mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-03 08:58:21 +00:00
315 lines
22 KiB
Markdown
315 lines
22 KiB
Markdown
# Kovter - Cyber Threat Intelligence
|
|
|
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Kovter](https://vuldb.com/?actor.kovter). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
|
|
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.kovter](https://vuldb.com/?actor.kovter)
|
|
|
|
## Countries
|
|
|
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Kovter:
|
|
|
|
* [VN](https://vuldb.com/?country.vn)
|
|
* [CN](https://vuldb.com/?country.cn)
|
|
* [US](https://vuldb.com/?country.us)
|
|
|
|
## IOC - Indicator of Compromise
|
|
|
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Kovter.
|
|
|
|
ID | IP address | Hostname | Campaign | Confidence
|
|
-- | ---------- | -------- | -------- | ----------
|
|
1 | [1.50.235.118](https://vuldb.com/?ip.1.50.235.118) | - | - | High
|
|
2 | [1.75.211.46](https://vuldb.com/?ip.1.75.211.46) | sp1-75-211-46.msb.spmode.ne.jp | - | High
|
|
3 | [1.165.149.97](https://vuldb.com/?ip.1.165.149.97) | 1-165-149-97.dynamic-ip.hinet.net | - | High
|
|
4 | [1.250.189.144](https://vuldb.com/?ip.1.250.189.144) | - | - | High
|
|
5 | [1.252.56.226](https://vuldb.com/?ip.1.252.56.226) | - | - | High
|
|
6 | [2.28.17.56](https://vuldb.com/?ip.2.28.17.56) | - | - | High
|
|
7 | [2.92.35.198](https://vuldb.com/?ip.2.92.35.198) | - | - | High
|
|
8 | [2.221.237.157](https://vuldb.com/?ip.2.221.237.157) | 02dded9d.bb.sky.com | - | High
|
|
9 | [3.38.44.212](https://vuldb.com/?ip.3.38.44.212) | ec2-3-38-44-212.ap-northeast-2.compute.amazonaws.com | - | Medium
|
|
10 | [3.153.146.93](https://vuldb.com/?ip.3.153.146.93) | - | - | High
|
|
11 | [4.10.135.44](https://vuldb.com/?ip.4.10.135.44) | - | - | High
|
|
12 | [4.13.217.120](https://vuldb.com/?ip.4.13.217.120) | - | - | High
|
|
13 | [4.17.110.85](https://vuldb.com/?ip.4.17.110.85) | - | - | High
|
|
14 | [4.207.47.213](https://vuldb.com/?ip.4.207.47.213) | - | - | High
|
|
15 | [4.213.232.24](https://vuldb.com/?ip.4.213.232.24) | - | - | High
|
|
16 | [4.241.178.108](https://vuldb.com/?ip.4.241.178.108) | - | - | High
|
|
17 | [5.54.132.49](https://vuldb.com/?ip.5.54.132.49) | ppp005054132049.access.hol.gr | - | High
|
|
18 | [5.107.225.199](https://vuldb.com/?ip.5.107.225.199) | - | - | High
|
|
19 | [5.132.76.153](https://vuldb.com/?ip.5.132.76.153) | 153-76-132-5.ftth.glasoperator.nl | - | High
|
|
20 | [5.234.59.44](https://vuldb.com/?ip.5.234.59.44) | - | - | High
|
|
21 | [6.22.73.16](https://vuldb.com/?ip.6.22.73.16) | - | - | High
|
|
22 | [6.22.113.129](https://vuldb.com/?ip.6.22.113.129) | - | - | High
|
|
23 | [6.40.66.225](https://vuldb.com/?ip.6.40.66.225) | - | - | High
|
|
24 | [6.104.211.114](https://vuldb.com/?ip.6.104.211.114) | - | - | High
|
|
25 | [6.161.208.50](https://vuldb.com/?ip.6.161.208.50) | - | - | High
|
|
26 | [6.172.110.228](https://vuldb.com/?ip.6.172.110.228) | - | - | High
|
|
27 | [6.206.4.223](https://vuldb.com/?ip.6.206.4.223) | - | - | High
|
|
28 | [6.213.48.113](https://vuldb.com/?ip.6.213.48.113) | - | - | High
|
|
29 | [6.214.160.88](https://vuldb.com/?ip.6.214.160.88) | - | - | High
|
|
30 | [7.83.197.163](https://vuldb.com/?ip.7.83.197.163) | - | - | High
|
|
31 | [7.184.47.209](https://vuldb.com/?ip.7.184.47.209) | - | - | High
|
|
32 | [7.200.105.154](https://vuldb.com/?ip.7.200.105.154) | - | - | High
|
|
33 | [8.47.183.57](https://vuldb.com/?ip.8.47.183.57) | - | - | High
|
|
34 | [8.49.254.225](https://vuldb.com/?ip.8.49.254.225) | - | - | High
|
|
35 | [8.51.40.103](https://vuldb.com/?ip.8.51.40.103) | - | - | High
|
|
36 | [8.65.254.19](https://vuldb.com/?ip.8.65.254.19) | - | - | High
|
|
37 | [9.10.183.131](https://vuldb.com/?ip.9.10.183.131) | - | - | High
|
|
38 | [9.82.17.148](https://vuldb.com/?ip.9.82.17.148) | - | - | High
|
|
39 | [9.127.28.179](https://vuldb.com/?ip.9.127.28.179) | - | - | High
|
|
40 | [9.194.229.75](https://vuldb.com/?ip.9.194.229.75) | - | - | High
|
|
41 | [9.218.236.60](https://vuldb.com/?ip.9.218.236.60) | - | - | High
|
|
42 | [10.212.55.75](https://vuldb.com/?ip.10.212.55.75) | - | - | High
|
|
43 | [11.19.158.101](https://vuldb.com/?ip.11.19.158.101) | - | - | High
|
|
44 | [11.96.243.42](https://vuldb.com/?ip.11.96.243.42) | - | - | High
|
|
45 | [11.136.96.41](https://vuldb.com/?ip.11.136.96.41) | - | - | High
|
|
46 | [11.162.16.81](https://vuldb.com/?ip.11.162.16.81) | - | - | High
|
|
47 | [11.203.250.41](https://vuldb.com/?ip.11.203.250.41) | - | - | High
|
|
48 | [11.253.136.175](https://vuldb.com/?ip.11.253.136.175) | - | - | High
|
|
49 | [12.58.62.253](https://vuldb.com/?ip.12.58.62.253) | - | - | High
|
|
50 | [12.117.214.13](https://vuldb.com/?ip.12.117.214.13) | - | - | High
|
|
51 | [12.141.6.226](https://vuldb.com/?ip.12.141.6.226) | - | - | High
|
|
52 | [12.150.168.133](https://vuldb.com/?ip.12.150.168.133) | - | - | High
|
|
53 | [13.128.69.186](https://vuldb.com/?ip.13.128.69.186) | - | - | High
|
|
54 | [13.165.21.12](https://vuldb.com/?ip.13.165.21.12) | - | - | High
|
|
55 | [14.64.130.197](https://vuldb.com/?ip.14.64.130.197) | - | - | High
|
|
56 | [14.73.200.171](https://vuldb.com/?ip.14.73.200.171) | - | - | High
|
|
57 | [14.252.183.4](https://vuldb.com/?ip.14.252.183.4) | static.vnpt.vn | - | High
|
|
58 | [15.20.52.109](https://vuldb.com/?ip.15.20.52.109) | - | - | High
|
|
59 | [15.139.129.226](https://vuldb.com/?ip.15.139.129.226) | - | - | High
|
|
60 | [15.155.62.37](https://vuldb.com/?ip.15.155.62.37) | - | - | High
|
|
61 | [15.198.236.200](https://vuldb.com/?ip.15.198.236.200) | - | - | High
|
|
62 | [15.253.169.20](https://vuldb.com/?ip.15.253.169.20) | ec2-15-253-169-20.us-west-2.compute.amazonaws.com | - | Medium
|
|
63 | [15.254.97.89](https://vuldb.com/?ip.15.254.97.89) | ec2-15-254-97-89.us-west-2.compute.amazonaws.com | - | Medium
|
|
64 | [16.6.63.101](https://vuldb.com/?ip.16.6.63.101) | - | - | High
|
|
65 | [16.119.179.29](https://vuldb.com/?ip.16.119.179.29) | - | - | High
|
|
66 | [16.215.96.194](https://vuldb.com/?ip.16.215.96.194) | 016-215-096-194.res.spectrum.com | - | High
|
|
67 | [17.5.115.62](https://vuldb.com/?ip.17.5.115.62) | - | - | High
|
|
68 | [17.27.53.89](https://vuldb.com/?ip.17.27.53.89) | - | - | High
|
|
69 | [17.210.26.114](https://vuldb.com/?ip.17.210.26.114) | - | - | High
|
|
70 | [18.33.230.2](https://vuldb.com/?ip.18.33.230.2) | - | - | High
|
|
71 | [18.49.202.119](https://vuldb.com/?ip.18.49.202.119) | - | - | High
|
|
72 | [18.90.144.73](https://vuldb.com/?ip.18.90.144.73) | - | - | High
|
|
73 | [18.129.149.91](https://vuldb.com/?ip.18.129.149.91) | - | - | High
|
|
74 | [18.194.29.180](https://vuldb.com/?ip.18.194.29.180) | ec2-18-194-29-180.eu-central-1.compute.amazonaws.com | - | Medium
|
|
75 | [19.4.19.84](https://vuldb.com/?ip.19.4.19.84) | - | - | High
|
|
76 | [19.43.124.213](https://vuldb.com/?ip.19.43.124.213) | - | - | High
|
|
77 | [20.53.203.50](https://vuldb.com/?ip.20.53.203.50) | - | - | High
|
|
78 | [20.81.111.85](https://vuldb.com/?ip.20.81.111.85) | - | - | High
|
|
79 | [20.84.181.62](https://vuldb.com/?ip.20.84.181.62) | - | - | High
|
|
80 | [20.103.85.33](https://vuldb.com/?ip.20.103.85.33) | - | - | High
|
|
81 | [20.112.52.29](https://vuldb.com/?ip.20.112.52.29) | - | - | High
|
|
82 | [20.118.2.20](https://vuldb.com/?ip.20.118.2.20) | - | - | High
|
|
83 | [20.133.243.96](https://vuldb.com/?ip.20.133.243.96) | - | - | High
|
|
84 | [20.143.75.211](https://vuldb.com/?ip.20.143.75.211) | - | - | High
|
|
85 | [20.169.182.215](https://vuldb.com/?ip.20.169.182.215) | - | - | High
|
|
86 | [20.229.84.137](https://vuldb.com/?ip.20.229.84.137) | - | - | High
|
|
87 | [20.253.19.194](https://vuldb.com/?ip.20.253.19.194) | - | - | High
|
|
88 | [21.11.121.107](https://vuldb.com/?ip.21.11.121.107) | - | - | High
|
|
89 | [21.156.102.3](https://vuldb.com/?ip.21.156.102.3) | - | - | High
|
|
90 | [21.192.27.192](https://vuldb.com/?ip.21.192.27.192) | - | - | High
|
|
91 | [21.203.91.206](https://vuldb.com/?ip.21.203.91.206) | - | - | High
|
|
92 | [21.250.19.72](https://vuldb.com/?ip.21.250.19.72) | - | - | High
|
|
93 | [23.10.193.233](https://vuldb.com/?ip.23.10.193.233) | a23-10-193-233.deploy.static.akamaitechnologies.com | - | High
|
|
94 | [23.10.207.183](https://vuldb.com/?ip.23.10.207.183) | a23-10-207-183.deploy.static.akamaitechnologies.com | - | High
|
|
95 | [23.28.96.141](https://vuldb.com/?ip.23.28.96.141) | d28-23-141-96.dim.wideopenwest.com | - | High
|
|
96 | [23.31.134.154](https://vuldb.com/?ip.23.31.134.154) | 23-31-134-154-static.hfc.comcastbusiness.net | - | High
|
|
97 | [23.32.144.26](https://vuldb.com/?ip.23.32.144.26) | a23-32-144-26.deploy.static.akamaitechnologies.com | - | High
|
|
98 | [23.78.211.217](https://vuldb.com/?ip.23.78.211.217) | a23-78-211-217.deploy.static.akamaitechnologies.com | - | High
|
|
99 | [23.96.52.53](https://vuldb.com/?ip.23.96.52.53) | - | - | High
|
|
100 | [23.138.20.236](https://vuldb.com/?ip.23.138.20.236) | - | - | High
|
|
101 | [23.154.45.79](https://vuldb.com/?ip.23.154.45.79) | - | - | High
|
|
102 | [23.175.186.69](https://vuldb.com/?ip.23.175.186.69) | - | - | High
|
|
103 | [23.192.26.212](https://vuldb.com/?ip.23.192.26.212) | a23-192-26-212.deploy.static.akamaitechnologies.com | - | High
|
|
104 | [23.196.65.193](https://vuldb.com/?ip.23.196.65.193) | a23-196-65-193.deploy.static.akamaitechnologies.com | - | High
|
|
105 | [23.196.183.170](https://vuldb.com/?ip.23.196.183.170) | a23-196-183-170.deploy.static.akamaitechnologies.com | - | High
|
|
106 | [23.197.176.20](https://vuldb.com/?ip.23.197.176.20) | a23-197-176-20.deploy.static.akamaitechnologies.com | - | High
|
|
107 | [23.209.185.165](https://vuldb.com/?ip.23.209.185.165) | a23-209-185-165.deploy.static.akamaitechnologies.com | - | High
|
|
108 | [23.218.40.161](https://vuldb.com/?ip.23.218.40.161) | a23-218-40-161.deploy.static.akamaitechnologies.com | - | High
|
|
109 | [23.218.142.25](https://vuldb.com/?ip.23.218.142.25) | a23-218-142-25.deploy.static.akamaitechnologies.com | - | High
|
|
110 | [23.244.235.167](https://vuldb.com/?ip.23.244.235.167) | d-23-244-235-167.paw.cpe.atlanticbb.net | - | High
|
|
111 | [23.253.50.154](https://vuldb.com/?ip.23.253.50.154) | - | - | High
|
|
112 | [24.6.47.86](https://vuldb.com/?ip.24.6.47.86) | c-24-6-47-86.hsd1.ca.comcast.net | - | High
|
|
113 | [24.70.206.40](https://vuldb.com/?ip.24.70.206.40) | S01061033bff95647.ok.shawcable.net | - | High
|
|
114 | [24.199.52.80](https://vuldb.com/?ip.24.199.52.80) | rrcs-24-199-52-80.west.biz.rr.com | - | High
|
|
115 | [24.210.219.136](https://vuldb.com/?ip.24.210.219.136) | cpe-24-210-219-136.neo.res.rr.com | - | High
|
|
116 | [25.4.98.57](https://vuldb.com/?ip.25.4.98.57) | - | - | High
|
|
117 | [25.68.69.58](https://vuldb.com/?ip.25.68.69.58) | - | - | High
|
|
118 | [25.126.223.94](https://vuldb.com/?ip.25.126.223.94) | - | - | High
|
|
119 | [25.171.204.203](https://vuldb.com/?ip.25.171.204.203) | - | - | High
|
|
120 | [25.184.178.209](https://vuldb.com/?ip.25.184.178.209) | - | - | High
|
|
121 | [26.57.39.220](https://vuldb.com/?ip.26.57.39.220) | - | - | High
|
|
122 | [26.128.193.14](https://vuldb.com/?ip.26.128.193.14) | - | - | High
|
|
123 | [26.218.146.92](https://vuldb.com/?ip.26.218.146.92) | - | - | High
|
|
124 | [27.3.105.38](https://vuldb.com/?ip.27.3.105.38) | - | - | High
|
|
125 | [27.108.150.40](https://vuldb.com/?ip.27.108.150.40) | 27.108.150.40.bti.net.ph | - | High
|
|
126 | [27.121.99.80](https://vuldb.com/?ip.27.121.99.80) | - | - | High
|
|
127 | [27.173.241.96](https://vuldb.com/?ip.27.173.241.96) | - | - | High
|
|
128 | [28.10.105.191](https://vuldb.com/?ip.28.10.105.191) | - | - | High
|
|
129 | [28.29.189.12](https://vuldb.com/?ip.28.29.189.12) | - | - | High
|
|
130 | [28.237.185.18](https://vuldb.com/?ip.28.237.185.18) | - | - | High
|
|
131 | [29.196.11.208](https://vuldb.com/?ip.29.196.11.208) | - | - | High
|
|
132 | [30.225.184.221](https://vuldb.com/?ip.30.225.184.221) | - | - | High
|
|
133 | [31.41.82.151](https://vuldb.com/?ip.31.41.82.151) | 151.82.41.31.ip4.feromedia.eu | - | High
|
|
134 | [31.109.216.73](https://vuldb.com/?ip.31.109.216.73) | - | - | High
|
|
135 | [31.118.13.79](https://vuldb.com/?ip.31.118.13.79) | - | - | High
|
|
136 | [31.182.109.21](https://vuldb.com/?ip.31.182.109.21) | staticline-31-182-109-21.toya.net.pl | - | High
|
|
137 | [31.190.112.93](https://vuldb.com/?ip.31.190.112.93) | - | - | High
|
|
138 | [32.88.113.160](https://vuldb.com/?ip.32.88.113.160) | - | - | High
|
|
139 | [32.127.135.111](https://vuldb.com/?ip.32.127.135.111) | - | - | High
|
|
140 | [32.155.198.200](https://vuldb.com/?ip.32.155.198.200) | - | - | High
|
|
141 | [32.202.176.158](https://vuldb.com/?ip.32.202.176.158) | - | - | High
|
|
142 | [33.9.30.178](https://vuldb.com/?ip.33.9.30.178) | - | - | High
|
|
143 | [33.32.249.162](https://vuldb.com/?ip.33.32.249.162) | - | - | High
|
|
144 | [33.59.53.75](https://vuldb.com/?ip.33.59.53.75) | - | - | High
|
|
145 | [33.65.249.104](https://vuldb.com/?ip.33.65.249.104) | - | - | High
|
|
146 | [33.72.73.40](https://vuldb.com/?ip.33.72.73.40) | - | - | High
|
|
147 | [33.162.102.125](https://vuldb.com/?ip.33.162.102.125) | - | - | High
|
|
148 | [33.237.143.29](https://vuldb.com/?ip.33.237.143.29) | - | - | High
|
|
149 | [33.239.167.136](https://vuldb.com/?ip.33.239.167.136) | - | - | High
|
|
150 | [34.32.121.51](https://vuldb.com/?ip.34.32.121.51) | 51.121.32.34.bc.googleusercontent.com | - | Medium
|
|
151 | [34.43.14.56](https://vuldb.com/?ip.34.43.14.56) | - | - | High
|
|
152 | [34.99.159.215](https://vuldb.com/?ip.34.99.159.215) | 215.159.99.34.bc.googleusercontent.com | - | Medium
|
|
153 | [34.209.49.182](https://vuldb.com/?ip.34.209.49.182) | ec2-34-209-49-182.us-west-2.compute.amazonaws.com | - | Medium
|
|
154 | [36.91.156.204](https://vuldb.com/?ip.36.91.156.204) | - | - | High
|
|
155 | [36.105.72.159](https://vuldb.com/?ip.36.105.72.159) | - | - | High
|
|
156 | [36.207.228.85](https://vuldb.com/?ip.36.207.228.85) | - | - | High
|
|
157 | [36.211.14.156](https://vuldb.com/?ip.36.211.14.156) | - | - | High
|
|
158 | [36.244.111.17](https://vuldb.com/?ip.36.244.111.17) | em36-244-111-17.pool.e-mobile.ne.jp | - | High
|
|
159 | [37.34.87.162](https://vuldb.com/?ip.37.34.87.162) | - | - | High
|
|
160 | [37.35.132.115](https://vuldb.com/?ip.37.35.132.115) | 115.132.35.37.dynamic.jazztel.es | - | High
|
|
161 | [37.43.2.233](https://vuldb.com/?ip.37.43.2.233) | - | - | High
|
|
162 | [37.67.195.64](https://vuldb.com/?ip.37.67.195.64) | 64.195.67.37.rev.sfr.net | - | High
|
|
163 | [37.128.128.198](https://vuldb.com/?ip.37.128.128.198) | hydra-pilot.skillwise.net | - | High
|
|
164 | [37.180.175.89](https://vuldb.com/?ip.37.180.175.89) | mob-37-180-175-89.net.vodafone.it | - | High
|
|
165 | [37.191.164.233](https://vuldb.com/?ip.37.191.164.233) | 233.37-191-164.fiber.lynet.no | - | High
|
|
166 | [38.64.142.137](https://vuldb.com/?ip.38.64.142.137) | - | - | High
|
|
167 | [38.89.103.70](https://vuldb.com/?ip.38.89.103.70) | - | - | High
|
|
168 | [38.110.242.41](https://vuldb.com/?ip.38.110.242.41) | 38-110-242-41.ndemand.com | - | High
|
|
169 | [38.186.206.106](https://vuldb.com/?ip.38.186.206.106) | - | - | High
|
|
170 | [38.222.8.117](https://vuldb.com/?ip.38.222.8.117) | - | - | High
|
|
171 | [39.19.244.52](https://vuldb.com/?ip.39.19.244.52) | - | - | High
|
|
172 | [39.40.132.64](https://vuldb.com/?ip.39.40.132.64) | - | - | High
|
|
173 | [39.41.74.205](https://vuldb.com/?ip.39.41.74.205) | - | - | High
|
|
174 | [39.77.6.39](https://vuldb.com/?ip.39.77.6.39) | - | - | High
|
|
175 | [39.92.225.165](https://vuldb.com/?ip.39.92.225.165) | - | - | High
|
|
176 | [39.158.228.212](https://vuldb.com/?ip.39.158.228.212) | - | - | High
|
|
177 | [39.189.235.205](https://vuldb.com/?ip.39.189.235.205) | - | - | High
|
|
178 | [39.232.85.81](https://vuldb.com/?ip.39.232.85.81) | - | - | High
|
|
179 | [40.39.16.104](https://vuldb.com/?ip.40.39.16.104) | - | - | High
|
|
180 | [40.71.137.232](https://vuldb.com/?ip.40.71.137.232) | - | - | High
|
|
181 | [40.76.4.15](https://vuldb.com/?ip.40.76.4.15) | - | - | High
|
|
182 | [40.80.9.141](https://vuldb.com/?ip.40.80.9.141) | - | - | High
|
|
183 | [40.112.72.205](https://vuldb.com/?ip.40.112.72.205) | - | - | High
|
|
184 | ... | ... | ... | ...
|
|
|
|
There are 734 more IOC items available. Please use our online service to access the data.
|
|
|
|
## TTP - Tactics, Techniques, Procedures
|
|
|
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Kovter_. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Technique | Weakness | Description | Confidence
|
|
-- | --------- | -------- | ----------- | ----------
|
|
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-37 | Pathname Traversal | High
|
|
2 | T1055 | CWE-74 | Injection | High
|
|
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
|
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
|
5 | T1068 | CWE-264, CWE-269, CWE-274, CWE-284 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | High
|
|
6 | ... | ... | ... | ...
|
|
|
|
There are 19 more TTP items available. Please use our online service to access the data.
|
|
|
|
## IOA - Indicator of Attack
|
|
|
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Kovter. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Type | Indicator | Confidence
|
|
-- | ---- | --------- | ----------
|
|
1 | File | `/admin/?page=user/list` | High
|
|
2 | File | `/admin/addproduct.php` | High
|
|
3 | File | `/admin/ajax.php?action=save_area` | High
|
|
4 | File | `/admin/contacts/organizations/edit/2` | High
|
|
5 | File | `/admin/modal_add_product.php` | High
|
|
6 | File | `/admin/reportupload.aspx` | High
|
|
7 | File | `/admin/update_s6.php` | High
|
|
8 | File | `/ajax.php?action=read_msg` | High
|
|
9 | File | `/ajax.php?action=save_company` | High
|
|
10 | File | `/Applications/Google\ Drive.app/Contents/MacOS` | High
|
|
11 | File | `/authenticationendpoint/login.do` | High
|
|
12 | File | `/bin/ate` | Medium
|
|
13 | File | `/bin/login` | Medium
|
|
14 | File | `/bsms_ci/index.php` | High
|
|
15 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
|
16 | File | `/cgi-bin/luci` | High
|
|
17 | File | `/cgi-bin/wlogin.cgi` | High
|
|
18 | File | `/changeimage.php` | High
|
|
19 | File | `/classes/Master.php?f=delete_category` | High
|
|
20 | File | `/classes/Users.php?f=save` | High
|
|
21 | File | `/contact/store` | High
|
|
22 | File | `/debug/pprof` | Medium
|
|
23 | File | `/download` | Medium
|
|
24 | File | `/ecommerce/support_ticket` | High
|
|
25 | File | `/forum/away.php` | High
|
|
26 | File | `/goform/AdvSetLanip` | High
|
|
27 | File | `/goform/fromSetWirelessRepeat` | High
|
|
28 | File | `/goform/setmac` | High
|
|
29 | File | `/goform/setMacFilterCfg` | High
|
|
30 | File | `/goform/SetSysTimeCfg` | High
|
|
31 | File | `/goform/WifiGuestSet` | High
|
|
32 | File | `/HNAP1` | Low
|
|
33 | File | `/kelasdosen/data` | High
|
|
34 | File | `/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05` | High
|
|
35 | File | `/mc` | Low
|
|
36 | File | `/news/*.html` | Medium
|
|
37 | File | `/note/index/delete` | High
|
|
38 | ... | ... | ...
|
|
|
|
There are 326 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
|
|
|
## References
|
|
|
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
|
|
|
* https://blog.talosintelligence.com/2018/09/threat-roundup-0831-0907.html
|
|
* https://blog.talosintelligence.com/2018/09/threat-roundup-0907-0914.html
|
|
* https://blog.talosintelligence.com/2018/09/threat-roundup-0914-0921.html
|
|
* https://blog.talosintelligence.com/2019/03/threat-roundup-0315-0322.html
|
|
* https://blog.talosintelligence.com/2019/04/threat-roundup-0419-to-0426.html
|
|
* https://blog.talosintelligence.com/2019/05/threat-roundup-0517-0524.html
|
|
* https://blog.talosintelligence.com/2019/05/threat-roundup-0524-0531.html
|
|
* https://blog.talosintelligence.com/2019/06/threat-roundup-0531-0607.html
|
|
* https://blog.talosintelligence.com/2019/06/threat-roundup-0621-0628.html
|
|
* https://blog.talosintelligence.com/2019/07/threat-roundup-0719-0726.html
|
|
* https://blog.talosintelligence.com/2019/08/threat-roundup-0726-0802.html
|
|
* https://blog.talosintelligence.com/2019/09/threat-roundup-0920-0927.html
|
|
* https://blog.talosintelligence.com/2019/10/threat-roundup-1018-1025.html
|
|
* https://blog.talosintelligence.com/2019/11/threat-roundup-1101-1108.html
|
|
* https://blog.talosintelligence.com/2020/02/threat-roundup-0131-0207.html
|
|
* https://blog.talosintelligence.com/2020/03/threat-roundup-0228-0306.html
|
|
* https://blog.talosintelligence.com/2020/09/threat-roundup-0904-0911.html
|
|
* https://blog.talosintelligence.com/2020/10/threat-roundup-1002-1009.html
|
|
* https://blog.talosintelligence.com/2021/02/threat-roundup-0205-0212.html
|
|
* https://blog.talosintelligence.com/2021/02/threat-roundup-0219-0226.html
|
|
* https://blog.talosintelligence.com/2021/03/threat-roundup-0226-0305.html
|
|
* https://blog.talosintelligence.com/2021/03/threat-roundup-0319-0326.html
|
|
* https://blog.talosintelligence.com/2021/04/threat-roundup-0409-0416.html
|
|
* https://blog.talosintelligence.com/2021/05/threat-roundup-0507-0514.html
|
|
* https://blog.talosintelligence.com/2021/06/threat-roundup-0604-0611.html
|
|
* https://blog.talosintelligence.com/2021/06/threat-roundup-0617-0624.html
|
|
* https://blog.talosintelligence.com/2021/07/threat-roundup-0716-0723.html
|
|
* https://blog.talosintelligence.com/2022/07/threat-roundup-0715-0722.html
|
|
* https://blog.talosintelligence.com/2022/10/threat-roundup-1014-1021.html
|
|
* https://blog.talosintelligence.com/threat-roundup-0324-0331-2/
|
|
|
|
## Literature
|
|
|
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
|
|
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
|
|
|
## License
|
|
|
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|