.. | ||
README.md |
Ukraine Unknown - Cyber Threat Intelligence
These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Ukraine Unknown. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.
Live data and more analysis capabilities are available at https://vuldb.com/?actor.ukraine_unknown
Countries
These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Ukraine Unknown:
There are 22 more country items available. Please use our online service to access the data.
IOC - Indicator of Compromise
These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Ukraine Unknown.
ID | IP address | Hostname | Campaign | Confidence |
---|---|---|---|---|
1 | 2.56.108.0 | vmta2.gcwsm0.imagirize.com | - | High |
2 | 2.56.136.0 | - | - | High |
3 | 2.57.39.0 | - | - | High |
4 | 2.57.112.0 | - | - | High |
5 | 2.57.150.0 | - | - | High |
6 | 2.57.204.0 | - | - | High |
7 | 2.58.204.0 | - | - | High |
8 | 2.59.220.0 | - | - | High |
9 | 5.1.0.0 | - | - | High |
10 | 5.8.32.0 | subnet.gcore.lu | - | High |
11 | 5.8.34.0 | subnet.gcore.lu | - | High |
12 | 5.22.156.0 | - | - | High |
13 | 5.34.176.0 | subnet.ipv4.layer6.net | - | High |
14 | 5.53.112.0 | - | - | High |
15 | 5.56.24.0 | - | - | High |
16 | 5.57.64.0 | - | - | High |
17 | 5.58.0.0 | - | - | High |
18 | 5.59.38.0 | - | - | High |
19 | 5.59.54.0 | - | - | High |
20 | 5.59.104.0 | - | - | High |
21 | 5.62.61.196 | r-196-61-62-5.consumer-pool.prcdn.net | - | High |
22 | 5.62.63.184 | r-184-63-62-5.consumer-pool.prcdn.net | - | High |
23 | 5.83.16.0 | 5.83.16.0.best.net.ua | - | High |
24 | 5.101.208.0 | - | - | High |
25 | 5.102.36.0 | - | - | High |
26 | 5.104.32.0 | - | - | High |
27 | 5.105.0.0 | - | - | High |
28 | 5.132.148.0 | - | - | High |
29 | 5.149.120.0 | 5.149.120.0.mirohost.net | - | High |
30 | 5.149.208.0 | - | - | High |
31 | 5.153.128.0 | - | - | High |
32 | 5.153.160.0 | - | - | High |
33 | 5.153.168.0 | - | - | High |
34 | 5.153.176.0 | 0.176.isphost.donbass.com | - | High |
35 | 5.175.150.128 | - | - | High |
36 | 5.180.100.0 | - | - | High |
37 | 5.180.128.0 | - | - | High |
38 | 5.181.84.0 | - | - | High |
39 | 5.181.196.0 | - | - | High |
40 | 5.181.248.0 | - | - | High |
41 | 5.182.96.0 | - | - | High |
42 | 5.183.64.0 | - | - | High |
43 | 5.183.200.0 | net-200-0-63.bg.net.ua | - | High |
44 | 5.188.61.0 | - | - | High |
45 | 5.188.136.0 | - | - | High |
46 | 5.188.144.0 | - | - | High |
47 | 5.199.232.0 | - | - | High |
48 | 5.207.0.0 | - | - | High |
49 | 5.248.0.0 | 5-248-0-0.broadband.kyivstar.net | - | High |
50 | 5.252.180.0 | - | - | High |
51 | 5.255.32.0 | ppp-5-255-32-0.wildpark.net | - | High |
52 | 5.255.160.0 | 5-255-160-0-kh.maxnet.ua | - | High |
53 | 8.42.51.0 | - | - | High |
54 | 31.3.24.0 | - | - | High |
55 | 31.3.192.0 | - | - | High |
56 | 31.6.8.0 | - | - | High |
57 | 31.6.96.0 | - | - | High |
58 | 31.12.128.0 | 31-12-128-0.vf-ua.net | - | High |
59 | 31.24.208.0 | - | - | High |
60 | 31.28.1.128 | - | - | High |
61 | 31.28.160.0 | - | - | High |
62 | 31.28.224.0 | - | - | High |
63 | 31.31.96.0 | subnet96-0-24.tenet.odessa.ua | - | High |
64 | 31.40.16.0 | - | - | High |
65 | 31.40.104.0 | 0.104.40.31.ukrtelebud.com.ua | - | High |
66 | 31.40.128.70 | - | - | High |
67 | 31.41.48.0 | - | - | High |
68 | 31.41.64.0 | 0.64.41.31.clients.uainet.net | - | High |
69 | 31.41.88.0 | 0-88-41-31.users.novi.uz.ua | - | High |
70 | 31.41.104.0 | - | - | High |
71 | 31.41.112.0 | - | - | High |
72 | 31.41.128.0 | - | - | High |
73 | 31.41.216.0 | - | - | High |
74 | 31.42.48.0 | - | - | High |
75 | 31.42.64.0 | - | - | High |
76 | 31.42.112.0 | - | - | High |
77 | 31.42.160.0 | - | - | High |
78 | 31.43.0.0 | net.dks.com.ua | - | High |
79 | 31.43.128.0 | net-31.43.128.0.corbina.com.ua | - | High |
80 | 31.43.224.0 | - | - | High |
81 | 31.44.188.0 | - | - | High |
82 | 31.44.190.0 | - | - | High |
83 | 31.128.64.0 | - | - | High |
84 | 31.128.160.0 | - | - | High |
85 | 31.128.224.0 | - | - | High |
86 | 31.129.64.0 | - | - | High |
87 | 31.129.160.0 | - | - | High |
88 | 31.129.224.0 | - | - | High |
89 | 31.131.16.0 | - | - | High |
90 | 31.131.32.0 | - | - | High |
91 | 31.131.96.0 | - | - | High |
92 | 31.131.128.0 | - | - | High |
93 | 31.133.48.0 | - | - | High |
94 | 31.133.64.0 | pool-31-133-64-0.optima-east.net | - | High |
95 | 31.133.96.0 | - | - | High |
96 | 31.134.64.0 | - | - | High |
97 | 31.134.104.0 | ip-31-134-104-0.dss-group.net | - | High |
98 | 31.134.112.0 | - | - | High |
99 | 31.134.208.0 | - | - | High |
100 | 31.135.96.0 | - | - | High |
101 | 31.135.128.0 | - | - | High |
102 | 31.135.176.0 | - | - | High |
103 | 31.144.0.0 | 31.144-0-0.staticip.vf-ua.net | - | High |
104 | 31.148.20.0 | - | - | High |
105 | 31.148.20.16 | - | - | High |
106 | 31.148.20.24 | - | - | High |
107 | 31.148.20.28 | - | - | High |
108 | 31.148.20.30 | - | - | High |
109 | 31.148.20.32 | - | - | High |
110 | 31.148.20.64 | - | - | High |
111 | 31.148.20.128 | - | - | High |
112 | 31.148.23.0 | - | - | High |
113 | 31.148.25.0 | - | - | High |
114 | 31.148.28.0 | - | - | High |
115 | 31.148.51.0 | - | - | High |
116 | 31.148.52.0 | - | - | High |
117 | 31.148.56.0 | - | - | High |
118 | 31.148.134.0 | pppoe-31-148-134-0.customer.ternet.com.ua | - | High |
119 | 31.148.168.0 | - | - | High |
120 | 31.148.171.0 | - | - | High |
121 | 31.148.175.0 | - | - | High |
122 | 31.148.176.0 | - | - | High |
123 | 31.148.206.0 | - | - | High |
124 | 31.148.218.0 | - | - | High |
125 | 31.148.221.0 | - | - | High |
126 | 31.148.245.0 | - | - | High |
127 | 31.148.252.0 | - | - | High |
128 | 31.170.128.0 | - | - | High |
129 | 31.172.136.0 | - | - | High |
130 | 31.193.80.0 | - | - | High |
131 | 31.202.0.0 | - | - | High |
132 | 31.223.224.0 | obolon3-vl823-unicast.voks.ua | - | High |
133 | 34.99.194.0 | 0.194.99.34.bc.googleusercontent.com | - | Medium |
134 | 34.103.138.0 | 0.138.103.34.bc.googleusercontent.com | - | Medium |
135 | 34.103.210.0 | 0.210.103.34.bc.googleusercontent.com | - | Medium |
136 | 37.17.240.0 | - | - | High |
137 | 37.19.128.0 | - | - | High |
138 | 37.25.32.1 | - | - | High |
139 | 37.25.32.2 | - | - | High |
140 | 37.25.32.4 | - | - | High |
141 | 37.25.32.8 | - | - | High |
142 | 37.25.32.16 | - | - | High |
143 | 37.25.32.32 | - | - | High |
144 | 37.25.32.64 | - | - | High |
145 | 37.25.32.128 | - | - | High |
146 | 37.25.33.0 | - | - | High |
147 | 37.25.34.0 | - | - | High |
148 | 37.25.36.0 | - | - | High |
149 | 37.25.96.0 | ppp-37-25-96-0.wildpark.net | - | High |
150 | 37.44.232.0 | 37-44-232-0.arx.com.ua | - | High |
151 | 37.46.216.0 | - | - | High |
152 | 37.46.224.0 | 0.224.46.37.triolan.net | - | High |
153 | 37.52.0.0 | 0-0-52-37.pool.ukrtel.net | - | High |
154 | 37.57.0.0 | 0.0.57.37.triolan.net | - | High |
155 | 37.72.40.0 | dynamicip.pppoe.37.72.40.0.vntp.net | - | High |
156 | 37.73.0.0 | - | - | High |
157 | 37.75.216.0 | - | - | High |
158 | 37.115.0.0 | 37-115-0-0.broadband.kyivstar.net | - | High |
159 | 37.139.96.0 | - | - | High |
160 | 37.139.160.0 | 37-139-160-0.dynamic-pool.mclaut.net | - | High |
161 | 37.143.88.0 | - | - | High |
162 | 37.143.132.0 | - | - | High |
163 | 37.203.0.0 | subnet-0-24.tenet.odessa.ua | - | High |
164 | 37.221.128.0 | - | - | High |
165 | 37.229.0.0 | 37-229-0-0.broadband.kyivstar.net | - | High |
166 | 37.230.163.3 | 37.230.163.3.leadertelecom.ru | - | High |
167 | 45.9.28.0 | - | - | High |
168 | 45.9.40.0 | - | - | High |
169 | 45.9.236.0 | 45.9.236.0.deltahost-ptr | - | High |
170 | 45.10.32.0 | - | - | High |
171 | 45.10.88.0 | - | - | High |
172 | 45.11.56.0 | dedicated.vsys.host | - | High |
173 | 45.12.0.0 | dedicated.vsys.host | - | High |
174 | 45.12.24.0 | - | - | High |
175 | 45.12.70.231 | scotticism.globalhilive.com | - | High |
176 | 45.12.71.231 | - | - | High |
177 | 45.13.188.0 | - | - | High |
178 | 45.14.24.0 | - | - | High |
179 | 45.14.108.0 | - | - | High |
180 | 45.15.232.0 | - | - | High |
181 | 45.66.55.0 | - | - | High |
182 | 45.67.20.0 | - | - | High |
183 | 45.67.120.0 | - | - | High |
184 | 45.67.215.0 | - | - | High |
185 | 45.80.108.0 | - | - | High |
186 | 45.81.112.0 | - | - | High |
187 | 45.82.8.0 | 0.8.82.45.ukrtelebud.com.ua | - | High |
188 | 45.82.84.0 | 45.82.84.0.deltahost-ptr | - | High |
189 | 45.83.0.0 | - | - | High |
190 | 45.83.176.0 | - | - | High |
191 | 45.84.0.116 | n5336.md | - | High |
192 | 45.84.92.0 | 0.92.84.45.unknown.m-x.net.ua | - | High |
193 | 45.84.148.0 | - | - | High |
194 | 45.85.36.0 | - | - | High |
195 | 45.87.88.0 | - | - | High |
196 | 45.88.136.0 | - | - | High |
197 | 45.88.159.0 | - | - | High |
198 | 45.89.88.0 | - | - | High |
199 | 45.90.176.0 | - | - | High |
200 | 45.91.128.0 | - | - | High |
201 | 45.91.168.0 | - | - | High |
202 | 45.91.216.0 | - | - | High |
203 | 45.94.92.0 | - | - | High |
204 | 45.94.156.0 | - | - | High |
205 | 45.94.168.0 | - | - | High |
206 | 45.95.164.0 | 45-95-164-0.dynamic-pool.mclaut.net | - | High |
207 | 45.95.188.0 | - | - | High |
208 | 45.128.148.0 | subnet.isplevel.name | - | High |
209 | 45.128.188.0 | - | - | High |
210 | 45.129.72.0 | - | - | High |
211 | 45.130.0.0 | 45-130-0-0.broadband.tenet.odessa.ua | - | High |
212 | 45.130.244.0 | - | - | High |
213 | 45.131.164.0 | - | - | High |
214 | 45.132.92.0 | - | - | High |
215 | 45.132.180.0 | - | - | High |
216 | 45.133.41.0 | - | - | High |
217 | 45.135.0.0 | - | - | High |
218 | 45.138.180.0 | - | - | High |
219 | 45.140.44.0 | - | - | High |
220 | 45.140.80.0 | - | - | High |
221 | 45.140.108.0 | - | - | High |
222 | 45.140.120.0 | 45-140-120-0.broadband.tenet.odessa.ua | - | High |
223 | 45.140.146.17 | vm545760.stark-industries.solutions | - | High |
224 | 45.142.88.0 | - | - | High |
225 | 45.143.48.0 | 45-143-48-0.dynamic-pool.mclaut.net | - | High |
226 | 45.144.212.0 | - | - | High |
227 | 45.146.116.0 | - | - | High |
228 | 45.146.170.0 | - | - | High |
229 | 45.147.140.0 | - | - | High |
230 | 45.148.148.0 | - | - | High |
231 | 45.148.152.0 | - | - | High |
232 | 45.148.228.0 | - | - | High |
233 | 45.149.24.0 | - | - | High |
234 | 45.149.133.0 | - | - | High |
235 | 45.149.244.0 | - | - | High |
236 | 45.150.32.0 | - | - | High |
237 | 45.150.56.0 | - | - | High |
238 | 45.151.0.0 | - | - | High |
239 | 45.151.236.0 | - | - | High |
240 | 45.152.24.0 | - | - | High |
241 | 45.152.72.0 | - | - | High |
242 | 45.152.164.0 | - | - | High |
243 | 45.153.208.0 | - | - | High |
244 | 45.154.116.0 | subnet.thehost.ua | - | High |
245 | 45.154.128.0 | - | - | High |
246 | 45.155.80.0 | - | - | High |
247 | 45.156.36.0 | 45-156-36-0.broadband.tenet.odessa.ua | - | High |
248 | 45.157.204.0 | - | - | High |
249 | 45.158.48.0 | 45-158-48-0.dynamic-pool.mclaut.net | - | High |
250 | 45.158.128.0 | - | - | High |
251 | 45.158.244.0 | - | - | High |
252 | 45.159.100.0 | - | - | High |
253 | 46.8.28.0 | - | - | High |
254 | 46.8.34.0 | - | - | High |
255 | 46.8.37.0 | - | - | High |
256 | 46.17.240.0 | 46-17-240-0.aries.od.ua | - | High |
257 | 46.18.0.0 | - | - | High |
258 | 46.21.250.0 | subnet.zomro.com | - | High |
259 | 46.28.64.0 | subnet.ipv4.layer6.net | - | High |
260 | 46.28.192.0 | - | - | High |
261 | 46.29.128.0 | - | - | High |
262 | 46.30.160.0 | 160.30.46.0.access.ipnet.ua | - | High |
263 | 46.33.32.0 | - | - | High |
264 | 46.33.224.0 | ppp-46-33-224-0.wildpark.net | - | High |
265 | 46.35.224.0 | - | - | High |
266 | 46.36.201.16 | - | - | High |
267 | 46.36.201.20 | - | - | High |
268 | 46.36.201.51 | - | - | High |
269 | 46.36.201.52 | - | - | High |
270 | 46.36.201.97 | - | - | High |
271 | 46.36.201.98 | - | - | High |
272 | 46.36.202.81 | - | - | High |
273 | 46.36.202.82 | - | - | High |
274 | 46.36.202.84 | - | - | High |
275 | 46.36.202.88 | - | - | High |
276 | 46.36.202.90 | - | - | High |
277 | 46.36.202.211 | - | - | High |
278 | 46.36.202.212 | - | - | High |
279 | 46.36.202.216 | - | - | High |
280 | 46.36.202.224 | - | - | High |
281 | 46.36.202.228 | - | - | High |
282 | 46.36.202.230 | - | - | High |
283 | 46.37.192.0 | 0.pool-46.37.192.icn.ua | - | High |
284 | 46.39.64.0 | - | - | High |
285 | 46.46.64.0 | - | - | High |
286 | 46.63.0.0 | pool-46-63-0-0.x-city.ua | - | High |
287 | 46.96.0.0 | - | - | High |
288 | 46.98.0.0 | PPPoE.fregat.ua | - | High |
289 | 46.107.228.0 | - | - | High |
290 | 46.118.0.0 | 46-118-0-0.broadband.kyivstar.net | - | High |
291 | 46.133.0.0 | 46-133-0-0.mobile.vf-ua.net | - | High |
292 | 46.148.16.0 | ip-46-148-16-0.infiumhost.net | - | High |
293 | 46.148.112.0 | - | - | High |
294 | 46.148.116.0 | - | - | High |
295 | 46.148.118.0 | - | - | High |
296 | 46.148.120.0 | - | - | High |
297 | 46.148.176.0 | - | - | High |
298 | 46.149.48.0 | - | - | High |
299 | 46.149.80.0 | - | - | High |
300 | 46.149.176.0 | - | - | High |
301 | 46.150.0.0 | - | - | High |
302 | 46.150.64.0 | 46.150.64.0.mlt.volia.net | - | High |
303 | 46.151.40.0 | - | - | High |
304 | 46.151.80.0 | - | - | High |
305 | 46.151.144.0 | - | - | High |
306 | 46.151.176.0 | - | - | High |
307 | 46.151.192.0 | - | - | High |
308 | 46.151.248.0 | ip-46-151-248-0.ctn.cv.ua | - | High |
309 | 46.160.64.0 | - | - | High |
310 | 46.161.40.0 | - | - | High |
311 | 46.161.62.128 | pinspb.ru | - | High |
312 | 46.162.0.0 | - | - | High |
313 | 46.164.128.0 | - | - | High |
314 | 46.172.64.0 | - | - | High |
315 | 46.172.128.0 | - | - | High |
316 | 46.172.192.0 | - | - | High |
317 | 46.173.96.0 | - | - | High |
318 | 46.173.128.0 | - | - | High |
319 | 46.173.160.0 | - | - | High |
320 | 46.174.64.0 | - | - | High |
321 | 46.174.120.0 | - | - | High |
322 | 46.174.160.0 | network.46-174-160-0.it-mark.net | - | High |
323 | 46.174.240.0 | - | - | High |
324 | 46.175.16.0 | UNUSED.imc-ua.net | - | High |
325 | 46.175.64.0 | - | - | High |
326 | 46.175.80.0 | - | - | High |
327 | 46.175.136.0 | - | - | High |
328 | 46.175.144.0 | - | - | High |
329 | 46.175.160.0 | - | - | High |
330 | 46.175.184.0 | - | - | High |
331 | 46.175.240.0 | - | - | High |
332 | 46.182.80.0 | - | - | High |
333 | 46.185.0.0 | 46-185-0-0.broadband.kyivstar.net | - | High |
334 | 46.200.0.0 | 0-0-200-46.pool.ukrtel.net | - | High |
335 | 46.211.0.0 | 46-211-0-0.mobile.kyivstar.net | - | High |
336 | 46.219.0.0 | - | - | High |
337 | 46.227.136.0 | dynamicip.pppoe.46.227.136.0.vntp.net | - | High |
338 | 46.229.48.0 | 46-229-48-0.kievnet.com.ua | - | High |
339 | 46.231.224.0 | - | - | High |
340 | 46.232.232.0 | - | - | High |
341 | 46.247.128.0 | - | - | High |
342 | 46.250.0.0 | 46.250.0.0.pool.breezein.net | - | High |
343 | 46.250.96.0 | - | - | High |
344 | 46.252.208.0 | - | - | High |
345 | 46.255.32.0 | 46-255-32-0.dynamic-pool.mclaut.net | - | High |
346 | 50.7.248.0 | - | - | High |
347 | 62.4.111.0 | - | - | High |
348 | 62.16.0.0 | subnet124-0-24.tenet.odessa.ua | - | High |
349 | 62.64.64.0 | - | - | High |
350 | 62.72.160.0 | - | - | High |
351 | 62.76.12.0 | - | - | High |
352 | 62.80.160.0 | - | - | High |
353 | 62.84.248.0 | 62.84.248.0.best.net.ua | - | High |
354 | 62.122.0.0 | - | - | High |
355 | 62.122.56.0 | - | - | High |
356 | 62.122.64.0 | - | - | High |
357 | 62.122.104.0 | - | - | High |
358 | 62.122.152.0 | pe-sh-pbsrv-net.ollie.com.ua | - | High |
359 | 62.122.200.0 | - | - | High |
360 | 62.122.220.0 | - | - | High |
361 | 62.140.239.0 | 62-140-239-0.fiord.net | - | High |
362 | 62.140.239.128 | msk-m9-b1-ae7-vlan305.fiord.net | - | High |
363 | 62.140.239.192 | 62-140-239-192.fiord.net | - | High |
364 | 62.140.239.224 | 62-140-239-224.fiord.net | - | High |
365 | 62.140.239.240 | 62-140-239-240.fiord.net | - | High |
366 | 62.140.239.242 | 62-140-239-242-fiord.net | - | High |
367 | 62.140.239.244 | msk-m9-b1-ae22-vlan2042.fiord.net | - | High |
368 | 62.140.239.248 | 62-140-239-248.fiord.net | - | High |
369 | 62.149.0.0 | - | - | High |
370 | 62.182.64.0 | - | - | High |
371 | 62.182.80.0 | host-0.dedicated.vsys.host | - | High |
372 | 62.182.120.0 | unused.imc-ua.net | - | High |
373 | 62.182.160.0 | 62.182.160.0.serverel.net | - | High |
374 | 62.187.208.0 | - | - | High |
375 | 62.205.128.0 | - | - | High |
376 | 62.216.32.0 | - | - | High |
377 | 62.221.32.0 | - | - | High |
378 | 62.244.0.0 | - | - | High |
379 | 63.168.72.4 | - | - | High |
380 | 63.246.139.0 | - | - | High |
381 | 66.96.119.128 | - | - | High |
382 | 69.168.237.0 | - | - | High |
383 | 69.168.239.0 | - | - | High |
384 | 77.47.128.0 | net-v319.r7.kpi.ua | - | High |
385 | 77.52.0.0 | 77-52-0-0.staticip.vf-ua.net | - | High |
386 | 77.72.128.0 | - | - | High |
387 | 77.75.144.0 | facebook.dataline.ua | - | High |
388 | 77.83.36.0 | - | - | High |
389 | 77.83.100.0 | - | - | High |
390 | 77.83.188.0 | - | - | High |
391 | 77.87.32.0 | - | - | High |
392 | 77.87.144.0 | 77.87.144.0.sta.pautina.ua | - | High |
393 | 77.87.192.0 | 77.87.192.0.mirohost.net | - | High |
394 | 77.88.192.0 | - | - | High |
395 | 77.88.238.0 | ucloud-net.onix.kiev.ua | - | High |
396 | 77.88.240.0 | - | - | High |
397 | 77.93.32.0 | - | - | High |
398 | 77.109.0.0 | - | - | High |
399 | 77.111.244.0 | - | - | High |
400 | 77.120.0.0 | unknown.volia.net | - | High |
401 | 77.120.32.0 | 77.120.32.0.lvv.volia.net | - | High |
402 | 77.120.48.0 | ip.77.121.13.0.volia.net | - | High |
403 | 77.120.60.0 | metro.volia.net | - | High |
404 | 77.120.64.0 | 77.120.64.0.kir.volia.net | - | High |
405 | 77.120.128.0 | 77.120.128.0.kha.volia.net | - | High |
406 | 77.121.0.0 | 77.121.0.0.khe.volia.net | - | High |
407 | 77.121.8.0 | 77.121.8.0.pol.volia.net | - | High |
408 | 77.121.12.0 | 77.121.12.0.head.sum.volia.net | - | High |
409 | 77.121.15.0 | 77.121.15.0.ter.volia.net | - | High |
410 | 77.121.16.0 | 77.121.16.0.lut.volia.net | - | High |
411 | 77.121.32.0 | - | - | High |
412 | 77.121.64.0 | 77.121.64.0.lut.volia.net | - | High |
413 | 77.121.128.0 | 77.121.128.0.zap.volia.net | - | High |
414 | 77.122.0.0 | 77.122.0.0.kha.volia.net | - | High |
415 | 77.222.128.0 | - | - | High |
416 | 77.239.160.0 | 77-239-160-0.static.vega-ua.net | - | High |
417 | 77.244.32.0 | 77.244.32.0.kha.volia.net | - | High |
418 | 77.246.248.0 | - | - | High |
419 | 77.247.16.0 | ppp-77-247-16-0.wildpark.net | - | High |
420 | 77.247.216.0 | - | - | High |
421 | 78.24.72.0 | - | - | High |
422 | 78.24.75.0 | - | - | High |
423 | 78.24.76.0 | - | - | High |
424 | 78.24.78.0 | - | - | High |
425 | 78.25.0.0 | - | - | High |
426 | 78.26.128.0 | net-78.26.128-255.Odessa.TV | - | High |
427 | 78.27.128.0 | pool128-000.domashka.kiev.ua | - | High |
428 | 78.30.192.0 | - | - | High |
429 | 78.31.176.0 | - | - | High |
430 | 78.109.16.0 | 0.16.109.78.hosting.ua | - | High |
431 | 78.111.16.0 | dsl-16br0.vil.com.ua | - | High |
432 | 78.111.176.0 | - | - | High |
433 | 78.111.208.0 | 208-0.pppoe.mp.farlep.net | - | High |
434 | 78.137.0.0 | 78-137-0-0.static-ppp-pool.2mcl.com | - | High |
435 | 78.152.160.0 | - | - | High |
436 | 78.154.160.0 | 78.154.160.0.ett.ua | - | High |
437 | 78.158.192.0 | - | - | High |
438 | 78.159.32.0 | - | - | High |
439 | 79.98.240.0 | - | - | High |
440 | 79.110.17.0 | - | - | High |
441 | 79.110.18.0 | - | - | High |
442 | 79.110.20.0 | - | - | High |
443 | 79.110.22.0 | - | - | High |
444 | 79.110.23.0 | - | - | High |
445 | 79.110.24.0 | - | - | High |
446 | 79.110.25.128 | - | - | High |
447 | 79.110.26.0 | - | - | High |
448 | 79.110.96.0 | 79.110.96.0.serverel.net | - | High |
449 | 79.110.128.0 | - | - | High |
450 | 79.110.188.0 | - | - | High |
451 | 79.110.208.0 | 79.110.208.0.serverel.net | - | High |
452 | 79.124.128.0 | 0.128.124.79.in-addr.arpa | - | High |
453 | 79.135.192.0 | 0.pool-79.135.192.icn.ua | - | High |
454 | 79.140.0.0 | subnet79-0-24.Te.NeT.UA | - | High |
455 | 79.142.192.0 | - | - | High |
456 | 79.143.32.0 | 79.143.32.0.vntp.net | - | High |
457 | 79.171.120.0 | - | - | High |
458 | 80.64.80.0 | 80.64.80.0.untc.net | - | High |
459 | 80.66.76.187 | - | - | High |
460 | 80.66.196.0 | - | - | High |
461 | 80.70.64.0 | - | - | High |
462 | 80.73.0.0 | 0.0.73.80.triolan.net | - | High |
463 | 80.77.32.0 | - | - | High |
464 | 80.78.32.0 | 80-78-32-0.nbi.com.ua | - | High |
465 | 80.82.198.0 | - | - | High |
466 | 80.84.176.0 | - | - | High |
467 | 80.90.224.0 | - | - | High |
468 | 80.91.160.0 | - | - | High |
469 | 80.92.224.0 | - | - | High |
470 | 80.93.112.0 | nw-servers.ett.ua | - | High |
471 | 80.242.96.0 | - | - | High |
472 | 80.243.144.0 | - | - | High |
473 | 80.245.112.0 | - | - | High |
474 | 80.249.224.0 | - | - | High |
475 | 80.252.240.0 | ppp-80-252-240-0.wildpark.net | - | High |
476 | 80.254.0.0 | 0-net.express.net.ua | - | High |
477 | 80.255.64.0 | - | - | High |
478 | 81.2.149.96 | - | - | High |
479 | 81.17.128.0 | - | - | High |
480 | 81.21.0.0 | - | - | High |
481 | 81.22.128.0 | - | - | High |
482 | 81.23.16.0 | - | - | High |
483 | 81.24.208.0 | 81.24.208.0.trion.mk.ua | - | High |
484 | 81.25.224.0 | Skyline-NET.sky.od.ua | - | High |
485 | 81.30.160.0 | - | - | High |
486 | 81.90.224.0 | bs-vm-net-1.radiocom.net.ua | - | High |
487 | 81.95.176.0 | - | - | High |
488 | 81.162.64.0 | - | - | High |
489 | 81.162.96.0 | - | - | High |
490 | 81.162.216.0 | - | - | High |
491 | 81.162.224.0 | - | - | High |
492 | 81.163.88.0 | - | - | High |
493 | 81.163.112.0 | - | - | High |
494 | 81.163.152.0 | - | - | High |
495 | 81.163.208.0 | - | - | High |
496 | 82.117.224.0 | VELTON-GPONK2-KH-NET1.224.117.82.in-addr.arpa | - | High |
497 | 82.118.16.0 | subnet.ipv4.layer6.net | - | High |
498 | 82.144.192.0 | unknown.volia.net | - | High |
499 | 82.193.96.0 | - | - | High |
500 | 82.207.0.0 | - | - | High |
501 | 83.137.88.0 | - | - | High |
502 | 83.142.104.0 | - | - | High |
503 | 83.142.208.0 | - | - | High |
504 | 83.142.232.0 | base-office.skyvision.net.ua | - | High |
505 | 83.143.232.0 | - | - | High |
506 | 83.150.204.0 | network.starlink.ua | - | High |
507 | 83.170.192.0 | ll-0.192.170.83.lv.sovam.net.ua | - | High |
508 | 83.218.224.0 | - | - | High |
509 | 83.242.96.0 | - | - | High |
510 | 84.47.132.0 | - | - | High |
511 | 84.47.179.0 | - | - | High |
512 | 84.234.104.0 | - | - | High |
513 | 85.90.192.0 | VELTON-PA-CORE-NET.192.90.85.in-addr.arpa | - | High |
514 | 85.91.197.233 | - | - | High |
515 | 85.114.192.0 | - | - | High |
516 | 85.159.0.0 | - | - | High |
517 | 85.198.128.0 | 128-0.trifle.net | - | High |
518 | 85.209.44.0 | 85-209-44-0.ibnet.ua | - | High |
519 | 85.209.120.0 | - | - | High |
520 | 85.223.128.0 | - | - | High |
521 | 85.238.96.0 | subnet96-0-26.tenet.odessa.ua | - | High |
522 | 85.255.176.0 | - | - | High |
523 | 86.62.44.0 | 44-62-86.net.arkada-x.com | - | High |
524 | 86.106.83.0 | - | - | High |
525 | 86.111.64.0 | - | - | High |
526 | 86.111.224.0 | - | - | High |
527 | 87.76.128.0 | - | - | High |
528 | 87.238.152.0 | 152.238.87.privatbank.ua | - | High |
529 | 87.244.128.0 | - | - | High |
530 | 87.245.222.64 | - | - | High |
531 | 87.247.152.0 | 87.247.152.0.deltahost-ptr | - | High |
532 | 88.81.224.0 | - | - | High |
533 | 88.135.80.0 | - | - | High |
534 | 88.135.112.0 | - | - | High |
535 | 88.135.192.0 | - | - | High |
536 | 88.154.0.0 | - | - | High |
537 | 88.214.8.0 | 88-214-8-0.broadband.tenet.odessa.ua | - | High |
538 | 88.214.64.0 | 88-214-64-0.vf-ua.net | - | High |
539 | 88.218.29.0 | - | - | High |
540 | 88.218.30.0 | - | - | High |
541 | 88.218.180.0 | - | - | High |
542 | 88.218.188.0 | subnet.thehost.ua | - | High |
543 | 89.19.96.0 | - | - | High |
544 | 89.21.72.0 | - | - | High |
545 | 89.21.80.0 | - | - | High |
546 | 89.22.40.0 | undef.isys.net.ua | - | High |
547 | 89.22.200.0 | - | - | High |
548 | 89.22.240.0 | - | - | High |
549 | 89.28.200.0 | - | - | High |
550 | 89.105.224.0 | net-224--0-127.kiev.farlep.net | - | High |
551 | 89.107.136.0 | - | - | High |
552 | 89.110.64.0 | - | - | High |
553 | 89.162.128.0 | karavanska.lv.sovam.net.ua | - | High |
554 | 89.184.64.0 | 89.184.64.0.mirohost.net | - | High |
555 | 89.185.0.0 | - | - | High |
556 | 89.187.0.0 | host-0-0.wi.com.ua | - | High |
557 | 89.200.232.0 | - | - | High |
558 | 89.200.248.0 | - | - | High |
559 | 89.209.0.0 | - | - | High |
560 | 89.251.16.0 | - | - | High |
561 | 89.252.0.0 | 89.252.0.0.freenet.com.ua | - | High |
562 | 91.90.8.0 | - | - | High |
563 | 91.90.16.0 | net-91-90-16.skif.com.ua | - | High |
564 | 91.90.196.0 | - | - | High |
565 | 91.92.2.0 | - | - | High |
566 | 91.102.176.0 | - | - | High |
567 | 91.103.120.0 | - | - | High |
568 | 91.105.236.0 | - | - | High |
569 | 91.108.52.0 | - | - | High |
570 | 91.123.144.0 | - | - | High |
571 | 91.124.0.0 | - | - | High |
572 | 91.132.132.0 | - | - | High |
573 | 91.132.140.0 | - | - | High |
574 | 91.132.148.0 | - | - | High |
575 | 91.132.164.0 | - | - | High |
576 | 91.132.184.0 | - | - | High |
577 | 91.142.160.0 | - | - | High |
578 | 91.145.192.0 | 192.145.91.in-addr.arpa | - | High |
579 | 91.189.128.0 | - | - | High |
580 | 91.189.152.0 | - | - | High |
581 | 91.192.44.0 | - | - | High |
582 | 91.192.104.0 | - | - | High |
583 | 91.192.128.0 | subnet-128-0.lan-telecom.net | - | High |
584 | 91.192.136.0 | - | - | High |
585 | 91.192.152.0 | - | - | High |
586 | 91.192.160.0 | - | - | High |
587 | 91.192.180.0 | - | - | High |
588 | 91.192.184.0 | - | - | High |
589 | 91.192.200.0 | - | - | High |
590 | 91.192.216.0 | UNUSED.airport.net.ua | - | High |
591 | 91.193.32.0 | v68.mpls.i4.norden-lilljorm.under.net.ua | - | High |
592 | 91.193.68.0 | - | - | High |
593 | 91.193.76.0 | - | - | High |
594 | 91.193.80.0 | - | - | High |
595 | 91.193.124.0 | - | - | High |
596 | 91.193.128.0 | - | - | High |
597 | 91.193.164.0 | 91.193.164.000.kievline.net | - | High |
598 | 91.193.172.0 | 0.172.193.91.triolan.net | - | High |
599 | 91.193.192.0 | - | - | High |
600 | 91.193.204.0 | - | - | High |
601 | 91.193.252.0 | - | - | High |
602 | 91.194.34.0 | - | - | High |
603 | 91.194.40.0 | - | - | High |
604 | 91.194.50.0 | - | - | High |
605 | 91.194.56.0 | - | - | High |
606 | 91.194.72.0 | - | - | High |
607 | 91.194.78.0 | subnet-78-24-dca.te.net.ua | - | High |
608 | 91.194.80.0 | - | - | High |
609 | 91.194.88.0 | - | - | High |
610 | 91.194.134.0 | - | - | High |
611 | 91.194.162.0 | - | - | High |
612 | 91.194.168.0 | - | - | High |
613 | 91.194.192.0 | - | - | High |
614 | 91.194.238.0 | - | - | High |
615 | 91.194.250.0 | - | - | High |
616 | 91.195.2.0 | - | - | High |
617 | 91.195.10.0 | - | - | High |
618 | 91.195.52.0 | nocservice.biz | - | High |
619 | 91.195.68.0 | - | - | High |
620 | 91.195.74.0 | 91.195.74.0.telegroup.kiev.ua | - | High |
621 | 91.195.90.0 | - | - | High |
622 | 91.195.96.0 | - | - | High |
623 | 91.195.120.0 | - | - | High |
624 | 91.195.156.0 | - | - | High |
625 | 91.195.172.0 | 0-172-195-91.users.novi.uz.ua | - | High |
626 | 91.195.184.0 | - | - | High |
627 | 91.195.214.0 | - | - | High |
628 | 91.195.230.0 | - | - | High |
629 | 91.195.244.0 | popelnya.net | - | High |
630 | 91.195.248.0 | 0.248.195.91.akson45.net | - | High |
631 | 91.196.0.0 | colo-198-0.hostbizua.com | - | High |
632 | 91.196.52.0 | pppoe.komitex.net | - | High |
633 | 91.196.60.0 | - | - | High |
634 | 91.196.80.0 | - | - | High |
635 | 91.196.88.0 | - | - | High |
636 | 91.196.96.0 | 91.196.96.0.untc.net | - | High |
637 | 91.196.120.0 | - | - | High |
638 | 91.196.132.0 | net-91-196-132-0.prmt-eu.com | - | High |
639 | 91.196.148.0 | - | - | High |
640 | 91.196.156.0 | - | - | High |
641 | 91.196.160.0 | - | - | High |
642 | 91.196.176.0 | backbone0-net.lux-net.com.ua | - | High |
643 | 91.196.192.0 | pool192-000.domashka.kiev.ua | - | High |
644 | 91.196.228.0 | 0-228.196.91-nat.expres.net.ua | - | High |
645 | 91.197.4.0 | - | - | High |
646 | 91.197.16.0 | - | - | High |
647 | 91.197.24.0 | ip-1800.rusanovka-net.kiev.ua | - | High |
648 | 91.197.48.0 | - | - | High |
649 | 91.197.56.0 | - | - | High |
650 | 91.197.58.0 | - | - | High |
651 | 91.197.68.0 | - | - | High |
652 | 91.197.80.0 | - | - | High |
653 | 91.197.128.0 | - | - | High |
654 | 91.197.144.0 | - | - | High |
655 | 91.197.168.0 | net.intraffic.ua | - | High |
656 | 91.197.184.0 | - | - | High |
657 | 91.197.216.0 | - | - | High |
658 | 91.197.236.0 | - | - | High |
659 | 91.198.1.0 | - | - | High |
660 | 91.198.4.0 | - | - | High |
661 | 91.198.10.0 | - | - | High |
662 | 91.198.31.0 | - | - | High |
663 | 91.198.34.0 | - | - | High |
664 | 91.198.36.0 | - | - | High |
665 | 91.198.40.0 | - | - | High |
666 | 91.198.50.0 | - | - | High |
667 | 91.198.83.0 | - | - | High |
668 | 91.198.101.0 | - | - | High |
669 | 91.198.116.0 | - | - | High |
670 | 91.198.140.0 | - | - | High |
671 | 91.198.143.0 | - | - | High |
672 | 91.198.188.0 | - | - | High |
673 | 91.198.233.0 | 91-198-233-0.kyivlink.com | - | High |
674 | 91.198.235.0 | - | - | High |
675 | 91.198.247.0 | - | - | High |
676 | 91.198.249.0 | - | - | High |
677 | 91.199.13.0 | - | - | High |
678 | 91.199.28.0 | - | - | High |
679 | 91.199.33.0 | - | - | High |
680 | 91.199.35.0 | - | - | High |
681 | 91.199.37.0 | 91-199-37-0.amik.dn.ua | - | High |
682 | 91.199.54.0 | - | - | High |
683 | 91.199.91.0 | - | - | High |
684 | 91.199.92.0 | - | - | High |
685 | 91.199.106.0 | - | - | High |
686 | 91.199.138.0 | - | - | High |
687 | 91.199.144.0 | - | - | High |
688 | 91.199.188.0 | - | - | High |
689 | 91.199.194.0 | ip-91-199-194-0.opensvit.ua | - | High |
690 | 91.199.206.0 | no-record-set.datafiber.nl | - | High |
691 | 91.199.222.0 | - | - | High |
692 | 91.199.245.0 | - | - | High |
693 | 91.200.0.0 | - | - | High |
694 | 91.200.40.0 | - | - | High |
695 | 91.200.52.0 | - | - | High |
696 | 91.200.56.0 | - | - | High |
697 | 91.200.60.0 | - | - | High |
698 | 91.200.72.0 | - | - | High |
699 | 91.200.80.0 | - | - | High |
700 | 91.200.82.0 | - | - | High |
701 | 91.200.112.0 | INTEGRA-MEDIA-NET.net | - | High |
702 | 91.200.124.0 | - | - | High |
703 | 91.200.156.0 | - | - | High |
704 | 91.200.160.0 | - | - | High |
705 | 91.200.180.0 | subnet.180.teremki.kiev.ua | - | High |
706 | 91.200.200.0 | - | - | High |
707 | ... | ... | ... | ... |
There are 2822 more IOC items available. Please use our online service to access the data.
TTP - Tactics, Techniques, Procedures
Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Ukraine Unknown. This data is unique as it uses our predictive model for actor profiling.
ID | Technique | Weakness | Description | Confidence |
---|---|---|---|---|
1 | T1006 | CWE-21, CWE-22, CWE-28 | Pathname Traversal | High |
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High |
3 | T1055 | CWE-74 | Injection | High |
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High |
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High |
6 | ... | ... | ... | ... |
There are 22 more TTP items available. Please use our online service to access the data.
IOA - Indicator of Attack
These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Ukraine Unknown. This data is unique as it uses our predictive model for actor profiling.
ID | Type | Indicator | Confidence |
---|---|---|---|
1 | File | .github/workflows/combine-prs.yml |
High |
2 | File | /Admin/add-student.php |
High |
3 | File | /admin/api/admin/articles/ |
High |
4 | File | /Admin/login.php |
High |
5 | File | /admin/submit-articles |
High |
6 | File | /apilog.php |
Medium |
7 | File | /attachments |
Medium |
8 | File | /bsms_ci/index.php/book |
High |
9 | File | /cgi-bin/wlogin.cgi |
High |
10 | File | /connectors/index.php |
High |
11 | File | /context/%2e/WEB-INF/web.xml |
High |
12 | File | /debug/pprof |
Medium |
13 | File | /DesignTools/CssEditor.aspx |
High |
14 | File | /dev/block/mmcblk0rpmb |
High |
15 | File | /DocSystem/Repos/getReposAllUsers.do |
High |
16 | File | /etc/hosts |
Medium |
17 | File | /face-recognition-php/facepay-master/camera.php |
High |
18 | File | /forum/away.php |
High |
19 | File | /fos/admin/ajax.php?action=login |
High |
20 | File | /fos/admin/index.php?page=menu |
High |
21 | File | /goform/wizard_end |
High |
22 | File | /hrm/employeeadd.php |
High |
23 | File | /hrm/employeeview.php |
High |
24 | File | /hy-cgi/devices.cgi |
High |
25 | File | /index.php |
Medium |
26 | File | /items/view_item.php |
High |
27 | File | /jsoa/hntdCustomDesktopActionContent |
High |
28 | File | /LEPTON_stable_2.2.2/upload/account/logout.php |
High |
29 | File | /lookin/info |
Medium |
30 | File | /manager/index.php |
High |
31 | File | /medical/inventories.php |
High |
32 | File | /medicines/profile.php |
High |
33 | File | /MIME/INBOX-MM-1/ |
High |
34 | File | /modules/caddyhttp/rewrite/rewrite.go |
High |
35 | File | /modules/profile/index.php |
High |
36 | File | /modules/projects/vw_files.php |
High |
37 | File | /modules/public/calendar.php |
High |
38 | File | /newsDia.php |
Medium |
39 | File | /out.php |
Medium |
40 | File | /project/PROJECTNAME/reports/ |
High |
41 | File | /proxy |
Low |
42 | File | /Redcock-Farm/farm/category.php |
High |
43 | File | /reports/rwservlet |
High |
44 | File | /sacco_shield/manage_user.php |
High |
45 | File | /spip.php |
Medium |
46 | File | /sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072 |
High |
47 | File | /staff/bookdetails.php |
High |
48 | File | /tmp |
Low |
49 | File | /uncpath/ |
Medium |
50 | File | /user/update_booking.php |
High |
51 | File | /var/log/nginx |
High |
52 | File | /Wedding-Management-PHP/admin/photos_add.php |
High |
53 | File | /wordpress/wp-admin/options-general.php |
High |
54 | File | 01article.php |
High |
55 | File | AbstractScheduleJob.java |
High |
56 | File | actionphp/download.File.php |
High |
57 | File | ActivityRecord.java |
High |
58 | ... | ... | ... |
There are 509 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
References
The following list contains external sources which discuss the actor and the associated activities:
- https://blog.talosintelligence.com/2018/02/coinhoarder.html
- https://blogs.infoblox.com/cyber-threat-intelligence/cyber-threat-advisory/ukraine-scam-campaigns/
- https://businessinsights.bitdefender.com/deep-dive-into-the-elephant-framework-a-new-cyber-threat-in-ukraine
- https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_ua.netset
- https://www.mandiant.com/resources/blog/trojanized-windows-installers-ukrainian-government
Literature
The following articles explain our unique predictive cyber threat intelligence:
- VulDB Cyber Threat Intelligence Documentation
- Cyber Threat Intelligence - Early Anticipation of Attacks
License
(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!