mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-27 09:28:52 +00:00

History

Marc Ruef 819a7a8241 Update January 2024		2024-01-26 07:53:33 +01:00
..
README.md	Update January 2024	2024-01-26 07:53:33 +01:00

README.md

Bulgaria Unknown - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Bulgaria Unknown. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor.bulgaria_unknown

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Bulgaria Unknown:

There are 27 more country items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Bulgaria Unknown.

ID	IP address	Hostname	Campaign	Confidence
1	2.20.45.0	a2-20-45-0.deploy.static.akamaitechnologies.com	-	High
2	2.20.45.4	a2-20-45-4.deploy.static.akamaitechnologies.com	-	High
3	2.20.45.12	a2-20-45-12.deploy.static.akamaitechnologies.com	-	High
4	2.20.45.92	a2-20-45-92.deploy.static.akamaitechnologies.com	-	High
5	2.20.45.96	a2-20-45-96.deploy.static.akamaitechnologies.com	-	High
6	2.21.68.0	a2-21-68-0.deploy.static.akamaitechnologies.com	-	High
7	2.56.12.0	-	-	High
8	2.56.52.0	-	-	High
9	2.56.203.0	-	-	High
10	2.58.92.0	-	-	High
11	5.32.128.0	-	-	High
12	5.42.192.0	-	-	High
13	5.42.195.0	-	-	High
14	5.42.209.0	-	-	High
15	5.42.210.0	-	-	High
16	5.53.128.0	-	-	High
17	5.61.96.0	-	-	High
18	5.62.60.52	r-52-60-62-5.consumer-pool.prcdn.net	-	High
19	5.62.62.52	r-52-62-62-5.consumer-pool.prcdn.net	-	High
20	5.63.165.0	-	-	High
21	5.101.217.128	-	-	High
22	5.101.219.0	-	-	High
23	5.104.160.0	5.104.161.0.telecom-bg.com	-	High
24	5.132.135.0	-	-	High
25	5.133.92.0	-	-	High
26	5.181.19.0	-	-	High
27	5.181.28.0	-	-	High
28	5.181.30.0	-	-	High
29	5.181.55.0	-	-	High
30	5.181.80.0	-	-	High
31	5.182.20.0	-	-	High
32	5.183.228.0	-	-	High
33	5.183.231.0	-	-	High
34	5.188.206.0	-	-	High
35	5.252.132.0	-	-	High
36	5.253.56.0	-	-	High
37	8.40.26.0	-	-	High
38	8.238.205.0	-	-	High
39	8.251.98.0	-	-	High
40	8.254.100.0	-	-	High
41	13.104.140.40	-	-	High
42	13.104.140.130	-	-	High
43	13.104.186.48	-	-	High
44	13.248.97.96	-	-	High
45	13.248.97.128	-	-	High
46	15.158.190.0	-	-	High
47	18.68.8.0	-	-	High
48	18.68.69.0	-	-	High
49	18.165.59.0	server-18-165-59-0.sof50.r.cloudfront.net	-	High
50	18.165.60.0	server-18-165-60-0.sof50.r.cloudfront.net	-	High
51	18.165.64.0	server-18-165-64-0.sof50.r.cloudfront.net	-	High
52	18.165.72.0	server-18-165-72-0.sof50.r.cloudfront.net	-	High
53	23.223.112.0	a23-223-112-0.deploy.static.akamaitechnologies.com	-	High
54	23.223.116.0	a23-223-116-0.deploy.static.akamaitechnologies.com	-	High
55	23.223.128.0	a23-223-128-0.deploy.static.akamaitechnologies.com	-	High
56	23.229.0.176	-	-	High
57	31.3.157.0	nld.as51430.net	-	High
58	31.6.61.0	-	-	High
59	31.7.170.0	-	-	High
60	31.7.174.0	-	-	High
61	31.13.192.0	-	-	High
62	31.13.195.0	-	-	High
63	31.13.196.0	-	-	High
64	31.13.200.0	-	-	High
65	31.13.208.0	-	-	High
66	31.13.211.0	-	-	High
67	31.13.212.0	-	-	High
68	31.13.215.0	-	-	High
69	31.13.216.0	-	-	High
70	31.13.224.0	-	-	High
71	31.13.227.0	-	-	High
72	31.13.228.0	-	-	High
73	31.13.232.0	-	-	High
74	31.13.240.0	-	-	High
75	31.13.248.0	-	-	High
76	31.14.180.0	-	-	High
77	31.14.182.0	-	-	High
78	31.41.16.0	-	-	High
79	31.47.198.56	-	-	High
80	31.169.124.0	leo0.ecorenewbs.com	-	High
81	31.171.242.0	host-0-242-171-31.cloudsigma.net	-	High
82	31.186.104.0	subnet1.mtel.gr	-	High
83	31.193.189.0	-	-	High
84	31.210.9.0	-	-	High
85	31.210.12.0	-	-	High
86	31.211.128.0	-	-	High
87	32.106.113.0	-	-	High
88	32.112.163.198	-	-	High
89	34.99.140.0	0.140.99.34.bc.googleusercontent.com	-	Medium
90	34.99.212.0	0.212.99.34.bc.googleusercontent.com	-	Medium
91	34.103.156.0	0.156.103.34.bc.googleusercontent.com	-	Medium
92	34.103.223.0	0.223.103.34.bc.googleusercontent.com	-	Medium
93	35.248.7.162	var1.sof3-ae20-0.us.twtelecom.net	-	High
94	35.248.7.164	-	-	High
95	35.248.7.168	-	-	High
96	35.248.7.172	-	-	High
97	35.248.7.174	var2.sof3-ae21-0.us.twtelecom.net	-	High
98	37.19.203.0	unn-37-19-203-0.datapacket.com	-	High
99	37.46.114.0	bg.as51430.net	-	High
100	37.46.117.0	bg.as51430.net	-	High
101	37.60.136.0	-	-	High
102	37.60.140.0	37-60-140-0.zee.bg	-	High
103	37.60.143.0	-	-	High
104	37.60.224.0	ip-37-60-224-0.siteground.com	-	High
105	37.63.0.0	-	-	High
106	37.72.130.0	-	-	High
107	37.77.80.0	-	-	High
108	37.120.152.0	kyi0.sourrefer.us	-	High
109	37.130.240.0	net240-ip0.linkbg.com	-	High
110	37.139.128.0	-	-	High
111	37.143.192.0	-	-	High
112	37.156.69.0	259c4500.static.cust.trined.nl	-	High
113	37.156.70.0	259c4600.static.cust.trined.nl	-	High
114	37.157.136.0	-	-	High
115	37.157.160.0	begin.force-it.net.160.157.37.in-addr.arpa	-	High
116	37.209.168.0	-	-	High
117	37.221.120.0	server.modernizmir.net	-	High
118	37.252.247.0	-	-	High
119	38.54.26.0	-	-	High
120	40.66.0.37	-	-	High
121	40.90.0.36	40-90-0-36.relay.skype.com	-	High
122	40.90.65.34	-	-	High
123	40.90.65.54	-	-	High
124	40.90.65.106	-	-	High
125	40.127.179.92	-	-	High
126	43.113.224.128	-	-	High
127	44.31.90.0	-	-	High
128	45.10.188.0	-	-	High
129	45.12.70.22	weightiest.get-eye.com	-	High
130	45.12.71.22	-	-	High
131	45.15.180.0	-	-	High
132	45.65.68.0	-	-	High
133	45.65.71.0	-	-	High
134	45.66.44.0	-	-	High
135	45.67.12.0	-	-	High
136	45.67.19.0	-	-	High
137	45.67.88.0	-	-	High
138	45.67.208.0	subnet.gcore.lu	-	High
139	45.80.132.0	host-45-80-132-0.superhosting.rs	-	High
140	45.80.216.0	-	-	High
141	45.81.36.0	-	-	High
142	45.81.38.0	-	-	High
143	45.81.176.0	-	-	High
144	45.83.148.0	-	-	High
145	45.83.216.0	-	-	High
146	45.84.80.0	-	-	High
147	45.84.172.0	-	-	High
148	45.84.184.0	-	-	High
149	45.84.192.0	0.192.84.45.static.webnick.net	-	High
150	45.84.194.0	-	-	High
151	45.88.64.0	-	-	High
152	45.88.216.0	-	-	High
153	45.90.56.0	subnet.ipv4.layer6.net	-	High
154	45.91.67.0	no-rdns.consort.network	-	High
155	45.91.194.0	-	-	High
156	45.92.16.0	-	-	High
157	45.94.56.0	-	-	High
158	45.128.4.0	clients.evn.bg	-	High
159	45.128.88.0	-	-	High
160	45.129.85.0	-	-	High
161	45.129.86.0	-	-	High
162	45.133.43.0	-	-	High
163	45.133.92.0	-	-	High
164	45.133.100.0	-	-	High
165	45.134.156.0	-	-	High
166	45.136.198.0	subnet.spec.ispiria.net	-	High
167	45.137.220.0	-	-	High
168	45.139.2.0	-	-	High
169	45.139.100.0	45-139-100-0.faraso.org	-	High
170	45.139.123.0	-	-	High
171	45.140.0.0	customer.upheads.0.0.140.45	-	High
172	45.140.7.0	-	-	High
173	45.141.157.0	-	-	High
174	45.141.232.0	-	-	High
175	45.141.233.0	-	-	High
176	45.141.234.0	-	-	High
177	45.142.12.0	-	-	High
178	45.142.120.0	-	-	High
179	45.142.128.0	-	-	High
180	45.142.130.0	-	-	High
181	45.143.36.0	45-143-36-0.ip.welcomeitalia.it	-	High
182	45.143.68.0	-	-	High
183	45.143.200.0	-	-	High
184	45.144.152.0	-	-	High
185	45.144.154.0	-	-	High
186	45.144.155.0	-	-	High
187	45.146.140.0	-	-	High
188	45.147.148.0	-	-	High
189	45.149.12.0	-	-	High
190	45.149.240.0	45-149-240-0.mastereducation.lol	-	High
191	45.151.88.0	-	-	High
192	45.152.139.0	45-152-139-0.trump-network.com	-	High
193	45.153.108.0	-	-	High
194	45.153.109.0	-	-	High
195	45.153.110.0	-	-	High
196	45.154.76.0	-	-	High
197	45.154.81.0	45-154-81-0.g3ns.net	-	High
198	45.154.176.0	loamomro.ip76.abilixsoft.eu	-	High
199	45.158.28.0	-	-	High
200	45.158.160.0	-	-	High
201	46.10.0.0	46-10-0-0.ip.btc-net.bg	-	High
202	46.16.192.0	-	-	High
203	46.19.96.2	mx-bagratashen-ip.gnc.am	-	High
204	46.19.96.69	-	-	High
205	46.19.96.177	-	-	High
206	46.19.97.62	lt-0-0-0-1002.gnc.net	-	High
207	46.19.97.253	-	-	High
208	46.19.98.73	-	-	High
209	46.19.99.121	-	-	High
210	46.19.99.125	-	-	High
211	46.19.101.97	-	-	High
212	46.19.102.81	-	-	High
213	46.22.67.0	lo0.core1.sof.edgecastcdn.net	-	High
214	46.35.160.0	-	-	High
215	46.40.64.0	-	-	High
216	46.47.64.0	-	-	High
217	46.55.128.0	-	-	High
218	46.107.239.0	mlln2E6BEF00.fixip.t-online.hu	-	High
219	46.229.192.0	-	-	High
220	46.232.152.0	0.152.232.46.blizoo.bg	-	High
221	46.233.0.0	-	-	High
222	46.237.64.0	-	-	High
223	46.238.0.0	-	-	High
224	46.243.142.0	-	-	High
225	46.249.64.0	-	-	High
226	46.252.48.0	-	-	High
227	46.253.0.0	-	-	High
228	46.253.134.0	-	-	High
229	46.254.128.0	-	-	High
230	50.7.46.0	-	-	High
231	50.7.54.0	-	-	High
232	50.225.61.85	-	-	High
233	51.163.2.0	-	-	High
234	51.163.92.48	ae35.cor01.so1.eu.equinix.net	-	High
235	52.46.56.0	server-52-46-56-0.sof50.r.cloudfront.net	-	High
236	52.84.112.0	server-52-84-112-0.sof50.r.cloudfront.net	-	High
237	52.84.144.0	server-52-84-144-0.sof50.r.cloudfront.net	-	High
238	52.85.4.0	server-52-85-4-0.sof50.r.cloudfront.net	-	High
239	52.85.101.0	server-52-85-101-0.sof50.r.cloudfront.net	-	High
240	52.85.102.0	server-52-85-102-0.sof50.r.cloudfront.net	-	High
241	54.239.64.218	-	-	High
242	54.239.64.220	-	-	High
243	54.239.65.64	-	-	High
244	57.90.48.0	-	-	High
245	62.3.39.0	-	-	High
246	62.44.96.0	-	-	High
247	62.67.16.0	-	-	High
248	62.67.16.34	-	-	High
249	62.67.16.36	-	-	High
250	62.67.16.40	-	-	High
251	62.67.16.48	-	-	High
252	62.67.16.64	-	-	High
253	62.67.16.248	-	-	High
254	62.67.30.184	-	-	High
255	62.67.68.8	-	-	High
256	62.67.188.160	-	-	High
257	62.67.210.0	-	-	High
258	62.68.70.0	-	-	High
259	62.68.90.0	-	-	High
260	62.73.64.0	-	-	High
261	62.89.13.12	-	-	High
262	62.133.47.0	-	-	High
263	62.133.59.0	-	-	High
264	62.169.243.194	-	-	High
265	62.169.243.196	-	-	High
266	62.169.243.200	-	-	High
267	62.169.244.52	ipd52.244.tellas.gr	-	High
268	62.169.254.2	-	-	High
269	62.176.64.0	62-176-64-0.btc-net.bg	-	High
270	62.182.112.0	-	-	High
271	62.192.132.0	-	-	High
272	62.204.128.0	-	-	High
273	62.205.132.17	XE0-776.SOF.BG.8772.as	-	High
274	62.205.134.192	-	-	High
275	62.221.128.0	unknown.crc.bg	-	High
276	62.233.37.0	-	-	High
277	63.172.48.27	-	-	High
278	63.218.200.46	pos1-0-0.var02.sof02.pccwbtn.net	-	High
279	63.218.200.50	pos1-0-1.var02.sof02.pccwbtn.net	-	High
280	63.218.200.54	pos1-0-0.var01.sof02.pccwbtn.net	-	High
281	63.218.202.0	63-218-202-0.static.pccwglobal.net	-	High
282	63.218.202.32	63-218-202-32.static.pccwglobal.net	-	High
283	63.218.202.36	63-218-202-36.static.pccwglobal.net	-	High
284	63.218.202.40	63-218-202-40.static.pccwglobal.net	-	High
285	63.218.202.44	63-218-202-44.static.pccwglobal.net	-	High
286	63.218.202.48	63-218-202-48.static.pccwglobal.net	-	High
287	63.218.202.52	63-218-202-52.static.pccwglobal.net	-	High
288	63.218.202.56	63-218-202-56.static.pccwglobal.net	-	High
289	63.218.202.64	63-218-202-64.static.pccwglobal.net	-	High
290	63.218.202.128	63-218-202-128.static.pccwglobal.net	-	High
291	66.84.69.123	0.xe-0-1-5.p1.bb.par2.continent8.com	-	High
292	66.84.75.0	lo0.pex1.bb.sof1.continent8.com	-	High
293	66.102.12.0	-	-	High
294	66.102.12.8	-	-	High
295	66.102.12.12	-	-	High
296	66.159.221.0	-	-	High
297	67.27.160.0	-	-	High
298	69.165.111.0	-	-	High
299	72.14.200.15	-	-	High
300	72.14.200.16	-	-	High
301	74.80.77.0	-	-	High
302	74.125.11.32	sof02s23-in-f0.1e100.net	-	High
303	74.125.11.64	mil07s20-in-f0.1e100.net	-	High
304	74.125.13.32	sof02s39-in-f0.1e100.net	-	High
305	74.125.110.64	sof02s30-in-f0.1e100.net	-	High
306	77.67.44.240	-	-	High
307	77.67.98.32	-	-	High
308	77.67.98.40	-	-	High
309	77.67.118.88	-	-	High
310	77.67.124.104	-	-	High
311	77.70.0.0	-	-	High
312	77.71.0.0	n1.bgwan.com	-	High
313	77.72.20.0	-	-	High
314	77.72.85.0	-	-	High
315	77.76.0.0	-	-	High
316	77.76.128.0	-	-	High
317	77.77.0.0	-	-	High
318	77.77.128.0	-	-	High
319	77.77.136.0	-	-	High
320	77.77.140.0	-	-	High
321	77.77.142.0	-	-	High
322	77.77.144.0	-	-	High
323	77.77.150.0	-	-	High
324	77.77.152.0	-	-	High
325	77.77.160.0	-	-	High
326	77.77.168.0	-	-	High
327	77.77.168.64	-	-	High
328	77.77.168.88	-	-	High
329	77.77.168.96	-	-	High
330	77.77.168.128	-	-	High
331	77.77.169.0	-	-	High
332	77.77.170.0	-	-	High
333	77.77.170.8	-	-	High
334	77.77.170.16	-	-	High
335	77.77.170.32	-	-	High
336	77.77.170.60	-	-	High
337	77.77.170.128	-	-	High
338	77.77.170.192	-	-	High
339	77.77.170.224	-	-	High
340	77.77.170.248	-	-	High
341	77.77.171.240	-	-	High
342	77.77.172.0	-	-	High
343	77.77.173.48	-	-	High
344	77.77.173.60	-	-	High
345	77.77.173.64	-	-	High
346	77.77.173.84	-	-	High
347	77.77.173.96	-	-	High
348	77.77.173.128	-	-	High
349	77.77.173.192	-	-	High
350	77.77.173.208	-	-	High
351	77.77.173.220	-	-	High
352	77.77.173.224	-	-	High
353	77.77.173.248	-	-	High
354	77.77.176.0	-	-	High
355	77.77.176.32	-	-	High
356	77.77.176.64	-	-	High
357	77.77.176.76	-	-	High
358	77.77.176.80	-	-	High
359	77.77.176.96	-	-	High
360	77.77.176.128	-	-	High
361	77.77.177.144	-	-	High
362	77.77.177.160	-	-	High
363	77.77.177.216	-	-	High
364	77.77.177.224	-	-	High
365	77.77.178.0	-	-	High
366	77.77.179.0	-	-	High
367	77.77.179.128	-	-	High
368	77.77.179.192	-	-	High
369	77.77.179.208	-	-	High
370	77.77.179.224	-	-	High
371	77.77.179.240	-	-	High
372	77.77.180.0	-	-	High
373	77.77.180.144	-	-	High
374	77.77.181.0	-	-	High
375	77.77.184.0	-	-	High
376	77.77.185.240	-	-	High
377	77.78.0.0	-	-	High
378	77.78.128.0	-	-	High
379	77.83.20.0	-	-	High
380	77.83.36.0	-	-	High
381	77.83.112.0	-	-	High
382	77.85.0.0	-	-	High
383	77.90.149.0	-	-	High
384	77.90.152.0	-	-	High
385	77.90.155.0	-	-	High
386	77.90.167.0	-	-	High
387	77.90.179.0	-	-	High
388	77.90.180.0	-	-	High
389	77.91.100.0	.	-	High
390	77.95.232.0	-	-	High
391	77.104.128.0	ip-77-104-128-0.siteground.com	-	High
392	77.104.187.0	ip-77-104-187-0.siteground.com	-	High
393	77.104.191.0	-	-	High
394	77.220.196.0	-	-	High
395	77.236.160.0	-	-	High
396	77.238.64.0	-	-	High
397	77.244.192.0	net192-ip0.linkbg.com	-	High
398	77.246.208.0	-	-	High
399	78.24.120.0	-	-	High
400	78.40.136.0	-	-	High
401	78.40.140.0	-	-	High
402	78.40.142.0	-	-	High
403	78.83.0.0	-	-	High
404	78.90.0.0	-	-	High
405	78.108.32.10	-	-	High
406	78.108.32.14	sof-tp-81-l1.Sofia.synapsecom.gr	-	High
407	78.108.32.158	-	-	High
408	78.108.32.250	-	-	High
409	78.108.32.254	-	-	High
410	78.108.39.250	sof-tp-1034-l1.Sofia.synapsecom.gr	-	High
411	78.108.39.254	sof-tp-1036-l1.Sofia.synapsecom.gr	-	High
412	78.108.240.0	-	-	High
413	78.128.0.0	-	-	High
414	78.128.64.0	-	-	High
415	78.128.96.0	-	-	High
416	78.128.112.0	-	-	High
417	78.128.120.0	-	-	High
418	78.128.124.0	-	-	High
419	78.128.126.0	-	-	High
420	78.130.128.0	-	-	High
421	78.136.196.0	-	-	High
422	78.136.200.0	-	-	High
423	78.136.202.0	-	-	High
424	78.136.248.0	-	-	High
425	78.136.252.0	-	-	High
426	78.136.254.0	-	-	High
427	78.142.0.0	-	-	High
428	78.142.1.0	-	-	High
429	78.142.2.0	-	-	High
430	78.142.4.0	-	-	High
431	78.142.9.0	-	-	High
432	78.142.10.0	-	-	High
433	78.142.12.0	-	-	High
434	78.142.16.0	-	-	High
435	78.142.19.0	-	-	High
436	78.142.20.0	-	-	High
437	78.142.24.0	-	-	High
438	78.142.28.0	78.142.28.0.telecom-bg.com	-	High
439	78.142.30.0	-	-	High
440	78.142.32.0	-	-	High
441	78.154.0.0	-	-	High
442	78.159.128.0	-	-	High
443	78.159.130.0	-	-	High
444	78.159.131.0	-	-	High
445	78.159.136.0	-	-	High
446	78.159.149.0	-	-	High
447	78.159.150.0	-	-	High
448	78.159.152.0	-	-	High
449	78.159.157.0	-	-	High
450	78.159.158.0	-	-	High
451	79.98.104.0	-	-	High
452	79.100.0.0	-	-	High
453	79.110.112.0	-	-	High
454	79.124.0.0	-	-	High
455	79.124.2.0	-	-	High
456	79.124.4.0	-	-	High
457	79.124.9.0	-	-	High
458	79.124.10.0	-	-	High
459	79.124.12.0	-	-	High
460	79.124.16.0	-	-	High
461	79.124.32.0	-	-	High
462	79.124.48.0	-	-	High
463	79.124.56.0	-	-	High
464	79.124.60.0	-	-	High
465	79.124.63.0	telepoint-net.msk.bg	-	High
466	79.124.64.0	-	-	High
467	79.124.72.0	-	-	High
468	79.124.76.0	-	-	High
469	79.124.78.0	-	-	High
470	79.124.79.0	-	-	High
471	79.124.80.0	-	-	High
472	79.132.0.0	-	-	High
473	79.134.48.0	-	-	High
474	79.134.160.0	-	-	High
475	79.142.70.0	bg.as51430.net	-	High
476	80.72.64.0	-	-	High
477	80.72.72.0	-	-	High
478	80.72.76.0	-	-	High
479	80.72.79.0	-	-	High
480	80.72.80.0	-	-	High
481	80.72.92.0	-	-	High
482	80.76.48.0	hosted-by.technox.com.tr	-	High
483	80.78.224.0	-	-	High
484	80.80.128.0	-	-	High
485	80.84.137.0	-	-	High
486	80.84.167.0	-	-	High
487	80.89.12.0	-	-	High
488	80.91.242.149	-	-	High
489	80.91.244.126	sfia-b4-link.ip.twelve99.net	-	High
490	80.91.247.83	-	-	High
491	80.91.247.109	-	-	High
492	80.95.16.0	-	-	High
493	80.95.20.0	-	-	High
494	80.95.22.0	-	-	High
495	80.95.24.0	-	-	High
496	80.96.182.0	-	-	High
497	80.97.96.0	-	-	High
498	80.120.167.242	-	-	High
499	80.231.153.119	-	-	High
500	80.239.251.96	-	-	High
501	80.243.228.0	-	-	High
502	80.248.224.146	-	-	High
503	80.253.48.0	-	-	High
504	81.2.149.124	-	-	High
505	81.161.237.0	-	-	High
506	81.161.240.0	-	-	High
507	82.101.64.0	-	-	High
508	82.102.23.0	nche0.pelibi.com	-	High
509	82.103.64.0	-	-	High
510	82.112.168.0	-	-	High
511	82.112.172.0	-	-	High
512	82.117.192.0	-	-	High
513	82.117.192.12	-	-	High
514	82.117.192.182	peer-AS31042.sbb.rs	-	High
515	82.117.193.0	peer-AS31042.sbb.rs	-	High
516	82.117.255.0	-	-	High
517	82.118.224.0	-	-	High
518	82.118.228.0	-	-	High
519	82.118.229.0	ip-82.118.229.0.telepoint.bg	-	High
520	82.118.230.0	-	-	High
521	82.118.231.0	82.118.231.0.telecom-bg.com	-	High
522	82.118.232.0	82.118.232.0.telecom-bg.com	-	High
523	82.118.234.0	-	-	High
524	82.118.236.0	-	-	High
525	82.118.240.0	siteground-office.net	-	High
526	82.118.243.0	-	-	High
527	82.118.244.0	-	-	High
528	82.118.248.0	-	-	High
529	82.119.64.0	82.119.64.0.telecom-bg.com	-	High
530	82.137.64.0	-	-	High
531	82.146.0.0	-	-	High
532	82.146.8.0	-	-	High
533	82.146.12.0	-	-	High
534	82.146.14.0	-	-	High
535	82.146.16.0	-	-	High
536	82.147.128.0	-	-	High
537	82.147.144.0	-	-	High
538	82.147.152.0	-	-	High
539	82.147.153.0	-	-	High
540	82.147.153.64	-	-	High
541	82.147.153.96	-	-	High
542	82.147.153.112	-	-	High
543	82.147.153.128	-	-	High
544	82.147.154.0	-	-	High
545	82.147.156.0	-	-	High
546	82.195.187.17	-	-	High
547	83.97.24.0	-	-	High
548	83.97.64.0	-	-	High
549	83.142.16.0	-	-	High
550	83.142.48.0	83-142-48-0.dynamic-pool.mclaut.net	-	High
551	83.143.112.0	-	-	High
552	83.143.144.0	-	-	High
553	83.143.176.0	-	-	High
554	83.143.248.0	-	-	High
555	83.148.64.0	-	-	High
556	83.150.216.0	-	-	High
557	83.217.227.0	-	-	High
558	83.217.227.20	-	-	High
559	83.217.227.24	-	-	High
560	83.217.227.32	-	-	High
561	...	...	...	...

There are 2241 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Bulgaria Unknown. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Weakness	Description	Confidence
1	T1006	CWE-21, CWE-22, CWE-24	Pathname Traversal	High
2	T1055	CWE-74	Injection	High
3	T1059	CWE-94	Cross Site Scripting	High
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	High
5	T1068	CWE-264, CWE-269, CWE-274, CWE-284	J2EE Misconfiguration: Weak Access Permissions for EJB Methods	High
6	...	...	...	...

There are 19 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Bulgaria Unknown. This data is unique as it uses our predictive model for actor profiling.

ID	Type	Indicator	Confidence
1	File	`/accounts_con/register_account`	High
2	File	`/addbill.php`	Medium
3	File	`/admin`	Low
4	File	`/admin/`	Low
5	File	`/admin/action/edit_chicken.php`	High
6	File	`/admin/action/new-father.php`	High
7	File	`/admin/action/update-deworm.php`	High
8	File	`/admin/admin_login_process.php`	High
9	File	`/admin/admin_user.php`	High
10	File	`/admin/book_add.php`	High
11	File	`/admin/book_row.php`	High
12	File	`/admin/borrow_add.php`	High
13	File	`/admin/bwdates-report-details.php`	High
14	File	`/admin/course.php`	High
15	File	`/admin/edit_teacher.php`	High
16	File	`/admin/index.php?act=reset_admin_psw`	High
17	File	`/admin/ind_backstage.php`	High
18	File	`/admin/manage-pages.php`	High
19	File	`/admin/manage-users.php`	High
20	File	`/admin/options-theme.php`	High
21	File	`/admin/pages/edit_chicken.php`	High
22	File	`/admin/pages/subjects.php`	High
23	File	`/admin/pages/yearlevel.php`	High
24	File	`/admin/php/crud.php`	High
25	File	`/admin/regester.php`	High
26	File	`/admin/return_add.php`	High
27	File	`/admin/students.php`	High
28	File	`/admin/subject.php`	High
29	File	`/admin/update-clients.php`	High
30	File	`/admin/upload/img`	High
31	File	`/admin/uploads/`	High
32	File	`/admin/users`	Medium
33	File	`/admin_route/dec_service_credits.php`	High
34	File	`/adplanet/PlanetUser`	High
35	File	`/ample/app/action/edit_product.php`	High
36	File	`/api/log/killJob`	High
37	File	`/api/trackedEntityInstances`	High
38	File	`/app/api/controller/default/Sqlite.php`	High
39	File	`/app/Http/Controllers/ImageController.php`	High
40	File	`/application/pay/controller/Api.php`	High
41	File	`/article/DelectArticleById/`	High
42	File	`/auth/auth.php?user=1`	High
43	File	`/auth/user/all.api`	High
44	File	`/aux`	Low
45	File	`/b2b-supermarket/catalog/all-products`	High
46	File	`/b2b-supermarket/shopping-cart`	High
47	File	`/bin/boa`	Medium
48	File	`/boaform/wlan_basic_set.cgi`	High
49	File	`/ccm/system/dialogs/file/delete/1/submit`	High
50	File	`/cgi-bin/cstecgi.cgi`	High
51	File	`/cgi-bin/cstecgi.cgi?action=login`	High
52	File	`/cgi-bin/cstecgi.cgi?action=login&flag=1`	High
53	File	`/cgi-bin/cstecgi.cgi?action=login&flag=ie8`	High
54	File	`/change-language/de_DE`	High
55	File	`/classes/Master.php? f=save_medicine`	High
56	File	`/classes/Users.php?f=save`	High
57	File	`/config,admin.jsp`	High
58	File	`/data/remove`	Medium
59	File	`/debug/pprof`	Medium
60	File	`/dist/index.js`	High
61	File	`/endpoint/add-guest.php`	High
62	File	`/etc/hosts.deny`	High
63	File	`/file-manager/delete.php`	High
64	File	`/file-manager/upload.php`	High
65	File	`/forum/away.php`	High
66	File	`/HNAP1/`	Low
67	...	...	...

There are 591 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the actor and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence: