | `AbstractScheduleJob.java` | High
|
||
|
44 | File | `acp/core/files.browser.php` | High
|
||
|
45 | File | `actionphp/download.File.php` | High
|
||
|
46 | File | `actions/UploadAction.php` | High
|
||
|
47 | File | `adclick.php` | Medium
|
||
|
48 | File | `Admin/add-admin.php` | High
|
||
|
49 | File | `admin/BunchDetail.do` | High
|
||
|
50 | File | `admin/conf_users_edit.php` | High
|
||
|
51 | File | `admin/developer/` | High
|
||
|
52 | ... | ... | ...
|
||
|
|
||
|
There are 448 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||
|
|
||
|
## References
|
||
|
|
||
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||
|
|
||
|
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_pt.netset
|
||
|
|
||
|
## Literature
|
||
|
|
||
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||
|
|
||
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||
|
|
||
|
## License
|
||
|
|
||
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|