Mirrors
/
cyber_threat_intelligence
mirror of https://github.com/vuldb/cyber_threat_intelligence
6
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cyber_threat_intelligence/actors/Shadowcrew
History
Marc Ruef ba3bbfbe2c Update 2022-09-08 10:24:13 +02:00
..
README.md Update 2022-09-08 10:24:13 +02:00

README.md

Shadowcrew - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Shadowcrew. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor.shadowcrew

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Shadowcrew:

There are 17 more country items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Shadowcrew.

ID IP address Hostname Campaign Confidence
1 1.2.3.4 - - High
2 1.3.1.5 - - High
3 1.3.5.112 - - High
4 1.195.193.192 - - High
5 2.59.47.155 - - High
6 2.195.193.192 - - High
7 3.195.193.192 - - High
8 4.5.11.26 - - High
9 4.8.1.2 - - High
10 4.19.76.27 - - High
11 4.33.21.74 - - High
12 4.33.91.154 - - High
13 4.33.121.58 - - High
14 4.33.253.94 - - High
15 4.35.2.165 - - High
16 4.35.84.98 - - High
17 4.42.141.33 - - High
18 4.46.144.142 - - High
19 4.46.174.197 - - High
20 4.46.235.64 - - High
21 4.62.95.76 - - High
22 4.62.241.142 - - High
23 4.63.225.129 - - High
24 4.64.46.158 - - High
25 4.64.249.14 - - High
26 4.64.249.144 - - High
27 4.65.31.111 - - High
28 4.65.222.76 - - High
29 4.195.193.192 - - High
30 5.3.2.34 5x3x2x34.static-business.spb.ertelecom.ru - High
31 5.5.9.14 dynamic-005-005-009-014.5.5.pool.telefonica.de - High
32 11.38.193.192 - - High
33 12.1.88.3 - - High
34 12.1.88.5 - - High
35 12.1.88.75 h5.occompt.com - High
36 12.1.88.89 - - High
37 12.5.2.132 - - High
38 12.6.57.2 - - High
39 12.8.36.142 - - High
40 12.9.131.69 - - High
41 12.14.84.67 - - High
42 12.14.232.23 - - High
43 12.14.232.24 - - High
44 12.15.32.199 - - High
45 12.15.46.21 - - High
46 12.17.161.21 - - High
47 12.18.185.141 - - High
48 12.21.44.3 mail.thalesesec.com - High
49 12.21.167.52 - - High
50 12.26.131.63 - - High
51 12.27.138.2 - - High
52 12.29.35.146 - - High
53 12.31.195.91 - - High
54 12.32.38.11 - - High
55 12.32.148.34 - - High
56 12.34.177.246 - - High
57 12.36.193.114 - - High
58 12.38.193.192 - - High
59 12.39.133.114 - - High
60 12.42.56.194 - - High
61 12.42.149.116 - - High
62 12.43.92.195 - - High
63 12.44.87.173 - - High
64 12.47.12.6 - - High
65 12.47.193.16 - - High
66 12.77.95.69 69.norcross-12rh16rt.ga.dial-access.att.net - High
67 12.78.17.42 42.west-palm-beach-10rh15rt.fl.dial-access.att.net - High
68 12.78.18.252 252.west-palm-beach-10rh16rt-11rh15rt.fl.dial-access.att.net - High
69 12.81.98.199 - - High
70 12.81.99.35 - - High
71 12.87.95.22 - - High
72 12.87.96.32 - - High
73 12.91.49.163 - - High
74 12.91.112.32 - - High
75 12.91.131.39 - - High
76 12.91.146.22 - - High
77 12.96.56.3 - - High
78 12.96.243.166 - - High
79 12.98.38.69 69.muca.dnvr.aurrcobu.dsl.att.net - High
80 12.98.213.23 23.muab.hstn.dlbtx01r1.dsl.att.net - High
81 12.99.167.178 178.mubh.dnvr.aurco01r1.dsl.att.net - High
82 12.111.45.163 - - High
83 12.122.11.9 cr1.n54ny.ip.att.net - High
84 12.122.11.214 - - High
85 12.124.179.81 - - High
86 12.144.83.2 - - High
87 12.145.52.7 - - High
88 12.146.236.34 - - High
89 12.147.161.229 - - High
90 12.151.51.3 - - High
91 12.152.196.4 - - High
92 12.152.236.71 - - High
93 12.153.68.13 - - High
94 12.153.68.131 - - High
95 12.153.99.98 - - High
96 12.155.7.16 - - High
97 12.158.13.242 - - High
98 12.159.42.194 - - High
99 12.162.2.193 - - High
100 12.162.118.253 - - High
101 12.163.7.33 - - High
102 12.164.77.1 - - High
103 12.164.77.2 - - High
104 12.164.77.3 - - High
105 12.164.77.4 - - High
106 12.164.77.5 - - High
107 12.164.77.6 - - High
108 12.164.77.9 - - High
109 12.164.77.13 - - High
110 12.164.77.16 - - High
111 12.164.77.21 - - High
112 12.164.77.22 - - High
113 12.164.77.32 - - High
114 12.164.77.33 - - High
115 12.164.77.34 - - High
116 12.164.77.35 - - High
117 12.164.77.36 - - High
118 12.164.77.37 - - High
119 12.164.77.38 - - High
120 12.164.77.39 - - High
121 12.164.77.41 - - High
122 12.164.77.42 - - High
123 12.164.77.43 - - High
124 12.164.77.44 - - High
125 12.164.77.45 - - High
126 12.164.77.46 - - High
127 12.164.77.47 - - High
128 12.164.77.48 - - High
129 12.164.77.49 - - High
130 12.164.77.51 - - High
131 12.164.77.52 - - High
132 12.164.77.53 - - High
133 12.164.77.54 - - High
134 12.164.77.55 - - High
135 12.164.77.56 - - High
136 12.164.77.57 - - High
137 12.164.77.58 - - High
138 12.164.77.59 - - High
139 12.164.77.61 - - High
140 12.164.77.62 - - High
141 12.164.77.63 - - High
142 12.164.77.64 - - High
143 12.164.77.65 - - High
144 12.164.77.66 - - High
145 12.164.77.67 - - High
146 12.164.77.68 - - High
147 12.164.77.71 - - High
148 12.164.77.72 - - High
149 12.164.77.74 - - High
150 12.164.77.75 - - High
151 12.164.77.77 - - High
152 12.164.77.78 - - High
153 12.164.77.82 - - High
154 12.164.77.85 - - High
155 12.164.77.86 - - High
156 12.164.77.88 - - High
157 12.164.77.91 - - High
158 12.164.77.93 - - High
159 12.164.77.94 - - High
160 12.164.77.97 - - High
161 12.164.77.111 - - High
162 12.164.77.113 - - High
163 12.164.77.114 - - High
164 12.164.77.117 - - High
165 12.164.77.121 - - High
166 12.164.77.125 - - High
167 12.164.77.129 - - High
168 12.164.77.131 - - High
169 12.164.77.132 - - High
170 12.164.77.133 - - High
171 12.164.77.134 - - High
172 12.164.77.136 - - High
173 12.164.77.145 - - High
174 12.164.77.148 - - High
175 12.164.77.149 - - High
176 12.164.77.151 - - High
177 12.164.77.152 - - High
178 12.164.77.153 - - High
179 12.164.77.154 - - High
180 12.164.77.155 - - High
181 12.164.77.156 - - High
182 12.164.77.157 - - High
183 12.164.77.158 - - High
184 12.164.77.159 - - High
185 12.164.77.161 - - High
186 12.164.77.162 - - High
187 12.164.77.163 - - High
188 12.164.77.164 - - High
189 12.164.77.165 - - High
190 12.164.77.166 - - High
191 12.164.77.167 - - High
192 12.164.77.168 - - High
193 12.164.77.169 - - High
194 12.164.77.171 - - High
195 12.164.77.172 - - High
196 12.164.77.173 - - High
197 12.164.77.174 - - High
198 12.164.77.175 - - High
199 12.164.77.176 - - High
200 12.164.77.177 - - High
201 12.164.77.178 - - High
202 12.164.77.179 - - High
203 12.164.77.181 - - High
204 12.164.77.182 - - High
205 12.164.77.183 - - High
206 12.164.77.184 - - High
207 12.164.77.185 - - High
208 12.164.77.187 - - High
209 12.164.77.189 - - High
210 12.164.77.191 - - High
211 12.164.77.193 - - High
212 12.164.77.194 - - High
213 12.164.77.197 - - High
214 12.164.77.198 - - High
215 12.164.77.214 - - High
216 12.164.77.215 - - High
217 12.164.77.217 - - High
218 12.164.77.218 - - High
219 12.164.77.219 - - High
220 12.164.77.224 - - High
221 12.164.77.225 - - High
222 12.164.77.229 - - High
223 12.164.77.237 - - High
224 12.164.77.239 - - High
225 12.164.77.243 - - High
226 12.164.77.244 - - High
227 12.164.77.245 - - High
228 12.164.77.247 - - High
229 12.164.77.248 - - High
230 12.164.77.251 - - High
231 12.164.77.254 - - High
232 12.213.129.134 - - High
233 12.217.141.134 - - High
234 12.219.1.184 - - High
235 12.219.244.212 - - High
236 12.221.44.99 - - High
237 12.221.193.243 - - High
238 12.224.118.253 - - High
239 12.225.225.222 - - High
240 12.228.98.152 - - High
241 12.229.146.148 - - High
242 12.231.17.12 - - High
243 12.231.38.81 - - High
244 12.231.52.129 - - High
245 12.232.24.18 - - High
246 12.234.116.178 - - High
247 12.234.221.161 - - High
248 12.236.11.245 - - High
249 12.238.85.82 - - High
250 12.238.96.59 - - High
251 12.238.141.134 - - High
252 12.239.46.249 - - High
253 12.239.75.65 - - High
254 12.239.85.213 - - High
255 12.242.154.169 - - High
256 12.243.182.219 - - High
257 12.245.94.26 - - High
258 12.246.5.52 - - High
259 12.246.138.149 - - High
260 12.246.173.194 - - High
261 12.246.192.185 - - High
262 12.246.252.231 - - High
263 12.247.39.145 - - High
264 12.247.152.91 - - High
265 12.248.143.97 - - High
266 12.251.87.37 - - High
267 12.252.68.65 - - High
268 12.252.178.136 - - High
269 12.253.46.153 - - High
270 12.253.74.34 - - High
271 12.254.45.133 - - High
272 24.25.234.147 - - High
273 24.26.69.47 - - High
274 24.28.245.229 cpe-024-028-245-229.triad.res.rr.com - High
275 24.29.82.155 cpe-24-29-82-155.nycap.res.rr.com - High
276 24.41.27.57 h57.27.41.24.static.ip.windstream.net - High
277 24.42.18.57 - - High
278 24.42.195.236 - - High
279 24.43.27.22 rrcs-24-43-27-22.west.biz.rr.com - High
280 24.43.137.78 rrcs-24-43-137-78.west.biz.rr.com - High
281 24.43.147.33 rrcs-24-43-147-33.west.biz.rr.com - High
282 24.48.85.177 modemcable177.85-48-24.mc.videotron.ca - High
283 24.49.45.158 dyn-24-49-45-158.myactv.net - High
284 24.51.69.74 - - High
285 24.51.227.19 d24-51-227-19.static-datacom.cgocable.net - High
286 24.52.225.197 24-52-225-197.cable.teksavvy.com - High
287 24.53.72.244 - - High
288 24.53.216.236 24.53.216.236.user.e-catv.ne.jp - High
289 24.54.189.83 h24-54-189-83.hbbsnm.dedicated.static.tds.net - High
290 24.55.195.15 d24-55-195-15.home4.cgocable.net - High
291 24.61.219.159 - - High
292 24.62.33.18 c-24-62-33-18.hsd1.ma.comcast.net - High
293 24.62.33.173 c-24-62-33-173.hsd1.ma.comcast.net - High
294 24.62.41.115 c-24-62-41-115.hsd1.ma.comcast.net - High
295 24.62.43.57 c-24-62-43-57.hsd1.ma.comcast.net - High
296 24.65.66.165 S0106105611bdfe79.ed.shawcable.net - High
297 24.66.116.249 S01069050ca2eb553.cg.shawcable.net - High
298 24.66.224.236 - - High
299 24.67.71.179 - - High
300 24.67.168.214 S01061056119cab7a.wk.shawcable.net - High
301 24.71.67.179 - - High
302 24.71.115.43 S0106001b115d1ee4.ok.shawcable.net - High
303 24.72.6.197 static24-72-6-197.r.rev.accesscomm.ca - High
304 24.72.8.95 static24-72-8-95.hu.rev.accesscomm.ca - High
305 24.73.131.9 rrcs-24-73-131-9.se.biz.rr.com - High
306 24.73.138.191 rrcs-24-73-138-191.se.biz.rr.com - High
307 24.73.193.38 rrcs-24-73-193-38.se.biz.rr.com - High
308 24.76.13.214 - - High
309 24.76.88.254 S0106f81d0f5a82f3.wp.shawcable.net - High
310 24.78.8.254 S0106e4bffa332591.wp.shawcable.net - High
311 24.78.12.253 S0106ac202e2835a3.wp.shawcable.net - High
312 24.78.12.254 S0106bcd16568600f.wp.shawcable.net - High
313 24.78.94.127 S0106bc9b680c0cdf.tb.shawcable.net - High
314 24.82.196.186 - - High
315 24.84.116.149 S010600fc8dad4403.vc.shawcable.net - High
316 24.86.199.2 - - High
317 24.87.173.222 - - High
318 24.88.32.52 24-88-32-52.res.spectrum.com - High
319 24.88.84.79 cpe-24-88-84-79.sc.res.rr.com - High
320 24.91.61.15 - - High
321 24.91.83.15 c-24-91-83-15.hsd1.ma.comcast.net - High
322 24.93.29.251 cpe-24-93-29-251.rochester.res.rr.com - High
323 24.93.161.84 cpe-24-93-161-84.neo.res.rr.com - High
324 24.93.215.163 cpe-24-93-215-163.neo.res.rr.com - High
325 24.93.234.67 cpe-24-93-234-67.neo.res.rr.com - High
326 24.93.242.168 cpe-24-93-242-168.neo.res.rr.com - High
327 24.94.5.241 cpe-24-94-5-241.san.res.rr.com - High
328 24.94.6.77 cpe-24-94-6-77.san.res.rr.com - High
329 24.94.147.214 072-094-147-214.biz.spectrum.com - High
330 24.94.188.18 cpe-24-94-188-18.kc.res.rr.com - High
331 24.95.178.19 cpe-24-95-178-19.natcky.res.rr.com - High
332 24.95.186.211 cpe-24-95-186-211.natcky.res.rr.com - High
333 24.95.245.131 TAMQFLPM2CW.chtrse.com - High
334 24.95.252.144 - - High
335 24.96.19.8 static-24-96-19-8.knology.net - High
336 24.96.23.36 static-24-96-23-36.knology.net - High
337 24.97.19.28 rrcs-24-97-19-28.nys.biz.rr.com - High
338 24.97.22.2 mail.vmjrcompanies.com - High
339 24.97.31.94 rrcs-24-97-31-94.nys.biz.rr.com - High
340 24.97.65.186 corninghospital.org - High
341 24.97.82.82 rrcs-24-97-82-82.nys.biz.rr.com - High
342 24.97.82.149 rrcs-24-97-82-149.nys.biz.rr.com - High
343 24.97.99.98 www.dragon-benware.com - High
344 24.98.145.87 c-24-98-145-87.hsd1.ga.comcast.net - High
345 24.112.57.22 host-24-112-57-22.vyvebroadband.net - High
346 24.114.5.213 - - High
347 24.116.183.248 24-116-183-248.cpe.sparklight.net - High
348 24.116.227.221 24-116-227-221.cpe.sparklight.net - High
349 24.116.253.171 24-116-253-171.cpe.sparklight.net - High
350 24.118.164.79 c-24-118-164-79.hsd1.mn.comcast.net - High
351 24.122.8.181 24-122-8-181.resi.cgocable.ca - High
352 24.123.1.214 rrcs-24-123-1-214.central.biz.rr.com - High
353 24.123.12.42 rrcs-24-123-12-42.central.biz.rr.com - High
354 24.123.37.13 rrcs-24-123-37-13.central.biz.rr.com - High
355 24.123.54.58 rrcs-24-123-54-58.central.biz.rr.com - High
356 24.123.66.131 rrcs-24-123-66-131.central.biz.rr.com - High
357 24.123.66.132 rrcs-24-123-66-132.central.biz.rr.com - High
358 24.123.71.146 rrcs-24-123-71-146.central.biz.rr.com - High
359 24.123.91.18 rrcs-24-123-91-18.central.biz.rr.com - High
360 24.123.91.194 remote.fvuuf.org - High
361 24.123.112.158 mail.foreman-cpa.com - High
362 24.123.241.58 rrcs-24-123-241-58.central.biz.rr.com - High
363 24.126.236.79 c-24-126-236-79.hsd1.ga.comcast.net - High
364 24.127.8.212 c-24-127-8-212.hsd1.mi.comcast.net - High
365 24.128.66.233 c-24-128-66-233.hsd1.co.comcast.net - High
366 24.132.13.59 j13059.upc-j.chello.nl - High
367 24.132.16.186 j16186.upc-j.chello.nl - High
368 24.132.34.247 j34247.upc-j.chello.nl - High
369 24.132.88.34 j88034.upc-j.chello.nl - High
370 24.132.91.34 j91034.upc-j.chello.nl - High
371 24.132.184.74 j184074.upc-j.chello.nl - High
372 24.132.197.199 j197199.upc-j.chello.nl - High
373 24.132.217.59 j217059.upc-j.chello.nl - High
374 24.132.241.111 j241111.upc-j.chello.nl - High
375 24.136.167.182 h182.167.136.24.static.ip.windstream.net - High
376 24.138.36.185 host-24-138-36-185.public.eastlink.ca - High
377 24.138.41.236 host-24-138-41-236.public.eastlink.ca - High
378 24.141.13.213 d24-141-13-213.home.cgocable.net - High
379 24.141.132.195 d24-141-132-195.home.cgocable.net - High
380 24.141.152.24 d24-141-152-24.home.cgocable.net - High
381 24.147.4.182 c-24-147-4-182.hsd1.ma.comcast.net - High
382 24.147.178.252 c-24-147-178-252.hsd1.vt.comcast.net - High
383 24.147.222.25 c-24-147-222-25.hsd1.ct.comcast.net - High
384 24.148.64.19 24-148-64-19.s6673.c3-0.mct-cbr1.chi-mct.il.cable.rcncustomer.com - High
385 24.151.4.172 024-151-004-172.res.spectrum.com - High
386 24.153.54.7 d-24-153-54-7.md.cpe.atlanticbb.net - High
387 24.153.142.2 rrcs-24-153-142-2.sw.biz.rr.com - High
388 24.153.149.2 rrcs-24-153-149-2.sw.biz.rr.com - High
389 24.154.25.44 static-acs-24-154-25-44.zoominternet.net - High
390 24.154.85.19 dynamic-acs-24-154-85-19.zoominternet.net - High
391 24.154.94.64 static-acs-24-154-94-64.zoominternet.net - High
392 24.154.132.157 static-acs-24-154-132-157.zoominternet.net - High
393 24.154.133.55 dynamic-acs-24-154-133-55.zoominternet.net - High
394 24.158.19.6 mail.nahc-nstar.com - High
395 24.158.87.25 024-158-087-025.res.spectrum.com - High
396 24.158.148.88 024-158-148-088.res.spectrum.com - High
397 24.158.162.16 024-158-162-016.res.spectrum.com - High
398 24.158.222.195 024-158-222-195.res.spectrum.com - High
399 24.159.55.245 024-159-055-245.res.spectrum.com - High
400 24.159.154.26 024-159-154-026.res.spectrum.com - High
401 24.159.241.216 024-159-241-216.res.spectrum.com - High
402 24.161.169.36 mta-24-161-169-36.insight.rr.com - High
403 24.161.233.6 - - High
404 24.161.242.195 - - High
405 24.162.58.18 mta-24-162-58-18.stx.rr.com - High
406 24.162.226.249 cpe-24-162-226-249.nc.res.rr.com - High
407 24.163.31.86 cpe-24-163-31-86.triad.res.rr.com - High
408 24.163.59.45 cpe-24-163-59-45.nc.res.rr.com - High
409 24.164.82.47 cpe-24-164-82-47.cinci.res.rr.com - High
410 24.164.86.227 cpe-24-164-86-227.cinci.res.rr.com - High
411 24.165.99.137 cpe-24-165-99-137.cinci.res.rr.com - High
412 24.165.158.175 cpe-24-165-158-175.neo.res.rr.com - High
413 24.166.33.93 cpe-24-166-33-93.neo.res.rr.com - High
414 24.166.49.249 cpe-24-166-49-249.neo.res.rr.com - High
415 24.166.124.253 cpe-24-166-124-253.neo.res.rr.com - High
416 24.166.197.147 - - High
417 24.169.96.246 024-169-096-246.biz.spectrum.com - High
418 24.169.168.122 - - High
419 24.174.94.234 - - High
420 24.188.211.217 ool-18bcd3d9.dyn.optonline.net - High
421 24.189.162.17 ool-18bda211.dyn.optonline.net - High
422 24.194.61.21 - - High
423 24.194.182.22 cpe-24-194-182-22.nycap.res.rr.com - High
424 24.195.178.83 - - High
425 24.196.63.132 024-196-063-132.biz.spectrum.com - High
426 24.196.72.68 024-196-072-068.biz.spectrum.com - High
427 24.196.179.61 024-196-179-061.res.spectrum.com - High
428 24.196.232.162 024-196-232-162.res.spectrum.com - High
429 24.196.233.18 024-196-233-018.res.spectrum.com - High
430 24.197.36.74 024-197-036-074.biz.spectrum.com - High
431 24.197.38.129 024-197-038-129.biz.spectrum.com - High
432 24.197.83.32 024-197-083-032.biz.spectrum.com - High
433 24.199.2.82 heathergabriel.com - High
434 24.199.129.78 rrcs-24-199-129-78.midsouth.biz.rr.com - High
435 24.199.132.178 rrcs-24-199-132-178.midsouth.biz.rr.com - High
436 24.199.174.172 national-wholesale.com - High
437 24.199.186.194 rrcs-24-199-186-194.midsouth.biz.rr.com - High
438 24.199.187.158 rrcs-24-199-187-158.midsouth.biz.rr.com - High
439 24.211.26.169 cpe-24-211-26-169.wi.res.rr.com - High
440 24.213.59.178 bmgr.mqtcty.org - High
441 24.213.61.2 024-213-061-002.biz.spectrum.com - High
442 24.214.16.225 user-24-214-16-225.knology.net - High
443 24.214.65.85 user-24-214-65-85.knology.net - High
444 24.214.81.112 user-24-214-81-112.knology.net - High
445 24.214.126.252 user-24-214-126-252.knology.net - High
446 24.214.139.237 static-24-214-139-237.knology.net - High
447 24.216.128.154 024-216-128-154.biz.spectrum.com - High
448 24.218.154.144 c-24-218-154-144.hsd1.ma.comcast.net - High
449 24.219.163.133 - - High
450 24.221.11.138 ip-24-221-11-138.atlnga.spcsdns.net - High
451 24.221.42.81 ip-24-221-42-81.brbnca.spcsdns.net - High
452 24.221.85.7 ip-24-221-85-7.chcgil.spcsdns.net - High
453 24.221.85.15 ip-24-221-85-15.chcgil.spcsdns.net - High
454 24.221.127.64 ip-24-221-127-64.chcgil.spcsdns.net - High
455 24.221.179.96 ip-24-221-179-96.atlnga.spcsdns.net - High
456 24.221.212.136 ip-24-221-212-136.brbnca.spcsdns.net - High
457 24.222.142.79 host-24-222-142-79.public.eastlink.ca - High
458 24.222.162.119 host-24-222-162-119.public.eastlink.ca - High
459 24.223.1.146 24-223-1-146.intertech.net - High
460 24.223.7.65 24-223-7-65.intertech.net - High
461 24.223.12.129 24-223-12-129.intertech.net - High
462 24.223.14.1 24-223-14-1.intertech.net - High
463 24.223.14.129 24-223-14-129.intertech.net - High
464 24.225.3.61 p61n3.ruraltel.net - High
465 24.226.63.54 d226-63-54.home.cgocable.net - High
466 24.226.89.211 - - High
467 24.226.132.3 24-226-132-3.static.cgocable.ca - High
468 24.226.188.182 24-226-188-182.resi.cgocable.ca - High
469 24.228.56.51 ool-18e43833.dyn.optonline.net - High
470 24.229.26.84 24.229.26.84.res-cmts.sm.ptd.net - High
471 24.229.89.3 www.jblong.com - High
472 24.229.89.5 www.fleetwoodpa.org - High
473 24.232.65.73 OL73-65.fibertel.com.ar - High
474 24.232.72.41 mail.estudiocomunicacion.com.ar - High
475 24.232.76.9 mail.cosud.com.ar - High
476 24.232.76.24 OL24-76.fibertel.com.ar - High
477 24.232.85.13 OL13-85.fibertel.com.ar - High
478 24.232.87.29 OL29-87.fibertel.com.ar - High
479 24.232.134.21 OL21-134.fibertel.com.ar - High
480 24.232.142.23 OL23-142.fibertel.com.ar - High
481 24.232.147.47 mail.silicon.com.ar - High
482 24.232.148.17 OL17-148.fibertel.com.ar - High
483 24.232.159.74 OL74-159.fibertel.com.ar - High
484 24.232.174.18 OL18-174.fibertel.com.ar - High
485 24.232.226.3 OL3-226.fibertel.com.ar - High
486 24.232.231.26 OL26-231.fibertel.com.ar - High
487 24.234.33.122 wsip-24-234-33-122.lv.lv.cox.net - High
488 24.234.57.6 backup.vegasnetworks.com - High
489 24.234.94.9 wsip-24-234-94-9.lv.lv.cox.net - High
490 24.235.18.178 - - High
491 24.237.3.48 48-3-237-24.gci.net - High
492 24.237.4.48 48-4-237-24.gci.net - High
493 24.237.6.195 195-6-237-24.gci.net - High
494 24.237.239.3 3-239-237-24.gci.net - High
495 24.242.153.18 cpe-24-242-153-18.hot.res.rr.com - High
496 24.242.154.98 cpe-24-242-154-98.hot.res.rr.com - High
497 24.242.176.154 mail.baemmons.com - High
498 24.243.74.242 mta-24-243-74-242.stx.rr.com - High
499 24.244.4.167 - - High
500 24.247.22.14 024-247-022-014.biz.spectrum.com - High
501 24.247.22.234 mail.ascomnorth.com - High
502 24.247.135.42 024-247-135-042.biz.spectrum.com - High
503 24.247.135.43 024-247-135-043.biz.spectrum.com - High
504 32.44.6.18 mail.naroy.kommune.no - High
505 32.44.6.19 - - High
506 38.161.171.4 - - High
507 38.161.171.5 - - High
508 38.161.171.6 - - High
509 38.161.171.7 - - High
510 38.161.171.9 - - High
511 38.161.171.11 - - High
512 38.161.171.15 - - High
513 38.161.171.25 - - High
514 38.161.171.39 - - High
515 53.73.193.192 - - High
516 61.8.7.41 - - High
517 61.8.23.19 - - High
518 61.8.24.137 - - High
519 61.8.238.252 61.8.238-252.unknown.starhub.net.sg - High
520 61.8.251.92 61.8.251-92.unknown.starhub.net.sg - High
521 61.9.8.225 - - High
522 61.9.26.2 - - High
523 61.9.121.251 - - High
524 61.9.121.253 - - High
525 61.11.6.129 61.11.6.129.static.vsnl.net.in - High
526 61.11.11.137 61.11.11.137.static.vsnl.net.in - High
527 61.11.12.69 61.11.12.69.static.vsnl.net.in - High
528 61.11.15.1 61.11.15.1.static.vsnl.net.in - High
529 61.11.15.251 61.11.15.251.static.vsnl.net.in - High
530 61.11.16.24 61.11.16.24.bb-static.vsnl.net.in - High
531 61.11.18.178 61.11.18.178.bb-static.vsnl.net.in - High
532 61.11.21.27 61.11.21.27.static.vsnl.net.in - High
533 61.11.23.1 61.11.23.1.static.vsnl.net.in - High
534 61.11.23.65 61.11.23.65.static.vsnl.net.in - High
535 61.11.26.142 61.11.26.142.static.vsnl.net.in - High
536 61.11.32.53 61.11.32.53.static.vsnl.net.in - High
537 61.11.33.35 61.11.33.35-bb.static.vsnl.net.in - High
538 61.11.33.56 61.11.33.56-bb.static.vsnl.net.in - High
539 61.11.33.87 61.11.33.87-bb.static.vsnl.net.in - High
540 61.11.46.14 61.11.46.14.static.vsnl.net.in - High
541 61.11.48.65 61.11.48.65.static.vsnl.net.in - High
542 61.11.48.89 61.11.48.89.static.vsnl.net.in - High
543 61.11.48.143 61.11.48.143.static.vsnl.net.in - High
544 61.11.48.152 61.11.48.152.static.vsnl.net.in - High
545 61.11.52.82 61.11.52.82.static.vsnl.net.in - High
546 61.11.57.181 61.11.57.181.static.vsnl.net.in - High
547 61.11.73.128 61.11.73.128.static.vsnl.net.in - High
548 61.11.74.25 61.11.74.25.static.vsnl.net.in - High
549 61.11.74.31 61.11.74.31.static.vsnl.net.in - High
550 61.11.75.2 61.11.75.2.static.vsnl.net.in - High
551 61.11.75.128 61.11.75.128.static.vsnl.net.in - High
552 61.11.75.131 61.11.75.131.static.vsnl.net.in - High
553 61.11.75.176 61.11.75.176.static.vsnl.net.in - High
554 61.11.77.172 61.11.77.172.static.vsnl.net.in - High
555 61.11.78.188 61.11.78.188.static.vsnl.net.in - High
556 61.11.81.216 61.11.81.216.static.vsnl.net.in - High
557 61.11.82.97 61.11.82.97.static.vsnl.net.in - High
558 61.11.231.9 - - High
559 61.11.244.26 - - High
560 61.13.35.196 - - High
561 61.13.68.152 - - High
562 61.13.136.34 - - High
563 61.13.136.75 - - High
564 61.13.161.25 - - High
565 61.13.161.252 - - High
566 61.14.66.66 - - High
567 61.15.14.187 cm61-15-14-187.hkcable.com.hk - High
568 61.15.42.149 cm61-15-42-149.hkcable.com.hk - High
569 61.15.45.46 cm61-15-45-46.hkcable.com.hk - High
570 61.15.49.243 cm61-15-49-243.hkcable.com.hk - High
571 61.15.135.85 cm61-15-135-85.hkcable.com.hk - High
572 61.16.7.133 - - High
573 61.16.14.4 - - High
574 61.16.36.162 - - High
575 61.16.51.219 - - High
576 61.18.129.244 cm61-18-129-244.hkcable.com.hk - High
577 61.22.86.173 61-22-86-173.rev.home.ne.jp - High
578 61.24.242.19 61-24-242-19.rev.home.ne.jp - High
579 61.24.251.12 61-24-251-12.rev.home.ne.jp - High
580 61.25.118.148 61-25-118-148.rev.home.ne.jp - High
581 61.26.211.212 61-26-211-212.rev.home.ne.jp - High
582 61.36.219.141 mail.bujeon.com - High
583 61.36.219.143 smf.bujeon.com - High
584 61.39.251.227 - - High
585 61.56.136.14 61-56-136-14.static.so-net.net.tw - High
586 61.59.34.1 h1-61-59-34.aceway.com.tw - High
587 61.59.45.159 h159-61-59-45.seed.net.tw - High
588 61.74.49.3 - - High
589 61.74.49.4 - - High
590 61.74.65.97 - - High
591 61.74.65.98 - - High
592 61.74.67.133 - - High
593 61.74.69.28 - - High
594 61.74.69.32 - - High
595 61.75.194.1 - - High
596 61.84.224.251 - - High
597 61.88.8.11 mail.mbav.com.au - High
598 61.95.33.6 bris1.wafreight.com.au - High
599 61.96.55.2 - - High
600 61.113.15.131 - - High
601 61.113.176.225 proxy1.drugeleven.com - High
602 61.115.88.243 g243.61-115-88.ppp.wakwak.ne.jp - High
603 61.115.89.124 g124.61-115-89.ppp.wakwak.ne.jp - High
604 61.115.89.254 g254.61-115-89.ppp.wakwak.ne.jp - High
605 61.117.45.51 M045051.ppp.dion.ne.jp - High
606 61.117.134.34 - - High
607 61.119.44.98 - - High
608 61.122.176.132 - - High
609 61.125.112.119 zaq3d7d7077.rev.zaq.ne.jp - High
610 61.127.239.244 - - High
611 61.129.72.219 - - High
612 61.129.121.25 - - High
613 61.129.121.27 - - High
614 61.131.47.2 - - High
615 61.131.48.219 - - High
616 61.132.4.116 - - High
617 61.132.12.51 - - High
618 61.132.52.19 - - High
619 61.133.63.129 - - High
620 61.133.87.19 - - High
621 61.133.117.68 - - High
622 61.133.229.162 - - High
623 61.135.131.4 - - High
624 61.135.131.5 - - High
625 61.135.134.4 - - High
626 61.136.16.228 - - High
627 61.136.152.56 - - High
628 61.136.226.78 - - High
629 61.137.78.147 - - High
630 61.137.91.59 - - High
631 61.142.15.15 - - High
632 61.142.15.163 - - High
633 61.142.169.98 - - High
634 61.142.242.52 - - High
635 61.143.54.4 - - High
636 61.143.54.123 - - High
637 61.144.61.18 - - High
638 61.145.75.178 - - High
639 61.145.223.226 - - High
640 61.146.34.138 - - High
641 61.151.251.199 - - High
642 61.153.117.243 - - High
643 61.153.192.242 - - High
644 61.153.197.78 - - High
645 61.153.225.66 - - High
646 61.153.225.253 - - High
647 61.153.228.154 - - High
648 61.156.17.164 - - High
649 61.156.24.137 - - High
650 61.156.35.53 - - High
651 61.157.184.28 28.184.157.61.dial.dy.sc.dynamic.163data.com.cn - High
652 61.158.185.39 39.185.158.61.ha.cnc - High
653 61.159.174.31 - - High
654 61.159.174.82 - - High
655 61.159.224.3 - - High
656 61.159.224.11 - - High
657 61.159.235.36 - - High
658 61.163.229.38 hn.ly.kd.adsl - High
659 61.166.55.178 - - High
660 61.167.93.232 - - High
661 61.167.241.54 - - High
662 61.172.195.167 - - High
663 61.172.247.85 - - High
664 61.175.132.115 - - High
665 61.175.152.37 - - High
666 61.175.211.198 - - High
667 61.175.235.112 - - High
668 61.175.243.61 - - High
669 61.177.116.175 - - High
670 61.177.173.8 - - High
671 61.178.31.2 - - High
672 61.178.31.14 - - High
673 61.179.117.184 - - High
674 61.179.124.116 - - High
675 61.182.238.7 hebei.182.61.in-addr.arpa - High
676 61.182.248.38 hebei.182.61.in-addr.arpa - High
677 61.184.246.153 - - High
678 61.185.92.125 - - High
679 61.185.212.54 - - High
680 61.185.255.4 - - High
681 61.187.55.67 - - High
682 61.188.177.11 11.177.188.61.broad.nj.sc.dynamic.163data.com.cn - High
683 61.188.216.53 53.216.188.61.broad.nj.sc.dynamic.163data.com.cn - High
684 61.191.74.149 - - High
685 61.193.113.37 FL1-61-193-113-37.okn.mesh.ad.jp - High
686 61.214.231.227 p1003-ipadfx01kamokounan.kagoshima.ocn.ne.jp - High
687 61.218.227.34 61-218-227-34.hinet-ip.hinet.net - High
688 61.221.55.129 61-221-55-129.hinet-ip.hinet.net - High
689 61.242.153.194 - - High
690 62.1.92.29 62.1.92.29.dsl.dyn.forthnet.gr - High
691 62.2.157.242 62-2-157-242.static.cablecom.ch - High
692 62.2.186.238 62-2-186-238.static.cablecom.ch - High
693 62.3.6.18 - - High
694 62.3.7.2 - - High
695 62.3.34.227 - - High
696 62.3.38.34 host-62-3-38-34.mik24.pl - High
697 62.3.44.179 - - High
698 62.3.45.196 - - High
699 62.4.7.172 - - High
700 62.4.22.39 ns1.cordoweb.net - High
701 62.5.151.18 - - High
702 62.5.154.194 62.5.154.194.in-addr.mtu.ru - High
703 62.5.157.66 - - High
704 62.5.178.194 - - High
705 62.5.254.66 - - High
706 62.6.148.234 gateway.constantiapack.co.uk - High
707 62.6.251.122 - - High
708 62.7.227.98 mail.louvolite.com - High
709 62.8.198.34 ft1200.symposion.de - High
710 62.8.239.178 mail.lisardo.de - High
711 62.12.32.74 - - High
712 62.13.18.68 - - High
713 62.13.193.16 web01.comcenter.at - High
714 62.17.129.196 mail.italliancegroup.com - High
715 62.22.144.169 mail.mmedios.com - High
716 62.23.49.17 host.17.49.23.62.rev.coltfrance.com - High
717 62.23.87.51 host.51.87.23.62.rev.coltfrance.com - High
718 62.24.87.84 ip-62-24-87-84.net.upcbroadband.cz - High
719 62.24.87.138 ip-62-24-87-138.net.upcbroadband.cz - High
720 ... ... ... ...

There are 2877 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Shadowcrew. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1006 CWE-21, CWE-22, CWE-23 Pathname Traversal High
2 T1040 CWE-319 Authentication Bypass by Capture-replay High
3 T1055 CWE-74 Injection High
4 T1059 CWE-88, CWE-94 Cross Site Scripting High
5 T1059.007 CWE-79, CWE-80 Cross Site Scripting High
6 ... ... ... ...

There are 19 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Shadowcrew. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File //proc/kcore Medium
2 File /ad_js.php Medium
3 File /Ap4RtpAtom.cpp High
4 File /app/options.py High
5 File /bcms/admin/?page=user/list High
6 File /bsms/?page=manage_account High
7 File /cgi-bin/login.cgi High
8 File /ci_hms/massage_room/edit/1 High
9 File /context/%2e/WEB-INF/web.xml High
10 File /dashboard/reports/logs/view High
11 File /debian/patches/load_ppp_generic_if_needed High
12 File /debug/pprof Medium
13 File /etc/hosts Medium
14 File /fuel/index.php/fuel/logs/items High
15 File /fuel/sitevariables/delete/4 High
16 File /hprms/admin/doctors/manage_doctor.php High
17 File /index.php Medium
18 File /index/jobfairol/show/ High
19 File /librarian/bookdetails.php High
20 File /mgmt/tm/util/bash High
21 File /modules/caddyhttp/rewrite/rewrite.go High
22 File /proc/<PID>/mem High
23 File /secure/admin/InsightDefaultCustomFieldConfig.jspa High
24 File /simple_chat_bot/admin/?page=user/manage_user High
25 File /uncpath/ Medium
26 File /upload Low
27 File /usr/bin/pkexec High
28 File /vendor/views/add_product.php High
29 ... ... ...

There are 243 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the actor and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2022 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!