mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-03 08:58:21 +00:00
328 lines
20 KiB
Markdown
328 lines
20 KiB
Markdown
# Saudi Arabia Unknown - Cyber Threat Intelligence
|
|
|
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Saudi Arabia Unknown](https://vuldb.com/?actor.saudi_arabia_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
|
|
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.saudi_arabia_unknown](https://vuldb.com/?actor.saudi_arabia_unknown)
|
|
|
|
## Countries
|
|
|
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Saudi Arabia Unknown:
|
|
|
|
* [US](https://vuldb.com/?country.us)
|
|
* [CN](https://vuldb.com/?country.cn)
|
|
* [GB](https://vuldb.com/?country.gb)
|
|
* ...
|
|
|
|
There are 27 more country items available. Please use our online service to access the data.
|
|
|
|
## IOC - Indicator of Compromise
|
|
|
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Saudi Arabia Unknown.
|
|
|
|
ID | IP address | Hostname | Campaign | Confidence
|
|
-- | ---------- | -------- | -------- | ----------
|
|
1 | [2.59.52.0](https://vuldb.com/?ip.2.59.52.0) | - | - | High
|
|
2 | [2.59.54.0](https://vuldb.com/?ip.2.59.54.0) | - | - | High
|
|
3 | [2.88.0.0](https://vuldb.com/?ip.2.88.0.0) | - | - | High
|
|
4 | [4.27.0.0](https://vuldb.com/?ip.4.27.0.0) | - | - | High
|
|
5 | [5.1.41.0](https://vuldb.com/?ip.5.1.41.0) | - | - | High
|
|
6 | [5.23.20.0](https://vuldb.com/?ip.5.23.20.0) | unknown.bitgravity.com | - | High
|
|
7 | [5.41.0.0](https://vuldb.com/?ip.5.41.0.0) | - | - | High
|
|
8 | [5.42.224.0](https://vuldb.com/?ip.5.42.224.0) | - | - | High
|
|
9 | [5.62.61.124](https://vuldb.com/?ip.5.62.61.124) | r-124-61-62-5.consumer-pool.prcdn.net | - | High
|
|
10 | [5.62.63.104](https://vuldb.com/?ip.5.62.63.104) | r-104-63-62-5.consumer-pool.prcdn.net | - | High
|
|
11 | [5.82.0.0](https://vuldb.com/?ip.5.82.0.0) | - | - | High
|
|
12 | [5.108.0.0](https://vuldb.com/?ip.5.108.0.0) | - | - | High
|
|
13 | [5.132.192.0](https://vuldb.com/?ip.5.132.192.0) | - | - | High
|
|
14 | [5.149.128.0](https://vuldb.com/?ip.5.149.128.0) | - | - | High
|
|
15 | [5.156.0.0](https://vuldb.com/?ip.5.156.0.0) | - | - | High
|
|
16 | [5.163.0.0](https://vuldb.com/?ip.5.163.0.0) | - | - | High
|
|
17 | [5.244.0.0](https://vuldb.com/?ip.5.244.0.0) | - | - | High
|
|
18 | [5.253.80.0](https://vuldb.com/?ip.5.253.80.0) | - | - | High
|
|
19 | [8.213.0.0](https://vuldb.com/?ip.8.213.0.0) | - | - | High
|
|
20 | [17.69.248.0](https://vuldb.com/?ip.17.69.248.0) | - | - | High
|
|
21 | [23.34.84.0](https://vuldb.com/?ip.23.34.84.0) | a23-34-84-0.deploy.static.akamaitechnologies.com | - | High
|
|
22 | [23.63.80.0](https://vuldb.com/?ip.23.63.80.0) | a23-63-80-0.deploy.static.akamaitechnologies.com | - | High
|
|
23 | [23.200.68.0](https://vuldb.com/?ip.23.200.68.0) | a23-200-68-0.deploy.static.akamaitechnologies.com | - | High
|
|
24 | [23.204.82.0](https://vuldb.com/?ip.23.204.82.0) | a23-204-82-0.deploy.static.akamaitechnologies.com | - | High
|
|
25 | [23.204.84.0](https://vuldb.com/?ip.23.204.84.0) | a23-204-84-0.deploy.static.akamaitechnologies.com | - | High
|
|
26 | [23.204.88.0](https://vuldb.com/?ip.23.204.88.0) | a23-204-88-0.deploy.static.akamaitechnologies.com | - | High
|
|
27 | [23.204.92.0](https://vuldb.com/?ip.23.204.92.0) | a23-204-92-0.deploy.static.akamaitechnologies.com | - | High
|
|
28 | [23.209.112.0](https://vuldb.com/?ip.23.209.112.0) | a23-209-112-0.deploy.static.akamaitechnologies.com | - | High
|
|
29 | [23.232.248.0](https://vuldb.com/?ip.23.232.248.0) | - | - | High
|
|
30 | [24.206.117.0](https://vuldb.com/?ip.24.206.117.0) | - | - | High
|
|
31 | [24.206.119.0](https://vuldb.com/?ip.24.206.119.0) | - | - | High
|
|
32 | [31.166.0.0](https://vuldb.com/?ip.31.166.0.0) | - | - | High
|
|
33 | [31.187.65.128](https://vuldb.com/?ip.31.187.65.128) | - | - | High
|
|
34 | [34.99.180.0](https://vuldb.com/?ip.34.99.180.0) | 0.180.99.34.bc.googleusercontent.com | - | Medium
|
|
35 | [34.99.252.0](https://vuldb.com/?ip.34.99.252.0) | 0.252.99.34.bc.googleusercontent.com | - | Medium
|
|
36 | [34.103.196.0](https://vuldb.com/?ip.34.103.196.0) | 0.196.103.34.bc.googleusercontent.com | - | Medium
|
|
37 | [34.103.243.0](https://vuldb.com/?ip.34.103.243.0) | 0.243.103.34.bc.googleusercontent.com | - | Medium
|
|
38 | [34.124.75.0](https://vuldb.com/?ip.34.124.75.0) | 0.75.124.34.bc.googleusercontent.com | - | Medium
|
|
39 | [37.16.32.0](https://vuldb.com/?ip.37.16.32.0) | - | - | High
|
|
40 | [37.16.128.0](https://vuldb.com/?ip.37.16.128.0) | - | - | High
|
|
41 | [37.19.204.0](https://vuldb.com/?ip.37.19.204.0) | unn-37-19-204-0.cdn77.com | - | High
|
|
42 | [37.25.0.0](https://vuldb.com/?ip.37.25.0.0) | - | - | High
|
|
43 | [37.37.37.37](https://vuldb.com/?ip.37.37.37.37) | - | - | High
|
|
44 | [37.42.0.0](https://vuldb.com/?ip.37.42.0.0) | - | - | High
|
|
45 | [37.56.0.0](https://vuldb.com/?ip.37.56.0.0) | - | - | High
|
|
46 | [37.76.224.0](https://vuldb.com/?ip.37.76.224.0) | - | - | High
|
|
47 | [37.99.128.0](https://vuldb.com/?ip.37.99.128.0) | - | - | High
|
|
48 | [37.104.0.0](https://vuldb.com/?ip.37.104.0.0) | - | - | High
|
|
49 | [37.114.46.0](https://vuldb.com/?ip.37.114.46.0) | - | - | High
|
|
50 | [37.121.0.0](https://vuldb.com/?ip.37.121.0.0) | - | - | High
|
|
51 | [37.124.0.0](https://vuldb.com/?ip.37.124.0.0) | - | - | High
|
|
52 | [37.141.0.0](https://vuldb.com/?ip.37.141.0.0) | - | - | High
|
|
53 | [37.186.24.0](https://vuldb.com/?ip.37.186.24.0) | - | - | High
|
|
54 | [37.216.0.0](https://vuldb.com/?ip.37.216.0.0) | - | - | High
|
|
55 | [37.224.0.0](https://vuldb.com/?ip.37.224.0.0) | - | - | High
|
|
56 | [37.240.0.0](https://vuldb.com/?ip.37.240.0.0) | - | - | High
|
|
57 | [38.54.38.0](https://vuldb.com/?ip.38.54.38.0) | - | - | High
|
|
58 | [38.54.48.0](https://vuldb.com/?ip.38.54.48.0) | - | - | High
|
|
59 | [38.54.61.0](https://vuldb.com/?ip.38.54.61.0) | - | - | High
|
|
60 | [38.54.62.0](https://vuldb.com/?ip.38.54.62.0) | - | - | High
|
|
61 | [38.54.66.0](https://vuldb.com/?ip.38.54.66.0) | - | - | High
|
|
62 | [38.54.72.0](https://vuldb.com/?ip.38.54.72.0) | - | - | High
|
|
63 | [38.54.114.0](https://vuldb.com/?ip.38.54.114.0) | - | - | High
|
|
64 | [38.60.210.0](https://vuldb.com/?ip.38.60.210.0) | - | - | High
|
|
65 | [45.12.70.194](https://vuldb.com/?ip.45.12.70.194) | cosh-say.globalhilive.com | - | High
|
|
66 | [45.12.71.194](https://vuldb.com/?ip.45.12.71.194) | - | - | High
|
|
67 | [45.65.72.0](https://vuldb.com/?ip.45.65.72.0) | - | - | High
|
|
68 | [45.74.1.0](https://vuldb.com/?ip.45.74.1.0) | - | - | High
|
|
69 | [45.90.72.0](https://vuldb.com/?ip.45.90.72.0) | - | - | High
|
|
70 | [45.90.204.0](https://vuldb.com/?ip.45.90.204.0) | - | - | High
|
|
71 | [45.94.12.0](https://vuldb.com/?ip.45.94.12.0) | - | - | High
|
|
72 | [45.135.112.0](https://vuldb.com/?ip.45.135.112.0) | - | - | High
|
|
73 | [45.156.224.0](https://vuldb.com/?ip.45.156.224.0) | - | - | High
|
|
74 | [45.205.64.0](https://vuldb.com/?ip.45.205.64.0) | - | - | High
|
|
75 | [45.249.46.0](https://vuldb.com/?ip.45.249.46.0) | - | - | High
|
|
76 | [45.255.133.0](https://vuldb.com/?ip.45.255.133.0) | - | - | High
|
|
77 | [46.18.160.0](https://vuldb.com/?ip.46.18.160.0) | - | - | High
|
|
78 | [46.29.80.0](https://vuldb.com/?ip.46.29.80.0) | - | - | High
|
|
79 | [46.31.69.0](https://vuldb.com/?ip.46.31.69.0) | - | - | High
|
|
80 | [46.38.64.0](https://vuldb.com/?ip.46.38.64.0) | - | - | High
|
|
81 | [46.44.64.0](https://vuldb.com/?ip.46.44.64.0) | - | - | High
|
|
82 | [46.49.128.0](https://vuldb.com/?ip.46.49.128.0) | - | - | High
|
|
83 | [46.52.0.0](https://vuldb.com/?ip.46.52.0.0) | - | - | High
|
|
84 | [46.143.128.0](https://vuldb.com/?ip.46.143.128.0) | - | - | High
|
|
85 | [46.149.0.0](https://vuldb.com/?ip.46.149.0.0) | - | - | High
|
|
86 | [46.151.208.0](https://vuldb.com/?ip.46.151.208.0) | - | - | High
|
|
87 | [46.152.0.0](https://vuldb.com/?ip.46.152.0.0) | - | - | High
|
|
88 | [46.161.58.0](https://vuldb.com/?ip.46.161.58.0) | - | - | High
|
|
89 | [46.183.93.0](https://vuldb.com/?ip.46.183.93.0) | cra01.jed1.llnw.net | - | High
|
|
90 | [46.183.94.0](https://vuldb.com/?ip.46.183.94.0) | https-46-183-94-0.jed.llnw.net | - | High
|
|
91 | [46.184.0.0](https://vuldb.com/?ip.46.184.0.0) | - | - | High
|
|
92 | [46.230.0.0](https://vuldb.com/?ip.46.230.0.0) | - | - | High
|
|
93 | [46.235.88.0](https://vuldb.com/?ip.46.235.88.0) | - | - | High
|
|
94 | [46.240.0.0](https://vuldb.com/?ip.46.240.0.0) | - | - | High
|
|
95 | [46.251.128.0](https://vuldb.com/?ip.46.251.128.0) | - | - | High
|
|
96 | [47.246.155.0](https://vuldb.com/?ip.47.246.155.0) | - | - | High
|
|
97 | [50.60.0.0](https://vuldb.com/?ip.50.60.0.0) | - | - | High
|
|
98 | [50.119.0.0](https://vuldb.com/?ip.50.119.0.0) | - | - | High
|
|
99 | [51.36.0.0](https://vuldb.com/?ip.51.36.0.0) | - | - | High
|
|
100 | [51.39.0.0](https://vuldb.com/?ip.51.39.0.0) | - | - | High
|
|
101 | [51.211.0.0](https://vuldb.com/?ip.51.211.0.0) | - | - | High
|
|
102 | [51.218.0.0](https://vuldb.com/?ip.51.218.0.0) | - | - | High
|
|
103 | [51.223.0.0](https://vuldb.com/?ip.51.223.0.0) | - | - | High
|
|
104 | [51.235.0.0](https://vuldb.com/?ip.51.235.0.0) | - | - | High
|
|
105 | [51.252.0.0](https://vuldb.com/?ip.51.252.0.0) | - | - | High
|
|
106 | [57.83.120.0](https://vuldb.com/?ip.57.83.120.0) | - | - | High
|
|
107 | [57.88.208.0](https://vuldb.com/?ip.57.88.208.0) | - | - | High
|
|
108 | [57.188.19.0](https://vuldb.com/?ip.57.188.19.0) | - | - | High
|
|
109 | [62.3.0.0](https://vuldb.com/?ip.62.3.0.0) | - | - | High
|
|
110 | [62.3.33.0](https://vuldb.com/?ip.62.3.33.0) | - | - | High
|
|
111 | [62.3.34.0](https://vuldb.com/?ip.62.3.34.0) | - | - | High
|
|
112 | [62.3.36.0](https://vuldb.com/?ip.62.3.36.0) | - | - | High
|
|
113 | [62.3.40.0](https://vuldb.com/?ip.62.3.40.0) | - | - | High
|
|
114 | [62.3.48.0](https://vuldb.com/?ip.62.3.48.0) | - | - | High
|
|
115 | [62.3.52.0](https://vuldb.com/?ip.62.3.52.0) | - | - | High
|
|
116 | [62.3.57.0](https://vuldb.com/?ip.62.3.57.0) | - | - | High
|
|
117 | [62.3.58.0](https://vuldb.com/?ip.62.3.58.0) | subnet.time-host.net | - | High
|
|
118 | [62.3.60.0](https://vuldb.com/?ip.62.3.60.0) | - | - | High
|
|
119 | [62.120.0.0](https://vuldb.com/?ip.62.120.0.0) | - | - | High
|
|
120 | [62.120.32.0](https://vuldb.com/?ip.62.120.32.0) | - | - | High
|
|
121 | [62.120.48.0](https://vuldb.com/?ip.62.120.48.0) | - | - | High
|
|
122 | [62.120.48.128](https://vuldb.com/?ip.62.120.48.128) | - | - | High
|
|
123 | [62.120.48.192](https://vuldb.com/?ip.62.120.48.192) | - | - | High
|
|
124 | [62.120.48.208](https://vuldb.com/?ip.62.120.48.208) | - | - | High
|
|
125 | [62.120.48.216](https://vuldb.com/?ip.62.120.48.216) | - | - | High
|
|
126 | [62.120.48.224](https://vuldb.com/?ip.62.120.48.224) | - | - | High
|
|
127 | [62.120.49.0](https://vuldb.com/?ip.62.120.49.0) | - | - | High
|
|
128 | [62.120.50.0](https://vuldb.com/?ip.62.120.50.0) | - | - | High
|
|
129 | [62.120.52.0](https://vuldb.com/?ip.62.120.52.0) | - | - | High
|
|
130 | [62.120.56.0](https://vuldb.com/?ip.62.120.56.0) | - | - | High
|
|
131 | [62.120.64.0](https://vuldb.com/?ip.62.120.64.0) | - | - | High
|
|
132 | [62.120.128.0](https://vuldb.com/?ip.62.120.128.0) | - | - | High
|
|
133 | [62.149.64.0](https://vuldb.com/?ip.62.149.64.0) | riy-marathon1-sub1.saudi.net.sa | - | High
|
|
134 | [62.204.48.0](https://vuldb.com/?ip.62.204.48.0) | - | - | High
|
|
135 | [63.103.137.0](https://vuldb.com/?ip.63.103.137.0) | - | - | High
|
|
136 | [63.164.12.48](https://vuldb.com/?ip.63.164.12.48) | - | - | High
|
|
137 | [63.246.33.0](https://vuldb.com/?ip.63.246.33.0) | - | - | High
|
|
138 | [64.16.192.0](https://vuldb.com/?ip.64.16.192.0) | - | - | High
|
|
139 | [64.65.64.0](https://vuldb.com/?ip.64.65.64.0) | - | - | High
|
|
140 | [64.137.192.0](https://vuldb.com/?ip.64.137.192.0) | - | - | High
|
|
141 | [64.214.92.96](https://vuldb.com/?ip.64.214.92.96) | - | - | High
|
|
142 | [64.246.72.0](https://vuldb.com/?ip.64.246.72.0) | - | - | High
|
|
143 | [66.9.128.0](https://vuldb.com/?ip.66.9.128.0) | - | - | High
|
|
144 | [66.9.192.0](https://vuldb.com/?ip.66.9.192.0) | - | - | High
|
|
145 | [66.78.28.0](https://vuldb.com/?ip.66.78.28.0) | - | - | High
|
|
146 | [66.110.111.0](https://vuldb.com/?ip.66.110.111.0) | - | - | High
|
|
147 | [66.118.128.0](https://vuldb.com/?ip.66.118.128.0) | - | - | High
|
|
148 | [66.178.64.0](https://vuldb.com/?ip.66.178.64.0) | - | - | High
|
|
149 | [66.178.89.0](https://vuldb.com/?ip.66.178.89.0) | - | - | High
|
|
150 | [66.212.96.0](https://vuldb.com/?ip.66.212.96.0) | - | - | High
|
|
151 | [72.1.224.0](https://vuldb.com/?ip.72.1.224.0) | - | - | High
|
|
152 | [77.30.0.0](https://vuldb.com/?ip.77.30.0.0) | - | - | High
|
|
153 | [77.64.0.0](https://vuldb.com/?ip.77.64.0.0) | - | - | High
|
|
154 | [77.73.192.0](https://vuldb.com/?ip.77.73.192.0) | - | - | High
|
|
155 | [77.73.196.0](https://vuldb.com/?ip.77.73.196.0) | - | - | High
|
|
156 | [77.75.224.0](https://vuldb.com/?ip.77.75.224.0) | - | - | High
|
|
157 | [77.87.16.0](https://vuldb.com/?ip.77.87.16.0) | - | - | High
|
|
158 | [77.90.192.0](https://vuldb.com/?ip.77.90.192.0) | - | - | High
|
|
159 | [77.95.216.0](https://vuldb.com/?ip.77.95.216.0) | - | - | High
|
|
160 | [77.95.221.0](https://vuldb.com/?ip.77.95.221.0) | - | - | High
|
|
161 | [77.95.222.0](https://vuldb.com/?ip.77.95.222.0) | - | - | High
|
|
162 | [77.110.64.0](https://vuldb.com/?ip.77.110.64.0) | - | - | High
|
|
163 | [77.220.116.0](https://vuldb.com/?ip.77.220.116.0) | - | - | High
|
|
164 | [77.221.96.0](https://vuldb.com/?ip.77.221.96.0) | - | - | High
|
|
165 | [77.223.224.0](https://vuldb.com/?ip.77.223.224.0) | - | - | High
|
|
166 | [77.232.96.0](https://vuldb.com/?ip.77.232.96.0) | - | - | High
|
|
167 | [77.232.176.0](https://vuldb.com/?ip.77.232.176.0) | - | - | High
|
|
168 | [77.236.128.0](https://vuldb.com/?ip.77.236.128.0) | - | - | High
|
|
169 | [77.240.80.0](https://vuldb.com/?ip.77.240.80.0) | - | - | High
|
|
170 | [77.240.128.0](https://vuldb.com/?ip.77.240.128.0) | - | - | High
|
|
171 | [77.247.32.0](https://vuldb.com/?ip.77.247.32.0) | - | - | High
|
|
172 | [78.93.0.0](https://vuldb.com/?ip.78.93.0.0) | - | - | High
|
|
173 | [78.95.0.0](https://vuldb.com/?ip.78.95.0.0) | - | - | High
|
|
174 | [78.110.0.0](https://vuldb.com/?ip.78.110.0.0) | - | - | High
|
|
175 | [78.138.192.0](https://vuldb.com/?ip.78.138.192.0) | - | - | High
|
|
176 | [79.110.229.0](https://vuldb.com/?ip.79.110.229.0) | - | - | High
|
|
177 | [79.139.32.0](https://vuldb.com/?ip.79.139.32.0) | - | - | High
|
|
178 | [79.139.72.0](https://vuldb.com/?ip.79.139.72.0) | - | - | High
|
|
179 | [79.139.88.0](https://vuldb.com/?ip.79.139.88.0) | - | - | High
|
|
180 | [79.170.0.0](https://vuldb.com/?ip.79.170.0.0) | - | - | High
|
|
181 | [79.170.48.0](https://vuldb.com/?ip.79.170.48.0) | - | - | High
|
|
182 | [79.170.120.0](https://vuldb.com/?ip.79.170.120.0) | - | - | High
|
|
183 | [79.172.128.0](https://vuldb.com/?ip.79.172.128.0) | - | - | High
|
|
184 | [80.74.80.0](https://vuldb.com/?ip.80.74.80.0) | - | - | High
|
|
185 | [80.76.166.53](https://vuldb.com/?ip.80.76.166.53) | - | - | High
|
|
186 | [80.231.200.33](https://vuldb.com/?ip.80.231.200.33) | - | - | High
|
|
187 | [80.231.200.35](https://vuldb.com/?ip.80.231.200.35) | - | - | High
|
|
188 | [80.231.200.52](https://vuldb.com/?ip.80.231.200.52) | - | - | High
|
|
189 | [80.231.200.56](https://vuldb.com/?ip.80.231.200.56) | - | - | High
|
|
190 | [80.231.200.86](https://vuldb.com/?ip.80.231.200.86) | - | - | High
|
|
191 | [80.231.200.90](https://vuldb.com/?ip.80.231.200.90) | - | - | High
|
|
192 | [80.231.200.161](https://vuldb.com/?ip.80.231.200.161) | - | - | High
|
|
193 | [80.231.200.163](https://vuldb.com/?ip.80.231.200.163) | - | - | High
|
|
194 | [80.231.200.165](https://vuldb.com/?ip.80.231.200.165) | - | - | High
|
|
195 | [80.231.200.167](https://vuldb.com/?ip.80.231.200.167) | - | - | High
|
|
196 | [80.231.212.0](https://vuldb.com/?ip.80.231.212.0) | - | - | High
|
|
197 | [80.240.64.0](https://vuldb.com/?ip.80.240.64.0) | - | - | High
|
|
198 | ... | ... | ... | ...
|
|
|
|
There are 789 more IOC items available. Please use our online service to access the data.
|
|
|
|
## TTP - Tactics, Techniques, Procedures
|
|
|
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Saudi Arabia Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Technique | Weakness | Description | Confidence
|
|
-- | --------- | -------- | ----------- | ----------
|
|
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
|
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
|
3 | T1055 | CWE-74 | Injection | High
|
|
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
|
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
|
6 | ... | ... | ... | ...
|
|
|
|
There are 21 more TTP items available. Please use our online service to access the data.
|
|
|
|
## IOA - Indicator of Attack
|
|
|
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Saudi Arabia Unknown. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Type | Indicator | Confidence
|
|
-- | ---- | --------- | ----------
|
|
1 | File | `.github/workflows/combine-prs.yml` | High
|
|
2 | File | `//WEB-INF` | Medium
|
|
3 | File | `/about.php` | Medium
|
|
4 | File | `/admin.php/update/getFile.html` | High
|
|
5 | File | `/admin/api/admin/articles/` | High
|
|
6 | File | `/admin/cashadvance_row.php` | High
|
|
7 | File | `/admin/maintenance/view_designation.php` | High
|
|
8 | File | `/admin/sys_sql_query.php` | High
|
|
9 | File | `/admin/userprofile.php` | High
|
|
10 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
|
11 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
|
12 | File | `/APR/login.php` | High
|
|
13 | File | `/bin/httpd` | Medium
|
|
14 | File | `/cgi-bin/wapopen` | High
|
|
15 | File | `/company/store` | High
|
|
16 | File | `/Controller/Ajaxfileupload.ashx` | High
|
|
17 | File | `/dev/block/mmcblk0rpmb` | High
|
|
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
|
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
|
20 | File | `/feeds/post/publish` | High
|
|
21 | File | `/forum/away.php` | High
|
|
22 | File | `/fos/admin/ajax.php?action=login` | High
|
|
23 | File | `/fos/admin/index.php?page=menu` | High
|
|
24 | File | `/h/` | Low
|
|
25 | File | `/home/masterConsole` | High
|
|
26 | File | `/home/sendBroadcast` | High
|
|
27 | File | `/hrm/employeeadd.php` | High
|
|
28 | File | `/hrm/employeeview.php` | High
|
|
29 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
|
30 | File | `/index.php?app=main&func=passport&action=login` | High
|
|
31 | File | `/index.php?page=category_list` | High
|
|
32 | File | `/jobinfo/` | Medium
|
|
33 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
|
34 | File | `/KK_LS9ReportingPortal/GetData` | High
|
|
35 | File | `/lookin/info` | Medium
|
|
36 | File | `/Moosikay/order.php` | High
|
|
37 | File | `/mygym/admin/index.php?view_exercises` | High
|
|
38 | File | `/opac/Actions.php?a=login` | High
|
|
39 | File | `/php-opos/index.php` | High
|
|
40 | File | `/PreviewHandler.ashx` | High
|
|
41 | File | `/proxy` | Low
|
|
42 | File | `/public/launchNewWindow.jsp` | High
|
|
43 | File | `/reports/rwservlet` | High
|
|
44 | File | `/reservation/add_message.php` | High
|
|
45 | File | `/Service/ImageStationDataService.asmx` | High
|
|
46 | File | `/student/bookdetails.php` | High
|
|
47 | File | `/uncpath/` | Medium
|
|
48 | File | `/uploads/exam_question/` | High
|
|
49 | File | `/user/ticket/create` | High
|
|
50 | File | `/user/updatePwd` | High
|
|
51 | File | `/var/lib/docker/<remapping>` | High
|
|
52 | File | `/wireless/security.asp` | High
|
|
53 | File | `/wp-admin/admin-ajax.php` | High
|
|
54 | File | `01article.php` | High
|
|
55 | File | `a-forms.php` | Medium
|
|
56 | File | `AbstractScheduleJob.java` | High
|
|
57 | File | `actionphp/download.File.php` | High
|
|
58 | File | `activenews_view.asp` | High
|
|
59 | File | `adclick.php` | Medium
|
|
60 | File | `admin.a6mambocredits.php` | High
|
|
61 | ... | ... | ...
|
|
|
|
There are 531 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
|
|
|
## References
|
|
|
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
|
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_sa.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_sa.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ipip_country/ipip_country_sa.netset
|
|
|
|
## Literature
|
|
|
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
|
|
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
|
|
|
## License
|
|
|
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|