Mirrors/cyber_threat_intelligence
6
0
Fork 0
mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-26 00:48:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
9acd7aff46
cyber_threat_intelligence/campaigns/Remcos
History
Marc Ruef 819a7a8241 Update January 2024
2024-01-26 07:53:33 +01:00
..
README.md Update January 2024 2024-01-26 07:53:33 +01:00

README.md

Remcos - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the campaign known as Remcos. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Remcos:

There are 21 more country items available. Please use our online service to access the data.

Actors

These actors are associated with Remcos or other actors linked to the campaign.

ID Actor Confidence
1 Remcos High
2 RemcosRAT High
3 UAC-0050 High

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Remcos.

ID IP address Hostname Actor Confidence
1 2.58.47.203 - Remcos High
2 2.59.254.111 - Remcos High
3 2.59.254.160 - Remcos High
4 2.59.255.57 - Remcos High
5 2.59.255.202 - Remcos High
6 3.13.31.214 ec2-3-13-31-214.us-east-2.compute.amazonaws.com Remcos Medium
7 3.64.163.50 ec2-3-64-163-50.eu-central-1.compute.amazonaws.com Remcos Medium
8 3.94.41.167 ec2-3-94-41-167.compute-1.amazonaws.com Remcos Medium
9 3.230.36.58 ec2-3-230-36-58.compute-1.amazonaws.com Remcos Medium
10 5.2.68.68 - Remcos High
11 5.2.68.70 - Remcos High
12 5.2.68.71 - Remcos High
13 5.2.68.72 - Remcos High
14 5.2.68.73 - Remcos High
15 5.2.68.74 - Remcos High
16 5.2.68.75 - Remcos High
17 5.2.68.80 - Remcos High
18 5.2.68.82 - Remcos High
19 5.2.75.164 - Remcos High
20 5.20.206.229 data-206-229.cgates.lt Remcos High
21 5.42.199.110 - Remcos High
22 5.45.72.225 - Remcos High
23 5.45.87.29 - Remcos High
24 5.61.37.41 - Remcos High
25 5.61.53.13 - Remcos High
26 5.61.53.75 - Remcos High
27 5.61.55.210 - Remcos High
28 5.61.56.10 - Remcos High
29 5.61.57.165 - Remcos High
30 5.78.40.210 static.210.40.78.5.clients.your-server.de Remcos High
31 5.181.80.139 ip-80-139-bullethost.net Remcos High
32 5.181.166.25 - Remcos High
33 5.181.234.139 - Remcos High
34 5.181.234.145 - Remcos High
35 5.187.48.36 d48036.artnet.gda.pl Remcos High
36 5.187.49.231 d49231.artnet.gda.pl Remcos High
37 5.196.117.233 - Remcos High
38 5.206.227.115 1877 Remcos High
39 5.248.241.94 5-248-241-94.broadband.kyivstar.net Remcos High
40 5.249.226.166 uw19.uniweb.no Remcos High
41 5.252.22.56 vm1475772.stark-industries.solutions Remcos High
42 5.252.165.58 - Remcos High
43 5.253.114.108 - Remcos High
44 6.43.51.17 - Remcos High
45 8.253.139.120 - Remcos High
46 10.11.0.5 - Remcos High
47 10.15.0.17 - Remcos High
48 10.15.0.18 - Remcos High
49 10.15.0.19 - Remcos High
50 10.15.0.23 - Remcos High
51 10.15.0.30 - Remcos High
52 10.16.0.13 - Remcos High
53 10.16.0.18 - Remcos High
54 10.16.0.30 - Remcos High
55 10.140.226.6 - Remcos High
56 13.107.21.200 - Remcos High
57 13.107.42.12 1drv.ms Remcos High
58 13.107.42.13 - Remcos High
59 13.107.43.12 - Remcos High
60 13.107.43.13 - Remcos High
61 13.225.214.71 server-13-225-214-71.ewr50.r.cloudfront.net Remcos High
62 13.225.214.91 server-13-225-214-91.ewr50.r.cloudfront.net Remcos High
63 13.225.214.108 server-13-225-214-108.ewr50.r.cloudfront.net Remcos High
64 13.225.230.20 server-13-225-230-20.jfk51.r.cloudfront.net Remcos High
65 13.250.255.10 ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com Remcos Medium
66 15.197.142.173 a4ec4c6ea1c92e2e6.awsglobalaccelerator.com Remcos High
67 15.235.3.1 ip1.ip-15-235-3.net Remcos High
68 15.235.53.10 ns5012329.ip-15-235-53.net Remcos High
69 15.237.137.33 ec2-15-237-137-33.eu-west-3.compute.amazonaws.com Remcos Medium
70 18.214.132.216 ec2-18-214-132-216.compute-1.amazonaws.com Remcos Medium
71 18.218.132.40 ec2-18-218-132-40.us-east-2.compute.amazonaws.com Remcos Medium
72 20.7.43.70 - Remcos High
73 20.36.253.92 - Remcos High
74 20.38.13.217 - Remcos High
75 20.38.32.202 - Remcos High
76 20.42.73.27 - Remcos High
77 20.69.164.162 - Remcos High
78 20.84.117.57 - Remcos High
79 20.106.76.138 - Remcos High
80 20.106.94.110 - Remcos High
81 20.110.88.130 - Remcos High
82 20.110.185.77 - Remcos High
83 20.110.197.26 - Remcos High
84 20.112.83.244 - Remcos High
85 20.114.21.181 - Remcos High
86 20.115.127.188 - Remcos High
87 20.124.111.166 - Remcos High
88 20.190.151.7 - Remcos High
89 20.190.151.8 - Remcos High
90 20.190.151.68 - Remcos High
91 20.190.151.70 - Remcos High
92 20.190.151.131 - Remcos High
93 20.190.151.132 - Remcos High
94 20.190.151.133 - Remcos High
95 20.190.152.21 - Remcos High
96 20.190.154.139 - Remcos High
97 20.214.203.178 - Remcos High
98 20.225.154.34 - Remcos High
99 20.231.24.237 - Remcos High
100 20.251.10.189 - Remcos High
101 20.252.43.59 - Remcos High
102 23.3.13.88 a23-3-13-88.deploy.static.akamaitechnologies.com Remcos High
103 23.3.13.154 a23-3-13-154.deploy.static.akamaitechnologies.com Remcos High
104 23.19.87.242 - Remcos High
105 23.19.227.82 - Remcos High
106 23.19.227.171 - Remcos High
107 23.19.227.243 - Remcos High
108 23.21.27.29 ec2-23-21-27-29.compute-1.amazonaws.com Remcos Medium
109 23.21.205.229 ec2-23-21-205-229.compute-1.amazonaws.com Remcos Medium
110 23.21.213.140 ec2-23-21-213-140.compute-1.amazonaws.com Remcos Medium
111 23.38.131.139 a23-38-131-139.deploy.static.akamaitechnologies.com Remcos High
112 23.46.239.18 a23-46-239-18.deploy.static.akamaitechnologies.com Remcos High
113 23.56.9.181 a23-56-9-181.deploy.static.akamaitechnologies.com Remcos High
114 23.78.173.83 a23-78-173-83.deploy.static.akamaitechnologies.com Remcos High
115 23.82.12.29 - Remcos High
116 23.105.131.132 mail132.nessfist.com Remcos High
117 23.105.131.141 mail141.nessfist.com Remcos High
118 23.105.131.161 mail161.nessfist.com Remcos High
119 23.105.131.166 mail166.nessfist.com Remcos High
120 23.105.131.186 mail186.nessfist.com Remcos High
121 23.105.131.193 - Remcos High
122 23.105.131.206 mail206.nessfist.com Remcos High
123 23.105.131.209 - Remcos High
124 23.105.131.211 mail211.nessfist.com Remcos High
125 23.105.131.220 mail220.nessfist.com Remcos High
126 23.105.131.222 - Remcos High
127 23.105.131.229 mail229.nessfist.com Remcos High
128 23.105.131.235 mail235.nessfist.com Remcos High
129 23.105.131.236 mail236.nessfist.com Remcos High
130 23.105.131.238 mail238.nessfist.com Remcos High
131 23.105.131.244 mail244.nessfist.com Remcos High
132 23.106.60.117 - Remcos High
133 23.106.124.111 - Remcos High
134 23.146.242.71 - Remcos High
135 23.146.242.110 - Remcos High
136 23.155.8.220 - Remcos High
137 23.172.112.72 - Remcos High
138 23.196.74.222 a23-196-74-222.deploy.static.akamaitechnologies.com Remcos High
139 23.199.63.11 a23-199-63-11.deploy.static.akamaitechnologies.com Remcos High
140 23.199.63.83 a23-199-63-83.deploy.static.akamaitechnologies.com Remcos High
141 23.223.37.181 a23-223-37-181.deploy.static.akamaitechnologies.com Remcos High
142 23.226.128.197 23.226.128.197.static.quadranet.com Remcos High
143 23.227.38.74 - Remcos High
144 23.227.196.61 glamercircle.store Remcos High
145 24.152.37.94 24-152-37-94.masterdaweb.com Remcos High
146 25.68.49.245 - Remcos High
147 31.3.152.100 100.152.3.31.in-addr.arpa Remcos High
148 31.171.152.100 - Remcos High
149 31.171.152.104 - Remcos High
150 31.171.152.106 - Remcos High
151 31.192.232.48 lindaj18.barber.pserver.space Remcos High
152 31.210.20.56 - Remcos High
153 31.210.20.130 - Remcos High
154 31.210.20.224 - Remcos High
155 31.210.20.236 - Remcos High
156 31.210.21.205 lit4.top Remcos High
157 31.220.44.253 - Remcos High
158 31.223.65.8 8.65.223.31.srv.turk.net Remcos High
159 34.66.5.36 36.5.66.34.bc.googleusercontent.com Remcos Medium
160 34.96.116.138 138.116.96.34.bc.googleusercontent.com Remcos Medium
161 34.102.136.180 180.136.102.34.bc.googleusercontent.com Remcos Medium
162 34.117.168.233 233.168.117.34.bc.googleusercontent.com Remcos Medium
163 34.192.250.175 ec2-34-192-250-175.compute-1.amazonaws.com Remcos Medium
164 34.197.12.81 ec2-34-197-12-81.compute-1.amazonaws.com Remcos Medium
165 34.202.33.33 ec2-34-202-33-33.compute-1.amazonaws.com Remcos Medium
166 34.227.28.79 ec2-34-227-28-79.compute-1.amazonaws.com Remcos Medium
167 34.239.194.181 ec2-34-239-194-181.compute-1.amazonaws.com Remcos Medium
168 35.205.61.67 67.61.205.35.bc.googleusercontent.com Remcos Medium
169 35.214.144.124 124.144.214.35.bc.googleusercontent.com Remcos Medium
170 35.247.37.33 33.37.247.35.bc.googleusercontent.com Remcos Medium
171 37.0.10.217 - Remcos High
172 37.0.11.114 - Remcos High
173 37.0.11.230 - Remcos High
174 37.0.14.195 - Remcos High
175 37.0.14.198 - Remcos High
176 37.0.14.199 - Remcos High
177 37.0.14.203 - Remcos High
178 37.0.14.204 - Remcos High
179 37.0.14.206 - Remcos High
180 37.0.14.207 - Remcos High
181 37.0.14.209 - Remcos High
182 37.0.14.210 host-37-0-14-210.static.deli-one.co.uk Remcos High
183 37.0.14.211 - Remcos High
184 37.0.14.216 - Remcos High
185 37.0.14.217 - Remcos High
186 37.1.206.16 free.ispiria.net Remcos High
187 37.1.206.146 - Remcos High
188 37.1.207.27 - Remcos High
189 37.1.207.123 - Remcos High
190 37.1.218.181 - Remcos High
191 37.1.222.252 fmts.to Remcos High
192 37.1.222.255 broadcast.spec.ispiria.net Remcos High
193 37.19.193.217 unn-37-19-193-217.cdn77.com Remcos High
194 37.46.150.207 - Remcos High
195 37.46.150.211 convert-concern.needratio.com Remcos High
196 37.48.89.8 - Remcos High
197 37.120.138.222 - Remcos High
198 37.120.155.179 - Remcos High
199 37.120.210.219 - Remcos High
200 37.120.217.243 - Remcos High
201 37.120.234.11 no-rdns.m247.com Remcos High
202 37.123.118.150 - Remcos High
203 37.139.64.106 - Remcos High
204 37.139.128.4 - Remcos High
205 37.139.128.24 - Remcos High
206 37.139.129.142 - Remcos High
207 37.139.129.251 - Remcos High
208 37.217.2.176 - Remcos High
209 37.230.130.153 - Remcos High
210 37.230.178.57 - Remcos High
211 37.235.1.174 resolver1.freedns.zone.powered.by.virtexxa.com Remcos High
212 37.235.1.177 resolver2.freedns.zone.powered.by.virtexxa.com Remcos High
213 37.252.10.80 - Remcos High
214 37.252.11.23 - Remcos High
215 37.252.11.66 - Remcos High
216 38.26.191.78 - Remcos High
217 38.68.53.190 - Remcos High
218 38.242.134.118 vmi997441.contaboserver.net Remcos High
219 38.242.193.23 vmi1299973.contaboserver.net Remcos High
220 38.242.246.175 vmi838644.contaboserver.net Remcos High
221 40.126.26.134 - Remcos High
222 40.126.28.12 - Remcos High
223 40.126.28.22 - Remcos High
224 41.190.3.209 www.9mobile.com.ng Remcos High
225 41.216.183.96 - Remcos High
226 41.216.183.195 - Remcos High
227 41.216.183.226 - Remcos High
228 43.226.229.83 - Remcos High
229 44.31.248.7 - Remcos High
230 44.230.27.49 ec2-44-230-27-49.us-west-2.compute.amazonaws.com Remcos Medium
231 44.238.161.76 ec2-44-238-161-76.us-west-2.compute.amazonaws.com Remcos Medium
232 45.12.253.189 - Remcos High
233 45.12.253.190 - Remcos High
234 45.15.143.148 - Remcos High
235 45.40.96.248 45-40-96-248.masterdaweb.com Remcos High
236 45.62.170.73 - Remcos High
237 45.62.170.248 - Remcos High
238 45.66.151.212 - Remcos High
239 45.66.230.229 - Remcos High
240 45.67.231.82 vm906070.stark-industries.solutions Remcos High
241 45.74.19.42 - Remcos High
242 45.74.32.12 - Remcos High
243 45.76.221.195 45.76.221.195.vultrusercontent.com Remcos High
244 45.81.39.21 - Remcos High
245 45.81.243.246 - Remcos High
246 45.82.84.10 45.82.84.10.deltahost-ptr Remcos High
247 45.83.129.166 - Remcos High
248 45.87.61.104 - Remcos High
249 45.88.66.122 runningegg.xyz Remcos High
250 45.90.222.204 45-90-222-204-hostedby.bcr.host Remcos High
251 45.95.168.62 maxko-hosting.com Remcos High
252 45.95.169.102 - Remcos High
253 45.95.169.117 - Remcos High
254 45.95.169.140 - Remcos High
255 45.95.169.191 - Remcos High
256 45.128.234.54 - Remcos High
257 45.133.1.34 - Remcos High
258 45.133.1.47 - Remcos High
259 45.133.1.72 - Remcos High
260 45.133.174.55 - Remcos High
261 45.133.174.77 - Remcos High
262 45.133.174.177 - Remcos High
263 45.133.174.187 - Remcos High
264 45.135.128.195 45.135.128.195.static.quadranet.com Remcos High
265 45.137.22.36 hosted-by.rootlayer.net Remcos High
266 45.137.22.45 hosted-by.rootlayer.net Remcos High
267 45.137.22.52 hosted-by.rootlayer.net Remcos High
268 45.137.22.77 mail.governorsperic.xyz Remcos High
269 45.137.22.101 hosted-by.rootlayer.net Remcos High
270 45.137.22.104 hosted-by.rootlayer.net Remcos High
271 45.137.22.107 hosted-by.rootlayer.net Remcos High
272 45.137.22.116 hosted-by.rootlayer.net Remcos High
273 45.137.22.136 hosted-by.rootlayer.net Remcos High
274 45.137.22.236 hosted-by.rootlayer.net Remcos High
275 45.137.22.248 hosted-by.rootlayer.net Remcos High
276 45.137.22.250 hosted-by.rootlayer.net Remcos High
277 45.137.116.253 rs-zap1025641-3.zap-srv.com Remcos High
278 45.137.118.105 - Remcos High
279 45.138.16.39 - Remcos High
280 45.138.172.94 - Remcos High
281 45.139.105.174 - Remcos High
282 45.141.152.68 45-141-152-68.pool.ovpn.com Remcos High
283 45.144.225.112 - Remcos High
284 45.144.225.213 - Remcos High
285 45.144.225.221 - Remcos High
286 45.148.17.62 mail.spokel.se Remcos High
287 45.153.240.189 - Remcos High
288 45.154.4.64 - Remcos High
289 45.155.7.187 7-187.static.ipcserver.net Remcos High
290 45.155.165.117 - Remcos High
291 45.155.165.139 - Remcos High
292 45.155.165.160 - Remcos High
293 46.0.234.90 46x0x234x90.dynamic.samara.ertelecom.ru Remcos High
294 46.2.255.122 - Remcos High
295 46.8.211.72 - Remcos High
296 46.21.147.82 46-21-147-82.static.hvvc.us Remcos High
297 46.21.250.36 3959325.ds-b.had.pm Remcos High
298 46.105.127.143 ns385442.ip-46-105-127.eu Remcos High
299 46.165.221.14 - Remcos High
300 46.183.216.163 tagoe.lstartanalystconcepts.org.uk Remcos High
301 46.183.217.11 raimis.comanchor.com Remcos High
302 46.183.220.15 ip-220-15.dataclub.info Remcos High
303 46.183.220.61 ip-220-61.dataclub.info Remcos High
304 46.183.220.67 ip-220-67.dataclub.info Remcos High
305 46.183.220.203 ip-220-203.dataclub.info Remcos High
306 46.183.223.57 ip-223-57.dataclub.info Remcos High
307 46.243.147.194 - Remcos High
308 46.243.239.36 - Remcos High
309 46.243.239.153 - Remcos High
310 46.243.249.150 - Remcos High
311 46.246.6.9 c-46-246-6-9.ip4.frootvpn.com Remcos High
312 46.246.34.52 46-246-34-52.static.glesys.net Remcos High
313 46.246.80.68 c-46-246-80-68.ip4.frootvpn.com Remcos High
314 46.249.58.40 yufrt.g5.housinglandshares.info UAC-0050 High
315 46.249.62.250 - Remcos High
316 47.254.172.117 - Remcos High
317 49.12.86.61 static.61.86.12.49.clients.your-server.de Remcos High
318 50.16.234.229 ec2-50-16-234-229.compute-1.amazonaws.com Remcos Medium
319 50.63.202.36 ip-50-63-202-36.ip.secureserver.net Remcos High
320 51.15.229.127 127-229-15-51.instances.scw.cloud Remcos High
321 51.75.209.242 ip242.ip-51-75-209.eu Remcos High
322 51.75.209.245 ip245.ip-51-75-209.eu Remcos High
323 51.79.177.107 ns5003406.ip-51-79-177.net Remcos High
324 51.81.193.203 ip203.ip-51-81-193.us Remcos High
325 51.89.201.42 ip42.ip-51-89-201.eu Remcos High
326 51.89.208.8 ip8.ip-51-89-208.eu Remcos High
327 51.91.236.193 cluster028.hosting.ovh.net Remcos High
328 51.103.16.165 - Remcos High
329 51.161.212.232 ip232.ip-51-161-212.net Remcos High
330 51.195.57.234 ip234.ip-51-195-57.eu Remcos High
331 51.210.137.26 ip26.ip-51-210-137.eu Remcos High
332 51.210.170.199 ip199.ip-51-210-170.eu Remcos High
333 51.222.10.175 ns575857.ip-51-222-10.net Remcos High
334 51.222.96.164 ip164.ip-51-222-96.net Remcos High
335 52.0.220.152 ec2-52-0-220-152.compute-1.amazonaws.com Remcos Medium
336 52.9.61.96 ec2-52-9-61-96.us-west-1.compute.amazonaws.com Remcos Medium
337 52.15.61.57 ec2-52-15-61-57.us-east-2.compute.amazonaws.com Remcos Medium
338 52.58.78.16 ec2-52-58-78-16.eu-central-1.compute.amazonaws.com Remcos Medium
339 52.72.49.79 ec2-52-72-49-79.compute-1.amazonaws.com Remcos Medium
340 52.85.144.68 server-52-85-144-68.iad89.r.cloudfront.net Remcos High
341 52.85.144.86 server-52-85-144-86.iad89.r.cloudfront.net Remcos High
342 52.114.158.50 - Remcos High
343 52.152.223.228 - Remcos High
344 52.168.117.173 - Remcos High
345 52.188.19.78 - Remcos High
346 54.36.226.161 ip161.ip-54-36-226.eu Remcos High
347 54.36.251.117 - Remcos High
348 54.37.140.61 ip61.ip-54-37-140.eu Remcos High
349 54.37.160.139 ip139.ip-54-37-160.eu Remcos High
350 54.37.235.82 82.ip-54-37-235.eu Remcos High
351 54.39.30.229 ip229.ip-54-39-30.net Remcos High
352 54.39.36.52 ip52.ip-54-39-36.net Remcos High
353 54.39.198.226 ip226.ip-54-39-198.net Remcos High
354 54.81.163.76 ec2-54-81-163-76.compute-1.amazonaws.com Remcos Medium
355 54.174.11.26 ec2-54-174-11-26.compute-1.amazonaws.com Remcos Medium
356 54.219.186.60 ec2-54-219-186-60.us-west-1.compute.amazonaws.com Remcos Medium
357 54.225.66.103 ec2-54-225-66-103.compute-1.amazonaws.com Remcos Medium
358 54.225.71.235 ec2-54-225-71-235.compute-1.amazonaws.com Remcos Medium
359 54.225.179.85 ec2-54-225-179-85.compute-1.amazonaws.com Remcos Medium
360 54.235.173.43 ec2-54-235-173-43.compute-1.amazonaws.com Remcos Medium
361 54.243.186.202 ec2-54-243-186-202.compute-1.amazonaws.com Remcos Medium
362 54.254.255.10 ec2-54-254-255-10.ap-southeast-1.compute.amazonaws.com Remcos Medium
363 59.110.239.147 - Remcos High
364 ... ... ... ...

There are 1451 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used within Remcos. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1006 CWE-21, CWE-22, CWE-23, CWE-24, CWE-29 Pathname Traversal High
2 T1040 CWE-294 Authentication Bypass by Capture-replay High
3 T1055 CWE-74 Injection High
4 T1059 CWE-88, CWE-94, CWE-1321 Cross Site Scripting High
5 T1059.007 CWE-79, CWE-80 Cross Site Scripting High
6 ... ... ... ...

There are 19 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration during Remcos. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File /.env Low
2 File //proc/kcore Medium
3 File /admin/action/delete-vaccine.php High
4 File /admin/action/new-father.php High
5 File /admin/general.cgi High
6 File /admin/index2.html High
7 File /admin/pages/subjects.php High
8 File /admin/students/manage_academic.php High
9 File /api/admin/system/store/order/list High
10 File /api/baskets/{name} High
11 File /api/v4/teams//channels/deleted High
12 File /api/v4/users/ids High
13 File /app/index/controller/Common.php High
14 File /bin/boa Medium
15 File /bitrix/admin/ldap_server_edit.php High
16 File /cgi-bin/cstecgi.cgi High
17 File /cgi-bin/cstecgi.cgi?action=login High
18 File /edit/server Medium
19 File /etc/shadow Medium
20 File /forms/doLogin High
21 File /forum/away.php High
22 File /h/autoSaveDraft High
23 File /HNAP1/ Low
24 File /index.php Medium
25 File /listplace/user/ticket/create High
26 File /manage/IPSetup.php High
27 File /modules/projects/vw_files.php High
28 File /nagiosxi/admin/banner_message-ajaxhelper.php High
29 File /novel/bookSetting/list High
30 File /oauth/idp/.well-known/openid-configuration High
31 File /protocol/iscgwtunnel/uploadiscgwrouteconf.php High
32 File /showfile.php High
33 File /sqlite3_aflpp/shell.c High
34 File /student/bookdetails.php High
35 File /sysmanage/importconf.php High
36 ... ... ...

There are 311 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the campaign and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2024 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!