Mirrors/cyber_threat_intelligence
6
0
Fork 0
mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-28 09:53:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
35df3f655c
cyber_threat_intelligence/actors/AsyncRAT
History
Marc Ruef 35df3f655c Update October 2023
2023-10-16 15:34:26 +02:00
..
README.md Update October 2023 2023-10-16 15:34:26 +02:00

README.md

AsyncRAT - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as AsyncRAT. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor.asyncrat

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with AsyncRAT:

There are 11 more country items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of AsyncRAT.

ID IP address Hostname Campaign Confidence
1 1.14.103.49 - - High
2 1.117.82.177 - - High
3 2.56.56.88 nutir.top - High
4 2.56.56.122 notos.top - High
5 2.56.56.180 nuler.top - High
6 2.56.57.55 jenkins.fruttadelmondo.com - High
7 2.56.57.68 holder.imatee.com - High
8 2.56.57.210 lewischavez.arekliniken.com - High
9 2.56.57.226 maxwellweeks.arekliniken.com - High
10 2.56.59.167 - - High
11 2.56.59.189 - - High
12 2.56.59.219 - - High
13 2.56.62.12 master.vhost.com.tr - High
14 2.58.56.22 powered.by.rdp.sh - High
15 2.58.56.32 powered.by.rdp.sh - High
16 2.58.56.41 powered.by.rdp.sh - High
17 2.58.56.44 powered.by.rdp.sh - High
18 2.58.56.106 powered.by.rdp.sh - High
19 2.58.56.120 powered.by.rdp.sh - High
20 2.58.56.143 powered.by.rdp.sh - High
21 2.58.56.148 powered.by.rdp.sh - High
22 2.58.56.183 powered.by.rdp.sh - High
23 2.58.56.243 powered.by.rdp.sh - High
24 2.58.149.98 - - High
25 2.59.119.56 lumajobedis.site - High
26 2.59.119.66 webmafyasi.net - High
27 2.59.119.84 cukurovayasam.com - High
28 2.59.254.111 - - High
29 2.207.101.83 dslb-002-207-101-083.002.207.pools.vodafone-ip.de - High
30 2.224.144.191 2-224-144-191.ip170.fastwebnet.it - High
31 3.13.191.225 ec2-3-13-191-225.us-east-2.compute.amazonaws.com - Medium
32 3.19.130.43 ec2-3-19-130-43.us-east-2.compute.amazonaws.com - Medium
33 3.66.38.117 ec2-3-66-38-117.eu-central-1.compute.amazonaws.com - Medium
34 3.67.161.133 ec2-3-67-161-133.eu-central-1.compute.amazonaws.com - Medium
35 3.68.95.191 ec2-3-68-95-191.eu-central-1.compute.amazonaws.com - Medium
36 3.68.171.119 ec2-3-68-171-119.eu-central-1.compute.amazonaws.com - Medium
37 3.69.115.178 ec2-3-69-115-178.eu-central-1.compute.amazonaws.com - Medium
38 3.69.157.220 ec2-3-69-157-220.eu-central-1.compute.amazonaws.com - Medium
39 3.88.20.74 ec2-3-88-20-74.compute-1.amazonaws.com - Medium
40 3.124.67.191 ec2-3-124-67-191.eu-central-1.compute.amazonaws.com - Medium
41 3.125.115.192 ec2-3-125-115-192.eu-central-1.compute.amazonaws.com - Medium
42 3.126.37.18 ec2-3-126-37-18.eu-central-1.compute.amazonaws.com - Medium
43 3.127.59.75 ec2-3-127-59-75.eu-central-1.compute.amazonaws.com - Medium
44 3.127.138.57 ec2-3-127-138-57.eu-central-1.compute.amazonaws.com - Medium
45 3.128.29.88 ec2-3-128-29-88.us-east-2.compute.amazonaws.com - Medium
46 3.129.187.220 ec2-3-129-187-220.us-east-2.compute.amazonaws.com - Medium
47 3.131.190.22 ec2-3-131-190-22.us-east-2.compute.amazonaws.com - Medium
48 3.135.234.129 ec2-3-135-234-129.us-east-2.compute.amazonaws.com - Medium
49 3.136.65.236 ec2-3-136-65-236.us-east-2.compute.amazonaws.com - Medium
50 3.138.45.170 ec2-3-138-45-170.us-east-2.compute.amazonaws.com - Medium
51 3.138.180.119 ec2-3-138-180-119.us-east-2.compute.amazonaws.com - Medium
52 3.138.228.94 ec2-3-138-228-94.us-east-2.compute.amazonaws.com - Medium
53 3.141.142.211 ec2-3-141-142-211.us-east-2.compute.amazonaws.com - Medium
54 3.141.210.37 ec2-3-141-210-37.us-east-2.compute.amazonaws.com - Medium
55 3.142.81.166 ec2-3-142-81-166.us-east-2.compute.amazonaws.com - Medium
56 3.142.129.56 ec2-3-142-129-56.us-east-2.compute.amazonaws.com - Medium
57 3.142.167.4 ec2-3-142-167-4.us-east-2.compute.amazonaws.com - Medium
58 3.142.167.54 ec2-3-142-167-54.us-east-2.compute.amazonaws.com - Medium
59 3.144.124.4 ec2-3-144-124-4.us-east-2.compute.amazonaws.com - Medium
60 3.219.26.62 ec2-3-219-26-62.compute-1.amazonaws.com - Medium
61 3.237.100.172 ec2-3-237-100-172.compute-1.amazonaws.com - Medium
62 4.151.131.10 - - High
63 4.212.242.253 - - High
64 4.227.187.147 - - High
65 4.229.235.23 - - High
66 4.231.233.180 - - High
67 5.39.15.167 - - High
68 5.68.138.73 05448a49.skybroadband.com - High
69 5.68.199.16 0544c710.skybroadband.com - High
70 5.78.65.18 static.18.65.78.5.clients.your-server.de - High
71 5.104.84.227 vmi1442638.contaboserver.net - High
72 5.152.206.196 h5-152-206-196.host.redstation.co.uk - High
73 5.161.76.198 static.198.76.161.5.clients.your-server.de - High
74 5.161.115.90 static.90.115.161.5.clients.your-server.de - High
75 5.161.139.136 static.136.139.161.5.clients.your-server.de - High
76 5.161.192.28 static.28.192.161.5.clients.your-server.de - High
77 5.180.104.172 protection.sdflare.com - High
78 5.180.107.130 ip.serverscity.net - High
79 5.181.80.120 alarmedbook.de - High
80 5.181.234.149 - - High
81 5.188.51.32 vps.43284172.llhost-inc.eu - High
82 5.188.86.237 - - High
83 5.196.35.57 ip57.ip-5-196-35.eu - High
84 5.196.102.93 ip93.ip-5-196-102.eu - High
85 5.196.174.49 - - High
86 5.224.222.63 5-224-222-63.red-acceso.airtel.net - High
87 5.224.222.214 5-224-222-214.red-acceso.airtel.net - High
88 5.230.68.234 placeholder.noezserver.de - High
89 5.230.69.11 placeholder.noezserver.de - High
90 5.230.70.13 placeholder.noezserver.de - High
91 5.230.70.106 placeholder.noezserver.de - High
92 5.230.72.132 placeholder.noezserver.de - High
93 5.230.84.50 - - High
94 5.249.165.85 vps-zap756760-2.zap-srv.com - High
95 5.252.165.130 - - High
96 6.6.54.46 - - High
97 8.8.8.8 dns.google - High
98 8.39.147.42 jinis.co.uk - High
99 8.210.121.56 - - High
100 10.0.10.128 - - High
101 13.36.178.139 ec2-13-36-178-139.eu-west-3.compute.amazonaws.com - Medium
102 13.59.15.185 ec2-13-59-15-185.us-east-2.compute.amazonaws.com - Medium
103 13.66.153.98 - - High
104 13.68.249.188 - - High
105 13.72.68.255 - - High
106 13.72.107.36 - - High
107 13.76.94.179 - - High
108 13.77.164.68 - - High
109 13.77.222.211 - - High
110 13.81.84.141 - - High
111 13.82.134.169 - - High
112 13.233.168.154 ec2-13-233-168-154.ap-south-1.compute.amazonaws.com - Medium
113 13.235.23.234 ec2-13-235-23-234.ap-south-1.compute.amazonaws.com - Medium
114 13.235.76.244 ec2-13-235-76-244.ap-south-1.compute.amazonaws.com - Medium
115 14.5.119.153 - - High
116 14.17.115.109 - - High
117 14.173.70.169 static.vnpt.vn - High
118 14.186.155.171 static.vnpt.vn - High
119 14.191.50.101 static.vnpt.vn - High
120 15.165.236.45 ec2-15-165-236-45.ap-northeast-2.compute.amazonaws.com - Medium
121 15.204.170.1 ip1.ip-15-204-170.us - High
122 15.235.10.108 ns5008350.ip-15-235-10.net - High
123 15.235.13.122 ns5009176.ip-15-235-13.net - High
124 15.235.130.74 ip74.ip-15-235-130.net - High
125 18.133.124.202 ec2-18-133-124-202.eu-west-2.compute.amazonaws.com - Medium
126 18.139.9.214 ec2-18-139-9-214.ap-southeast-1.compute.amazonaws.com - Medium
127 18.141.129.246 ec2-18-141-129-246.ap-southeast-1.compute.amazonaws.com - Medium
128 18.156.13.209 ec2-18-156-13-209.eu-central-1.compute.amazonaws.com - Medium
129 18.157.68.73 ec2-18-157-68-73.eu-central-1.compute.amazonaws.com - Medium
130 18.158.249.75 ec2-18-158-249-75.eu-central-1.compute.amazonaws.com - Medium
131 18.188.14.8 ec2-18-188-14-8.us-east-2.compute.amazonaws.com - Medium
132 18.192.31.165 ec2-18-192-31-165.eu-central-1.compute.amazonaws.com - Medium
133 18.192.93.86 ec2-18-192-93-86.eu-central-1.compute.amazonaws.com - Medium
134 18.195.138.26 ec2-18-195-138-26.eu-central-1.compute.amazonaws.com - Medium
135 18.197.239.5 ec2-18-197-239-5.eu-central-1.compute.amazonaws.com - Medium
136 18.197.239.109 ec2-18-197-239-109.eu-central-1.compute.amazonaws.com - Medium
137 18.207.218.15 ec2-18-207-218-15.compute-1.amazonaws.com - Medium
138 18.212.29.200 ec2-18-212-29-200.compute-1.amazonaws.com - Medium
139 18.222.33.57 ec2-18-222-33-57.us-east-2.compute.amazonaws.com - Medium
140 18.222.208.120 ec2-18-222-208-120.us-east-2.compute.amazonaws.com - Medium
141 18.223.28.97 ec2-18-223-28-97.us-east-2.compute.amazonaws.com - Medium
142 20.4.6.16 - - High
143 20.8.122.174 - - High
144 20.12.204.46 - - High
145 20.16.8.148 - - High
146 20.25.94.83 - - High
147 20.36.21.13 - - High
148 20.42.114.46 - - High
149 20.52.33.123 - - High
150 20.52.138.14 - - High
151 20.52.139.127 - - High
152 20.52.142.130 - - High
153 20.52.151.53 - - High
154 20.52.178.148 - - High
155 20.54.113.5 - - High
156 20.62.3.66 - - High
157 20.67.243.141 - - High
158 20.68.110.75 - - High
159 20.69.124.187 - - High
160 20.69.152.28 - - High
161 20.77.254.176 - - High
162 20.83.245.27 - - High
163 20.84.181.62 - - High
164 20.86.25.230 - - High
165 20.86.129.162 - - High
166 20.98.96.97 - - High
167 20.98.113.24 - - High
168 20.98.203.218 - - High
169 20.100.196.69 - - High
170 20.106.79.151 - - High
171 20.107.115.162 - - High
172 20.108.44.45 - - High
173 20.111.19.215 - - High
174 20.111.34.199 - - High
175 20.111.63.231 - - High
176 20.112.14.182 - - High
177 20.113.159.145 - - High
178 20.114.139.208 - - High
179 20.115.143.128 - - High
180 20.117.208.193 - - High
181 20.123.180.103 - - High
182 20.124.90.72 - - High
183 20.125.118.35 - - High
184 20.125.122.98 - - High
185 20.127.4.172 - - High
186 20.150.193.28 - - High
187 20.151.221.59 - - High
188 20.166.62.124 - - High
189 20.169.37.196 - - High
190 20.169.104.228 - - High
191 20.171.107.243 - - High
192 20.172.137.101 - - High
193 20.172.182.62 - - High
194 20.184.2.45 - - High
195 20.188.60.159 - - High
196 20.197.177.229 - - High
197 20.197.196.201 - - High
198 20.197.226.40 - - High
199 20.199.101.68 - - High
200 20.199.112.16 - - High
201 20.199.120.149 - - High
202 20.199.121.197 - - High
203 20.200.63.2 - - High
204 20.203.178.116 - - High
205 20.211.5.151 - - High
206 20.212.19.59 - - High
207 20.224.56.152 - - High
208 20.224.162.224 - - High
209 20.226.0.95 - - High
210 20.226.101.17 - - High
211 20.226.120.127 - - High
212 20.238.78.172 - - High
213 20.240.61.211 - - High
214 23.92.209.138 - - High
215 23.94.82.24 23-94-82-24-host.colocrossing.com - High
216 23.94.159.212 23-94-159-212-host.colocrossing.com - High
217 23.94.236.147 23-94-236-147-host.colocrossing.com - High
218 23.95.13.157 23-95-13-157-host.colocrossing.com - High
219 23.95.13.189 23-95-13-189-host.colocrossing.com - High
220 23.95.44.214 23-95-44-214-host.colocrossing.com - High
221 23.95.115.74 rawss.futurce.org.uk - High
222 23.101.143.72 - - High
223 23.101.213.237 - - High
224 23.102.1.5 - - High
225 23.102.122.72 - - High
226 23.102.129.234 - - High
227 23.105.131.169 mail169.nessfist.com - High
228 23.105.131.196 mail196.nessfist.com - High
229 23.105.131.201 mail201.nessfist.com - High
230 23.105.131.207 mail207.nessfist.com - High
231 23.105.131.209 mail209.nessfist.com - High
232 23.105.131.212 mail212.nessfist.com - High
233 23.105.131.236 mail236.nessfist.com - High
234 23.105.131.239 mail239.nessfist.com - High
235 23.106.223.244 - - High
236 23.129.232.160 - - High
237 23.146.242.100 - - High
238 23.226.77.22 we.love.servers.at.ioflood.net - High
239 23.229.67.133 gallerymethodwakebottom.as - High
240 23.237.25.246 - - High
241 23.238.217.173 orja4.teki.notredamians.org - High
242 23.254.130.126 hwsrv-1069616.hostwindsdns.com - High
243 23.254.161.249 hwsrv-889930.hostwindsdns.com - High
244 23.254.225.164 hwsrv-1067632.hostwindsdns.com - High
245 23.254.227.121 hwsrv-1063912.hostwindsdns.com - High
246 23.254.231.83 hwsrv-1070248.hostwindsdns.com - High
247 24.254.43.171 ip24-254-43-171.br.br.cox.net - High
248 27.124.4.139 - - High
249 27.124.12.12 - - High
250 27.254.163.62 static-27-254-163-62.bangmod.cloud - High
251 31.17.132.37 ip1f118425.dynamic.kabel-deutschland.de - High
252 31.41.244.135 - - High
253 31.41.244.235 - - High
254 31.150.163.112 dyndsl-031-150-163-112.ewe-ip-backbone.de - High
255 31.170.22.28 - - High
256 31.192.236.139 winupdate02.pserver.ru - High
257 31.210.20.79 - - High
258 31.210.20.167 - - High
259 31.210.20.192 - - High
260 31.210.21.188 linir.top - High
261 31.223.35.146 146.35.223.31.srv.turk.net - High
262 34.69.119.138 138.119.69.34.bc.googleusercontent.com - Medium
263 34.71.81.158 158.81.71.34.bc.googleusercontent.com - Medium
264 34.91.242.34 34.242.91.34.bc.googleusercontent.com - Medium
265 34.125.144.45 45.144.125.34.bc.googleusercontent.com - Medium
266 34.140.211.85 85.211.140.34.bc.googleusercontent.com - Medium
267 34.223.60.188 ec2-34-223-60-188.us-west-2.compute.amazonaws.com - Medium
268 35.177.119.94 ec2-35-177-119-94.eu-west-2.compute.amazonaws.com - Medium
269 35.239.113.160 160.113.239.35.bc.googleusercontent.com - Medium
270 36.255.96.200 - - High
271 37.0.8.17 stokes.springtimemartialarts.com - High
272 37.0.8.20 jacksonirwin.springtimemartialarts.com - High
273 37.0.8.67 willis.capitolreservations.com - High
274 37.0.8.93 shawtran.capitolreservations.com - High
275 37.0.8.191 frederick.athinneru.com - High
276 37.0.10.214 - - High
277 37.0.11.45 - - High
278 37.0.11.246 - - High
279 37.0.14.196 - - High
280 37.0.14.197 - - High
281 37.0.14.198 - - High
282 37.0.14.203 - - High
283 37.0.14.204 - - High
284 37.8.111.210 - - High
285 37.19.210.29 unn-37-19-210-29.datapacket.com - High
286 37.49.230.185 - - High
287 37.75.98.113 host-static-37-75-98-113.moldtelecom.md - High
288 37.120.208.36 - - High
289 37.120.208.37 - - High
290 37.120.210.219 - - High
291 37.120.212.235 - - High
292 37.120.217.243 - - High
293 37.120.247.24 - - High
294 37.196.152.120 m37-196-152-120.cust.tele2.se - High
295 37.221.121.20 chvt-mail-129.stashkeen.com - High
296 37.221.122.76 server.modernizmir.net - High
297 37.249.78.26 apn-37-249-78-26.dynamic.gprs.plus.pl - High
298 38.6.189.150 - - High
299 38.17.51.104 - - High
300 38.46.13.242 - - High
301 38.47.205.151 - - High
302 38.55.205.246 - - High
303 38.105.209.167 vmi737189.contaboserver.net - High
304 38.130.221.190 38.130.221.190.hosted.at.cloudsouth.com - High
305 38.132.99.156 - - High
306 38.132.124.138 - - High
307 38.242.242.149 vmi1313701.contaboserver.net - High
308 40.74.229.0 - - High
309 40.75.8.74 - - High
310 40.90.168.244 - - High
311 40.90.210.21 - - High
312 40.113.56.160 - - High
313 40.113.131.31 - - High
314 40.118.53.192 - - High
315 40.122.131.23 - - High
316 41.72.146.10 - - High
317 41.141.211.80 - - High
318 41.216.183.61 - - High
319 41.216.183.175 - - High
320 41.250.187.176 - - High
321 41.251.4.158 - - High
322 41.251.51.168 - - High
323 42.51.40.184 - - High
324 42.192.139.42 - - High
325 43.137.15.104 - - High
326 43.138.142.86 - - High
327 43.138.160.55 - - High
328 43.139.124.22 - - High
329 43.140.202.229 - - High
330 43.142.15.215 - - High
331 43.143.12.71 - - High
332 43.143.249.228 - - High
333 43.152.225.81 - - High
334 43.154.97.109 - - High
335 43.226.49.147 - - High
336 43.249.8.248 - - High
337 43.249.8.250 - - High
338 43.249.30.55 - - High
339 44.192.67.149 ec2-44-192-67-149.compute-1.amazonaws.com - Medium
340 45.12.253.31 - - High
341 45.12.253.58 - - High
342 45.12.253.77 - - High
343 45.12.253.107 - - High
344 45.12.253.146 - - High
345 45.14.185.127 127.185.14.45.servereasy.it - High
346 45.14.224.94 web117.excw.nl - High
347 45.15.143.183 - - High
348 45.15.143.191 - - High
349 45.15.143.199 - - High
350 45.32.48.250 45.32.48.250.vultrusercontent.com - High
351 45.32.99.249 45.32.99.249.vultrusercontent.com - High
352 45.32.211.35 45.32.211.35.vultrusercontent.com - High
353 45.35.158.173 unassigned.psychz.net - High
354 45.58.190.125 - - High
355 45.63.42.221 45.63.42.221.vultrusercontent.com - High
356 45.66.230.191 - - High
357 45.66.248.114 - - High
358 45.74.0.212 - - High
359 45.74.4.244 - - High
360 45.74.38.17 - - High
361 45.76.50.199 45.76.50.199.vultrusercontent.com - High
362 45.76.56.26 45.76.56.26.vultrusercontent.com - High
363 45.76.219.163 45.76.219.163.vultrusercontent.com - High
364 45.77.101.153 45.77.101.153.vultrusercontent.com - High
365 45.77.142.82 45.77.142.82.vultrusercontent.com - High
366 45.80.29.139 hostifox.com.tr - High
367 45.80.158.57 - - High
368 45.80.158.65 - - High
369 45.80.158.108 - - High
370 45.80.158.113 - - High
371 45.80.158.114 - - High
372 45.80.158.116 - - High
373 45.80.158.127 - - High
374 45.80.158.160 - - High
375 45.80.158.237 - - High
376 45.81.243.217 - - High
377 45.88.67.9 - - High
378 45.88.67.12 - - High
379 45.88.79.224 free.example.com - High
380 45.91.92.112 - - High
381 45.92.1.24 - - High
382 45.92.1.59 - - High
383 45.92.1.71 - - High
384 45.95.168.110 news.maxko.hr - High
385 45.95.168.116 maxko-hosting.com - High
386 45.95.168.166 - - High
387 45.95.169.112 xdhmhs.com - High
388 45.119.84.166 - - High
389 45.125.48.112 - - High
390 45.131.1.70 ip.serverscity.net - High
391 45.132.1.226 - - High
392 45.133.1.47 - - High
393 45.133.1.152 - - High
394 45.133.174.122 - - High
395 45.134.140.152 unn-45-134-140-152.datapacket.com - High
396 45.134.142.193 unn-45-134-142-193.datapacket.com - High
397 45.134.142.211 unn-45-134-142-211.datapacket.com - High
398 45.136.4.99 host-45.136.4.99.saga.net.tr - High
399 45.136.4.101 host-45.136.4.101.saga.net.tr - High
400 45.136.6.79 - - High
401 45.137.20.108 45-137-20-108.hosted-by-worldstream.net - High
402 45.137.22.41 hosted-by.rootlayer.net - High
403 45.137.22.60 hosted-by.rootlayer.net - High
404 45.137.22.70 hosted-by.rootlayer.net - High
405 45.137.22.111 hosted-by.rootlayer.net - High
406 45.137.22.115 hosted-by.rootlayer.net - High
407 45.137.22.182 hosted-by.rootlayer.net - High
408 45.137.65.94 vm4587335.43ssd.had.wf - High
409 45.138.16.39 - - High
410 45.138.16.48 - - High
411 ... ... ... ...

There are 1642 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by AsyncRAT. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1006 CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-35 Pathname Traversal High
2 T1055 CWE-74 Injection High
3 T1059 CWE-94, CWE-1321 Cross Site Scripting High
4 T1059.007 CWE-79, CWE-80 Cross Site Scripting High
5 T1068 CWE-250, CWE-264, CWE-266, CWE-269, CWE-284 J2EE Misconfiguration: Weak Access Permissions for EJB Methods High
6 T1078.001 CWE-259 Use of Hard-coded Password High
7 ... ... ... ...

There are 22 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by AsyncRAT. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File /academy/home/courses High
2 File /academy/tutor/filter High
3 File /admin/adclass.php High
4 File /ajax-files/followBoard.php High
5 File /api/baskets/{name} High
6 File /api/cron/settings/setJob/ High
7 File /authenticationendpoint/login.do High
8 File /cgi-bin/wlogin.cgi High
9 File /cgi.cgi Medium
10 File /collection/all High
11 File /Content/Template/root/reverse-shell.aspx High
12 File /ctcprotocol/Protocol High
13 File /dashboard/add-blog.php High
14 File /debug/pprof Medium
15 File /DXR.axd Medium
16 File /emap/devicePoint_addImgIco?hasSubsystem=true High
17 File /files/ Low
18 File /forum/away.php High
19 File /goform/net\_Web\_get_value High
20 File /GponForm/usb_restore_Form?script/ High
21 File /gracemedia-media-player/templates/files/ajax_controller.php High
22 File /group1/uploa High
23 File /h/autoSaveDraft High
24 File /hrm/controller/employee.php High
25 File /hrm/employeeview.php High
26 File /importexport.php High
27 File /index.php?p=admin/actions/users/send-password-reset-email High
28 File /index.php?page=member High
29 File /jurusanmatkul/data High
30 File /log/decodmail.php High
31 File /login.php?do=login High
32 File /mc Low
33 File /modules/projects/vw_files.php High
34 File /public/login.htm High
35 File /QueryView.php High
36 File /roomtype-details.php High
37 File /scripts/unlock_tasks.php High
38 File /squashfs-root/etc_ro/custom.conf High
39 File /staff/bookdetails.php High
40 File /student/bookdetails.php High
41 File /SysManage/AddUpdateRole.aspx High
42 File /SysManage/AddUpdateSites.aspx High
43 File /sysmanage/changelogo.php High
44 File /system/user/modules/mod_users/controller.php High
45 File /uncpath/ Medium
46 ... ... ...

There are 397 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the actor and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!