36 KiB
Purple Fox - Cyber Threat Intelligence
These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Purple Fox. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.
Live data and more analysis capabilities are available at https://vuldb.com/?actor.purple_fox
Countries
These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Purple Fox:
There are 7 more country items available. Please use our online service to access the data.
IOC - Indicator of Compromise
These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Purple Fox.
ID | IP address | Hostname | Campaign | Confidence |
---|---|---|---|---|
1 | 1.56.84.228 | - | - | High |
2 | 1.119.182.26 | - | - | High |
3 | 1.179.156.115 | - | - | High |
4 | 1.179.217.108 | - | - | High |
5 | 1.186.45.168 | 1.186.45.168.dvois.com | - | High |
6 | 1.188.81.66 | - | - | High |
7 | 1.190.48.156 | - | - | High |
8 | 1.201.151.29 | - | - | High |
9 | 1.235.72.112 | - | - | High |
10 | 1.246.42.251 | - | - | High |
11 | 1.246.42.252 | - | - | High |
12 | 1.248.75.8 | - | - | High |
13 | 1.248.75.9 | - | - | High |
14 | 1.255.57.177 | - | - | High |
15 | 5.63.88.202 | - | - | High |
16 | 14.17.70.74 | - | - | High |
17 | 14.17.86.48 | - | - | High |
18 | 14.21.14.130 | - | - | High |
19 | 14.23.162.178 | - | - | High |
20 | 14.29.84.147 | - | - | High |
21 | 14.99.64.171 | static-171.64.99.14-tataidc.co.in | - | High |
22 | 14.140.205.173 | 14.140.205.173.STATIC-Delhi-vsnl.net.in | - | High |
23 | 14.141.54.138 | 14.141.54.138.static-delhi.vsnl.net.in | - | High |
24 | 14.152.59.10 | - | - | High |
25 | 14.152.85.108 | - | - | High |
26 | 14.152.90.20 | - | - | High |
27 | 14.152.95.140 | - | - | High |
28 | 14.192.10.204 | - | - | High |
29 | 14.215.236.98 | - | - | High |
30 | 14.225.236.18 | static.vnpt.vn | - | High |
31 | 23.27.126.122 | - | - | High |
32 | 23.224.78.146 | - | - | High |
33 | 23.224.94.75 | - | - | High |
34 | 23.225.39.130 | - | - | High |
35 | 23.225.229.228 | - | - | High |
36 | 23.237.73.2 | - | - | High |
37 | 27.10.45.210 | - | - | High |
38 | 27.10.46.21 | - | - | High |
39 | 27.50.21.157 | ip-21-157.moratelindo.co.id | - | High |
40 | 27.50.49.196 | smtp-1.dreamwatches.net | - | High |
41 | 27.50.162.133 | - | - | High |
42 | 27.50.162.239 | - | - | High |
43 | 27.54.228.71 | - | - | High |
44 | 27.54.248.35 | - | - | High |
45 | 27.100.226.151 | - | - | High |
46 | 27.124.37.105 | - | - | High |
47 | 27.124.37.117 | - | - | High |
48 | 27.124.42.145 | - | - | High |
49 | 27.125.7.156 | - | - | High |
50 | 27.128.180.42 | - | - | High |
51 | 27.154.225.194 | - | - | High |
52 | 27.154.233.226 | - | - | High |
53 | 27.155.87.194 | - | - | High |
54 | 27.191.234.199 | - | - | High |
55 | 27.195.138.22 | - | - | High |
56 | 27.195.204.146 | - | - | High |
57 | 27.195.240.133 | - | - | High |
58 | 27.212.72.219 | - | - | High |
59 | 27.212.73.30 | - | - | High |
60 | 27.212.234.107 | - | - | High |
61 | 27.254.148.162 | - | - | High |
62 | 27.255.64.7 | - | - | High |
63 | 31.47.1.30 | - | - | High |
64 | 31.47.11.100 | - | - | High |
65 | 31.57.157.115 | 31-57-157-115.shatel.ir | - | High |
66 | 36.7.111.8 | - | - | High |
67 | 36.7.138.240 | - | - | High |
68 | 36.7.140.21 | - | - | High |
69 | 36.7.150.42 | - | - | High |
70 | 36.7.156.145 | - | - | High |
71 | 36.7.168.22 | - | - | High |
72 | 36.7.168.25 | - | - | High |
73 | 36.7.168.92 | - | - | High |
74 | 36.7.168.188 | - | - | High |
75 | 36.7.168.201 | - | - | High |
76 | 36.7.185.155 | - | - | High |
77 | 36.26.51.86 | - | - | High |
78 | 36.27.209.188 | - | - | High |
79 | 36.66.37.189 | - | - | High |
80 | 36.66.40.235 | - | - | High |
81 | 36.66.160.150 | - | - | High |
82 | 36.66.191.118 | mail.sritex.co.id | - | High |
83 | 36.91.178.106 | - | - | High |
84 | 36.91.178.107 | - | - | High |
85 | 36.92.8.131 | - | - | High |
86 | 36.92.151.150 | - | - | High |
87 | 36.94.64.14 | - | - | High |
88 | 36.94.149.167 | - | - | High |
89 | 36.110.105.51 | 51.105.110.36.static.bjtelecom.net | - | High |
90 | 36.110.197.74 | - | - | High |
91 | 36.150.156.70 | - | - | High |
92 | 36.154.50.50 | - | - | High |
93 | 36.154.73.54 | - | - | High |
94 | 36.154.171.130 | - | - | High |
95 | 37.57.210.11 | 11.210.57.37.triolan.net | - | High |
96 | 37.131.21.204 | - | - | High |
97 | 37.156.29.94 | mail.telebino.ir | - | High |
98 | 37.224.20.33 | - | - | High |
99 | 37.224.58.105 | - | - | High |
100 | 39.105.215.41 | - | - | High |
101 | 39.129.209.182 | - | - | High |
102 | 39.136.45.252 | - | - | High |
103 | 39.152.9.3 | - | - | High |
104 | 39.152.37.88 | - | - | High |
105 | 39.175.92.86 | - | - | High |
106 | 41.32.49.182 | host-41.32.49.182-static.tedata.net | - | High |
107 | 41.32.144.155 | host-41.32.144.155.tedata.net | - | High |
108 | 41.32.144.158 | host-41.32.144.158.tedata.net | - | High |
109 | 41.33.169.194 | host-41.33.169.194.tedata.net | - | High |
110 | 41.38.156.146 | host-41.38.156.146.tedata.net | - | High |
111 | 41.39.141.10 | host-41.39.141.10.tedata.net | - | High |
112 | 41.39.196.50 | host-41.39.196.50.tedata.net | - | High |
113 | 41.39.248.146 | host-41.39.248.146.tedata.net | - | High |
114 | 41.77.245.238 | - | - | High |
115 | 41.94.22.6 | - | - | High |
116 | 41.205.59.241 | cust241-59.205.41.tvcabo.ao | - | High |
117 | 41.207.138.10 | - | - | High |
118 | 42.6.100.6 | - | - | High |
119 | 42.6.103.209 | - | - | High |
120 | 42.7.9.255 | - | - | High |
121 | 42.49.84.6 | - | - | High |
122 | 42.55.188.218 | - | - | High |
123 | 42.55.189.211 | - | - | High |
124 | 42.55.191.14 | - | - | High |
125 | 42.62.11.218 | - | - | High |
126 | 42.62.24.21 | - | - | High |
127 | 42.177.120.77 | - | - | High |
128 | 42.177.123.253 | - | - | High |
129 | 42.180.125.138 | - | - | High |
130 | 42.180.125.166 | - | - | High |
131 | 42.180.206.186 | - | - | High |
132 | 42.180.254.49 | - | - | High |
133 | 43.225.27.6 | - | - | High |
134 | 43.225.110.36 | 43.225.110.36.rdns.newipdns.com | - | High |
135 | 43.225.193.6 | - | - | High |
136 | 43.226.45.42 | - | - | High |
137 | 43.231.96.109 | - | - | High |
138 | 43.240.73.9 | - | - | High |
139 | 43.240.73.10 | - | - | High |
140 | 43.240.73.14 | - | - | High |
141 | 43.240.112.115 | - | - | High |
142 | 43.240.158.15 | - | - | High |
143 | 43.241.19.187 | - | - | High |
144 | 43.241.19.189 | - | - | High |
145 | 43.247.70.234 | - | - | High |
146 | 43.250.184.235 | - | - | High |
147 | 43.250.186.10 | - | - | High |
148 | 43.250.186.70 | - | - | High |
149 | 43.250.186.146 | - | - | High |
150 | 43.250.186.190 | - | - | High |
151 | 43.250.186.206 | - | - | High |
152 | 43.250.186.230 | - | - | High |
153 | 43.254.158.8 | - | - | High |
154 | 45.5.92.17 | mva.nrtmexico.mx | - | High |
155 | 45.32.35.16 | - | - | High |
156 | 45.32.64.219 | 45.32.64.219.vultrusercontent.com | - | High |
157 | 45.32.93.106 | 45.32.93.106.vultrusercontent.com | - | High |
158 | 45.32.127.170 | 45.32.127.170.vultrusercontent.com | - | High |
159 | 45.32.149.53 | 45.32.149.53.vultrusercontent.com | - | High |
160 | 45.32.155.0 | 45.32.155.0.vultrusercontent.com | - | High |
161 | 45.32.206.5 | 45.32.206.5.vultrusercontent.com | - | High |
162 | 45.34.3.130 | unassigned.psychz.net | - | High |
163 | 45.38.33.74 | - | - | High |
164 | 45.39.227.234 | - | - | High |
165 | 45.61.193.22 | - | - | High |
166 | 45.64.53.71 | - | - | High |
167 | 45.64.128.74 | - | - | High |
168 | 45.64.128.125 | - | - | High |
169 | 45.71.140.22 | 45-71-140-22.maripa.net.br | - | High |
170 | 45.76.32.126 | 45.76.32.126.vultrusercontent.com | - | High |
171 | 45.76.134.47 | - | - | High |
172 | 45.76.155.140 | 45.76.155.140.vultrusercontent.com | - | High |
173 | 45.76.204.9 | 45.76.204.9.vultrusercontent.com | - | High |
174 | 45.80.165.58 | - | - | High |
175 | 45.91.226.66 | - | - | High |
176 | 45.93.31.2 | - | - | High |
177 | 45.112.138.93 | 45.112.138.93.actcorp.in | - | High |
178 | 45.113.201.236 | - | - | High |
179 | 45.113.201.241 | - | - | High |
180 | 45.115.239.103 | - | - | High |
181 | 45.115.239.229 | - | - | High |
182 | 45.117.42.106 | - | - | High |
183 | 45.117.42.124 | - | - | High |
184 | 45.118.145.233 | - | - | High |
185 | 45.124.27.41 | hkhdc.laws.ms | - | High |
186 | 45.124.66.104 | - | - | High |
187 | 45.125.14.121 | - | - | High |
188 | 45.127.186.166 | - | - | High |
189 | 45.128.147.50 | - | - | High |
190 | 45.137.16.125 | - | - | High |
191 | 45.143.97.194 | netweb.com.tr | - | High |
192 | 45.150.141.185 | 45.150.141.185.ipv4.telcom.network | - | High |
193 | 45.158.12.82 | mail.sehirlersavasi.com | - | High |
194 | 45.165.16.19 | DNS-19.netmaisnet.com.br | - | High |
195 | 45.167.76.7 | ts.dstelecom.net.br | - | High |
196 | 45.169.120.150 | static-45-169-120-150.speedredestelecom.net.br | - | High |
197 | 45.190.178.26 | 26-178-190-45.centralnetworks.net.br | - | High |
198 | 45.202.24.48 | - | - | High |
199 | 45.225.140.26 | 45-225-140-26.ltsolucoes.com | - | High |
200 | 45.228.209.138 | - | - | High |
201 | 45.229.203.252 | - | - | High |
202 | 45.234.151.250 | win.giga7telecom.com.br | - | High |
203 | 45.248.11.82 | - | - | High |
204 | 45.248.11.91 | - | - | High |
205 | 45.248.11.93 | - | - | High |
206 | 45.251.21.82 | - | - | High |
207 | 45.252.80.2 | www.isplko.com | - | High |
208 | 46.21.196.181 | srv2081.sd-france.net | - | High |
209 | 46.31.79.45 | mail-shortest.celepublic.com | - | High |
210 | 46.33.247.92 | ppp-46-33-247-92.wildpark.net | - | High |
211 | 46.100.105.108 | - | - | High |
212 | 46.166.148.195 | - | - | High |
213 | 46.181.62.102 | 46-181-62-102.goodline.info | - | High |
214 | 46.249.109.63 | - | - | High |
215 | 46.249.109.124 | - | - | High |
216 | 46.249.113.3 | - | - | High |
217 | 47.104.60.50 | - | - | High |
218 | 47.104.72.127 | - | - | High |
219 | 47.105.195.153 | - | - | High |
220 | 47.110.44.13 | - | - | High |
221 | 49.7.59.146 | - | - | High |
222 | 49.231.177.116 | mail.govcomplexsignage.com | - | High |
223 | 49.231.190.206 | - | - | High |
224 | 49.238.34.204 | 204-34-238-49.southernonline.net | - | High |
225 | 50.76.163.26 | 50-76-163-26-static.hfc.comcastbusiness.net | - | High |
226 | 50.201.2.171 | 50-201-2-171-static.hfc.comcastbusiness.net | - | High |
227 | 51.79.43.54 | ip54.ip-51-79-43.net | - | High |
228 | 51.89.125.118 | ip118.ip-51-89-125.eu | - | High |
229 | 54.39.12.242 | ip242.ip-54-39-12.net | - | High |
230 | 57.167.200.174 | - | - | High |
231 | 58.16.252.14 | - | - | High |
232 | 58.18.37.35 | - | - | High |
233 | 58.18.57.13 | - | - | High |
234 | 58.18.132.155 | - | - | High |
235 | 58.20.248.119 | - | - | High |
236 | 58.23.153.8 | - | - | High |
237 | 58.23.153.21 | - | - | High |
238 | 58.33.52.126 | 126.52.33.58.broad.xw.sh.dynamic.163data.com.cn | - | High |
239 | 58.33.85.113 | 113.85.33.58.broad.xw.sh.dynamic.163data.com.cn | - | High |
240 | 58.33.158.12 | 12.158.33.58.broad.xw.sh.dynamic.163data.com.cn | - | High |
241 | 58.37.10.220 | 220.10.37.58.broad.xw.sh.dynamic.163data.com.cn | - | High |
242 | 58.37.11.99 | 99.11.37.58.broad.xw.sh.dynamic.163data.com.cn | - | High |
243 | 58.49.58.93 | - | - | High |
244 | 58.49.59.139 | - | - | High |
245 | 58.49.59.219 | - | - | High |
246 | 58.52.195.170 | - | - | High |
247 | 58.56.33.27 | - | - | High |
248 | 58.56.102.67 | - | - | High |
249 | 58.57.100.34 | - | - | High |
250 | 58.58.55.178 | - | - | High |
251 | 58.58.71.238 | - | - | High |
252 | 58.58.178.99 | - | - | High |
253 | 58.59.12.99 | - | - | High |
254 | 58.59.53.242 | - | - | High |
255 | 58.59.54.78 | - | - | High |
256 | 58.64.128.29 | - | - | High |
257 | 58.64.200.213 | - | - | High |
258 | 58.64.204.8 | - | - | High |
259 | 58.119.16.100 | - | - | High |
260 | 58.119.18.4 | - | - | High |
261 | 58.119.67.1 | - | - | High |
262 | 58.210.174.78 | - | - | High |
263 | 58.211.55.206 | - | - | High |
264 | 58.215.65.19 | - | - | High |
265 | 58.215.65.57 | - | - | High |
266 | 58.215.65.60 | - | - | High |
267 | 58.215.65.83 | - | - | High |
268 | 58.216.164.70 | - | - | High |
269 | 58.218.66.83 | - | - | High |
270 | 58.218.66.184 | - | - | High |
271 | 58.218.200.31 | - | - | High |
272 | 58.218.200.63 | - | - | High |
273 | 58.218.204.196 | - | - | High |
274 | 58.218.213.253 | - | - | High |
275 | 58.220.2.94 | - | - | High |
276 | 58.220.24.47 | - | - | High |
277 | 58.220.24.52 | - | - | High |
278 | 58.220.24.62 | - | - | High |
279 | 58.220.24.81 | - | - | High |
280 | 58.220.24.91 | - | - | High |
281 | 58.220.30.12 | - | - | High |
282 | 58.220.41.50 | - | - | High |
283 | 58.220.41.52 | - | - | High |
284 | 58.220.46.51 | - | - | High |
285 | 58.220.46.52 | - | - | High |
286 | 58.220.109.222 | - | - | High |
287 | 58.220.200.142 | - | - | High |
288 | 58.220.248.189 | - | - | High |
289 | 58.221.59.48 | - | - | High |
290 | 58.221.60.109 | - | - | High |
291 | 58.221.161.78 | - | - | High |
292 | 58.221.249.38 | - | - | High |
293 | 58.229.194.121 | - | - | High |
294 | 58.229.194.122 | - | - | High |
295 | 58.232.55.7 | - | - | High |
296 | 58.232.55.8 | - | - | High |
297 | 58.240.9.11 | - | - | High |
298 | 58.241.150.125 | - | - | High |
299 | 58.241.230.77 | - | - | High |
300 | 58.242.154.54 | - | - | High |
301 | 58.244.181.154 | 154.181.244.58.adsl-pool.jlccptt.net.cn | - | High |
302 | 58.255.77.20 | - | - | High |
303 | 59.11.209.168 | - | - | High |
304 | 59.11.209.178 | - | - | High |
305 | 59.31.61.107 | - | - | High |
306 | 59.38.100.36 | - | - | High |
307 | 59.39.180.50 | - | - | High |
308 | 59.44.175.19 | - | - | High |
309 | 59.45.27.187 | - | - | High |
310 | 59.45.79.40 | - | - | High |
311 | 59.46.0.18 | 18.0.46.59.broad.sy.ln.dynamic.163data.com.cn | - | High |
312 | 59.46.115.170 | - | - | High |
313 | 59.46.143.70 | - | - | High |
314 | 59.47.232.84 | - | - | High |
315 | 59.47.232.115 | - | - | High |
316 | 59.47.232.119 | - | - | High |
317 | 59.48.172.222 | 222.172.48.59.broad.jc.sx.dynamic.163data.com.cn | - | High |
318 | 59.48.174.6 | - | - | High |
319 | 59.48.242.6 | 6.242.48.59.broad.ll.sx.dynamic.163data.com.cn | - | High |
320 | 59.53.63.36 | - | - | High |
321 | 59.53.63.49 | - | - | High |
322 | 59.54.54.226 | - | - | High |
323 | 59.57.13.92 | - | - | High |
324 | 59.60.31.210 | - | - | High |
325 | 59.63.163.45 | - | - | High |
326 | 59.63.163.112 | - | - | High |
327 | 59.63.163.200 | - | - | High |
328 | 59.63.163.216 | - | - | High |
329 | 59.63.166.43 | - | - | High |
330 | 59.63.200.69 | - | - | High |
331 | 59.103.138.87 | - | - | High |
332 | 59.120.154.13 | 59-120-154-13.hinet-ip.hinet.net | - | High |
333 | 59.124.3.20 | 59-124-3-20.hinet-ip.hinet.net | - | High |
334 | 59.148.18.46 | 059148018046.ctinets.com | - | High |
335 | 59.173.12.120 | - | - | High |
336 | 59.173.12.193 | - | - | High |
337 | 59.175.145.171 | - | - | High |
338 | 59.175.148.84 | - | - | High |
339 | 59.175.148.92 | - | - | High |
340 | 59.188.69.212 | - | - | High |
341 | 59.188.251.145 | - | - | High |
342 | 60.5.90.175 | - | - | High |
343 | 60.5.92.47 | - | - | High |
344 | 60.5.93.147 | - | - | High |
345 | 60.5.157.128 | - | - | High |
346 | 60.6.206.44 | - | - | High |
347 | 60.8.55.27 | hebei.8.60.in-addr.arpa | - | High |
348 | 60.8.177.210 | hebei.8.60.in-addr.arpa | - | High |
349 | 60.8.177.242 | hebei.8.60.in-addr.arpa | - | High |
350 | 60.10.34.103 | hebei.10.60.in-addr.arpa | - | High |
351 | 60.11.9.112 | - | - | High |
352 | 60.11.123.50 | - | - | High |
353 | 60.12.105.13 | mx2.sh.font-family.org | - | High |
354 | 60.12.109.73 | - | - | High |
355 | 60.12.124.70 | - | - | High |
356 | 60.13.146.20 | - | - | High |
357 | 60.19.249.168 | - | - | High |
358 | 60.19.250.79 | - | - | High |
359 | 60.19.250.211 | - | - | High |
360 | 60.19.250.238 | - | - | High |
361 | 60.22.72.185 | - | - | High |
362 | 60.22.91.164 | - | - | High |
363 | 60.160.21.8 | - | - | High |
364 | 60.160.21.37 | - | - | High |
365 | 60.164.175.199 | - | - | High |
366 | 60.164.188.49 | - | - | High |
367 | 60.164.191.22 | - | - | High |
368 | 60.165.218.184 | - | - | High |
369 | 60.169.30.159 | - | - | High |
370 | 60.170.76.29 | - | - | High |
371 | 60.170.76.30 | - | - | High |
372 | 60.173.116.160 | - | - | High |
373 | 60.173.161.70 | - | - | High |
374 | 60.173.255.251 | - | - | High |
375 | 60.174.95.143 | - | - | High |
376 | 60.174.224.161 | - | - | High |
377 | 60.174.225.253 | - | - | High |
378 | 60.174.234.44 | - | - | High |
379 | 60.174.234.62 | - | - | High |
380 | 60.175.153.105 | - | - | High |
381 | 60.178.153.3 | - | - | High |
382 | 60.178.155.80 | - | - | High |
383 | 60.179.110.57 | - | - | High |
384 | 60.190.114.200 | - | - | High |
385 | 60.190.114.207 | - | - | High |
386 | 60.190.149.52 | - | - | High |
387 | 60.190.202.44 | - | - | High |
388 | 60.190.249.66 | - | - | High |
389 | 60.191.84.24 | - | - | High |
390 | 60.191.230.14 | - | - | High |
391 | 60.191.230.173 | - | - | High |
392 | 60.191.236.86 | - | - | High |
393 | 60.194.65.243 | - | - | High |
394 | 60.195.190.132 | - | - | High |
395 | 60.207.83.238 | - | - | High |
396 | 60.208.125.106 | - | - | High |
397 | 60.211.181.178 | - | - | High |
398 | 60.211.218.153 | - | - | High |
399 | 60.214.107.2 | - | - | High |
400 | 60.214.107.89 | - | - | High |
401 | 60.214.107.91 | - | - | High |
402 | 60.214.107.158 | - | - | High |
403 | 60.214.107.187 | - | - | High |
404 | 60.215.70.229 | - | - | High |
405 | 60.216.24.92 | - | - | High |
406 | ... | ... | ... | ... |
There are 1620 more IOC items available. Please use our online service to access the data.
TTP - Tactics, Techniques, Procedures
Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Purple Fox. This data is unique as it uses our predictive model for actor profiling.
ID | Technique | Weakness | Description | Confidence |
---|---|---|---|---|
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-29, CWE-35, CWE-37 | Pathname Traversal | High |
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High |
3 | T1055 | CWE-74 | Injection | High |
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High |
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High |
6 | ... | ... | ... | ... |
There are 21 more TTP items available. Please use our online service to access the data.
IOA - Indicator of Attack
These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Purple Fox. This data is unique as it uses our predictive model for actor profiling.
ID | Type | Indicator | Confidence |
---|---|---|---|
1 | File | /?p=products |
Medium |
2 | File | /admin |
Low |
3 | File | /admin-ajax.php?action=eps_redirect_save |
High |
4 | File | /admin/cashadvance_row.php |
High |
5 | File | /admin/curriculum/view_curriculum.php |
High |
6 | File | /admin/departments/view_department.php |
High |
7 | File | /admin/login.php |
High |
8 | File | /admin/maintenance/view_designation.php |
High |
9 | File | /admin/products/manage_product.php |
High |
10 | File | /admin/suppliers/view_details.php |
High |
11 | File | /admin/user/manage_user.php |
High |
12 | File | /api/ |
Low |
13 | File | /api/admin/store/product/list |
High |
14 | File | /api/admin/system/store/order/list |
High |
15 | File | /api/gen/clients/{language} |
High |
16 | File | /api/geojson |
Medium |
17 | File | /bsms_ci/index.php/user/edit_user/ |
High |
18 | File | /cgi-bin/kerbynet |
High |
19 | File | /cgi-bin/wlogin.cgi |
High |
20 | File | /churchcrm/EventAttendance.php |
High |
21 | File | /classes/Master.php?f=delete_sub_category |
High |
22 | File | /common/sysFile/list |
High |
23 | File | /config/myfield/test.php |
High |
24 | File | /debug/pprof |
Medium |
25 | File | /file/upload/1 |
High |
26 | File | /forum/away.php |
High |
27 | File | /goform/aspForm |
High |
28 | File | /HNAP1 |
Low |
29 | File | /hrm/controller/employee.php |
High |
30 | File | /hrm/employeeadd.php |
High |
31 | File | /hrm/employeeview.php |
High |
32 | File | /js/player/dmplayer/dmku/index.php |
High |
33 | File | /licenses |
Medium |
34 | File | /login/index.php |
High |
35 | File | /mhds/clinic/view_details.php |
High |
36 | File | /modules/projects/vw_files.php |
High |
37 | File | /multi-vendor-shopping-script/product-list.php |
High |
38 | File | /plain |
Low |
39 | File | /public/launchNewWindow.jsp |
High |
40 | File | /qsr_server/device/reboot |
High |
41 | File | /requests.php |
High |
42 | File | /spip.php |
Medium |
43 | ... | ... | ... |
There are 375 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
References
The following list contains external sources which discuss the actor and the associated activities:
- https://blogs.blackberry.com/en/2022/01/threat-thursday-purple-fox-rootkit
- https://community.blueliv.com/#!/s/605cb7f182df413eaf3463e0
- https://github.com/guardicore/labs_campaigns/tree/master/Purple_Fox
- https://www.trendmicro.com/en_us/research/21/l/a-look-into-purple-fox-server-infrastructure.html
Literature
The following articles explain our unique predictive cyber threat intelligence:
- VulDB Cyber Threat Intelligence Documentation
- Cyber Threat Intelligence - Early Anticipation of Attacks
License
(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!