mirror of
https://github.com/vuldb/cyber_threat_intelligence
synced 2024-07-03 08:58:21 +00:00
316 lines
20 KiB
Markdown
316 lines
20 KiB
Markdown
# Serbia Unknown - Cyber Threat Intelligence
|
|
|
|
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Serbia Unknown](https://vuldb.com/?actor.serbia_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
|
|
|
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.serbia_unknown](https://vuldb.com/?actor.serbia_unknown)
|
|
|
|
## Countries
|
|
|
|
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Serbia Unknown:
|
|
|
|
* [US](https://vuldb.com/?country.us)
|
|
* [CN](https://vuldb.com/?country.cn)
|
|
* [GB](https://vuldb.com/?country.gb)
|
|
* ...
|
|
|
|
There are 20 more country items available. Please use our online service to access the data.
|
|
|
|
## IOC - Indicator of Compromise
|
|
|
|
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Serbia Unknown.
|
|
|
|
ID | IP address | Hostname | Campaign | Confidence
|
|
-- | ---------- | -------- | -------- | ----------
|
|
1 | [5.22.160.0](https://vuldb.com/?ip.5.22.160.0) | - | - | High
|
|
2 | [5.57.72.0](https://vuldb.com/?ip.5.57.72.0) | - | - | High
|
|
3 | [5.62.61.132](https://vuldb.com/?ip.5.62.61.132) | r-132-61-62-5.consumer-pool.prcdn.net | - | High
|
|
4 | [5.62.63.112](https://vuldb.com/?ip.5.62.63.112) | r-112-63-62-5.consumer-pool.prcdn.net | - | High
|
|
5 | [5.132.153.0](https://vuldb.com/?ip.5.132.153.0) | - | - | High
|
|
6 | [5.134.104.0](https://vuldb.com/?ip.5.134.104.0) | - | - | High
|
|
7 | [5.154.225.0](https://vuldb.com/?ip.5.154.225.0) | - | - | High
|
|
8 | [5.172.32.0](https://vuldb.com/?ip.5.172.32.0) | ip-5-172-32-0.oriontelekom.rs | - | High
|
|
9 | [5.175.149.128](https://vuldb.com/?ip.5.175.149.128) | - | - | High
|
|
10 | [5.183.24.0](https://vuldb.com/?ip.5.183.24.0) | - | - | High
|
|
11 | [5.252.236.0](https://vuldb.com/?ip.5.252.236.0) | - | - | High
|
|
12 | [8.44.1.0](https://vuldb.com/?ip.8.44.1.0) | - | - | High
|
|
13 | [24.135.0.0](https://vuldb.com/?ip.24.135.0.0) | cable-24-135-0-0.dynamic.sbb.rs | - | High
|
|
14 | [31.14.33.0](https://vuldb.com/?ip.31.14.33.0) | - | - | High
|
|
15 | [37.0.66.0](https://vuldb.com/?ip.37.0.66.0) | - | - | High
|
|
16 | [37.18.184.0](https://vuldb.com/?ip.37.18.184.0) | - | - | High
|
|
17 | [37.19.104.0](https://vuldb.com/?ip.37.19.104.0) | - | - | High
|
|
18 | [37.26.66.0](https://vuldb.com/?ip.37.26.66.0) | - | - | High
|
|
19 | [37.35.8.0](https://vuldb.com/?ip.37.35.8.0) | - | - | High
|
|
20 | [37.35.64.0](https://vuldb.com/?ip.37.35.64.0) | - | - | High
|
|
21 | [37.46.115.0](https://vuldb.com/?ip.37.46.115.0) | rs.as51430.net | - | High
|
|
22 | [37.77.168.0](https://vuldb.com/?ip.37.77.168.0) | - | - | High
|
|
23 | [37.77.172.0](https://vuldb.com/?ip.37.77.172.0) | - | - | High
|
|
24 | [37.120.193.0](https://vuldb.com/?ip.37.120.193.0) | - | - | High
|
|
25 | [37.153.174.0](https://vuldb.com/?ip.37.153.174.0) | - | - | High
|
|
26 | [37.220.64.0](https://vuldb.com/?ip.37.220.64.0) | - | - | High
|
|
27 | [43.113.225.128](https://vuldb.com/?ip.43.113.225.128) | - | - | High
|
|
28 | [45.10.48.0](https://vuldb.com/?ip.45.10.48.0) | - | - | High
|
|
29 | [45.12.70.191](https://vuldb.com/?ip.45.12.70.191) | bay0-mc2-f-bay0.alltieinc.com | - | High
|
|
30 | [45.12.71.191](https://vuldb.com/?ip.45.12.71.191) | - | - | High
|
|
31 | [45.15.44.0](https://vuldb.com/?ip.45.15.44.0) | - | - | High
|
|
32 | [45.80.132.0](https://vuldb.com/?ip.45.80.132.0) | host-45-80-132-0.superhosting.rs | - | High
|
|
33 | [45.86.56.0](https://vuldb.com/?ip.45.86.56.0) | - | - | High
|
|
34 | [45.89.55.0](https://vuldb.com/?ip.45.89.55.0) | . | - | High
|
|
35 | [45.130.112.0](https://vuldb.com/?ip.45.130.112.0) | - | - | High
|
|
36 | [45.130.124.0](https://vuldb.com/?ip.45.130.124.0) | - | - | High
|
|
37 | [45.130.125.0](https://vuldb.com/?ip.45.130.125.0) | - | - | High
|
|
38 | [45.154.58.0](https://vuldb.com/?ip.45.154.58.0) | - | - | High
|
|
39 | [45.155.70.0](https://vuldb.com/?ip.45.155.70.0) | - | - | High
|
|
40 | [45.158.16.0](https://vuldb.com/?ip.45.158.16.0) | - | - | High
|
|
41 | [45.192.156.0](https://vuldb.com/?ip.45.192.156.0) | - | - | High
|
|
42 | [46.16.104.0](https://vuldb.com/?ip.46.16.104.0) | - | - | High
|
|
43 | [46.17.120.0](https://vuldb.com/?ip.46.17.120.0) | - | - | High
|
|
44 | [46.17.144.0](https://vuldb.com/?ip.46.17.144.0) | cable-46-17-144-0.dynamic.kdsinter.net | - | High
|
|
45 | [46.17.218.0](https://vuldb.com/?ip.46.17.218.0) | - | - | High
|
|
46 | [46.17.220.0](https://vuldb.com/?ip.46.17.220.0) | - | - | High
|
|
47 | [46.19.225.0](https://vuldb.com/?ip.46.19.225.0) | - | - | High
|
|
48 | [46.19.227.0](https://vuldb.com/?ip.46.19.227.0) | - | - | High
|
|
49 | [46.19.228.0](https://vuldb.com/?ip.46.19.228.0) | - | - | High
|
|
50 | [46.19.229.128](https://vuldb.com/?ip.46.19.229.128) | - | - | High
|
|
51 | [46.22.144.0](https://vuldb.com/?ip.46.22.144.0) | - | - | High
|
|
52 | [46.40.0.0](https://vuldb.com/?ip.46.40.0.0) | - | - | High
|
|
53 | [46.99.0.0](https://vuldb.com/?ip.46.99.0.0) | - | - | High
|
|
54 | [46.151.120.0](https://vuldb.com/?ip.46.151.120.0) | - | - | High
|
|
55 | [46.151.128.0](https://vuldb.com/?ip.46.151.128.0) | - | - | High
|
|
56 | [46.163.59.0](https://vuldb.com/?ip.46.163.59.0) | - | - | High
|
|
57 | [46.174.96.0](https://vuldb.com/?ip.46.174.96.0) | - | - | High
|
|
58 | [46.235.96.0](https://vuldb.com/?ip.46.235.96.0) | dynamic-46-235-96-0.cpe.sn.co.rs | - | High
|
|
59 | [46.240.128.0](https://vuldb.com/?ip.46.240.128.0) | - | - | High
|
|
60 | [46.243.216.0](https://vuldb.com/?ip.46.243.216.0) | - | - | High
|
|
61 | [46.251.8.0](https://vuldb.com/?ip.46.251.8.0) | - | - | High
|
|
62 | [57.90.192.0](https://vuldb.com/?ip.57.90.192.0) | - | - | High
|
|
63 | [62.3.0.0](https://vuldb.com/?ip.62.3.0.0) | - | - | High
|
|
64 | [62.4.112.0](https://vuldb.com/?ip.62.4.112.0) | - | - | High
|
|
65 | [62.67.16.32](https://vuldb.com/?ip.62.67.16.32) | - | - | High
|
|
66 | [62.67.184.224](https://vuldb.com/?ip.62.67.184.224) | - | - | High
|
|
67 | [62.77.132.0](https://vuldb.com/?ip.62.77.132.0) | - | - | High
|
|
68 | [62.101.128.0](https://vuldb.com/?ip.62.101.128.0) | - | - | High
|
|
69 | [62.108.96.0](https://vuldb.com/?ip.62.108.96.0) | - | - | High
|
|
70 | [62.108.102.0](https://vuldb.com/?ip.62.108.102.0) | - | - | High
|
|
71 | [62.108.104.0](https://vuldb.com/?ip.62.108.104.0) | ppp-104-0-smin.verat.net | - | High
|
|
72 | [62.108.112.0](https://vuldb.com/?ip.62.108.112.0) | - | - | High
|
|
73 | [62.182.152.0](https://vuldb.com/?ip.62.182.152.0) | - | - | High
|
|
74 | [62.193.128.0](https://vuldb.com/?ip.62.193.128.0) | - | - | High
|
|
75 | [62.240.0.0](https://vuldb.com/?ip.62.240.0.0) | - | - | High
|
|
76 | [63.169.158.38](https://vuldb.com/?ip.63.169.158.38) | - | - | High
|
|
77 | [63.218.198.0](https://vuldb.com/?ip.63.218.198.0) | 63-218-198-0.static.pccwglobal.net | - | High
|
|
78 | [63.218.200.68](https://vuldb.com/?ip.63.218.200.68) | - | - | High
|
|
79 | [63.246.142.0](https://vuldb.com/?ip.63.246.142.0) | - | - | High
|
|
80 | [66.28.7.12](https://vuldb.com/?ip.66.28.7.12) | - | - | High
|
|
81 | [66.185.126.0](https://vuldb.com/?ip.66.185.126.0) | - | - | High
|
|
82 | [74.80.96.0](https://vuldb.com/?ip.74.80.96.0) | - | - | High
|
|
83 | [77.46.128.0](https://vuldb.com/?ip.77.46.128.0) | - | - | High
|
|
84 | [77.67.111.216](https://vuldb.com/?ip.77.67.111.216) | - | - | High
|
|
85 | [77.74.248.0](https://vuldb.com/?ip.77.74.248.0) | - | - | High
|
|
86 | [77.105.0.0](https://vuldb.com/?ip.77.105.0.0) | - | - | High
|
|
87 | [77.105.5.0](https://vuldb.com/?ip.77.105.5.0) | 77-105-5-0.adsl-4.sezampro.rs | - | High
|
|
88 | [77.105.6.0](https://vuldb.com/?ip.77.105.6.0) | - | - | High
|
|
89 | [77.105.7.0](https://vuldb.com/?ip.77.105.7.0) | 77-105-7-0.adsl-4.sezampro.rs | - | High
|
|
90 | [77.105.8.0](https://vuldb.com/?ip.77.105.8.0) | - | - | High
|
|
91 | [77.105.9.0](https://vuldb.com/?ip.77.105.9.0) | 77-105-9-0.smin-1.sezampro.rs | - | High
|
|
92 | [77.105.10.0](https://vuldb.com/?ip.77.105.10.0) | 77-105-10-0.smin-1.sezampro.rs | - | High
|
|
93 | [77.105.12.0](https://vuldb.com/?ip.77.105.12.0) | 77-105-12-0.smin-1.sezampro.rs | - | High
|
|
94 | [77.105.16.0](https://vuldb.com/?ip.77.105.16.0) | - | - | High
|
|
95 | [77.105.17.0](https://vuldb.com/?ip.77.105.17.0) | 77-105-17-0.adsl-3.sezampro.rs | - | High
|
|
96 | [77.105.18.0](https://vuldb.com/?ip.77.105.18.0) | 77-105-18-0.adsl-3.sezampro.rs | - | High
|
|
97 | [77.105.20.0](https://vuldb.com/?ip.77.105.20.0) | 77-105-20-0.adsl-3.sezampro.rs | - | High
|
|
98 | [77.105.23.0](https://vuldb.com/?ip.77.105.23.0) | 77-105-23-0.adsl-3.sezampro.rs | - | High
|
|
99 | [77.105.24.0](https://vuldb.com/?ip.77.105.24.0) | 77-105-24-0.adsl-3.sezampro.rs | - | High
|
|
100 | [77.105.32.0](https://vuldb.com/?ip.77.105.32.0) | - | - | High
|
|
101 | [77.243.16.0](https://vuldb.com/?ip.77.243.16.0) | - | - | High
|
|
102 | [77.247.100.0](https://vuldb.com/?ip.77.247.100.0) | - | - | High
|
|
103 | [77.247.200.0](https://vuldb.com/?ip.77.247.200.0) | - | - | High
|
|
104 | [77.247.249.0](https://vuldb.com/?ip.77.247.249.0) | - | - | High
|
|
105 | [77.247.250.0](https://vuldb.com/?ip.77.247.250.0) | - | - | High
|
|
106 | [77.247.255.0](https://vuldb.com/?ip.77.247.255.0) | - | - | High
|
|
107 | [78.24.104.0](https://vuldb.com/?ip.78.24.104.0) | - | - | High
|
|
108 | [78.30.128.0](https://vuldb.com/?ip.78.30.128.0) | - | - | High
|
|
109 | [78.109.96.0](https://vuldb.com/?ip.78.109.96.0) | - | - | High
|
|
110 | [79.101.0.0](https://vuldb.com/?ip.79.101.0.0) | - | - | High
|
|
111 | [79.101.64.0](https://vuldb.com/?ip.79.101.64.0) | - | - | High
|
|
112 | [79.101.96.0](https://vuldb.com/?ip.79.101.96.0) | - | - | High
|
|
113 | [79.101.104.0](https://vuldb.com/?ip.79.101.104.0) | - | - | High
|
|
114 | [79.101.106.0](https://vuldb.com/?ip.79.101.106.0) | - | - | High
|
|
115 | [79.101.106.16](https://vuldb.com/?ip.79.101.106.16) | - | - | High
|
|
116 | [79.101.106.20](https://vuldb.com/?ip.79.101.106.20) | - | - | High
|
|
117 | [79.101.106.23](https://vuldb.com/?ip.79.101.106.23) | - | - | High
|
|
118 | [79.101.106.24](https://vuldb.com/?ip.79.101.106.24) | - | - | High
|
|
119 | [79.101.106.32](https://vuldb.com/?ip.79.101.106.32) | - | - | High
|
|
120 | [79.101.106.64](https://vuldb.com/?ip.79.101.106.64) | - | - | High
|
|
121 | [79.101.106.128](https://vuldb.com/?ip.79.101.106.128) | - | - | High
|
|
122 | [79.101.107.0](https://vuldb.com/?ip.79.101.107.0) | - | - | High
|
|
123 | [79.101.108.0](https://vuldb.com/?ip.79.101.108.0) | - | - | High
|
|
124 | [79.101.112.0](https://vuldb.com/?ip.79.101.112.0) | - | - | High
|
|
125 | [79.101.128.0](https://vuldb.com/?ip.79.101.128.0) | - | - | High
|
|
126 | [79.110.144.0](https://vuldb.com/?ip.79.110.144.0) | - | - | High
|
|
127 | [79.170.112.0](https://vuldb.com/?ip.79.170.112.0) | - | - | High
|
|
128 | [79.170.113.0](https://vuldb.com/?ip.79.170.113.0) | - | - | High
|
|
129 | [79.170.114.0](https://vuldb.com/?ip.79.170.114.0) | - | - | High
|
|
130 | [79.170.116.0](https://vuldb.com/?ip.79.170.116.0) | - | - | High
|
|
131 | [79.175.64.0](https://vuldb.com/?ip.79.175.64.0) | 79-175-64-0.adsl-a-1.sezampro.rs | - | High
|
|
132 | [79.175.68.0](https://vuldb.com/?ip.79.175.68.0) | 79-175-68-0.static.netcom.rs | - | High
|
|
133 | [79.175.72.0](https://vuldb.com/?ip.79.175.72.0) | 79-175-72-0.adsl-a-1.sezampro.rs | - | High
|
|
134 | [79.175.80.0](https://vuldb.com/?ip.79.175.80.0) | 79-175-80-0.adsl-a-1.sezampro.rs | - | High
|
|
135 | [79.175.88.0](https://vuldb.com/?ip.79.175.88.0) | 79-175-88-0.adsl-a-1.sezampro.rs | - | High
|
|
136 | [79.175.92.0](https://vuldb.com/?ip.79.175.92.0) | 79-175-92-0.adsl-a-1.sezampro.rs | - | High
|
|
137 | [79.175.94.0](https://vuldb.com/?ip.79.175.94.0) | 79-175-94-0.adsl-a-1.sezampro.rs | - | High
|
|
138 | [79.175.97.0](https://vuldb.com/?ip.79.175.97.0) | 79-175-97-0.adsl-a-1.sezampro.rs | - | High
|
|
139 | [79.175.98.0](https://vuldb.com/?ip.79.175.98.0) | 79-175-98-0.adsl-a-1.sezampro.rs | - | High
|
|
140 | [79.175.100.0](https://vuldb.com/?ip.79.175.100.0) | 79-175-100-0.adsl-a-1.sezampro.rs | - | High
|
|
141 | [79.175.104.0](https://vuldb.com/?ip.79.175.104.0) | 79-175-104-0.adsl-a-2.sezampro.rs | - | High
|
|
142 | [79.175.112.0](https://vuldb.com/?ip.79.175.112.0) | 79-175-112-0.adsl-a-2.sezampro.rs | - | High
|
|
143 | [79.175.116.0](https://vuldb.com/?ip.79.175.116.0) | 79-175-116-0.adsl-a-3.sezampro.rs | - | High
|
|
144 | [79.175.118.0](https://vuldb.com/?ip.79.175.118.0) | 79-175-118-0.adsl-a-3.sezampro.rs | - | High
|
|
145 | [79.175.120.0](https://vuldb.com/?ip.79.175.120.0) | 79-175-120-0.adsl-a-3.sezampro.rs | - | High
|
|
146 | [80.70.240.0](https://vuldb.com/?ip.80.70.240.0) | - | - | High
|
|
147 | [80.74.160.0](https://vuldb.com/?ip.80.74.160.0) | - | - | High
|
|
148 | [80.80.160.0](https://vuldb.com/?ip.80.80.160.0) | - | - | High
|
|
149 | [80.93.224.0](https://vuldb.com/?ip.80.93.224.0) | - | - | High
|
|
150 | [80.239.160.30](https://vuldb.com/?ip.80.239.160.30) | beg-b2-link.ip.twelve99.net | - | High
|
|
151 | [80.240.144.0](https://vuldb.com/?ip.80.240.144.0) | - | - | High
|
|
152 | [80.243.232.0](https://vuldb.com/?ip.80.243.232.0) | - | - | High
|
|
153 | [80.245.96.0](https://vuldb.com/?ip.80.245.96.0) | - | - | High
|
|
154 | [81.17.230.0](https://vuldb.com/?ip.81.17.230.0) | - | - | High
|
|
155 | [81.18.48.0](https://vuldb.com/?ip.81.18.48.0) | IP-48-0.zapadbanka.me | - | High
|
|
156 | [81.18.49.0](https://vuldb.com/?ip.81.18.49.0) | DYN-49-0.ADSL.neobee.net | - | High
|
|
157 | [81.18.50.0](https://vuldb.com/?ip.81.18.50.0) | DYN-50-0.ADSL.neobee.net | - | High
|
|
158 | [81.18.52.0](https://vuldb.com/?ip.81.18.52.0) | DYN-52-0.ADSL.neobee.net | - | High
|
|
159 | [81.18.56.0](https://vuldb.com/?ip.81.18.56.0) | DYN-56-0.ADSL.neobee.net | - | High
|
|
160 | [81.24.240.0](https://vuldb.com/?ip.81.24.240.0) | - | - | High
|
|
161 | [81.180.229.0](https://vuldb.com/?ip.81.180.229.0) | - | - | High
|
|
162 | [81.181.69.0](https://vuldb.com/?ip.81.181.69.0) | - | - | High
|
|
163 | [82.114.84.0](https://vuldb.com/?ip.82.114.84.0) | - | - | High
|
|
164 | [82.114.92.0](https://vuldb.com/?ip.82.114.92.0) | - | - | High
|
|
165 | [82.117.192.0](https://vuldb.com/?ip.82.117.192.0) | - | - | High
|
|
166 | [82.117.192.4](https://vuldb.com/?ip.82.117.192.4) | peer-AS31042.sbb.rs | - | High
|
|
167 | [82.117.192.8](https://vuldb.com/?ip.82.117.192.8) | - | - | High
|
|
168 | [82.117.192.16](https://vuldb.com/?ip.82.117.192.16) | - | - | High
|
|
169 | [82.117.192.32](https://vuldb.com/?ip.82.117.192.32) | - | - | High
|
|
170 | [82.117.192.64](https://vuldb.com/?ip.82.117.192.64) | - | - | High
|
|
171 | [82.117.192.128](https://vuldb.com/?ip.82.117.192.128) | - | - | High
|
|
172 | [82.117.192.160](https://vuldb.com/?ip.82.117.192.160) | - | - | High
|
|
173 | [82.117.192.176](https://vuldb.com/?ip.82.117.192.176) | peer-AS31042.sbb.rs | - | High
|
|
174 | [82.117.192.180](https://vuldb.com/?ip.82.117.192.180) | peer-AS31042.sbb.rs | - | High
|
|
175 | [82.117.192.184](https://vuldb.com/?ip.82.117.192.184) | - | - | High
|
|
176 | [82.117.192.192](https://vuldb.com/?ip.82.117.192.192) | - | - | High
|
|
177 | [82.117.193.8](https://vuldb.com/?ip.82.117.193.8) | - | - | High
|
|
178 | [82.117.193.16](https://vuldb.com/?ip.82.117.193.16) | - | - | High
|
|
179 | [82.117.193.32](https://vuldb.com/?ip.82.117.193.32) | - | - | High
|
|
180 | [82.117.193.64](https://vuldb.com/?ip.82.117.193.64) | peer-AS31042.sbb.rs | - | High
|
|
181 | [82.117.193.128](https://vuldb.com/?ip.82.117.193.128) | - | - | High
|
|
182 | [82.117.194.0](https://vuldb.com/?ip.82.117.194.0) | - | - | High
|
|
183 | [82.117.196.0](https://vuldb.com/?ip.82.117.196.0) | - | - | High
|
|
184 | [82.117.200.0](https://vuldb.com/?ip.82.117.200.0) | - | - | High
|
|
185 | [82.117.208.0](https://vuldb.com/?ip.82.117.208.0) | - | - | High
|
|
186 | [82.208.192.0](https://vuldb.com/?ip.82.208.192.0) | - | - | High
|
|
187 | [82.214.81.0](https://vuldb.com/?ip.82.214.81.0) | c82-214-81-0.loc.akton.net | - | High
|
|
188 | ... | ... | ... | ...
|
|
|
|
There are 749 more IOC items available. Please use our online service to access the data.
|
|
|
|
## TTP - Tactics, Techniques, Procedures
|
|
|
|
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Serbia Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Technique | Weakness | Description | Confidence
|
|
-- | --------- | -------- | ----------- | ----------
|
|
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
|
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
|
3 | T1055 | CWE-74 | Injection | High
|
|
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
|
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
|
6 | ... | ... | ... | ...
|
|
|
|
There are 20 more TTP items available. Please use our online service to access the data.
|
|
|
|
## IOA - Indicator of Attack
|
|
|
|
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Serbia Unknown. This data is unique as it uses our predictive model for actor profiling.
|
|
|
|
ID | Type | Indicator | Confidence
|
|
-- | ---- | --------- | ----------
|
|
1 | File | `//WEB-INF` | Medium
|
|
2 | File | `/?p=products` | Medium
|
|
3 | File | `/about.php` | Medium
|
|
4 | File | `/admin.php/accessory/filesdel.html` | High
|
|
5 | File | `/admin.php/update/getFile.html` | High
|
|
6 | File | `/admin/?page=user/manage` | High
|
|
7 | File | `/admin/add-new.php` | High
|
|
8 | File | `/admin/cashadvance_row.php` | High
|
|
9 | File | `/admin/doctors.php` | High
|
|
10 | File | `/admin/maintenance/view_designation.php` | High
|
|
11 | File | `/admin/sys_sql_query.php` | High
|
|
12 | File | `/admin/userprofile.php` | High
|
|
13 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
|
14 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
|
15 | File | `/alphaware/summary.php` | High
|
|
16 | File | `/api/` | Low
|
|
17 | File | `/api/admin/store/product/list` | High
|
|
18 | File | `/api/stl/actions/search` | High
|
|
19 | File | `/api/v2/cli/commands` | High
|
|
20 | File | `/APR/login.php` | High
|
|
21 | File | `/bin/ate` | Medium
|
|
22 | File | `/bin/httpd` | Medium
|
|
23 | File | `/boat/login.php` | High
|
|
24 | File | `/booking/show_bookings/` | High
|
|
25 | File | `/cgi-bin` | Medium
|
|
26 | File | `/cgi-bin/wapopen` | High
|
|
27 | File | `/cgi-bin/wlogin.cgi` | High
|
|
28 | File | `/company/store` | High
|
|
29 | File | `/Controller/Ajaxfileupload.ashx` | High
|
|
30 | File | `/debug/pprof` | Medium
|
|
31 | File | `/env` | Low
|
|
32 | File | `/feeds/post/publish` | High
|
|
33 | File | `/forum/away.php` | High
|
|
34 | File | `/h/` | Low
|
|
35 | File | `/home/masterConsole` | High
|
|
36 | File | `/home/sendBroadcast` | High
|
|
37 | File | `/inc/jquery/uploadify/uploadify.php` | High
|
|
38 | File | `/index.php?app=main&func=passport&action=login` | High
|
|
39 | File | `/index.php?page=category_list` | High
|
|
40 | File | `/jobinfo/` | Medium
|
|
41 | File | `/Moosikay/order.php` | High
|
|
42 | File | `/mygym/admin/index.php?view_exercises` | High
|
|
43 | File | `/opac/Actions.php?a=login` | High
|
|
44 | File | `/php-opos/index.php` | High
|
|
45 | File | `/php-sms/admin/?page=user/manage_user` | High
|
|
46 | File | `/PreviewHandler.ashx` | High
|
|
47 | File | `/public/launchNewWindow.jsp` | High
|
|
48 | File | `/recipe-result` | High
|
|
49 | File | `/reservation/add_message.php` | High
|
|
50 | File | `/resources//../` | High
|
|
51 | File | `/Service/ImageStationDataService.asmx` | High
|
|
52 | File | `/student/bookdetails.php` | High
|
|
53 | File | `/uncpath/` | Medium
|
|
54 | File | `/uploads/exam_question/` | High
|
|
55 | File | `/user/ticket/create` | High
|
|
56 | File | `/user/updatePwd` | High
|
|
57 | File | `/var/lib/docker/<remapping>` | High
|
|
58 | File | `/video-sharing-script/watch-video.php` | High
|
|
59 | ... | ... | ...
|
|
|
|
There are 516 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
|
|
|
## References
|
|
|
|
The following list contains _external sources_ which discuss the actor and the associated activities:
|
|
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_rs.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_rs.netset
|
|
* https://github.com/firehol/blocklist-ipsets/blob/master/ipip_country/ipip_country_rs.netset
|
|
|
|
## Literature
|
|
|
|
The following _articles_ explain our unique predictive cyber threat intelligence:
|
|
|
|
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
|
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
|
|
|
## License
|
|
|
|
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|