mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-07-03 08:58:21 +00:00

History

Marc Ruef b78aaf637e Update March 2023		2023-03-14 21:25:30 +01:00
..
README.md	Update March 2023	2023-03-14 21:25:30 +01:00

README.md

Ukraine Unknown - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the actor known as Ukraine Unknown. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor.ukraine_unknown

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Ukraine Unknown:

There are 25 more country items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Ukraine Unknown.

ID	IP address	Hostname	Campaign	Confidence
1	2.56.108.0	vmta2.gcwsm0.imagirize.com	-	High
2	2.56.136.0	-	-	High
3	2.57.39.0	-	-	High
4	2.57.112.0	-	-	High
5	2.57.150.0	-	-	High
6	2.57.204.0	-	-	High
7	2.58.204.0	-	-	High
8	2.59.220.0	-	-	High
9	5.1.0.0	-	-	High
10	5.8.32.0	subnet.gcore.lu	-	High
11	5.8.34.0	subnet.gcore.lu	-	High
12	5.22.156.0	-	-	High
13	5.34.176.0	subnet.ipv4.layer6.net	-	High
14	5.53.112.0	-	-	High
15	5.56.24.0	-	-	High
16	5.57.64.0	-	-	High
17	5.58.0.0	-	-	High
18	5.59.38.0	-	-	High
19	5.59.54.0	-	-	High
20	5.59.104.0	-	-	High
21	5.62.61.196	r-196-61-62-5.consumer-pool.prcdn.net	-	High
22	5.62.63.184	r-184-63-62-5.consumer-pool.prcdn.net	-	High
23	5.83.16.0	5.83.16.0.best.net.ua	-	High
24	5.101.208.0	-	-	High
25	5.102.36.0	-	-	High
26	5.104.32.0	-	-	High
27	5.105.0.0	-	-	High
28	5.132.148.0	-	-	High
29	5.149.120.0	5.149.120.0.mirohost.net	-	High
30	5.149.208.0	-	-	High
31	5.153.128.0	-	-	High
32	5.153.160.0	-	-	High
33	5.153.168.0	-	-	High
34	5.153.176.0	0.176.isphost.donbass.com	-	High
35	5.175.150.128	-	-	High
36	5.180.100.0	-	-	High
37	5.180.128.0	-	-	High
38	5.181.84.0	-	-	High
39	5.181.196.0	-	-	High
40	5.181.248.0	-	-	High
41	5.182.96.0	-	-	High
42	5.183.64.0	-	-	High
43	5.183.200.0	net-200-0-63.bg.net.ua	-	High
44	5.188.61.0	-	-	High
45	5.188.136.0	-	-	High
46	5.188.144.0	-	-	High
47	5.199.232.0	-	-	High
48	5.207.0.0	-	-	High
49	5.248.0.0	5-248-0-0.broadband.kyivstar.net	-	High
50	5.252.180.0	-	-	High
51	5.255.32.0	ppp-5-255-32-0.wildpark.net	-	High
52	5.255.160.0	5-255-160-0-kh.maxnet.ua	-	High
53	8.42.51.0	-	-	High
54	31.3.24.0	-	-	High
55	31.3.192.0	-	-	High
56	31.6.8.0	-	-	High
57	31.6.96.0	-	-	High
58	31.12.128.0	31-12-128-0.vf-ua.net	-	High
59	31.24.208.0	-	-	High
60	31.28.1.128	-	-	High
61	31.28.160.0	-	-	High
62	31.28.224.0	-	-	High
63	31.31.96.0	subnet96-0-24.tenet.odessa.ua	-	High
64	31.40.16.0	-	-	High
65	31.40.104.0	0.104.40.31.ukrtelebud.com.ua	-	High
66	31.40.128.70	-	-	High
67	31.41.48.0	-	-	High
68	31.41.64.0	0.64.41.31.clients.uainet.net	-	High
69	31.41.88.0	0-88-41-31.users.novi.uz.ua	-	High
70	31.41.104.0	-	-	High
71	31.41.112.0	-	-	High
72	31.41.128.0	-	-	High
73	31.41.216.0	-	-	High
74	31.42.48.0	-	-	High
75	31.42.64.0	-	-	High
76	31.42.112.0	-	-	High
77	31.42.160.0	-	-	High
78	31.43.0.0	net.dks.com.ua	-	High
79	31.43.128.0	net-31.43.128.0.corbina.com.ua	-	High
80	31.43.224.0	-	-	High
81	31.44.188.0	-	-	High
82	31.44.190.0	-	-	High
83	31.128.64.0	-	-	High
84	31.128.160.0	-	-	High
85	31.128.224.0	-	-	High
86	31.129.64.0	-	-	High
87	31.129.160.0	-	-	High
88	31.129.224.0	-	-	High
89	31.131.16.0	-	-	High
90	31.131.32.0	-	-	High
91	31.131.96.0	-	-	High
92	31.131.128.0	-	-	High
93	31.133.48.0	-	-	High
94	31.133.64.0	pool-31-133-64-0.optima-east.net	-	High
95	31.133.96.0	-	-	High
96	31.134.64.0	-	-	High
97	31.134.104.0	ip-31-134-104-0.dss-group.net	-	High
98	31.134.112.0	-	-	High
99	31.134.208.0	-	-	High
100	31.135.96.0	-	-	High
101	31.135.128.0	-	-	High
102	31.135.176.0	-	-	High
103	31.144.0.0	31.144-0-0.staticip.vf-ua.net	-	High
104	31.148.20.0	-	-	High
105	31.148.20.16	-	-	High
106	31.148.20.24	-	-	High
107	31.148.20.28	-	-	High
108	31.148.20.30	-	-	High
109	31.148.20.32	-	-	High
110	31.148.20.64	-	-	High
111	31.148.20.128	-	-	High
112	31.148.23.0	-	-	High
113	31.148.25.0	-	-	High
114	31.148.28.0	-	-	High
115	31.148.51.0	-	-	High
116	31.148.52.0	-	-	High
117	31.148.56.0	-	-	High
118	31.148.134.0	pppoe-31-148-134-0.customer.ternet.com.ua	-	High
119	31.148.168.0	-	-	High
120	31.148.171.0	-	-	High
121	31.148.175.0	-	-	High
122	31.148.176.0	-	-	High
123	31.148.206.0	-	-	High
124	31.148.218.0	-	-	High
125	31.148.221.0	-	-	High
126	31.148.245.0	-	-	High
127	31.148.252.0	-	-	High
128	31.170.128.0	-	-	High
129	31.172.136.0	-	-	High
130	31.193.80.0	-	-	High
131	31.202.0.0	-	-	High
132	31.223.224.0	obolon3-vl823-unicast.voks.ua	-	High
133	34.99.194.0	0.194.99.34.bc.googleusercontent.com	-	Medium
134	34.103.138.0	0.138.103.34.bc.googleusercontent.com	-	Medium
135	34.103.210.0	0.210.103.34.bc.googleusercontent.com	-	Medium
136	37.17.240.0	-	-	High
137	37.19.128.0	-	-	High
138	37.25.32.1	-	-	High
139	37.25.32.2	-	-	High
140	37.25.32.4	-	-	High
141	37.25.32.8	-	-	High
142	37.25.32.16	-	-	High
143	37.25.32.32	-	-	High
144	37.25.32.64	-	-	High
145	37.25.32.128	-	-	High
146	37.25.33.0	-	-	High
147	37.25.34.0	-	-	High
148	37.25.36.0	-	-	High
149	37.25.96.0	ppp-37-25-96-0.wildpark.net	-	High
150	37.44.232.0	37-44-232-0.arx.com.ua	-	High
151	37.46.216.0	-	-	High
152	37.46.224.0	0.224.46.37.triolan.net	-	High
153	37.52.0.0	0-0-52-37.pool.ukrtel.net	-	High
154	37.57.0.0	0.0.57.37.triolan.net	-	High
155	37.72.40.0	dynamicip.pppoe.37.72.40.0.vntp.net	-	High
156	37.73.0.0	-	-	High
157	37.75.216.0	-	-	High
158	37.115.0.0	37-115-0-0.broadband.kyivstar.net	-	High
159	37.139.96.0	-	-	High
160	37.139.160.0	37-139-160-0.dynamic-pool.mclaut.net	-	High
161	37.143.88.0	-	-	High
162	37.143.132.0	-	-	High
163	37.203.0.0	subnet-0-24.tenet.odessa.ua	-	High
164	37.221.128.0	-	-	High
165	37.229.0.0	37-229-0-0.broadband.kyivstar.net	-	High
166	37.230.163.3	37.230.163.3.leadertelecom.ru	-	High
167	45.9.28.0	-	-	High
168	45.9.40.0	-	-	High
169	45.9.236.0	45.9.236.0.deltahost-ptr	-	High
170	45.10.32.0	-	-	High
171	45.10.88.0	-	-	High
172	45.11.56.0	dedicated.vsys.host	-	High
173	45.12.0.0	dedicated.vsys.host	-	High
174	45.12.24.0	-	-	High
175	45.12.70.231	scotticism.globalhilive.com	-	High
176	45.12.71.231	-	-	High
177	45.13.188.0	-	-	High
178	45.14.24.0	-	-	High
179	45.14.108.0	-	-	High
180	45.15.232.0	-	-	High
181	45.66.55.0	-	-	High
182	45.67.20.0	-	-	High
183	45.67.120.0	-	-	High
184	45.67.215.0	-	-	High
185	45.80.108.0	-	-	High
186	45.81.112.0	-	-	High
187	45.82.8.0	0.8.82.45.ukrtelebud.com.ua	-	High
188	45.82.84.0	45.82.84.0.deltahost-ptr	-	High
189	45.83.0.0	-	-	High
190	45.83.176.0	-	-	High
191	45.84.0.116	n5336.md	-	High
192	45.84.92.0	0.92.84.45.unknown.m-x.net.ua	-	High
193	45.84.148.0	-	-	High
194	45.85.36.0	-	-	High
195	45.87.88.0	-	-	High
196	45.88.136.0	-	-	High
197	45.88.159.0	-	-	High
198	45.89.88.0	-	-	High
199	45.90.176.0	-	-	High
200	45.91.128.0	-	-	High
201	45.91.168.0	-	-	High
202	45.91.216.0	-	-	High
203	45.94.92.0	-	-	High
204	45.94.156.0	-	-	High
205	45.94.168.0	-	-	High
206	45.95.164.0	45-95-164-0.dynamic-pool.mclaut.net	-	High
207	45.95.188.0	-	-	High
208	45.128.148.0	subnet.isplevel.name	-	High
209	45.128.188.0	-	-	High
210	45.129.72.0	-	-	High
211	45.130.0.0	45-130-0-0.broadband.tenet.odessa.ua	-	High
212	45.130.244.0	-	-	High
213	45.131.164.0	-	-	High
214	45.132.92.0	-	-	High
215	45.132.180.0	-	-	High
216	45.133.41.0	-	-	High
217	45.135.0.0	-	-	High
218	45.138.180.0	-	-	High
219	45.140.44.0	-	-	High
220	45.140.80.0	-	-	High
221	45.140.108.0	-	-	High
222	45.140.120.0	45-140-120-0.broadband.tenet.odessa.ua	-	High
223	45.140.146.17	vm545760.stark-industries.solutions	-	High
224	45.142.88.0	-	-	High
225	45.143.48.0	45-143-48-0.dynamic-pool.mclaut.net	-	High
226	45.144.212.0	-	-	High
227	45.146.116.0	-	-	High
228	45.146.170.0	-	-	High
229	45.147.140.0	-	-	High
230	45.148.148.0	-	-	High
231	45.148.152.0	-	-	High
232	45.148.228.0	-	-	High
233	45.149.24.0	-	-	High
234	45.149.133.0	-	-	High
235	45.149.244.0	-	-	High
236	45.150.32.0	-	-	High
237	45.150.56.0	-	-	High
238	45.151.0.0	-	-	High
239	45.151.236.0	-	-	High
240	45.152.24.0	-	-	High
241	45.152.72.0	-	-	High
242	45.152.164.0	-	-	High
243	45.153.208.0	-	-	High
244	45.154.116.0	subnet.thehost.ua	-	High
245	45.154.128.0	-	-	High
246	45.155.80.0	-	-	High
247	45.156.36.0	45-156-36-0.broadband.tenet.odessa.ua	-	High
248	45.157.204.0	-	-	High
249	45.158.48.0	45-158-48-0.dynamic-pool.mclaut.net	-	High
250	45.158.128.0	-	-	High
251	45.158.244.0	-	-	High
252	45.159.100.0	-	-	High
253	46.8.28.0	-	-	High
254	46.8.34.0	-	-	High
255	46.8.37.0	-	-	High
256	46.17.240.0	46-17-240-0.aries.od.ua	-	High
257	46.18.0.0	-	-	High
258	46.21.250.0	subnet.zomro.com	-	High
259	46.28.64.0	subnet.ipv4.layer6.net	-	High
260	46.28.192.0	-	-	High
261	46.29.128.0	-	-	High
262	46.30.160.0	160.30.46.0.access.ipnet.ua	-	High
263	46.33.32.0	-	-	High
264	46.33.224.0	ppp-46-33-224-0.wildpark.net	-	High
265	46.35.224.0	-	-	High
266	46.36.201.16	-	-	High
267	46.36.201.20	-	-	High
268	46.36.201.51	-	-	High
269	46.36.201.52	-	-	High
270	46.36.201.97	-	-	High
271	46.36.201.98	-	-	High
272	46.36.202.81	-	-	High
273	46.36.202.82	-	-	High
274	46.36.202.84	-	-	High
275	46.36.202.88	-	-	High
276	46.36.202.90	-	-	High
277	46.36.202.211	-	-	High
278	46.36.202.212	-	-	High
279	46.36.202.216	-	-	High
280	46.36.202.224	-	-	High
281	46.36.202.228	-	-	High
282	46.36.202.230	-	-	High
283	46.37.192.0	0.pool-46.37.192.icn.ua	-	High
284	46.39.64.0	-	-	High
285	46.46.64.0	-	-	High
286	46.63.0.0	pool-46-63-0-0.x-city.ua	-	High
287	46.96.0.0	-	-	High
288	46.98.0.0	PPPoE.fregat.ua	-	High
289	46.107.228.0	-	-	High
290	46.118.0.0	46-118-0-0.broadband.kyivstar.net	-	High
291	46.133.0.0	46-133-0-0.mobile.vf-ua.net	-	High
292	46.148.16.0	ip-46-148-16-0.infiumhost.net	-	High
293	46.148.112.0	-	-	High
294	46.148.116.0	-	-	High
295	46.148.118.0	-	-	High
296	46.148.120.0	-	-	High
297	46.148.176.0	-	-	High
298	46.149.48.0	-	-	High
299	46.149.80.0	-	-	High
300	46.149.176.0	-	-	High
301	46.150.0.0	-	-	High
302	46.150.64.0	46.150.64.0.mlt.volia.net	-	High
303	46.151.40.0	-	-	High
304	46.151.80.0	-	-	High
305	46.151.144.0	-	-	High
306	46.151.176.0	-	-	High
307	46.151.192.0	-	-	High
308	46.151.248.0	ip-46-151-248-0.ctn.cv.ua	-	High
309	46.160.64.0	-	-	High
310	46.161.40.0	-	-	High
311	46.161.62.128	pinspb.ru	-	High
312	46.162.0.0	-	-	High
313	46.164.128.0	-	-	High
314	46.172.64.0	-	-	High
315	46.172.128.0	-	-	High
316	46.172.192.0	-	-	High
317	46.173.96.0	-	-	High
318	46.173.128.0	-	-	High
319	46.173.160.0	-	-	High
320	46.174.64.0	-	-	High
321	46.174.120.0	-	-	High
322	46.174.160.0	network.46-174-160-0.it-mark.net	-	High
323	46.174.240.0	-	-	High
324	46.175.16.0	UNUSED.imc-ua.net	-	High
325	46.175.64.0	-	-	High
326	46.175.80.0	-	-	High
327	46.175.136.0	-	-	High
328	46.175.144.0	-	-	High
329	46.175.160.0	-	-	High
330	46.175.184.0	-	-	High
331	46.175.240.0	-	-	High
332	46.182.80.0	-	-	High
333	46.185.0.0	46-185-0-0.broadband.kyivstar.net	-	High
334	46.200.0.0	0-0-200-46.pool.ukrtel.net	-	High
335	46.211.0.0	46-211-0-0.mobile.kyivstar.net	-	High
336	46.219.0.0	-	-	High
337	46.227.136.0	dynamicip.pppoe.46.227.136.0.vntp.net	-	High
338	46.229.48.0	46-229-48-0.kievnet.com.ua	-	High
339	46.231.224.0	-	-	High
340	46.232.232.0	-	-	High
341	46.247.128.0	-	-	High
342	46.250.0.0	46.250.0.0.pool.breezein.net	-	High
343	46.250.96.0	-	-	High
344	46.252.208.0	-	-	High
345	46.255.32.0	46-255-32-0.dynamic-pool.mclaut.net	-	High
346	50.7.248.0	-	-	High
347	62.4.111.0	-	-	High
348	62.16.0.0	subnet124-0-24.tenet.odessa.ua	-	High
349	62.64.64.0	-	-	High
350	62.72.160.0	-	-	High
351	62.76.12.0	-	-	High
352	62.80.160.0	-	-	High
353	62.84.248.0	62.84.248.0.best.net.ua	-	High
354	62.122.0.0	-	-	High
355	62.122.56.0	-	-	High
356	62.122.64.0	-	-	High
357	62.122.104.0	-	-	High
358	62.122.152.0	pe-sh-pbsrv-net.ollie.com.ua	-	High
359	62.122.200.0	-	-	High
360	62.122.220.0	-	-	High
361	62.140.239.0	62-140-239-0.fiord.net	-	High
362	62.140.239.128	msk-m9-b1-ae7-vlan305.fiord.net	-	High
363	62.140.239.192	62-140-239-192.fiord.net	-	High
364	62.140.239.224	62-140-239-224.fiord.net	-	High
365	62.140.239.240	62-140-239-240.fiord.net	-	High
366	62.140.239.242	62-140-239-242-fiord.net	-	High
367	62.140.239.244	msk-m9-b1-ae22-vlan2042.fiord.net	-	High
368	62.140.239.248	62-140-239-248.fiord.net	-	High
369	62.149.0.0	-	-	High
370	62.182.64.0	-	-	High
371	62.182.80.0	host-0.dedicated.vsys.host	-	High
372	62.182.120.0	unused.imc-ua.net	-	High
373	62.182.160.0	62.182.160.0.serverel.net	-	High
374	62.187.208.0	-	-	High
375	62.205.128.0	-	-	High
376	62.216.32.0	-	-	High
377	62.221.32.0	-	-	High
378	62.244.0.0	-	-	High
379	63.168.72.4	-	-	High
380	63.246.139.0	-	-	High
381	66.96.119.128	-	-	High
382	69.168.237.0	-	-	High
383	69.168.239.0	-	-	High
384	77.47.128.0	net-v319.r7.kpi.ua	-	High
385	77.52.0.0	77-52-0-0.staticip.vf-ua.net	-	High
386	77.72.128.0	-	-	High
387	77.75.144.0	facebook.dataline.ua	-	High
388	77.83.36.0	-	-	High
389	77.83.100.0	-	-	High
390	77.83.188.0	-	-	High
391	77.87.32.0	-	-	High
392	77.87.144.0	77.87.144.0.sta.pautina.ua	-	High
393	77.87.192.0	77.87.192.0.mirohost.net	-	High
394	77.88.192.0	-	-	High
395	77.88.238.0	ucloud-net.onix.kiev.ua	-	High
396	77.88.240.0	-	-	High
397	77.93.32.0	-	-	High
398	77.109.0.0	-	-	High
399	77.111.244.0	-	-	High
400	77.120.0.0	unknown.volia.net	-	High
401	77.120.32.0	77.120.32.0.lvv.volia.net	-	High
402	77.120.48.0	ip.77.121.13.0.volia.net	-	High
403	77.120.60.0	metro.volia.net	-	High
404	77.120.64.0	77.120.64.0.kir.volia.net	-	High
405	77.120.128.0	77.120.128.0.kha.volia.net	-	High
406	77.121.0.0	77.121.0.0.khe.volia.net	-	High
407	77.121.8.0	77.121.8.0.pol.volia.net	-	High
408	77.121.12.0	77.121.12.0.head.sum.volia.net	-	High
409	77.121.15.0	77.121.15.0.ter.volia.net	-	High
410	77.121.16.0	77.121.16.0.lut.volia.net	-	High
411	77.121.32.0	-	-	High
412	77.121.64.0	77.121.64.0.lut.volia.net	-	High
413	77.121.128.0	77.121.128.0.zap.volia.net	-	High
414	77.122.0.0	77.122.0.0.kha.volia.net	-	High
415	77.222.128.0	-	-	High
416	77.239.160.0	77-239-160-0.static.vega-ua.net	-	High
417	77.244.32.0	77.244.32.0.kha.volia.net	-	High
418	77.246.248.0	-	-	High
419	77.247.16.0	ppp-77-247-16-0.wildpark.net	-	High
420	77.247.216.0	-	-	High
421	78.24.72.0	-	-	High
422	78.24.75.0	-	-	High
423	78.24.76.0	-	-	High
424	78.24.78.0	-	-	High
425	78.25.0.0	-	-	High
426	78.26.128.0	net-78.26.128-255.Odessa.TV	-	High
427	78.27.128.0	pool128-000.domashka.kiev.ua	-	High
428	78.30.192.0	-	-	High
429	78.31.176.0	-	-	High
430	78.109.16.0	0.16.109.78.hosting.ua	-	High
431	78.111.16.0	dsl-16br0.vil.com.ua	-	High
432	78.111.176.0	-	-	High
433	78.111.208.0	208-0.pppoe.mp.farlep.net	-	High
434	78.137.0.0	78-137-0-0.static-ppp-pool.2mcl.com	-	High
435	78.152.160.0	-	-	High
436	78.154.160.0	78.154.160.0.ett.ua	-	High
437	78.158.192.0	-	-	High
438	78.159.32.0	-	-	High
439	79.98.240.0	-	-	High
440	79.110.17.0	-	-	High
441	79.110.18.0	-	-	High
442	79.110.20.0	-	-	High
443	79.110.22.0	-	-	High
444	79.110.23.0	-	-	High
445	79.110.24.0	-	-	High
446	79.110.25.128	-	-	High
447	79.110.26.0	-	-	High
448	79.110.96.0	79.110.96.0.serverel.net	-	High
449	79.110.128.0	-	-	High
450	79.110.188.0	-	-	High
451	79.110.208.0	79.110.208.0.serverel.net	-	High
452	79.124.128.0	0.128.124.79.in-addr.arpa	-	High
453	79.135.192.0	0.pool-79.135.192.icn.ua	-	High
454	79.140.0.0	subnet79-0-24.Te.NeT.UA	-	High
455	79.142.192.0	-	-	High
456	79.143.32.0	79.143.32.0.vntp.net	-	High
457	79.171.120.0	-	-	High
458	80.64.80.0	80.64.80.0.untc.net	-	High
459	80.66.76.187	-	-	High
460	80.66.196.0	-	-	High
461	80.70.64.0	-	-	High
462	80.73.0.0	0.0.73.80.triolan.net	-	High
463	80.77.32.0	-	-	High
464	80.78.32.0	80-78-32-0.nbi.com.ua	-	High
465	80.82.198.0	-	-	High
466	80.84.176.0	-	-	High
467	80.90.224.0	-	-	High
468	80.91.160.0	-	-	High
469	80.92.224.0	-	-	High
470	80.93.112.0	nw-servers.ett.ua	-	High
471	80.242.96.0	-	-	High
472	80.243.144.0	-	-	High
473	80.245.112.0	-	-	High
474	80.249.224.0	-	-	High
475	80.252.240.0	ppp-80-252-240-0.wildpark.net	-	High
476	80.254.0.0	0-net.express.net.ua	-	High
477	80.255.64.0	-	-	High
478	81.2.149.96	-	-	High
479	81.17.128.0	-	-	High
480	81.21.0.0	-	-	High
481	81.22.128.0	-	-	High
482	81.23.16.0	-	-	High
483	81.24.208.0	81.24.208.0.trion.mk.ua	-	High
484	81.25.224.0	Skyline-NET.sky.od.ua	-	High
485	81.30.160.0	-	-	High
486	81.90.224.0	bs-vm-net-1.radiocom.net.ua	-	High
487	81.95.176.0	-	-	High
488	81.162.64.0	-	-	High
489	81.162.96.0	-	-	High
490	81.162.216.0	-	-	High
491	81.162.224.0	-	-	High
492	81.163.88.0	-	-	High
493	81.163.112.0	-	-	High
494	81.163.152.0	-	-	High
495	81.163.208.0	-	-	High
496	82.117.224.0	VELTON-GPONK2-KH-NET1.224.117.82.in-addr.arpa	-	High
497	82.118.16.0	subnet.ipv4.layer6.net	-	High
498	82.144.192.0	unknown.volia.net	-	High
499	82.193.96.0	-	-	High
500	82.207.0.0	-	-	High
501	83.137.88.0	-	-	High
502	83.142.104.0	-	-	High
503	83.142.208.0	-	-	High
504	83.142.232.0	base-office.skyvision.net.ua	-	High
505	83.143.232.0	-	-	High
506	83.150.204.0	network.starlink.ua	-	High
507	83.170.192.0	ll-0.192.170.83.lv.sovam.net.ua	-	High
508	83.218.224.0	-	-	High
509	83.242.96.0	-	-	High
510	84.47.132.0	-	-	High
511	84.47.179.0	-	-	High
512	84.234.104.0	-	-	High
513	85.90.192.0	VELTON-PA-CORE-NET.192.90.85.in-addr.arpa	-	High
514	85.91.197.233	-	-	High
515	85.114.192.0	-	-	High
516	85.159.0.0	-	-	High
517	85.198.128.0	128-0.trifle.net	-	High
518	85.209.44.0	85-209-44-0.ibnet.ua	-	High
519	85.209.120.0	-	-	High
520	85.223.128.0	-	-	High
521	85.238.96.0	subnet96-0-26.tenet.odessa.ua	-	High
522	85.255.176.0	-	-	High
523	86.62.44.0	44-62-86.net.arkada-x.com	-	High
524	86.106.83.0	-	-	High
525	86.111.64.0	-	-	High
526	86.111.224.0	-	-	High
527	87.76.128.0	-	-	High
528	87.238.152.0	152.238.87.privatbank.ua	-	High
529	87.244.128.0	-	-	High
530	87.245.222.64	-	-	High
531	87.247.152.0	87.247.152.0.deltahost-ptr	-	High
532	88.81.224.0	-	-	High
533	88.135.80.0	-	-	High
534	88.135.112.0	-	-	High
535	88.135.192.0	-	-	High
536	88.154.0.0	-	-	High
537	88.214.8.0	88-214-8-0.broadband.tenet.odessa.ua	-	High
538	88.214.64.0	88-214-64-0.vf-ua.net	-	High
539	88.218.29.0	-	-	High
540	88.218.30.0	-	-	High
541	88.218.180.0	-	-	High
542	88.218.188.0	subnet.thehost.ua	-	High
543	89.19.96.0	-	-	High
544	89.21.72.0	-	-	High
545	89.21.80.0	-	-	High
546	89.22.40.0	undef.isys.net.ua	-	High
547	89.22.200.0	-	-	High
548	89.22.240.0	-	-	High
549	89.28.200.0	-	-	High
550	89.105.224.0	net-224--0-127.kiev.farlep.net	-	High
551	89.107.136.0	-	-	High
552	89.110.64.0	-	-	High
553	89.162.128.0	karavanska.lv.sovam.net.ua	-	High
554	89.184.64.0	89.184.64.0.mirohost.net	-	High
555	89.185.0.0	-	-	High
556	89.187.0.0	host-0-0.wi.com.ua	-	High
557	89.200.232.0	-	-	High
558	89.200.248.0	-	-	High
559	89.209.0.0	-	-	High
560	89.251.16.0	-	-	High
561	89.252.0.0	89.252.0.0.freenet.com.ua	-	High
562	91.90.8.0	-	-	High
563	91.90.16.0	net-91-90-16.skif.com.ua	-	High
564	91.90.196.0	-	-	High
565	91.92.2.0	-	-	High
566	91.102.176.0	-	-	High
567	91.103.120.0	-	-	High
568	91.105.236.0	-	-	High
569	91.108.52.0	-	-	High
570	91.123.144.0	-	-	High
571	91.124.0.0	-	-	High
572	91.132.132.0	-	-	High
573	91.132.140.0	-	-	High
574	91.132.148.0	-	-	High
575	91.132.164.0	-	-	High
576	91.132.184.0	-	-	High
577	91.142.160.0	-	-	High
578	91.145.192.0	192.145.91.in-addr.arpa	-	High
579	91.189.128.0	-	-	High
580	91.189.152.0	-	-	High
581	91.192.44.0	-	-	High
582	91.192.104.0	-	-	High
583	91.192.128.0	subnet-128-0.lan-telecom.net	-	High
584	91.192.136.0	-	-	High
585	91.192.152.0	-	-	High
586	91.192.160.0	-	-	High
587	91.192.180.0	-	-	High
588	91.192.184.0	-	-	High
589	91.192.200.0	-	-	High
590	91.192.216.0	UNUSED.airport.net.ua	-	High
591	91.193.32.0	v68.mpls.i4.norden-lilljorm.under.net.ua	-	High
592	91.193.68.0	-	-	High
593	91.193.76.0	-	-	High
594	91.193.80.0	-	-	High
595	91.193.124.0	-	-	High
596	91.193.128.0	-	-	High
597	91.193.164.0	91.193.164.000.kievline.net	-	High
598	91.193.172.0	0.172.193.91.triolan.net	-	High
599	91.193.192.0	-	-	High
600	91.193.204.0	-	-	High
601	91.193.252.0	-	-	High
602	91.194.34.0	-	-	High
603	91.194.40.0	-	-	High
604	91.194.50.0	-	-	High
605	91.194.56.0	-	-	High
606	91.194.72.0	-	-	High
607	91.194.78.0	subnet-78-24-dca.te.net.ua	-	High
608	91.194.80.0	-	-	High
609	91.194.88.0	-	-	High
610	91.194.134.0	-	-	High
611	91.194.162.0	-	-	High
612	91.194.168.0	-	-	High
613	91.194.192.0	-	-	High
614	91.194.238.0	-	-	High
615	91.194.250.0	-	-	High
616	91.195.2.0	-	-	High
617	91.195.10.0	-	-	High
618	91.195.52.0	nocservice.biz	-	High
619	91.195.68.0	-	-	High
620	91.195.74.0	91.195.74.0.telegroup.kiev.ua	-	High
621	91.195.90.0	-	-	High
622	91.195.96.0	-	-	High
623	91.195.120.0	-	-	High
624	91.195.156.0	-	-	High
625	91.195.172.0	0-172-195-91.users.novi.uz.ua	-	High
626	91.195.184.0	-	-	High
627	91.195.214.0	-	-	High
628	91.195.230.0	-	-	High
629	91.195.244.0	popelnya.net	-	High
630	91.195.248.0	0.248.195.91.akson45.net	-	High
631	91.196.0.0	colo-198-0.hostbizua.com	-	High
632	91.196.52.0	pppoe.komitex.net	-	High
633	91.196.60.0	-	-	High
634	91.196.80.0	-	-	High
635	91.196.88.0	-	-	High
636	91.196.96.0	91.196.96.0.untc.net	-	High
637	91.196.120.0	-	-	High
638	91.196.132.0	net-91-196-132-0.prmt-eu.com	-	High
639	91.196.148.0	-	-	High
640	91.196.156.0	-	-	High
641	91.196.160.0	-	-	High
642	91.196.176.0	backbone0-net.lux-net.com.ua	-	High
643	91.196.192.0	pool192-000.domashka.kiev.ua	-	High
644	91.196.228.0	0-228.196.91-nat.expres.net.ua	-	High
645	91.197.4.0	-	-	High
646	91.197.16.0	-	-	High
647	91.197.24.0	ip-1800.rusanovka-net.kiev.ua	-	High
648	91.197.48.0	-	-	High
649	91.197.56.0	-	-	High
650	91.197.58.0	-	-	High
651	91.197.68.0	-	-	High
652	91.197.80.0	-	-	High
653	91.197.128.0	-	-	High
654	91.197.144.0	-	-	High
655	91.197.168.0	net.intraffic.ua	-	High
656	91.197.184.0	-	-	High
657	91.197.216.0	-	-	High
658	91.197.236.0	-	-	High
659	91.198.1.0	-	-	High
660	91.198.4.0	-	-	High
661	91.198.10.0	-	-	High
662	91.198.31.0	-	-	High
663	91.198.34.0	-	-	High
664	91.198.36.0	-	-	High
665	91.198.40.0	-	-	High
666	91.198.50.0	-	-	High
667	91.198.83.0	-	-	High
668	91.198.101.0	-	-	High
669	91.198.116.0	-	-	High
670	91.198.140.0	-	-	High
671	91.198.143.0	-	-	High
672	91.198.188.0	-	-	High
673	91.198.233.0	91-198-233-0.kyivlink.com	-	High
674	91.198.235.0	-	-	High
675	91.198.247.0	-	-	High
676	91.198.249.0	-	-	High
677	91.199.13.0	-	-	High
678	91.199.28.0	-	-	High
679	91.199.33.0	-	-	High
680	91.199.35.0	-	-	High
681	91.199.37.0	91-199-37-0.amik.dn.ua	-	High
682	91.199.54.0	-	-	High
683	91.199.91.0	-	-	High
684	91.199.92.0	-	-	High
685	91.199.106.0	-	-	High
686	91.199.138.0	-	-	High
687	91.199.144.0	-	-	High
688	91.199.188.0	-	-	High
689	91.199.194.0	ip-91-199-194-0.opensvit.ua	-	High
690	91.199.206.0	no-record-set.datafiber.nl	-	High
691	91.199.222.0	-	-	High
692	91.199.245.0	-	-	High
693	91.200.0.0	-	-	High
694	91.200.40.0	-	-	High
695	91.200.52.0	-	-	High
696	91.200.56.0	-	-	High
697	91.200.60.0	-	-	High
698	91.200.72.0	-	-	High
699	91.200.80.0	-	-	High
700	91.200.82.0	-	-	High
701	91.200.112.0	INTEGRA-MEDIA-NET.net	-	High
702	91.200.124.0	-	-	High
703	91.200.156.0	-	-	High
704	91.200.160.0	-	-	High
705	91.200.180.0	subnet.180.teremki.kiev.ua	-	High
706	91.200.200.0	-	-	High
707	...	...	...	...

There are 2822 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used by Ukraine Unknown. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Weakness	Description	Confidence
1	T1006	CWE-21, CWE-22, CWE-23, CWE-28	Pathname Traversal	High
2	T1040	CWE-294, CWE-319	Authentication Bypass by Capture-replay	High
3	T1055	CWE-74	Injection	High
4	T1059	CWE-88, CWE-94, CWE-1321	Cross Site Scripting	High
5	T1059.007	CWE-79, CWE-80	Cross Site Scripting	High
6	...	...	...	...

There are 22 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Ukraine Unknown. This data is unique as it uses our predictive model for actor profiling.

ID	Type	Indicator	Confidence
1	File	`.github/workflows/combine-prs.yml`	High
2	File	`/admin.php/accessory/filesdel.html`	High
3	File	`/admin/?page=user/manage`	High
4	File	`/admin/add-new.php`	High
5	File	`/admin/api/admin/articles/`	High
6	File	`/admin/doctors.php`	High
7	File	`/admin/index2.html`	High
8	File	`/admin/submit-articles`	High
9	File	`/adms/admin/?page=vehicles/sell_vehicle`	High
10	File	`/adms/admin/?page=vehicles/view_transaction`	High
11	File	`/alphaware/summary.php`	High
12	File	`/APR/login.php`	High
13	File	`/attachments`	Medium
14	File	`/bin/httpd`	Medium
15	File	`/boat/login.php`	High
16	File	`/bsms_ci/index.php/book`	High
17	File	`/cgi-bin/wapopen`	High
18	File	`/cgi-bin/wlogin.cgi`	High
19	File	`/context/%2e/WEB-INF/web.xml`	High
20	File	`/debug/pprof`	Medium
21	File	`/dev/block/mmcblk0rpmb`	High
22	File	`/DocSystem/Repos/getReposAllUsers.do`	High
23	File	`/etc/hosts`	Medium
24	File	`/face-recognition-php/facepay-master/camera.php`	High
25	File	`/forum/away.php`	High
26	File	`/fos/admin/ajax.php?action=login`	High
27	File	`/fos/admin/index.php?page=menu`	High
28	File	`/home/masterConsole`	High
29	File	`/home/sendBroadcast`	High
30	File	`/hrm/employeeadd.php`	High
31	File	`/hrm/employeeview.php`	High
32	File	`/jsoa/hntdCustomDesktopActionContent`	High
33	File	`/LEPTON_stable_2.2.2/upload/account/logout.php`	High
34	File	`/lookin/info`	Medium
35	File	`/medicines/profile.php`	High
36	File	`/MIME/INBOX-MM-1/`	High
37	File	`/modules/caddyhttp/rewrite/rewrite.go`	High
38	File	`/mygym/admin/index.php?view_exercises`	High
39	File	`/out.php`	Medium
40	File	`/php-opos/index.php`	High
41	File	`/project/PROJECTNAME/reports/`	High
42	File	`/proxy`	Low
43	File	`/Redcock-Farm/farm/category.php`	High
44	File	`/reports/rwservlet`	High
45	File	`/reservation/add_message.php`	High
46	File	`/spip.php`	Medium
47	File	`/tmp`	Low
48	File	`/uncpath/`	Medium
49	File	`/var/log/nginx`	High
50	...	...	...

There are 437 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the actor and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence: