Mirrors/cyber_threat_intelligence
6
0
Fork 0
mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-26 00:48:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
9acd7aff46
cyber_threat_intelligence/campaigns/IcedID
History
Marc Ruef 9acd7aff46 Update February 2024
2024-02-02 10:19:44 +01:00
..
README.md Update February 2024 2024-02-02 10:19:44 +01:00

README.md

IcedID - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the campaign known as IcedID. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with IcedID:

There are 18 more country items available. Please use our online service to access the data.

Actors

These actors are associated with IcedID or other actors linked to the campaign.

ID Actor Confidence
1 IcedID High
2 UAC-0098 High
3 TA551 High
4 ... ...

There are 2 more actor items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of IcedID.

ID IP address Hostname Actor Confidence
1 2.56.177.14 2-56-177-14.serversfinder.com IcedID High
2 2.56.177.122 2-56-177-122.serversfinder.com IcedID High
3 2.56.177.183 2-56-177-183.serversfinder.com IcedID High
4 3.82.225.224 ec2-3-82-225-224.compute-1.amazonaws.com IcedID Medium
5 3.89.127.205 ec2-3-89-127-205.compute-1.amazonaws.com IcedID Medium
6 3.90.105.242 ec2-3-90-105-242.compute-1.amazonaws.com IcedID Medium
7 3.95.241.204 ec2-3-95-241-204.compute-1.amazonaws.com IcedID Medium
8 3.104.41.163 ec2-3-104-41-163.ap-southeast-2.compute.amazonaws.com IcedID Medium
9 3.105.92.116 ec2-3-105-92-116.ap-southeast-2.compute.amazonaws.com IcedID Medium
10 5.2.65.217 - IcedID High
11 5.2.67.119 - IcedID High
12 5.2.70.56 - IcedID High
13 5.2.70.89 - IcedID High
14 5.2.74.83 - IcedID High
15 5.2.75.126 - IcedID High
16 5.2.75.189 - IcedID High
17 5.2.76.156 - IcedID High
18 5.2.77.232 - IcedID High
19 5.2.78.150 - IcedID High
20 5.2.79.7 - IcedID High
21 5.2.79.218 - IcedID High
22 5.34.180.162 - IcedID High
23 5.34.181.34 vds-842965.hosted-by-itldc.com IcedID High
24 5.34.181.44 vds-950771.hosted-by-itldc.com IcedID High
25 5.39.63.101 - IcedID High
26 5.39.63.102 - IcedID High
27 5.39.218.210 - IcedID Downloader High
28 5.39.222.193 - IcedID High
29 5.39.223.131 - IcedID High
30 5.39.223.134 - IcedID High
31 5.61.32.172 - IcedID High
32 5.61.34.133 mta3.mailup.ru IcedID High
33 5.61.34.153 - IcedID High
34 5.61.36.120 - IcedID High
35 5.61.36.180 - IcedID High
36 5.61.37.89 mailer.ampm.casino IcedID High
37 5.61.37.224 - IcedID High
38 5.61.40.78 - IcedID High
39 5.61.42.115 0.0.0.0 IcedID High
40 5.61.42.123 stirok.ru IcedID High
41 5.61.42.128 - IcedID High
42 5.61.43.172 - IcedID High
43 5.61.43.191 b3.bareandblushy.com IcedID High
44 5.61.44.146 - IcedID High
45 5.61.44.218 - IcedID High
46 5.61.44.234 - IcedID High
47 5.61.45.179 - IcedID High
48 5.61.46.161 - IcedID High
49 5.61.46.164 - IcedID High
50 5.61.61.35 - IcedID High
51 5.135.255.246 - IcedID High
52 5.144.132.47 47-132-144-5.static.hostiran.name IcedID High
53 5.146.45.129 ip-005-146-045-129.um05.pools.vodafone-ip.de IcedID High
54 5.149.252.179 hnh7.arenal.xyz IcedID High
55 5.180.114.36 36.114.180.5.in-addr.arpa IcedID High
56 5.180.114.52 52.114.180.5.in-addr.arpa IcedID High
57 5.180.114.88 88.114.180.5.in-addr.arpa IcedID High
58 5.180.114.165 165.114.180.5.in-addr.arpa IcedID High
59 5.180.114.171 171.114.180.5.in-addr.arpa IcedID High
60 5.180.114.190 190.114.180.5.in-addr.arpa IcedID High
61 5.181.27.192 gcl-lon.com IcedID High
62 5.181.80.125 ip-80-125-bullethost.net IcedID Downloader High
63 5.181.80.213 ip-80-213-bullethost.net IcedID High
64 5.181.80.214 - IcedID Downloader High
65 5.181.80.215 anelpones.xyz IcedID High
66 5.181.80.218 ip-80-218-bullethost.net IcedID High
67 5.181.80.224 - IcedID Downloader High
68 5.181.159.39 5-181-159-39.mivocloud.com IcedID High
69 5.181.159.41 no-rdns.mivocloud.com IcedID High
70 5.181.159.51 no-rdns.mivocloud.com IcedID High
71 5.181.159.54 no-rdns.mivocloud.com IcedID High
72 5.181.159.55 no-rdns.mivocloud.com IcedID High
73 5.182.27.71 s322800.cloud.flynet.pro IcedID High
74 5.188.0.52 saycain.example.com IcedID High
75 5.188.93.137 free.ds IcedID High
76 5.189.253.164 slamco.fr IcedID High
77 5.189.253.223 minsipak.fr IcedID High
78 5.196.103.145 - IcedID High
79 5.196.103.151 - IcedID Downloader High
80 5.196.196.251 - IcedID High
81 5.196.196.252 - IcedID High
82 5.196.196.253 - IcedID Downloader High
83 5.196.196.255 - IcedID Downloader High
84 5.199.162.56 - IcedID High
85 5.199.162.81 - IcedID High
86 5.199.162.123 - IcedID Downloader High
87 5.199.162.162 - IcedID Downloader High
88 5.199.162.166 - IcedID High
89 5.199.162.174 - IcedID Downloader High
90 5.199.162.235 - IcedID Downloader High
91 5.199.168.14 - IcedID High
92 5.199.168.24 - IcedID High
93 5.199.168.34 - IcedID High
94 5.199.168.125 - IcedID High
95 5.199.168.213 - IcedID High
96 5.199.168.214 - IcedID High
97 5.199.168.255 - IcedID High
98 5.199.173.20 - IcedID Downloader High
99 5.199.173.24 - IcedID Downloader High
100 5.199.173.27 - IcedID High
101 5.199.173.29 - IcedID Downloader High
102 5.199.173.51 - IcedID High
103 5.199.173.107 - IcedID Downloader High
104 5.199.173.120 - IcedID High
105 5.199.173.141 - IcedID Downloader High
106 5.199.173.150 - IcedID High
107 5.199.173.162 - IcedID High
108 5.199.173.173 - IcedID High
109 5.199.173.210 - IcedID High
110 5.199.173.217 - IcedID High
111 5.199.173.233 - IcedID High
112 5.199.173.234 - IcedID High
113 5.199.174.189 - IcedID High
114 5.199.174.232 - IcedID Downloader High
115 5.199.174.234 - IcedID High
116 5.206.224.50 ko.pro IcedID High
117 5.206.224.239 aqualisbra.com IcedID High
118 5.206.227.5 jiojoip.com IcedID High
119 5.230.44.226 - IcedID High
120 5.230.57.30 - IcedID High
121 5.230.57.194 - IcedID High
122 5.230.66.157 - IcedID High
123 5.230.67.128 placeholder.noezserver.de IcedID High
124 5.230.67.227 placeholder.noezserver.de IcedID High
125 5.230.68.22 pleasantly.autocraftz.biz IcedID High
126 5.230.68.48 ounahiskills.co.uk IcedID High
127 5.230.68.66 fracturedprunesurfcitync.com IcedID High
128 5.230.68.163 placeholder.noezserver.de IcedID High
129 5.230.68.190 ua190.ualist.com IcedID High
130 5.230.70.43 placeholder.noezserver.de IcedID High
131 5.230.70.57 placeholder.noezserver.de IcedID High
132 5.230.70.135 placeholder.noezserver.de IcedID High
133 5.230.70.140 placeholder.noezserver.de IcedID High
134 5.230.70.146 placeholder.noezserver.de IcedID High
135 5.230.71.72 placeholder.noezserver.de IcedID High
136 5.230.72.37 placeholder.noezserver.de IcedID High
137 5.230.72.131 placeholder.noezserver.de IcedID High
138 5.230.72.158 placeholder.noezserver.de IcedID High
139 5.230.73.61 placeholder.noezserver.de IcedID High
140 5.230.73.139 - IcedID High
141 5.230.73.157 - IcedID High
142 5.230.73.172 - IcedID High
143 5.230.73.200 placeholder.noezserver.de IcedID High
144 5.230.73.244 placeholder.noezserver.de IcedID High
145 5.230.74.71 - IcedID High
146 5.230.74.102 placeholder.noezserver.de IcedID High
147 5.230.74.153 placeholder.noezserver.de IcedID High
148 5.230.74.202 - IcedID High
149 5.230.74.203 - IcedID High
150 5.230.74.223 placeholder.noezserver.de IcedID High
151 5.230.74.242 - IcedID High
152 5.230.75.11 - IcedID High
153 5.230.75.134 placeholder.noezserver.de IcedID High
154 5.230.75.188 - IcedID High
155 5.230.75.247 ma247.manidatravel.com IcedID High
156 5.230.76.44 - IcedID High
157 5.230.76.198 - IcedID High
158 5.230.78.208 - IcedID High
159 5.231.0.34 - IcedID High
160 5.252.23.141 mail.exclusive-meetingg.com IcedID High
161 5.252.177.10 no-rdns.mivocloud.com IcedID High
162 5.252.177.13 no-rdns.mivocloud.com IcedID High
163 5.252.177.59 no-rdns.mivocloud.com IcedID High
164 5.252.177.65 no-rdns.mivocloud.com IcedID High
165 5.252.177.103 no-rdns.mivocloud.com IcedID High
166 5.252.177.106 bestsevenreviews.com IcedID High
167 5.252.177.107 no-rdns.mivocloud.com IcedID High
168 5.252.177.233 5-252-177-233.mivocloud.com IcedID High
169 5.252.178.142 no-rdns.mivocloud.com IcedID High
170 5.255.98.45 - IcedID High
171 5.255.98.126 - IcedID High
172 5.255.99.21 - IcedID High
173 5.255.99.51 - IcedID High
174 5.255.99.108 - IcedID High
175 5.255.100.8 - IcedID High
176 5.255.100.32 - IcedID High
177 5.255.100.55 - IcedID High
178 5.255.100.65 - IcedID High
179 5.255.100.207 chronostech.io IcedID High
180 5.255.100.250 - IcedID High
181 5.255.101.31 - IcedID High
182 5.255.101.68 - IcedID High
183 5.255.102.88 - IcedID High
184 5.255.102.167 - IcedID High
185 5.255.103.16 - IcedID High
186 5.255.103.75 - IcedID High
187 5.255.103.108 - IcedID High
188 5.255.103.144 - IcedID High
189 5.255.103.245 - IcedID High
190 5.255.104.11 - IcedID High
191 5.255.104.22 - IcedID High
192 5.255.104.45 - IcedID High
193 5.255.104.52 - IcedID High
194 5.255.104.93 - IcedID High
195 5.255.104.97 - IcedID High
196 5.255.104.113 - IcedID High
197 5.255.104.120 - IcedID High
198 5.255.104.130 - IcedID High
199 5.255.104.143 - IcedID High
200 5.255.104.145 - IcedID High
201 5.255.104.153 - IcedID High
202 5.255.104.184 - IcedID High
203 5.255.104.220 - IcedID High
204 5.255.104.233 - IcedID High
205 5.255.105.55 - IcedID High
206 5.255.105.239 - IcedID High
207 5.255.106.72 - IcedID High
208 5.255.106.78 smtp.gespollas.com IcedID High
209 5.255.106.136 - IcedID High
210 5.255.106.240 - IcedID High
211 5.255.107.149 - IcedID High
212 5.255.109.46 - IcedID High
213 5.255.109.175 - IcedID High
214 5.255.110.177 - IcedID High
215 5.255.111.220 - IcedID High
216 5.255.113.157 - IcedID High
217 5.255.115.226 - IcedID High
218 5.255.119.21 - IcedID High
219 5.255.120.33 - IcedID High
220 5.255.122.79 - IcedID High
221 5.255.124.55 - IcedID High
222 6.43.51.17 - IcedID High
223 8.39.147.62 vyc1.achlycole.org.uk IcedID High
224 13.52.121.66 ec2-13-52-121-66.us-west-1.compute.amazonaws.com IcedID Medium
225 13.57.55.155 ec2-13-57-55-155.us-west-1.compute.amazonaws.com IcedID Medium
226 13.237.1.27 ec2-13-237-1-27.ap-southeast-2.compute.amazonaws.com IcedID Medium
227 13.237.195.116 ec2-13-237-195-116.ap-southeast-2.compute.amazonaws.com IcedID Medium
228 14.99.115.211 - IcedID High
229 15.236.140.116 ec2-15-236-140-116.eu-west-3.compute.amazonaws.com IcedID Medium
230 23.82.128.186 - IcedID High
231 23.82.128.215 - IcedID High
232 23.88.35.240 static.240.35.88.23.clients.your-server.de IcedID High
233 23.88.37.159 static.159.37.88.23.clients.your-server.de IcedID Downloader High
234 23.106.124.26 - IcedID High
235 23.106.124.168 - IcedID High
236 23.106.124.181 - IcedID High
237 23.106.215.93 - IcedID High
238 23.160.193.140 unknown.ip-xfer.net IcedID High
239 23.164.240.130 - IcedID High
240 23.227.202.165 23-227-202-165.static.hvvc.us IcedID High
241 23.227.203.131 23-227-203-131.static.hvvc.us IcedID High
242 23.227.206.161 23-227-206-161.static.hvvc.us IcedID High
243 23.227.206.195 23-227-206-195.static.hvvc.us IcedID High
244 23.254.202.234 hwsrv-1055605.hostwindsdns.com IcedID High
245 23.254.211.137 hwsrv-1045976.hostwindsdns.com IcedID High
246 23.254.224.115 hwsrv-1031288.hostwindsdns.com IcedID High
247 23.254.224.148 client-23-254-224-148.hostwindsdns.com IcedID High
248 23.254.226.152 hwsrv-1069457.hostwindsdns.com IcedID High
249 23.254.229.208 hwsrv-1015537.hostwindsdns.com IcedID High
250 23.254.253.106 WIN-KP9WSUDC4N.com IcedID High
251 31.13.195.119 sm.cfconsult.net IcedID High
252 31.13.195.127 - IcedID High
253 31.24.224.12 1f18e00c.setaptr.net IcedID High
254 31.24.228.170 31.24.228.170.static.midphase.com IcedID High
255 31.184.199.11 dalesmanager.com IcedID High
256 35.212.196.32 32.196.212.35.bc.googleusercontent.com IcedID Medium
257 37.1.192.40 - IcedID High
258 37.1.193.136 webcomdition.com IcedID High
259 37.1.195.84 - IcedID High
260 37.1.195.238 autoreflash.com IcedID High
261 37.1.205.217 - IcedID High
262 37.1.208.48 reveltip.com IcedID High
263 37.1.213.234 - IcedID High
264 37.1.221.209 - IcedID High
265 37.46.129.17 info50.fvds.ru IcedID High
266 37.61.229.95 zeno.igorclark.net IcedID High
267 37.120.222.100 - IcedID High
268 37.221.115.12 - IcedID High
269 37.235.55.75 75.55.235.37.in-addr.arpa IcedID High
270 37.235.55.103 103.55.235.37.in-addr.arpa IcedID High
271 37.235.56.30 30.56.235.37.in-addr.arpa IcedID High
272 37.235.56.37 37.56.235.37.in-addr.arpa IcedID High
273 37.235.56.94 94.56.235.37.in-addr.arpa IcedID High
274 37.235.56.185 185.56.235.37.in-addr.arpa IcedID High
275 37.252.5.228 - IcedID High
276 37.252.6.77 - IcedID High
277 37.252.10.231 - IcedID High
278 37.252.11.170 - IcedID High
279 37.252.11.221 - IcedID High
280 38.180.0.89 - IcedID High
281 38.180.8.107 - IcedID High
282 38.180.8.169 - IcedID High
283 38.180.34.14 - IcedID High
284 39.104.16.102 - IcedID High
285 39.104.17.212 - IcedID High
286 39.104.23.152 - IcedID High
287 39.104.27.24 - IcedID High
288 39.104.57.145 - IcedID High
289 39.104.72.59 - IcedID High
290 39.104.94.83 - IcedID High
291 39.104.164.115 - IcedID High
292 45.8.146.139 vm580483.stark-industries.solutions TA551 High
293 45.8.158.140 mail.aeoncard-co-jp.com IcedID High
294 45.11.19.121 - IcedID High
295 45.11.19.168 - IcedID High
296 45.11.182.61 - IcedID High
297 45.11.182.114 - IcedID High
298 45.11.182.115 - IcedID High
299 45.11.182.117 - IcedID High
300 45.11.182.118 - IcedID High
301 45.11.182.119 - IcedID High
302 45.11.182.120 - IcedID High
303 45.11.182.121 - IcedID High
304 45.12.109.136 kemp.strongwallsys.com IcedID High
305 45.12.109.195 ryan.earthbroadcasting.com IcedID High
306 45.12.109.221 weaver.earthbroadcasting.com IcedID High
307 45.12.139.90 - IcedID High
308 45.15.161.254 - IcedID High
309 45.41.204.5 fastshipus.xyz IcedID High
310 45.55.42.13 - IcedID High
311 45.55.53.206 - IcedID High
312 45.55.56.244 - IcedID High
313 45.61.136.6 - IcedID High
314 45.61.136.22 - IcedID High
315 45.61.136.193 - IcedID High
316 45.61.137.95 - IcedID High
317 45.61.137.97 - IcedID High
318 45.61.137.119 - IcedID High
319 45.61.137.158 - IcedID High
320 45.61.137.159 - IcedID High
321 45.61.137.220 svenska.re IcedID High
322 45.61.137.225 - IcedID High
323 45.61.138.12 - IcedID High
324 45.61.138.149 - IcedID High
325 45.61.138.171 - IcedID High
326 45.61.138.175 - IcedID High
327 45.61.138.181 - IcedID High
328 45.61.138.227 - IcedID High
329 45.61.139.138 - IcedID High
330 45.61.139.144 - IcedID High
331 45.61.139.179 - IcedID High
332 45.61.139.196 - IcedID High
333 45.61.139.232 - IcedID High
334 45.61.139.235 - IcedID High
335 45.61.139.243 - IcedID High
336 45.66.248.7 mta0.burjeela.gq IcedID High
337 45.66.248.37 mta0.quarrantinereport-center.gq IcedID High
338 45.66.248.64 0n3reye0i0.alyanova.com IcedID High
339 45.66.248.69 outbound5.imaille.com IcedID High
340 45.66.248.71 - IcedID High
341 45.66.248.79 mta0.coldspikes.autos IcedID High
342 45.66.248.119 finixdeal.com IcedID High
343 45.66.248.148 QuanTs.defaultproduct.com IcedID High
344 45.66.248.151 - IcedID Downloader High
345 45.66.248.244 mta0.axminster-carpets.cf IcedID High
346 45.66.249.26 8axj5rsx1e.marketingforbreweries.com IcedID High
347 45.66.249.221 mta0.lizengeneering.com IcedID High
348 45.67.231.235 am-tun2.warwish.pro IcedID High
349 45.82.247.87 - IcedID High
350 45.82.247.121 - IcedID High
351 45.82.247.148 prostatehealth.click IcedID High
352 45.82.251.34 - IcedID High
353 45.82.251.36 - IcedID High
354 45.82.251.44 - IcedID High
355 45.85.117.196 naskal.de IcedID High
356 45.86.229.46 - IcedID Downloader High
357 45.86.229.94 - IcedID Downloader High
358 45.86.229.105 1lf7cf33e.northernstarmarketing.com IcedID Downloader High
359 45.86.229.180 - IcedID High
360 45.86.229.251 - IcedID Downloader High
361 45.86.229.253 32l.edUcated-352.insuranceforourfamily.com IcedID High
362 45.86.230.43 google.com IcedID High
363 45.86.230.141 mta0.ungho.cf IcedID High
364 45.86.230.149 - IcedID High
365 45.86.230.181 - IcedID High
366 45.86.231.210 - IcedID High
367 45.87.154.181 vm.solutions IcedID High
368 45.88.221.211 - IcedID High
369 45.89.98.138 ruiz.thegamersnet.com IcedID High
370 45.89.107.120 d120.lifedigitz.com IcedID High
371 45.92.162.84 butler.egnerarch.com IcedID High
372 45.92.163.123 vars-long-kks.currishfine.com IcedID High
373 45.92.163.233 landing-messy.samewaged.com IcedID High
374 45.92.163.238 sup-size.samewaged.com IcedID High
375 45.95.11.125 vm324206.pq.hosting IcedID High
376 45.129.99.241 354851-vds-mamozw.gmhost.pp.ua IcedID High
377 45.129.199.13 - IcedID High
378 45.129.199.15 server2.divslabs.com IcedID High
379 45.129.199.26 - IcedID High
380 45.129.199.67 - IcedID High
381 45.129.199.75 - IcedID High
382 45.129.199.92 - IcedID High
383 45.129.199.158 - IcedID High
384 45.129.199.169 mta0.agungpodomoroland.co IcedID High
385 45.129.199.172 - IcedID High
386 45.129.199.250 mta0.fatimia-group.cc IcedID High
387 45.138.172.179 - IcedID High
388 45.138.172.240 - IcedID High
389 45.142.214.176 vm546665.stark-industries.solutions IcedID High
390 ... ... ... ...

There are 1556 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used within IcedID. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1006 CWE-21, CWE-22, CWE-23, CWE-25, CWE-425 Pathname Traversal High
2 T1040 CWE-319 Authentication Bypass by Capture-replay High
3 T1055 CWE-74 Injection High
4 T1059 CWE-94, CWE-1321 Cross Site Scripting High
5 T1059.007 CWE-79, CWE-80 Cross Site Scripting High
6 ... ... ... ...

There are 21 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration during IcedID. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File %SYSTEMDRIVE%\node_modules\.bin\wmic.exe High
2 File //proc/kcore Medium
3 File /admin/action/delete-vaccine.php High
4 File /admin/index2.html High
5 File /admin/save.php High
6 File /api/admin/system/store/order/list High
7 File /api/download High
8 File /api/v1/alerts High
9 File /api/v1/terminal/sessions/?limit=1 High
10 File /app/index/controller/Common.php High
11 File /app/options.py High
12 File /b2b-supermarket/shopping-cart High
13 File /bitrix/admin/ldap_server_edit.php High
14 File /category.php High
15 File /categorypage.php High
16 File /cgi-bin/vitogate.cgi High
17 File /change-language/de_DE High
18 File /debug/pprof Medium
19 File /devinfo Medium
20 File /dist/index.js High
21 File /etc/shadow.sample High
22 File /fcgi/scrut_fcgi.fcgi High
23 File /forms/doLogin High
24 File /forum/away.php High
25 File /geoserver/gwc/rest.html High
26 File /goform/formSysCmd High
27 File /HNAP1 Low
28 File /hosts/firewall/ip High
29 File /index.php/ccm/system/file/upload High
30 File /listplace/user/ticket/create High
31 File /log/decodmail.php High
32 File /mhds/clinic/view_details.php High
33 File /oauth/idp/.well-known/openid-configuration High
34 File /OA_HTML/cabo/jsps/a.jsp High
35 File /php/ping.php High
36 File /proxy Low
37 File /rest/api/latest/projectvalidate/key High
38 File /RPS2019Service/status.html High
39 File /s/index.php?action=statistics High
40 File /setting Medium
41 File /sicweb-ajax/tmproot/ High
42 File /spip.php Medium
43 ... ... ...

There are 371 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the campaign and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2024 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!