mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-03 08:58:21 +00:00
287 lines
20 KiB
Markdown
287 lines
20 KiB
Markdown
# Kenya Unknown - Cyber Threat Intelligence
|
|
|
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Kenya Unknown](https://vuldb.com/?actor.kenya_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
|
|
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.kenya_unknown](https://vuldb.com/?actor.kenya_unknown)
|
|
|
|
## Countries
|
|
|
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Kenya Unknown:
|
|
|
|
* [KE](https://vuldb.com/?country.ke)
|
|
* [US](https://vuldb.com/?country.us)
|
|
|
|
## IOC - Indicator of Compromise
|
|
|
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Kenya Unknown.
|
|
|
|
ID | IP address | Hostname | Campaign | Confidence
|
|
-- | ---------- | -------- | -------- | ----------
|
|
1 | [2.17.161.0](https://vuldb.com/?ip.2.17.161.0) | a2-17-161-0.deploy.static.akamaitechnologies.com | - | High
|
|
2 | [5.11.9.0](https://vuldb.com/?ip.5.11.9.0) | - | - | High
|
|
3 | [5.62.60.196](https://vuldb.com/?ip.5.62.60.196) | r-196-60-62-5.consumer-pool.prcdn.net | - | High
|
|
4 | [5.62.62.188](https://vuldb.com/?ip.5.62.62.188) | r-188-62-62-5.consumer-pool.prcdn.net | - | High
|
|
5 | [8.254.149.0](https://vuldb.com/?ip.8.254.149.0) | - | - | High
|
|
6 | [13.104.140.9](https://vuldb.com/?ip.13.104.140.9) | - | - | High
|
|
7 | [13.104.140.10](https://vuldb.com/?ip.13.104.140.10) | - | - | High
|
|
8 | [13.104.140.126](https://vuldb.com/?ip.13.104.140.126) | - | - | High
|
|
9 | [13.104.140.128](https://vuldb.com/?ip.13.104.140.128) | - | - | High
|
|
10 | [13.248.120.160](https://vuldb.com/?ip.13.248.120.160) | - | - | High
|
|
11 | [13.248.120.192](https://vuldb.com/?ip.13.248.120.192) | - | - | High
|
|
12 | [14.137.168.0](https://vuldb.com/?ip.14.137.168.0) | ecs-14-137-168-0.compute.hwclouds-dns.com | - | High
|
|
13 | [23.247.133.0](https://vuldb.com/?ip.23.247.133.0) | - | - | High
|
|
14 | [34.99.128.0](https://vuldb.com/?ip.34.99.128.0) | 0.128.99.34.bc.googleusercontent.com | - | Medium
|
|
15 | [34.99.200.0](https://vuldb.com/?ip.34.99.200.0) | 0.200.99.34.bc.googleusercontent.com | - | Medium
|
|
16 | [34.103.144.0](https://vuldb.com/?ip.34.103.144.0) | 0.144.103.34.bc.googleusercontent.com | - | Medium
|
|
17 | [34.103.218.0](https://vuldb.com/?ip.34.103.218.0) | 0.218.103.34.bc.googleusercontent.com | - | Medium
|
|
18 | [34.124.66.0](https://vuldb.com/?ip.34.124.66.0) | 0.66.124.34.bc.googleusercontent.com | - | Medium
|
|
19 | [40.90.65.66](https://vuldb.com/?ip.40.90.65.66) | - | - | High
|
|
20 | [40.90.65.68](https://vuldb.com/?ip.40.90.65.68) | - | - | High
|
|
21 | [41.57.96.0](https://vuldb.com/?ip.41.57.96.0) | - | - | High
|
|
22 | [41.60.28.0](https://vuldb.com/?ip.41.60.28.0) | - | - | High
|
|
23 | [41.60.133.0](https://vuldb.com/?ip.41.60.133.0) | xe-0-0-1.lke-p2-msa.liquidtelecom.net | - | High
|
|
24 | [41.60.136.0](https://vuldb.com/?ip.41.60.136.0) | lo-0.lke-cl1-accs-me3600-innscor-simbisa-hq.liquidtelecom.net | - | High
|
|
25 | [41.60.137.0](https://vuldb.com/?ip.41.60.137.0) | teng0-1-lke-acc-me3600-daystar-athiriver.liquidtelecom.net | - | High
|
|
26 | [41.60.137.32](https://vuldb.com/?ip.41.60.137.32) | to-pside-7450-10g-mbs-rd-7750-sr7-dc.liquidtelecom.net | - | High
|
|
27 | [41.60.137.48](https://vuldb.com/?ip.41.60.137.48) | 41.60.137.48.liquidtelecom.net | - | High
|
|
28 | [41.60.137.56](https://vuldb.com/?ip.41.60.137.56) | 41.60.137.56.liquidtelecom.net | - | High
|
|
29 | [41.60.137.60](https://vuldb.com/?ip.41.60.137.60) | 41.60.137.60.liquidtelecom.net | - | High
|
|
30 | [41.60.137.64](https://vuldb.com/?ip.41.60.137.64) | to-afraha-a-7750-sr-dawsonville.liquidtelecom.net | - | High
|
|
31 | [41.60.137.128](https://vuldb.com/?ip.41.60.137.128) | 41.60.137.128.liquidtelecom.net | - | High
|
|
32 | [41.60.138.0](https://vuldb.com/?ip.41.60.138.0) | to-total-bitumen-7450-ess1-nestle.liquidtelecom.net | - | High
|
|
33 | [41.60.140.0](https://vuldb.com/?ip.41.60.140.0) | - | - | High
|
|
34 | [41.60.146.0](https://vuldb.com/?ip.41.60.146.0) | - | - | High
|
|
35 | [41.60.198.0](https://vuldb.com/?ip.41.60.198.0) | - | - | High
|
|
36 | [41.60.210.0](https://vuldb.com/?ip.41.60.210.0) | - | - | High
|
|
37 | [41.60.217.0](https://vuldb.com/?ip.41.60.217.0) | - | - | High
|
|
38 | [41.60.225.0](https://vuldb.com/?ip.41.60.225.0) | - | - | High
|
|
39 | [41.60.226.0](https://vuldb.com/?ip.41.60.226.0) | - | - | High
|
|
40 | [41.60.228.0](https://vuldb.com/?ip.41.60.228.0) | - | - | High
|
|
41 | [41.60.228.8](https://vuldb.com/?ip.41.60.228.8) | 41.60.228.8.liquidtelecom.net | - | High
|
|
42 | [41.60.228.12](https://vuldb.com/?ip.41.60.228.12) | 41.60.228.12.liquidtelecom.net | - | High
|
|
43 | [41.60.228.15](https://vuldb.com/?ip.41.60.228.15) | 41.60.228.15.liquidtelecom.net | - | High
|
|
44 | [41.60.228.16](https://vuldb.com/?ip.41.60.228.16) | 41.60.228.16.liquidtelecom.net | - | High
|
|
45 | [41.60.228.32](https://vuldb.com/?ip.41.60.228.32) | 41.60.228.32.liquidtelecom.net | - | High
|
|
46 | [41.60.228.64](https://vuldb.com/?ip.41.60.228.64) | 41.60.228.64.liquidtelecom.net | - | High
|
|
47 | [41.60.228.128](https://vuldb.com/?ip.41.60.228.128) | 41.60.228.128.liquidtelecom.net | - | High
|
|
48 | [41.60.231.0](https://vuldb.com/?ip.41.60.231.0) | - | - | High
|
|
49 | [41.60.231.48](https://vuldb.com/?ip.41.60.231.48) | 41.60.231.48.liquidtelecom.net | - | High
|
|
50 | [41.60.231.56](https://vuldb.com/?ip.41.60.231.56) | 41.60.231.56.liquidtelecom.net | - | High
|
|
51 | [41.60.231.64](https://vuldb.com/?ip.41.60.231.64) | 41.60.231.64.liquidtelecom.net | - | High
|
|
52 | [41.60.231.128](https://vuldb.com/?ip.41.60.231.128) | 41.60.231.128.liquidtelecom.net | - | High
|
|
53 | [41.60.232.0](https://vuldb.com/?ip.41.60.232.0) | - | - | High
|
|
54 | [41.60.234.0](https://vuldb.com/?ip.41.60.234.0) | - | - | High
|
|
55 | [41.60.235.0](https://vuldb.com/?ip.41.60.235.0) | - | - | High
|
|
56 | [41.60.235.34](https://vuldb.com/?ip.41.60.235.34) | - | - | High
|
|
57 | [41.60.235.36](https://vuldb.com/?ip.41.60.235.36) | - | - | High
|
|
58 | [41.60.235.40](https://vuldb.com/?ip.41.60.235.40) | - | - | High
|
|
59 | [41.60.235.48](https://vuldb.com/?ip.41.60.235.48) | - | - | High
|
|
60 | [41.60.235.64](https://vuldb.com/?ip.41.60.235.64) | - | - | High
|
|
61 | [41.60.235.128](https://vuldb.com/?ip.41.60.235.128) | - | - | High
|
|
62 | [41.60.236.0](https://vuldb.com/?ip.41.60.236.0) | - | - | High
|
|
63 | [41.60.240.0](https://vuldb.com/?ip.41.60.240.0) | - | - | High
|
|
64 | [41.60.248.0](https://vuldb.com/?ip.41.60.248.0) | - | - | High
|
|
65 | [41.60.249.0](https://vuldb.com/?ip.41.60.249.0) | - | - | High
|
|
66 | [41.60.254.0](https://vuldb.com/?ip.41.60.254.0) | lo-0.lke-cl3-accs-acx2200-sameer-hq-riverside.liquidtelecom.net | - | High
|
|
67 | [41.72.160.0](https://vuldb.com/?ip.41.72.160.0) | - | - | High
|
|
68 | [41.72.192.0](https://vuldb.com/?ip.41.72.192.0) | - | - | High
|
|
69 | [41.72.196.0](https://vuldb.com/?ip.41.72.196.0) | - | - | High
|
|
70 | [41.72.199.0](https://vuldb.com/?ip.41.72.199.0) | - | - | High
|
|
71 | [41.72.200.0](https://vuldb.com/?ip.41.72.200.0) | - | - | High
|
|
72 | [41.72.202.0](https://vuldb.com/?ip.41.72.202.0) | - | - | High
|
|
73 | [41.72.203.0](https://vuldb.com/?ip.41.72.203.0) | - | - | High
|
|
74 | [41.72.204.0](https://vuldb.com/?ip.41.72.204.0) | - | - | High
|
|
75 | [41.72.204.216](https://vuldb.com/?ip.41.72.204.216) | 41.72.204.216.liquidtelecom.net | - | High
|
|
76 | [41.72.205.134](https://vuldb.com/?ip.41.72.205.134) | 41.72.205.134.liquidtelecom.net | - | High
|
|
77 | [41.72.205.208](https://vuldb.com/?ip.41.72.205.208) | 41.72.205.208.liquidtelecom.net | - | High
|
|
78 | [41.72.206.0](https://vuldb.com/?ip.41.72.206.0) | - | - | High
|
|
79 | [41.72.208.0](https://vuldb.com/?ip.41.72.208.0) | - | - | High
|
|
80 | [41.72.210.24](https://vuldb.com/?ip.41.72.210.24) | 41.72.210.24.liquidtelecom.net | - | High
|
|
81 | [41.72.210.204](https://vuldb.com/?ip.41.72.210.204) | 41.72.210.204.liquidtelecom.net | - | High
|
|
82 | [41.72.211.40](https://vuldb.com/?ip.41.72.211.40) | 41.72.211.40.liquidtelecom.net | - | High
|
|
83 | [41.72.211.48](https://vuldb.com/?ip.41.72.211.48) | 41.72.211.48.liquidtelecom.net | - | High
|
|
84 | [41.72.212.0](https://vuldb.com/?ip.41.72.212.0) | - | - | High
|
|
85 | [41.72.215.0](https://vuldb.com/?ip.41.72.215.0) | - | - | High
|
|
86 | [41.72.216.0](https://vuldb.com/?ip.41.72.216.0) | - | - | High
|
|
87 | [41.72.217.80](https://vuldb.com/?ip.41.72.217.80) | 41.72.217.80.liquidtelecom.net | - | High
|
|
88 | [41.72.222.16](https://vuldb.com/?ip.41.72.222.16) | 41.72.222.16.liquidtelecom.net | - | High
|
|
89 | [41.72.222.144](https://vuldb.com/?ip.41.72.222.144) | 41.72.222.144.liquidtelecom.net | - | High
|
|
90 | [41.72.222.160](https://vuldb.com/?ip.41.72.222.160) | 41.72.222.160.liquidtelecom.net | - | High
|
|
91 | [41.72.222.192](https://vuldb.com/?ip.41.72.222.192) | 41.72.222.192.liquidtelecom.net | - | High
|
|
92 | [41.75.32.0](https://vuldb.com/?ip.41.75.32.0) | - | - | High
|
|
93 | [41.75.144.0](https://vuldb.com/?ip.41.75.144.0) | - | - | High
|
|
94 | [41.75.176.0](https://vuldb.com/?ip.41.75.176.0) | 41-75-176-0.tangerine.co.ug | - | High
|
|
95 | [41.76.168.0](https://vuldb.com/?ip.41.76.168.0) | - | - | High
|
|
96 | [41.76.184.0](https://vuldb.com/?ip.41.76.184.0) | - | - | High
|
|
97 | [41.78.24.0](https://vuldb.com/?ip.41.78.24.0) | - | - | High
|
|
98 | [41.78.188.55](https://vuldb.com/?ip.41.78.188.55) | cr1-tmk-et8.wolcomm.net | - | High
|
|
99 | [41.78.188.56](https://vuldb.com/?ip.41.78.188.56) | cr1-enk-et49-1.wolcomm.net | - | High
|
|
100 | [41.78.188.154](https://vuldb.com/?ip.41.78.188.154) | - | - | High
|
|
101 | [41.78.188.212](https://vuldb.com/?ip.41.78.188.212) | cr1-enk-et50-1.wolcomm.net | - | High
|
|
102 | [41.78.188.236](https://vuldb.com/?ip.41.78.188.236) | cr1-tmk-et48.wolcomm.net | - | High
|
|
103 | [41.78.188.240](https://vuldb.com/?ip.41.78.188.240) | cr1-enk-et48.wolcomm.net | - | High
|
|
104 | [41.78.188.244](https://vuldb.com/?ip.41.78.188.244) | cr2-tmk-et45.wolcomm.net | - | High
|
|
105 | [41.78.188.246](https://vuldb.com/?ip.41.78.188.246) | cr1-tmk-et45.wolcomm.net | - | High
|
|
106 | [41.78.189.96](https://vuldb.com/?ip.41.78.189.96) | cr1-enk-lo0.wolcomm.net | - | High
|
|
107 | [41.78.189.100](https://vuldb.com/?ip.41.78.189.100) | esr1-enk-lo0.wolcomm.net | - | High
|
|
108 | [41.79.8.0](https://vuldb.com/?ip.41.79.8.0) | - | - | High
|
|
109 | [41.79.168.0](https://vuldb.com/?ip.41.79.168.0) | - | - | High
|
|
110 | [41.79.228.0](https://vuldb.com/?ip.41.79.228.0) | - | - | High
|
|
111 | [41.79.252.0](https://vuldb.com/?ip.41.79.252.0) | - | - | High
|
|
112 | [41.79.255.0](https://vuldb.com/?ip.41.79.255.0) | - | - | High
|
|
113 | [41.80.0.0](https://vuldb.com/?ip.41.80.0.0) | - | - | High
|
|
114 | [41.84.128.0](https://vuldb.com/?ip.41.84.128.0) | - | - | High
|
|
115 | [41.84.136.0](https://vuldb.com/?ip.41.84.136.0) | - | - | High
|
|
116 | [41.84.136.64](https://vuldb.com/?ip.41.84.136.64) | - | - | High
|
|
117 | [41.84.136.128](https://vuldb.com/?ip.41.84.136.128) | - | - | High
|
|
118 | [41.84.137.0](https://vuldb.com/?ip.41.84.137.0) | - | - | High
|
|
119 | [41.84.138.0](https://vuldb.com/?ip.41.84.138.0) | - | - | High
|
|
120 | [41.84.140.0](https://vuldb.com/?ip.41.84.140.0) | - | - | High
|
|
121 | [41.84.143.0](https://vuldb.com/?ip.41.84.143.0) | - | - | High
|
|
122 | [41.84.144.0](https://vuldb.com/?ip.41.84.144.0) | - | - | High
|
|
123 | [41.84.148.0](https://vuldb.com/?ip.41.84.148.0) | - | - | High
|
|
124 | [41.84.150.0](https://vuldb.com/?ip.41.84.150.0) | - | - | High
|
|
125 | [41.84.152.0](https://vuldb.com/?ip.41.84.152.0) | - | - | High
|
|
126 | [41.84.153.0](https://vuldb.com/?ip.41.84.153.0) | - | - | High
|
|
127 | [41.84.153.64](https://vuldb.com/?ip.41.84.153.64) | - | - | High
|
|
128 | [41.84.153.112](https://vuldb.com/?ip.41.84.153.112) | - | - | High
|
|
129 | [41.84.153.128](https://vuldb.com/?ip.41.84.153.128) | - | - | High
|
|
130 | [41.84.153.176](https://vuldb.com/?ip.41.84.153.176) | - | - | High
|
|
131 | [41.84.153.192](https://vuldb.com/?ip.41.84.153.192) | - | - | High
|
|
132 | [41.84.154.0](https://vuldb.com/?ip.41.84.154.0) | - | - | High
|
|
133 | [41.84.156.0](https://vuldb.com/?ip.41.84.156.0) | - | - | High
|
|
134 | [41.84.158.0](https://vuldb.com/?ip.41.84.158.0) | - | - | High
|
|
135 | [41.84.192.0](https://vuldb.com/?ip.41.84.192.0) | - | - | High
|
|
136 | [41.84.204.0](https://vuldb.com/?ip.41.84.204.0) | - | - | High
|
|
137 | [41.87.96.0](https://vuldb.com/?ip.41.87.96.0) | - | - | High
|
|
138 | [41.87.100.0](https://vuldb.com/?ip.41.87.100.0) | - | - | High
|
|
139 | [41.87.101.0](https://vuldb.com/?ip.41.87.101.0) | - | - | High
|
|
140 | [41.87.105.0](https://vuldb.com/?ip.41.87.105.0) | - | - | High
|
|
141 | [41.87.127.252](https://vuldb.com/?ip.41.87.127.252) | ntp2.seacomnet.com | - | High
|
|
142 | [41.89.0.0](https://vuldb.com/?ip.41.89.0.0) | - | - | High
|
|
143 | [41.90.0.0](https://vuldb.com/?ip.41.90.0.0) | - | - | High
|
|
144 | [41.138.240.0](https://vuldb.com/?ip.41.138.240.0) | - | - | High
|
|
145 | [41.138.246.0](https://vuldb.com/?ip.41.138.246.0) | - | - | High
|
|
146 | [41.138.248.0](https://vuldb.com/?ip.41.138.248.0) | - | - | High
|
|
147 | [41.139.128.0](https://vuldb.com/?ip.41.139.128.0) | - | - | High
|
|
148 | [41.175.32.0](https://vuldb.com/?ip.41.175.32.0) | - | - | High
|
|
149 | [41.175.51.0](https://vuldb.com/?ip.41.175.51.0) | - | - | High
|
|
150 | [41.175.52.0](https://vuldb.com/?ip.41.175.52.0) | - | - | High
|
|
151 | [41.175.56.0](https://vuldb.com/?ip.41.175.56.0) | - | - | High
|
|
152 | [41.175.212.0](https://vuldb.com/?ip.41.175.212.0) | - | - | High
|
|
153 | [41.175.212.3](https://vuldb.com/?ip.41.175.212.3) | - | - | High
|
|
154 | [41.175.212.4](https://vuldb.com/?ip.41.175.212.4) | - | - | High
|
|
155 | [41.175.212.8](https://vuldb.com/?ip.41.175.212.8) | - | - | High
|
|
156 | [41.175.212.16](https://vuldb.com/?ip.41.175.212.16) | - | - | High
|
|
157 | [41.175.212.32](https://vuldb.com/?ip.41.175.212.32) | - | - | High
|
|
158 | [41.175.212.64](https://vuldb.com/?ip.41.175.212.64) | - | - | High
|
|
159 | [41.175.212.128](https://vuldb.com/?ip.41.175.212.128) | - | - | High
|
|
160 | [41.175.216.0](https://vuldb.com/?ip.41.175.216.0) | - | - | High
|
|
161 | [41.175.224.0](https://vuldb.com/?ip.41.175.224.0) | - | - | High
|
|
162 | [41.175.228.0](https://vuldb.com/?ip.41.175.228.0) | - | - | High
|
|
163 | [41.175.229.0](https://vuldb.com/?ip.41.175.229.0) | - | - | High
|
|
164 | [41.175.229.128](https://vuldb.com/?ip.41.175.229.128) | - | - | High
|
|
165 | [41.175.229.192](https://vuldb.com/?ip.41.175.229.192) | - | - | High
|
|
166 | [41.175.229.224](https://vuldb.com/?ip.41.175.229.224) | - | - | High
|
|
167 | [41.175.229.240](https://vuldb.com/?ip.41.175.229.240) | - | - | High
|
|
168 | [41.175.229.248](https://vuldb.com/?ip.41.175.229.248) | - | - | High
|
|
169 | [41.175.229.252](https://vuldb.com/?ip.41.175.229.252) | - | - | High
|
|
170 | [41.175.230.0](https://vuldb.com/?ip.41.175.230.0) | - | - | High
|
|
171 | [41.175.232.0](https://vuldb.com/?ip.41.175.232.0) | - | - | High
|
|
172 | [41.175.242.111](https://vuldb.com/?ip.41.175.242.111) | xe-1-1-0-1.lke-p2-msa.liquidtelecom.net | - | High
|
|
173 | [41.175.255.0](https://vuldb.com/?ip.41.175.255.0) | - | - | High
|
|
174 | [41.190.156.0](https://vuldb.com/?ip.41.190.156.0) | - | - | High
|
|
175 | [41.191.192.0](https://vuldb.com/?ip.41.191.192.0) | - | - | High
|
|
176 | [41.191.224.0](https://vuldb.com/?ip.41.191.224.0) | - | - | High
|
|
177 | [41.191.227.0](https://vuldb.com/?ip.41.191.227.0) | - | - | High
|
|
178 | [41.191.228.236](https://vuldb.com/?ip.41.191.228.236) | 41.191.228.236.liquidtelecom.net | - | High
|
|
179 | [41.191.229.76](https://vuldb.com/?ip.41.191.229.76) | 41.191.229.76.liquidtelecom.net | - | High
|
|
180 | [41.191.230.0](https://vuldb.com/?ip.41.191.230.0) | - | - | High
|
|
181 | [41.191.231.16](https://vuldb.com/?ip.41.191.231.16) | 41.191.231.16.liquidtelecom.net | - | High
|
|
182 | [41.194.23.192](https://vuldb.com/?ip.41.194.23.192) | - | - | High
|
|
183 | [41.194.30.0](https://vuldb.com/?ip.41.194.30.0) | - | - | High
|
|
184 | [41.194.44.0](https://vuldb.com/?ip.41.194.44.0) | - | - | High
|
|
185 | [41.194.49.0](https://vuldb.com/?ip.41.194.49.0) | - | - | High
|
|
186 | [41.194.68.0](https://vuldb.com/?ip.41.194.68.0) | - | - | High
|
|
187 | [41.203.208.0](https://vuldb.com/?ip.41.203.208.0) | - | - | High
|
|
188 | [41.204.160.0](https://vuldb.com/?ip.41.204.160.0) | - | - | High
|
|
189 | [41.206.32.0](https://vuldb.com/?ip.41.206.32.0) | - | - | High
|
|
190 | [41.206.97.0](https://vuldb.com/?ip.41.206.97.0) | - | - | High
|
|
191 | [41.206.99.0](https://vuldb.com/?ip.41.206.99.0) | - | - | High
|
|
192 | [41.206.100.0](https://vuldb.com/?ip.41.206.100.0) | - | - | High
|
|
193 | [41.206.109.0](https://vuldb.com/?ip.41.206.109.0) | - | - | High
|
|
194 | [41.206.112.0](https://vuldb.com/?ip.41.206.112.0) | - | - | High
|
|
195 | [41.206.116.0](https://vuldb.com/?ip.41.206.116.0) | - | - | High
|
|
196 | [41.206.161.0](https://vuldb.com/?ip.41.206.161.0) | - | - | High
|
|
197 | [41.206.163.0](https://vuldb.com/?ip.41.206.163.0) | - | - | High
|
|
198 | [41.206.171.0](https://vuldb.com/?ip.41.206.171.0) | - | - | High
|
|
199 | [41.206.185.0](https://vuldb.com/?ip.41.206.185.0) | - | - | High
|
|
200 | [41.207.64.0](https://vuldb.com/?ip.41.207.64.0) | - | - | High
|
|
201 | [41.207.96.0](https://vuldb.com/?ip.41.207.96.0) | - | - | High
|
|
202 | ... | ... | ... | ...
|
|
|
|
There are 805 more IOC items available. Please use our online service to access the data.
|
|
|
|
## TTP - Tactics, Techniques, Procedures
|
|
|
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Kenya Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Technique | Weakness | Description | Confidence
|
|
-- | --------- | -------- | ----------- | ----------
|
|
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
|
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
|
3 | T1055 | CWE-74 | Injection | High
|
|
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
|
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
|
6 | ... | ... | ... | ...
|
|
|
|
There are 18 more TTP items available. Please use our online service to access the data.
|
|
|
|
## IOA - Indicator of Attack
|
|
|
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Kenya Unknown. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Type | Indicator | Confidence
|
|
-- | ---- | --------- | ----------
|
|
1 | File | `.htaccess` | Medium
|
|
2 | File | `/+CSCOE+/logon.html` | High
|
|
3 | File | `/admin/students/manage.php` | High
|
|
4 | File | `/administrator/components/table_manager/` | High
|
|
5 | File | `/api/baskets/{name}` | High
|
|
6 | File | `/balance/service/list` | High
|
|
7 | File | `/cgi-bin/system_mgr.cgi` | High
|
|
8 | File | `/goform/form2Wan.cgi` | High
|
|
9 | File | `/goform/WifiGuestSet` | High
|
|
10 | File | `/HNAP1/SetClientInfo` | High
|
|
11 | File | `/includes/rrdtool.inc.php` | High
|
|
12 | File | `/index.php` | Medium
|
|
13 | File | `/management/users/register` | High
|
|
14 | File | `/opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def` | High
|
|
15 | File | `/php-sms/classes/Master.php` | High
|
|
16 | File | `/php-sms/classes/SystemSettings.php` | High
|
|
17 | File | `/plugin/getList` | High
|
|
18 | File | `/queuing/login.php` | High
|
|
19 | File | `/sacco_shield/manage_payment.php` | High
|
|
20 | ... | ... | ...
|
|
|
|
There are 160 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
|
|
|
## References
|
|
|
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
|
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_ke.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_ke.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ipip_country/ipip_country_ke.netset
|
|
|
|
## Literature
|
|
|
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
|
|
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
|
|
|
## License
|
|
|
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|