mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-05 18:01:41 +00:00
373 lines
28 KiB
Markdown
373 lines
28 KiB
Markdown
![]() |
# Nanocore RAT - Cyber Threat Intelligence
|
||
|
|
||
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Nanocore RAT](https://vuldb.com/?actor.nanocore_rat). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||
|
|
||
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.nanocore_rat](https://vuldb.com/?actor.nanocore_rat)
|
||
|
|
||
|
## Countries
|
||
|
|
||
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Nanocore RAT:
|
||
|
|
||
|
* [SH](https://vuldb.com/?country.sh)
|
||
|
* [CN](https://vuldb.com/?country.cn)
|
||
|
* [US](https://vuldb.com/?country.us)
|
||
|
* ...
|
||
|
|
||
|
There are 9 more country items available. Please use our online service to access the data.
|
||
|
|
||
|
## IOC - Indicator of Compromise
|
||
|
|
||
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Nanocore RAT.
|
||
|
|
||
|
ID | IP address | Hostname | Campaign | Confidence
|
||
|
-- | ---------- | -------- | -------- | ----------
|
||
|
1 | [2.3.155.124](https://vuldb.com/?ip.2.3.155.124) | lfbn-cle-1-64-124.w2-3.abo.wanadoo.fr | - | High
|
||
|
2 | [2.56.56.6](https://vuldb.com/?ip.2.56.56.6) | nus1.top | - | High
|
||
|
3 | [2.56.56.74](https://vuldb.com/?ip.2.56.56.74) | nut9.top | - | High
|
||
|
4 | [2.56.56.96](https://vuldb.com/?ip.2.56.56.96) | nutuc.top | - | High
|
||
|
5 | [2.56.56.102](https://vuldb.com/?ip.2.56.56.102) | nutus.top | - | High
|
||
|
6 | [2.56.56.117](https://vuldb.com/?ip.2.56.56.117) | notin.top | - | High
|
||
|
7 | [2.56.56.126](https://vuldb.com/?ip.2.56.56.126) | notut.top | - | High
|
||
|
8 | [2.56.57.129](https://vuldb.com/?ip.2.56.57.129) | thebestwebstore.com | - | High
|
||
|
9 | [2.56.57.130](https://vuldb.com/?ip.2.56.57.130) | anderson.thebestwebstore.com | - | High
|
||
|
10 | [2.56.57.143](https://vuldb.com/?ip.2.56.57.143) | rush.thebestwebstore.com | - | High
|
||
|
11 | [2.56.59.46](https://vuldb.com/?ip.2.56.59.46) | - | - | High
|
||
|
12 | [2.56.59.101](https://vuldb.com/?ip.2.56.59.101) | - | - | High
|
||
|
13 | [2.56.59.113](https://vuldb.com/?ip.2.56.59.113) | - | - | High
|
||
|
14 | [2.56.59.217](https://vuldb.com/?ip.2.56.59.217) | - | - | High
|
||
|
15 | [2.58.149.88](https://vuldb.com/?ip.2.58.149.88) | - | - | High
|
||
|
16 | [2.58.149.124](https://vuldb.com/?ip.2.58.149.124) | - | - | High
|
||
|
17 | [2.58.149.232](https://vuldb.com/?ip.2.58.149.232) | - | - | High
|
||
|
18 | [2.58.149.236](https://vuldb.com/?ip.2.58.149.236) | - | - | High
|
||
|
19 | [3.6.30.85](https://vuldb.com/?ip.3.6.30.85) | ec2-3-6-30-85.ap-south-1.compute.amazonaws.com | - | Medium
|
||
|
20 | [3.6.98.232](https://vuldb.com/?ip.3.6.98.232) | ec2-3-6-98-232.ap-south-1.compute.amazonaws.com | - | Medium
|
||
|
21 | [3.6.115.64](https://vuldb.com/?ip.3.6.115.64) | ec2-3-6-115-64.ap-south-1.compute.amazonaws.com | - | Medium
|
||
|
22 | [3.13.191.225](https://vuldb.com/?ip.3.13.191.225) | ec2-3-13-191-225.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
23 | [3.14.182.203](https://vuldb.com/?ip.3.14.182.203) | ec2-3-14-182-203.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
24 | [3.17.7.232](https://vuldb.com/?ip.3.17.7.232) | ec2-3-17-7-232.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
25 | [3.19.130.43](https://vuldb.com/?ip.3.19.130.43) | ec2-3-19-130-43.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
26 | [3.22.15.135](https://vuldb.com/?ip.3.22.15.135) | ec2-3-22-15-135.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
27 | [3.22.30.40](https://vuldb.com/?ip.3.22.30.40) | ec2-3-22-30-40.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
28 | [3.22.53.161](https://vuldb.com/?ip.3.22.53.161) | ec2-3-22-53-161.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
29 | [3.67.15.169](https://vuldb.com/?ip.3.67.15.169) | ec2-3-67-15-169.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
30 | [3.67.62.142](https://vuldb.com/?ip.3.67.62.142) | ec2-3-67-62-142.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
31 | [3.67.112.102](https://vuldb.com/?ip.3.67.112.102) | ec2-3-67-112-102.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
32 | [3.68.56.232](https://vuldb.com/?ip.3.68.56.232) | ec2-3-68-56-232.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
33 | [3.92.185.198](https://vuldb.com/?ip.3.92.185.198) | ec2-3-92-185-198.compute-1.amazonaws.com | - | Medium
|
||
|
34 | [3.121.139.82](https://vuldb.com/?ip.3.121.139.82) | ec2-3-121-139-82.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
35 | [3.124.67.191](https://vuldb.com/?ip.3.124.67.191) | ec2-3-124-67-191.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
36 | [3.125.188.168](https://vuldb.com/?ip.3.125.188.168) | ec2-3-125-188-168.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
37 | [3.126.37.18](https://vuldb.com/?ip.3.126.37.18) | ec2-3-126-37-18.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
38 | [3.126.224.214](https://vuldb.com/?ip.3.126.224.214) | ec2-3-126-224-214.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
39 | [3.127.59.75](https://vuldb.com/?ip.3.127.59.75) | ec2-3-127-59-75.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
40 | [3.127.138.57](https://vuldb.com/?ip.3.127.138.57) | ec2-3-127-138-57.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
41 | [3.127.253.86](https://vuldb.com/?ip.3.127.253.86) | ec2-3-127-253-86.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
42 | [3.128.107.74](https://vuldb.com/?ip.3.128.107.74) | ec2-3-128-107-74.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
43 | [3.129.187.220](https://vuldb.com/?ip.3.129.187.220) | ec2-3-129-187-220.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
44 | [3.131.147.49](https://vuldb.com/?ip.3.131.147.49) | ec2-3-131-147-49.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
45 | [3.131.207.170](https://vuldb.com/?ip.3.131.207.170) | ec2-3-131-207-170.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
46 | [3.132.159.158](https://vuldb.com/?ip.3.132.159.158) | ec2-3-132-159-158.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
47 | [3.133.207.110](https://vuldb.com/?ip.3.133.207.110) | ec2-3-133-207-110.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
48 | [3.134.39.220](https://vuldb.com/?ip.3.134.39.220) | ec2-3-134-39-220.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
49 | [3.134.125.175](https://vuldb.com/?ip.3.134.125.175) | ec2-3-134-125-175.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
50 | [3.136.65.236](https://vuldb.com/?ip.3.136.65.236) | ec2-3-136-65-236.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
51 | [3.138.45.170](https://vuldb.com/?ip.3.138.45.170) | ec2-3-138-45-170.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
52 | [3.138.180.119](https://vuldb.com/?ip.3.138.180.119) | ec2-3-138-180-119.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
53 | [3.140.223.7](https://vuldb.com/?ip.3.140.223.7) | ec2-3-140-223-7.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
54 | [3.141.142.211](https://vuldb.com/?ip.3.141.142.211) | ec2-3-141-142-211.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
55 | [3.141.177.1](https://vuldb.com/?ip.3.141.177.1) | ec2-3-141-177-1.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
56 | [3.141.210.37](https://vuldb.com/?ip.3.141.210.37) | ec2-3-141-210-37.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
57 | [3.142.81.166](https://vuldb.com/?ip.3.142.81.166) | ec2-3-142-81-166.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
58 | [3.142.129.56](https://vuldb.com/?ip.3.142.129.56) | ec2-3-142-129-56.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
59 | [3.142.167.4](https://vuldb.com/?ip.3.142.167.4) | ec2-3-142-167-4.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
60 | [3.142.167.54](https://vuldb.com/?ip.3.142.167.54) | ec2-3-142-167-54.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
61 | [3.145.201.105](https://vuldb.com/?ip.3.145.201.105) | ec2-3-145-201-105.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
62 | [5.134.196.78](https://vuldb.com/?ip.5.134.196.78) | - | - | High
|
||
|
63 | [5.181.234.149](https://vuldb.com/?ip.5.181.234.149) | - | - | High
|
||
|
64 | [10.35.70.148](https://vuldb.com/?ip.10.35.70.148) | - | - | High
|
||
|
65 | [13.58.157.220](https://vuldb.com/?ip.13.58.157.220) | ec2-13-58-157-220.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
66 | [13.59.15.185](https://vuldb.com/?ip.13.59.15.185) | ec2-13-59-15-185.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
67 | [18.156.13.209](https://vuldb.com/?ip.18.156.13.209) | ec2-18-156-13-209.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
68 | [18.157.68.73](https://vuldb.com/?ip.18.157.68.73) | ec2-18-157-68-73.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
69 | [18.158.58.205](https://vuldb.com/?ip.18.158.58.205) | ec2-18-158-58-205.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
70 | [18.189.106.45](https://vuldb.com/?ip.18.189.106.45) | ec2-18-189-106-45.us-east-2.compute.amazonaws.com | - | Medium
|
||
|
71 | [18.192.93.86](https://vuldb.com/?ip.18.192.93.86) | ec2-18-192-93-86.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
72 | [18.197.239.5](https://vuldb.com/?ip.18.197.239.5) | ec2-18-197-239-5.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
73 | [18.198.77.177](https://vuldb.com/?ip.18.198.77.177) | ec2-18-198-77-177.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
74 | [20.52.46.119](https://vuldb.com/?ip.20.52.46.119) | - | - | High
|
||
|
75 | [20.79.206.212](https://vuldb.com/?ip.20.79.206.212) | - | - | High
|
||
|
76 | [20.91.192.34](https://vuldb.com/?ip.20.91.192.34) | - | - | High
|
||
|
77 | [20.185.47.68](https://vuldb.com/?ip.20.185.47.68) | - | - | High
|
||
|
78 | [20.197.234.75](https://vuldb.com/?ip.20.197.234.75) | - | - | High
|
||
|
79 | [20.203.173.201](https://vuldb.com/?ip.20.203.173.201) | - | - | High
|
||
|
80 | [23.94.54.224](https://vuldb.com/?ip.23.94.54.224) | 23-94-54-224-host.colocrossing.com | - | High
|
||
|
81 | [23.102.1.5](https://vuldb.com/?ip.23.102.1.5) | - | - | High
|
||
|
82 | [23.105.131.166](https://vuldb.com/?ip.23.105.131.166) | mail166.nessfist.com | - | High
|
||
|
83 | [23.105.131.186](https://vuldb.com/?ip.23.105.131.186) | mail186.nessfist.com | - | High
|
||
|
84 | [23.105.131.196](https://vuldb.com/?ip.23.105.131.196) | mail196.nessfist.com | - | High
|
||
|
85 | [23.105.131.206](https://vuldb.com/?ip.23.105.131.206) | mail206.nessfist.com | - | High
|
||
|
86 | [23.105.131.228](https://vuldb.com/?ip.23.105.131.228) | mail228.nessfist.com | - | High
|
||
|
87 | [23.105.131.237](https://vuldb.com/?ip.23.105.131.237) | mail237.nessfist.com | - | High
|
||
|
88 | [23.105.131.249](https://vuldb.com/?ip.23.105.131.249) | mail249.nessfist.com | - | High
|
||
|
89 | [23.105.171.87](https://vuldb.com/?ip.23.105.171.87) | teluisd.tienda | - | High
|
||
|
90 | [23.146.242.147](https://vuldb.com/?ip.23.146.242.147) | - | - | High
|
||
|
91 | [23.229.34.114](https://vuldb.com/?ip.23.229.34.114) | noncurrent.specialtyway.com | - | High
|
||
|
92 | [23.237.25.128](https://vuldb.com/?ip.23.237.25.128) | - | - | High
|
||
|
93 | [23.237.25.205](https://vuldb.com/?ip.23.237.25.205) | - | - | High
|
||
|
94 | [24.133.1.29](https://vuldb.com/?ip.24.133.1.29) | - | - | High
|
||
|
95 | [24.135.175.197](https://vuldb.com/?ip.24.135.175.197) | cable-24-135-175-197.dynamic.sbb.rs | - | High
|
||
|
96 | [27.254.163.12](https://vuldb.com/?ip.27.254.163.12) | static-27-254-163-12.bangmod.cloud | - | High
|
||
|
97 | [31.210.20.18](https://vuldb.com/?ip.31.210.20.18) | - | - | High
|
||
|
98 | [31.210.20.129](https://vuldb.com/?ip.31.210.20.129) | - | - | High
|
||
|
99 | [31.210.20.215](https://vuldb.com/?ip.31.210.20.215) | - | - | High
|
||
|
100 | [31.210.55.103](https://vuldb.com/?ip.31.210.55.103) | 31-210-55-103.hostlab.net.tr | - | High
|
||
|
101 | [34.139.92.250](https://vuldb.com/?ip.34.139.92.250) | 250.92.139.34.bc.googleusercontent.com | - | Medium
|
||
|
102 | [34.201.133.83](https://vuldb.com/?ip.34.201.133.83) | ec2-34-201-133-83.compute-1.amazonaws.com | - | Medium
|
||
|
103 | [34.221.57.122](https://vuldb.com/?ip.34.221.57.122) | ec2-34-221-57-122.us-west-2.compute.amazonaws.com | - | Medium
|
||
|
104 | [34.223.5.56](https://vuldb.com/?ip.34.223.5.56) | ec2-34-223-5-56.us-west-2.compute.amazonaws.com | - | Medium
|
||
|
105 | [35.158.159.254](https://vuldb.com/?ip.35.158.159.254) | ec2-35-158-159-254.eu-central-1.compute.amazonaws.com | - | Medium
|
||
|
106 | [35.198.98.125](https://vuldb.com/?ip.35.198.98.125) | 125.98.198.35.bc.googleusercontent.com | - | Medium
|
||
|
107 | [36.90.214.84](https://vuldb.com/?ip.36.90.214.84) | - | - | High
|
||
|
108 | [37.0.8.61](https://vuldb.com/?ip.37.0.8.61) | joneswilson.springtimemartialarts.com | - | High
|
||
|
109 | [37.0.8.98](https://vuldb.com/?ip.37.0.8.98) | - | - | High
|
||
|
110 | [37.0.8.115](https://vuldb.com/?ip.37.0.8.115) | brownfarmer.capitolreservations.com | - | High
|
||
|
111 | [37.0.8.138](https://vuldb.com/?ip.37.0.8.138) | holland.athinneru.com | - | High
|
||
|
112 | [37.0.8.214](https://vuldb.com/?ip.37.0.8.214) | ramos.cartierevannucci.com | - | High
|
||
|
113 | [37.0.8.234](https://vuldb.com/?ip.37.0.8.234) | bradley.cartierevannucci.com | - | High
|
||
|
114 | [37.0.10.22](https://vuldb.com/?ip.37.0.10.22) | - | - | High
|
||
|
115 | [37.0.10.38](https://vuldb.com/?ip.37.0.10.38) | - | - | High
|
||
|
116 | [37.0.10.144](https://vuldb.com/?ip.37.0.10.144) | - | - | High
|
||
|
117 | [37.0.10.190](https://vuldb.com/?ip.37.0.10.190) | - | - | High
|
||
|
118 | [37.0.11.6](https://vuldb.com/?ip.37.0.11.6) | - | - | High
|
||
|
119 | [37.0.11.76](https://vuldb.com/?ip.37.0.11.76) | - | - | High
|
||
|
120 | [37.0.11.164](https://vuldb.com/?ip.37.0.11.164) | - | - | High
|
||
|
121 | [37.0.11.250](https://vuldb.com/?ip.37.0.11.250) | - | - | High
|
||
|
122 | [37.0.11.252](https://vuldb.com/?ip.37.0.11.252) | - | - | High
|
||
|
123 | [37.0.14.195](https://vuldb.com/?ip.37.0.14.195) | - | - | High
|
||
|
124 | [37.0.14.196](https://vuldb.com/?ip.37.0.14.196) | - | - | High
|
||
|
125 | [37.0.14.197](https://vuldb.com/?ip.37.0.14.197) | - | - | High
|
||
|
126 | [37.0.14.198](https://vuldb.com/?ip.37.0.14.198) | - | - | High
|
||
|
127 | [37.0.14.203](https://vuldb.com/?ip.37.0.14.203) | - | - | High
|
||
|
128 | [37.0.14.206](https://vuldb.com/?ip.37.0.14.206) | - | - | High
|
||
|
129 | [37.0.14.210](https://vuldb.com/?ip.37.0.14.210) | host-37-0-14-210.static.deli-one.co.uk | - | High
|
||
|
130 | [37.0.14.216](https://vuldb.com/?ip.37.0.14.216) | - | - | High
|
||
|
131 | [37.120.141.153](https://vuldb.com/?ip.37.120.141.153) | - | - | High
|
||
|
132 | [37.120.141.168](https://vuldb.com/?ip.37.120.141.168) | - | - | High
|
||
|
133 | [37.120.210.211](https://vuldb.com/?ip.37.120.210.211) | - | - | High
|
||
|
134 | [37.120.210.219](https://vuldb.com/?ip.37.120.210.219) | - | - | High
|
||
|
135 | [37.139.128.94](https://vuldb.com/?ip.37.139.128.94) | - | - | High
|
||
|
136 | [37.139.129.71](https://vuldb.com/?ip.37.139.129.71) | - | - | High
|
||
|
137 | [37.139.129.91](https://vuldb.com/?ip.37.139.129.91) | - | - | High
|
||
|
138 | [41.216.183.49](https://vuldb.com/?ip.41.216.183.49) | - | - | High
|
||
|
139 | [41.216.183.170](https://vuldb.com/?ip.41.216.183.170) | - | - | High
|
||
|
140 | [43.154.234.84](https://vuldb.com/?ip.43.154.234.84) | - | - | High
|
||
|
141 | [45.11.231.129](https://vuldb.com/?ip.45.11.231.129) | 45-11-231-129.freemesh.co.uk | - | High
|
||
|
142 | [45.12.253.26](https://vuldb.com/?ip.45.12.253.26) | - | - | High
|
||
|
143 | [45.12.253.242](https://vuldb.com/?ip.45.12.253.242) | - | - | High
|
||
|
144 | [45.14.165.113](https://vuldb.com/?ip.45.14.165.113) | webserver-ltd.ml | - | High
|
||
|
145 | [45.35.105.148](https://vuldb.com/?ip.45.35.105.148) | unassigned.psychz.net | - | High
|
||
|
146 | [45.59.127.4](https://vuldb.com/?ip.45.59.127.4) | - | - | High
|
||
|
147 | ... | ... | ... | ...
|
||
|
|
||
|
There are 583 more IOC items available. Please use our online service to access the data.
|
||
|
|
||
|
## TTP - Tactics, Techniques, Procedures
|
||
|
|
||
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Nanocore RAT_. This data is unique as it uses our predictive model for actor profiling.
|
||
|
|
||
|
ID | Technique | Weakness | Description | Confidence
|
||
|
-- | --------- | -------- | ----------- | ----------
|
||
|
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||
|
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||
|
3 | T1055 | CWE-74 | Injection | High
|
||
|
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||
|
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||
|
6 | ... | ... | ... | ...
|
||
|
|
||
|
There are 20 more TTP items available. Please use our online service to access the data.
|
||
|
|
||
|
## IOA - Indicator of Attack
|
||
|
|
||
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Nanocore RAT. This data is unique as it uses our predictive model for actor profiling.
|
||
|
|
||
|
ID | Type | Indicator | Confidence
|
||
|
-- | ---- | --------- | ----------
|
||
|
1 | File | `/?p=products` | Medium
|
||
|
2 | File | `/admin/?page=product/manage_product&id=2` | High
|
||
|
3 | File | `/admin/casedetails.php` | High
|
||
|
4 | File | `/admin/index2.html` | High
|
||
|
5 | File | `/admin/maintenance/brand.php` | High
|
||
|
6 | File | `/admin/mechanics/manage_mechanic.php` | High
|
||
|
7 | File | `/admin/user/manage_user.php` | High
|
||
|
8 | File | `/admin/voters_row.php` | High
|
||
|
9 | File | `/ad_js.php` | Medium
|
||
|
10 | File | `/agc/vicidial.php` | High
|
||
|
11 | File | `/ajax/myshop` | Medium
|
||
|
12 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||
|
13 | File | `/api/gen/clients/{language}` | High
|
||
|
14 | File | `/apply.cgi` | Medium
|
||
|
15 | File | `/APR/signup.php` | High
|
||
|
16 | File | `/authenticationendpoint/login.do` | High
|
||
|
17 | File | `/aux` | Low
|
||
|
18 | File | `/backup.pl` | Medium
|
||
|
19 | File | `/cas/logout` | Medium
|
||
|
20 | File | `/categorypage.php` | High
|
||
|
21 | File | `/cgi-bin-sdb/ExportSettings.sh` | High
|
||
|
22 | File | `/cgi-bin/system_mgr.cgi` | High
|
||
|
23 | File | `/cha.php` | Medium
|
||
|
24 | File | `/cimom` | Low
|
||
|
25 | File | `/College/admin/teacher.php` | High
|
||
|
26 | File | `/contactform/contactform.php` | High
|
||
|
27 | File | `/dayrui/Fcms/View/system_log.html` | High
|
||
|
28 | File | `/drivers/block/floppy.c` | High
|
||
|
29 | File | `/ebics-server/ebics.aspx` | High
|
||
|
30 | File | `/ecommerce/admin/category/controller.php` | High
|
||
|
31 | File | `/etc/config/product.ini` | High
|
||
|
32 | File | `/etc/crash` | Medium
|
||
|
33 | File | `/etc/shadow` | Medium
|
||
|
34 | File | `/fos/admin/ajax.php` | High
|
||
|
35 | File | `/goform/aspForm` | High
|
||
|
36 | File | `/HNAP1` | Low
|
||
|
37 | File | `/HNAP1/SetClientInfo` | High
|
||
|
38 | File | `/index.php` | Medium
|
||
|
39 | File | `/kelasdosen/data` | High
|
||
|
40 | File | `/login/index.php` | High
|
||
|
41 | File | `/medicines/profile.php` | High
|
||
|
42 | File | `/modules/profile/index.php` | High
|
||
|
43 | File | `/modules/projects/vw_files.php` | High
|
||
|
44 | File | `/Moosikay/order.php` | High
|
||
|
45 | File | `/multi-vendor-shopping-script/product-list.php` | High
|
||
|
46 | File | `/nasm/nasm-parse.c` | High
|
||
|
47 | File | `/ordering/admin/orders/loaddata.php` | High
|
||
|
48 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||
|
49 | File | `/owa/auth/logon.aspx` | High
|
||
|
50 | File | `/philosophy/admin/login.php` | High
|
||
|
51 | File | `/php-opos/login.php` | High
|
||
|
52 | File | `/priv_mgt.html` | High
|
||
|
53 | File | `/resources//../` | High
|
||
|
54 | File | `/see_more_details.php` | High
|
||
|
55 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||
|
56 | File | `/sys/dict/queryTableData` | High
|
||
|
57 | File | `/user/updatePwd` | High
|
||
|
58 | File | `/users/delete/2` | High
|
||
|
59 | File | `/webroot/inc/utility_all.php` | High
|
||
|
60 | File | `/zm/index.php` | High
|
||
|
61 | File | `3G/UMTS` | Low
|
||
|
62 | ... | ... | ...
|
||
|
|
||
|
There are 538 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||
|
|
||
|
## References
|
||
|
|
||
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||
|
|
||
|
* https://bazaar.abuse.ch/sample/0b5b77eb2568ffc85d47fa2e1f2924d3e31e981c99c3d15b5123f3f70dcf3331/
|
||
|
* https://bazaar.abuse.ch/sample/04b096cdf08e7d8163ea893a454bd47a7432f4993ddfdfdcd8a8aad0c766a37c/
|
||
|
* https://bazaar.abuse.ch/sample/0460eaab50a96b4024770dc1a1e052132e7391007c2707a8f38eb255bbf643ac/
|
||
|
* https://bazaar.abuse.ch/sample/074a43f2b2bcfe46a0ad168e710ed220c63fa8806771a4e2bd7f18bef315d797/
|
||
|
* https://bazaar.abuse.ch/sample/084dbb4d5e285e79982c03d187a233b24f6fe7a4ac4af9821aeb8f4c475288df/
|
||
|
* https://bazaar.abuse.ch/sample/0848e50e87a8f07c470d248f77b01e7e6639d64da7332c7c33372adc64c93ecf/
|
||
|
* https://bazaar.abuse.ch/sample/0894ae0db1e06e2b0b004f136839e674c2c791731e9377636717824429c18c07/
|
||
|
* https://bazaar.abuse.ch/sample/1aef48c4c7c38942127116de5ade42686d1afdc53e30b688cdc3534064c6b65b/
|
||
|
* https://bazaar.abuse.ch/sample/1bda290016ee1740d9c160c85818d1859ff39402b8c412da2499703d6b5a5ccf/
|
||
|
* https://bazaar.abuse.ch/sample/1c4153ad4f842d78c1bab7fcacbcd9ad37fbc9545b3f4b25ad6664343a805bbd/
|
||
|
* https://bazaar.abuse.ch/sample/1f2bbd9ff5938cc0c5288825a5b34e2929d78f10bcc3d45aead0662468f323e3/
|
||
|
* https://bazaar.abuse.ch/sample/2a6a175d59e4c5c69eb490f20296a26ea53d59eb6580b3b34dfa1d2c4f717e76/
|
||
|
* https://bazaar.abuse.ch/sample/2cf17ce6596c7cb056d789c6e28dbe107d9d08d88c7bfefd1633de968faf14d3/
|
||
|
* https://bazaar.abuse.ch/sample/2e9b8db393b9d57061144c9ca41a2780403b2083628cc630a0c627207d9d43be/
|
||
|
* https://bazaar.abuse.ch/sample/3a178349d762b6e0b164676fc67dc1658f7e3190bed841b0699f43213bca7b09/
|
||
|
* https://bazaar.abuse.ch/sample/4c192fc1dc7f635c130772d20f28ae4f5457cf1472b66a12f3dc25fec4c8113b/
|
||
|
* https://bazaar.abuse.ch/sample/5bb81080f639ca510cc98578787eb0bef0f6a2870b6b8b2df99de7038989a6f7/
|
||
|
* https://bazaar.abuse.ch/sample/5fd0d9691d08f197bf949ed36e93f38c9a45f15fa3b01aa3ed185a2b2b5efd10/
|
||
|
* https://bazaar.abuse.ch/sample/6ba2b980052249654de2ddbca0b93c6d805f941d38c22d4cd24719cd5c8db20c/
|
||
|
* https://bazaar.abuse.ch/sample/8aaeb0bb59074b222994ee47c4ea7980d6644618ba095c42431e926afdb65d63/
|
||
|
* https://bazaar.abuse.ch/sample/8bd97a0d17f61d747de38b520274c6afcb52cf89ce87a1818866428f1416ef1c/
|
||
|
* https://bazaar.abuse.ch/sample/8c5cbdaac87b6e807514d1d246d460033db7236aac37faa9aba280f356c69f55/
|
||
|
* https://bazaar.abuse.ch/sample/8ca049e0699925d3ea76cb769814c220c410f29eae2f862ddbb03361e5a92d73/
|
||
|
* https://bazaar.abuse.ch/sample/8e3c255747a5488359596df0c1398d56f206462477aedd67fe38892b745133fd/
|
||
|
* https://bazaar.abuse.ch/sample/14ac687895698a5fe4ab63cb51688dac89c8baa0d37c839446cc6680c8e0559e/
|
||
|
* https://bazaar.abuse.ch/sample/17bfeb7d3ce99be98b31104b4e05c406becc5c3c0d1995fd8cdece16e7d8531f/
|
||
|
* https://bazaar.abuse.ch/sample/26a26eb8f02e73198e75453ca06445d45da4a11914011d545c7da0964323043b/
|
||
|
* https://bazaar.abuse.ch/sample/30f20c1237b64eb70b8ad096e292c28457298e66ff0a9e415fecc420699a91d2/
|
||
|
* https://bazaar.abuse.ch/sample/31d61f0e8fd95c5d71954c86a35617a4449d0f872c1be00aa33ffc01518c4310/
|
||
|
* https://bazaar.abuse.ch/sample/37d8e1ce3b6e6488942717aa78cb54785edc985143bcc8d9ba9f42d73a3dbd7a/
|
||
|
* https://bazaar.abuse.ch/sample/37fa55afb02c5531fab0f8d25e920f395d0d29547e534eb5b7484a398bffcdd8/
|
||
|
* https://bazaar.abuse.ch/sample/58e46f4659f45eb94baa159364af5719a7e17532cffb36b71f9aa141587c0e0c/
|
||
|
* https://bazaar.abuse.ch/sample/75d8f694cc59aaf61da837b61782e3c1004ee310918f3fc3ee34ee1b7b0c0a9d/
|
||
|
* https://bazaar.abuse.ch/sample/76a59267c8c6b0e6878ad01204e5971c46726bcdb41bd74818b038baa597e027/
|
||
|
* https://bazaar.abuse.ch/sample/87d13b5f503ac06123332618c22f4b251c72d6d5637470e63fcc3579d5847402/
|
||
|
* https://bazaar.abuse.ch/sample/96b0f5deac71ac49ff7c41baf84f279dd918fbf16ed9283f7e9870dd29956085/
|
||
|
* https://bazaar.abuse.ch/sample/160ea3850bd5f084c27aeeebae4ae027419d9e16c0cfdfdd951ca4c7d4f64dd6/
|
||
|
* https://bazaar.abuse.ch/sample/181e67c814e8218ec07db83dfd59311c13c030251be59dbd2ff86894d69f3db9/
|
||
|
* https://bazaar.abuse.ch/sample/213f1a7ffcddc77de699e71a3f9b82d2e3acef690205910340d1f8ddaa8122c8/
|
||
|
* https://bazaar.abuse.ch/sample/402fdd8df4dc1754f97f89bcf2149f35c5ffead815e52c0984593853dabd386b/
|
||
|
* https://bazaar.abuse.ch/sample/522c5a9be86231dd7334cdf51ba06fe5221632491c99554fab559d36e0b76ab3/
|
||
|
* https://bazaar.abuse.ch/sample/639bc1470d85ef42ec4925cc4d57c0a69dd21b95418e0af074c9c5b40e74b896/
|
||
|
* https://bazaar.abuse.ch/sample/647c540fe4c9f3dc5a06c978ff0644905b07a53517e637f674a089f866a135d0/
|
||
|
* https://bazaar.abuse.ch/sample/919b0ee543568c289f20c4ce9690590a29b06ae53ffa5f12d24e6d260b6b8283/
|
||
|
* https://bazaar.abuse.ch/sample/976dcfaaa906b0dc269868800065f70022de6143dee1757c45ef71717b5abc1b/
|
||
|
* https://bazaar.abuse.ch/sample/983a83ac88309cc8bb1f79580a93ef851ec7e15e71de7b8f4ec70fe2226a6d04/
|
||
|
* https://bazaar.abuse.ch/sample/1139f4239fd43f2eb79f6858e5522a2df4d7b45f7103039c95f7fb49aae16291/
|
||
|
* https://bazaar.abuse.ch/sample/4617aa97b1b815d8a6f1ce8e7ff775bac357910e012878afd1aa03b276a55552/
|
||
|
* https://bazaar.abuse.ch/sample/70880d97546d4ea43c6722c56aad835f8955616b69bfe95edde62cbceb28c633/
|
||
|
* https://bazaar.abuse.ch/sample/72595c18a683069151fb1efa85766b12ee3519f1f89ddfd2338d19aac368b8c8/
|
||
|
* https://bazaar.abuse.ch/sample/74843cbdfdec7e87e60de7da9fe266857eda281ee701ad9171615b636f7ba7bd/
|
||
|
* https://bazaar.abuse.ch/sample/165859d183858a2e05fa45964cc145d6963604f3556f3e502ffac37fbcebcae6/
|
||
|
* https://bazaar.abuse.ch/sample/421388c575a028ab0f8c6566d28d2211d20dbd8f25120105ca97495335f19bf6/
|
||
|
* https://bazaar.abuse.ch/sample/6595059e1d6a17d771d090b4413a8a00d456f489f8d5858464f9f2435abcfa49/
|
||
|
* https://bazaar.abuse.ch/sample/6862125231ef2db31b6e1dfec7e447467001110552ca02d0c808ad7459e64cb4/
|
||
|
* https://bazaar.abuse.ch/sample/862436265855ac8c2d4c8517da3d7f7572c57ccb520f6f76c18348fcaa893503/
|
||
|
* https://bazaar.abuse.ch/sample/a4f2c25ec87ce23bc806750cbd27dc3eb051066ba0a8de8b80914257624cf498/
|
||
|
* https://bazaar.abuse.ch/sample/ab321f1e18f45789460ef7a7666b0f220848bf36c9a3cb7ae6ac1b9c7a1ad2e0/
|
||
|
* https://bazaar.abuse.ch/sample/acdd9b98ca5a8e10f5de4d660dbd2eb7d6970eb23211e9f7b1599c2d987ceacd/
|
||
|
* https://bazaar.abuse.ch/sample/ad1d95d819bb602db4f710db50ed5d2759138e6a8404176b125be5699a9f4dc6/
|
||
|
* https://bazaar.abuse.ch/sample/aec74de68b784abd0b40a123a06480e09c3f00cceb88245e766606ea8650eb4a/
|
||
|
* https://bazaar.abuse.ch/sample/afcbb1b51f1b0d501f332a18bebc6f34200ccbfd1ec8c9c88b8db5c09c6d28e7/
|
||
|
* https://bazaar.abuse.ch/sample/b60e40f3eae92cac6a2d803b06586b7fe63d30dcfa37858a5e0e7226307139fb/
|
||
|
* https://bazaar.abuse.ch/sample/b994c0775331cdfaeb9128c5857fc37d6d9882114d2bdcab712f5857ce423a98/
|
||
|
* https://bazaar.abuse.ch/sample/b60944be145708e5fbe0bf5f038a6dda5bb8bb2ef535520744b89b8f2e82b07c/
|
||
|
* https://bazaar.abuse.ch/sample/b394295b8a2a6f1841abf35b7550a1e68a13ffd0fecd213f5745f93f92f8257f/
|
||
|
* https://bazaar.abuse.ch/sample/bf1c2338a7c733a0ea4467606c4bbf5de0db86f615b01c71dbee049ed1037d14/
|
||
|
* https://bazaar.abuse.ch/sample/c0ef6cc74722f234a5d8176116dd0df60c32ce0a2ae7a7b88cf9dffd94f7f1a1/
|
||
|
* https://bazaar.abuse.ch/sample/c5f181c355f5c44bd83b1acfad4d363f3a3d88d719b5c76cbbc0d1c568bb68a0/
|
||
|
* https://bazaar.abuse.ch/sample/c9ff1a872a38e41598adff4d264706041b5d2ddda74ae6b2f79cadecde755ad5/
|
||
|
* https://bazaar.abuse.ch/sample/c46ba296e23895758e7bf5c515e10784e317c4754d53d3c308e0b71110b861ad/
|
||
|
* https://bazaar.abuse.ch/sample/caf073b1d85bc136488382be2c83c264ac64d2df279752341b1c4601c6201a41/
|
||
|
* https://bazaar.abuse.ch/sample/cf213465807430c9b1501acea9369f943eeefce36ba3b16a1c8d5ffe5ccbf0b9/
|
||
|
* https://bazaar.abuse.ch/sample/d0f77eb32066c49a1a819784c848168a05408c1fa2d5018ab73c9d8e9faec410/
|
||
|
* https://bazaar.abuse.ch/sample/d0463fb25850862038c09fd48cd298ead378c6b19c3d1fa64ce6dc6280946bfd/
|
||
|
* https://bazaar.abuse.ch/sample/d1c68d1d33e8dcbf7912941322f2f26112764fcd2f36e0383949ff2d12cd4ac0/
|
||
|
* https://bazaar.abuse.ch/sample/d2fa66ac3ab7f60620ef76f656fc7a15e08e3e103e613c350e52af6fcfda65d7/
|
||
|
* https://bazaar.abuse.ch/sample/d64fed810f0c1238834cecd496291b5595b5deace0fbb64735fdf16cfeb404f9/
|
||
|
* https://bazaar.abuse.ch/sample/d86628ed9c58fadce80cac836d949eb6dac45d1671a76d77ed4d39fe5db93bd8/
|
||
|
* https://bazaar.abuse.ch/sample/d96270f6bb0efd49003e83412063f8d86b98fa72093d37a3d5c641350d77b85a/
|
||
|
* https://bazaar.abuse.ch/sample/e2cd955271edb0b25c6acdff6cd35d4ef9e74a2b84e085c83156a9cf4b4f99f8/
|
||
|
* https://bazaar.abuse.ch/sample/ed553a74d32e2a80c9bb1e213fb3f6fca673add073d4c6539110039868283cd7/
|
||
|
* https://bazaar.abuse.ch/sample/ef45c55d9b3fd183f6c9b4e0359005fa6052fa4155de07129b839056b7cc26e9/
|
||
|
* https://bazaar.abuse.ch/sample/efb8d56cf609b46f7d63f1ddd589d09723213f258f5dd114da58730444b939b2/
|
||
|
* https://bazaar.abuse.ch/sample/f24cccaad9d51652c9b26d8e265ef12955c24af3d9032140324a92a6675469e6/
|
||
|
* https://bazaar.abuse.ch/sample/f64ef9de75ba297ed09efed49035c3035b4f5774da87cb74497302341d68054a/
|
||
|
* https://bazaar.abuse.ch/sample/f2262c45720c4dd3fa07e829c284650d9fc75de41f2d9edaddbe0fd5e66e802d/
|
||
|
* https://bazaar.abuse.ch/sample/ff4a09040a95516e54bc22554dbe82e7f280279ea38236b98f43afbd0c85719d/
|
||
|
* https://threatfox.abuse.ch
|
||
|
* https://tria.ge/210911-bxjynsagd4
|
||
|
* https://tria.ge/210930-vv5xxaabh9
|
||
|
* https://tria.ge/220114-tygttahbf3
|
||
|
* https://tria.ge/220126-f2ypvahabm
|
||
|
* https://tria.ge/220208-sjy9wahdeq
|
||
|
* https://tria.ge/220225-rjed2ahfck
|
||
|
* https://tria.ge/220310-gbrpaaeca2
|
||
|
* https://tria.ge/220321-3y44saacgl
|
||
|
* https://tria.ge/220721-2dg8vaafg4
|
||
|
|
||
|
## Literature
|
||
|
|
||
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||
|
|
||
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||
|
|
||
|
## License
|
||
|
|
||
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|