Mirrors/cyber_threat_intelligence
6
0
Fork 0
mirror of https://github.com/vuldb/cyber_threat_intelligence synced 2024-06-27 09:28:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
ef16ee7c43
cyber_threat_intelligence/campaigns/Log4j
History
Marc Ruef ef16ee7c43 Update
2022-03-18 10:38:46 +01:00
..
README.md Update 2022-03-18 10:38:46 +01:00

README.md

Log4j - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the campaign known as Log4j. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Log4j:

There are 4 more country items available. Please use our online service to access the data.

Actors

These actors are associated with Log4j or other actors linked to the campaign.

ID Actor Confidence
1 Unknown High

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of Log4j.

ID IP address Hostname Actor Confidence
1 1.0.1.21 - Unknown High
2 1.0.78.0 - Unknown High
3 1.0.218.19 node-hsj.pool-1-0.dynamic.totinternet.net Unknown High
4 1.0.218.230 node-hye.pool-1-0.dynamic.totinternet.net Unknown High
5 1.3.6.1 - Unknown High
6 1.4.1.2 - Unknown High
7 1.10.146.30 node-3ku.pool-1-10.dynamic.totinternet.net Unknown High
8 1.10.146.148 node-3o4.pool-1-10.dynamic.totinternet.net Unknown High
9 1.10.147.48 node-3sg.pool-1-10.dynamic.totinternet.net Unknown High
10 1.10.147.64 node-3sw.pool-1-10.dynamic.totinternet.net Unknown High
11 1.10.212.38 node-gme.pool-1-10.dynamic.totinternet.net Unknown High
12 1.12.218.132 - Unknown High
13 1.12.218.208 - Unknown High
14 1.12.221.10 - Unknown High
15 1.12.223.61 - Unknown High
16 1.12.223.184 - Unknown High
17 1.12.225.115 - Unknown High
18 1.12.227.118 - Unknown High
19 1.12.230.36 - Unknown High
20 1.12.230.248 - Unknown High
21 1.12.231.174 - Unknown High
22 1.12.234.16 - Unknown High
23 1.12.236.91 - Unknown High
24 1.12.241.17 - Unknown High
25 1.12.242.51 - Unknown High
26 1.12.244.142 - Unknown High
27 1.12.248.55 - Unknown High
28 1.12.253.209 - Unknown High
29 1.12.254.122 - Unknown High
30 1.13.0.61 - Unknown High
31 1.13.0.155 - Unknown High
32 1.13.5.130 - Unknown High
33 1.13.15.177 - Unknown High
34 1.13.16.14 - Unknown High
35 1.13.20.31 - Unknown High
36 1.13.21.93 - Unknown High
37 1.13.23.121 - Unknown High
38 1.13.161.181 - Unknown High
39 1.13.164.110 - Unknown High
40 1.13.168.181 - Unknown High
41 1.13.183.183 - Unknown High
42 1.14.17.89 - Unknown High
43 1.14.64.17 - Unknown High
44 1.14.64.135 - Unknown High
45 1.14.66.81 - Unknown High
46 1.14.68.182 - Unknown High
47 1.14.75.101 - Unknown High
48 1.14.76.65 - Unknown High
49 1.14.96.201 - Unknown High
50 1.14.102.139 - Unknown High
51 1.14.109.31 - Unknown High
52 1.14.131.141 - Unknown High
53 1.14.135.100 - Unknown High
54 1.14.145.175 - Unknown High
55 1.14.148.85 - Unknown High
56 1.14.164.135 - Unknown High
57 1.14.165.19 - Unknown High
58 1.14.244.83 - Unknown High
59 1.15.14.136 - Unknown High
60 1.15.20.229 - Unknown High
61 1.15.21.153 - Unknown High
62 1.15.21.238 - Unknown High
63 1.15.27.171 - Unknown High
64 1.15.32.77 - Unknown High
65 1.15.38.86 - Unknown High
66 1.15.39.61 - Unknown High
67 1.15.41.163 - Unknown High
68 1.15.42.65 - Unknown High
69 1.15.63.73 - Unknown High
70 1.15.67.48 - Unknown High
71 1.15.67.142 - Unknown High
72 1.15.79.166 - Unknown High
73 1.15.84.219 - Unknown High
74 1.15.94.107 - Unknown High
75 1.15.96.137 - Unknown High
76 1.15.100.118 - Unknown High
77 1.15.101.67 - Unknown High
78 1.15.105.133 - Unknown High
79 1.15.109.91 - Unknown High
80 1.15.113.169 - Unknown High
81 1.15.113.198 - Unknown High
82 1.15.121.232 - Unknown High
83 1.15.122.211 - Unknown High
84 1.15.128.150 - Unknown High
85 1.15.130.34 - Unknown High
86 1.15.132.174 - Unknown High
87 1.15.136.133 - Unknown High
88 1.15.139.40 - Unknown High
89 1.15.140.129 - Unknown High
90 1.15.143.83 - Unknown High
91 1.15.145.181 - Unknown High
92 1.15.151.47 - Unknown High
93 1.15.157.229 - Unknown High
94 1.15.170.122 - Unknown High
95 1.15.170.141 - Unknown High
96 1.15.174.120 - Unknown High
97 1.15.175.155 - Unknown High
98 1.15.177.188 - Unknown High
99 1.15.179.81 - Unknown High
100 1.15.181.252 - Unknown High
101 1.15.182.65 - Unknown High
102 1.15.185.20 - Unknown High
103 1.15.187.160 - Unknown High
104 1.15.187.165 - Unknown High
105 1.15.189.248 - Unknown High
106 1.15.221.146 - Unknown High
107 1.15.222.9 - Unknown High
108 1.15.224.106 - Unknown High
109 1.15.224.122 - Unknown High
110 1.15.227.181 - Unknown High
111 1.15.228.170 - Unknown High
112 1.15.228.201 - Unknown High
113 1.15.229.64 - Unknown High
114 1.15.229.149 - Unknown High
115 1.15.240.53 - Unknown High
116 1.15.244.210 - Unknown High
117 1.15.245.149 - Unknown High
118 1.15.245.160 - Unknown High
119 1.15.246.118 - Unknown High
120 1.15.249.107 - Unknown High
121 1.20.94.32 - Unknown High
122 1.22.188.254 - Unknown High
123 1.23.82.72 - Unknown High
124 1.31.130.154 - Unknown High
125 1.32.35.2 - Unknown High
126 1.36.18.130 1-36-18-130.static.netvigator.com Unknown High
127 1.40.42.4 n1-40-42-4.bla1.nsw.optusnet.com.au Unknown High
128 1.43.86.247 n1-43-86-247.mas2.nsw.optusnet.com.au Unknown High
129 1.50.216.247 - Unknown High
130 1.52.227.184 - Unknown High
131 1.53.150.38 - Unknown High
132 1.64.181.201 1-64-181-201.static.netvigator.com Unknown High
133 1.65.134.77 1-65-134-077.static.netvigator.com Unknown High
134 1.85.216.135 - Unknown High
135 1.85.218.175 - Unknown High
136 1.85.219.222 - Unknown High
137 1.116.5.96 - Unknown High
138 1.116.14.250 - Unknown High
139 1.116.22.138 - Unknown High
140 1.116.27.36 - Unknown High
141 1.116.28.99 - Unknown High
142 1.116.36.56 - Unknown High
143 1.116.46.24 - Unknown High
144 1.116.48.69 - Unknown High
145 1.116.50.167 - Unknown High
146 1.116.54.19 - Unknown High
147 1.116.55.37 - Unknown High
148 1.116.65.32 - Unknown High
149 1.116.83.241 - Unknown High
150 1.116.95.88 - Unknown High
151 1.116.96.150 - Unknown High
152 1.116.96.210 - Unknown High
153 1.116.97.206 - Unknown High
154 1.116.102.169 - Unknown High
155 1.116.112.190 - Unknown High
156 1.116.123.104 - Unknown High
157 1.116.125.251 - Unknown High
158 1.116.130.98 - Unknown High
159 1.116.132.182 - Unknown High
160 1.116.133.60 - Unknown High
161 1.116.141.23 - Unknown High
162 1.116.146.121 - Unknown High
163 1.116.156.226 - Unknown High
164 1.116.157.97 - Unknown High
165 1.116.158.193 - Unknown High
166 1.116.163.166 - Unknown High
167 1.116.168.145 - Unknown High
168 1.116.180.233 - Unknown High
169 1.116.207.171 - Unknown High
170 1.116.224.60 - Unknown High
171 1.116.246.118 - Unknown High
172 1.116.246.188 - Unknown High
173 1.116.250.188 - Unknown High
174 1.116.252.4 - Unknown High
175 1.116.252.245 - Unknown High
176 1.117.3.184 - Unknown High
177 1.117.4.152 - Unknown High
178 1.117.30.43 - Unknown High
179 1.117.43.77 - Unknown High
180 1.117.46.121 - Unknown High
181 1.117.47.150 - Unknown High
182 1.117.48.104 - Unknown High
183 1.117.59.141 - Unknown High
184 1.117.62.97 - Unknown High
185 1.117.71.50 - Unknown High
186 1.117.84.115 - Unknown High
187 1.117.85.5 - Unknown High
188 1.117.86.121 - Unknown High
189 1.117.93.65 - Unknown High
190 1.117.97.211 - Unknown High
191 1.117.99.92 - Unknown High
192 1.117.106.84 - Unknown High
193 1.117.111.31 - Unknown High
194 1.117.114.69 - Unknown High
195 1.117.117.202 - Unknown High
196 1.117.143.252 - Unknown High
197 1.117.145.147 - Unknown High
198 1.117.149.93 - Unknown High
199 1.117.154.185 - Unknown High
200 1.117.155.217 - Unknown High
201 1.117.165.83 - Unknown High
202 1.117.176.102 - Unknown High
203 1.117.180.42 - Unknown High
204 1.117.214.208 - Unknown High
205 1.117.227.6 - Unknown High
206 1.117.227.32 - Unknown High
207 1.117.228.211 - Unknown High
208 1.117.232.51 - Unknown High
209 1.117.233.122 - Unknown High
210 1.117.242.57 - Unknown High
211 1.117.245.254 - Unknown High
212 1.117.247.128 - Unknown High
213 1.160.141.215 1-160-141-215.dynamic-ip.hinet.net Unknown High
214 1.164.140.206 1-164-140-206.dynamic-ip.hinet.net Unknown High
215 1.164.143.247 1-164-143-247.dynamic-ip.hinet.net Unknown High
216 1.171.230.195 1-171-230-195.dynamic-ip.hinet.net Unknown High
217 1.180.204.161 - Unknown High
218 1.183.73.37 - Unknown High
219 1.198.4.42 - Unknown High
220 1.198.4.95 - Unknown High
221 1.199.73.220 - Unknown High
222 1.209.249.188 - Unknown High
223 1.223.30.202 - Unknown High
224 1.225.29.202 - Unknown High
225 1.227.31.202 - Unknown High
226 1.229.49.202 - Unknown High
227 1.231.67.193 - Unknown High
228 1.231.253.140 - Unknown High
229 1.234.21.73 - Unknown High
230 1.234.37.232 - Unknown High
231 1.234.211.192 - Unknown High
232 1.235.193.138 - Unknown High
233 1.236.174.26 - Unknown High
234 1.246.223.32 - Unknown High
235 1.246.223.146 - Unknown High
236 1.254.66.188 mail.hungaforming.com Unknown High
237 100.1.119.41 pool-100-1-119-41.nwrknj.fios.verizon.net Unknown High
238 100.2.20.137 pool-100-2-20-137.nycmny.fios.verizon.net Unknown High
239 100.2.123.122 pool-100-2-123-122.nycmny.fios.verizon.net Unknown High
240 100.2.123.234 pool-100-2-123-234.nycmny.fios.verizon.net Unknown High
241 100.2.163.52 pool-100-2-163-52.nycmny.fios.verizon.net Unknown High
242 100.4.173.223 pool-100-4-173-223.albyny.fios.verizon.net Unknown High
243 100.4.179.64 pool-100-4-179-64.albyny.fios.verizon.net Unknown High
244 100.8.212.150 pool-100-8-212-150.nwrknj.fios.verizon.net Unknown High
245 100.12.74.21 pool-100-12-74-21.nycmny.fios.verizon.net Unknown High
246 100.12.173.247 pool-100-12-173-247.nycmny.fios.verizon.net Unknown High
247 100.16.68.64 pool-100-16-68-64.bltmmd.fios.verizon.net Unknown High
248 100.19.7.242 pool-100-19-7-242.phlapa.fios.verizon.net Unknown High
249 100.26.17.80 ec2-100-26-17-80.compute-1.amazonaws.com Unknown Medium
250 100.26.177.188 ec2-100-26-177-188.compute-1.amazonaws.com Unknown Medium
251 100.34.195.237 pool-100-34-195-237.phlapa.fios.verizon.net Unknown High
252 100.36.107.157 pool-100-36-107-157.washdc.fios.verizon.net Unknown High
253 100.37.36.240 pool-100-37-36-240.nycmny.fios.verizon.net Unknown High
254 100.38.123.22 static-100-38-123-22.nycmny.fios.verizon.net Unknown High
255 100.38.164.182 pool-100-38-164-182.nycmny.fios.verizon.net Unknown High
256 100.38.224.230 pool-100-38-224-230.nycmny.fios.verizon.net Unknown High
257 100.40.48.96 pool-100-40-48-96.prvdri.fios.verizon.net Unknown High
258 100.42.64.106 106-64-42-100-dedicated.multacom.com Unknown High
259 100.43.250.74 100-43-250-74.static-ip.telepacific.net Unknown High
260 100.121.88.207 - Unknown High
261 100.121.245.75 - Unknown High
262 100.121.246.23 - Unknown High
263 101.0.41.12 - Unknown High
264 101.0.41.59 - Unknown High
265 101.0.41.102 - Unknown High
266 101.0.41.196 - Unknown High
267 101.0.41.235 - Unknown High
268 101.0.49.52 - Unknown High
269 101.0.57.58 - Unknown High
270 101.0.57.59 - Unknown High
271 101.0.57.71 - Unknown High
272 101.0.57.131 - Unknown High
273 101.0.57.248 - Unknown High
274 101.0.79.78 ded94218.smartservers.com.au Unknown High
275 101.23.236.19 - Unknown High
276 101.26.237.213 - Unknown High
277 101.28.82.234 - Unknown High
278 101.32.29.242 - Unknown High
279 101.32.34.196 - Unknown High
280 101.32.36.91 - Unknown High
281 101.32.44.22 - Unknown High
282 101.32.55.38 - Unknown High
283 101.32.75.22 - Unknown High
284 101.32.75.69 - Unknown High
285 101.32.115.169 - Unknown High
286 101.32.116.227 - Unknown High
287 101.32.162.161 - Unknown High
288 101.32.200.111 - Unknown High
289 101.32.201.155 - Unknown High
290 101.32.204.81 - Unknown High
291 101.32.213.202 - Unknown High
292 101.32.215.62 - Unknown High
293 101.32.218.188 - Unknown High
294 101.32.220.129 - Unknown High
295 101.32.223.116 - Unknown High
296 101.32.252.139 - Unknown High
297 101.33.33.77 - Unknown High
298 101.33.118.121 - Unknown High
299 101.33.199.144 - Unknown High
300 101.33.228.224 - Unknown High
301 101.33.247.97 - Unknown High
302 101.34.6.29 - Unknown High
303 101.34.8.174 - Unknown High
304 101.34.21.24 - Unknown High
305 101.34.33.105 - Unknown High
306 101.34.35.186 - Unknown High
307 101.34.64.226 - Unknown High
308 101.34.68.221 - Unknown High
309 101.34.74.51 - Unknown High
310 101.34.77.232 - Unknown High
311 101.34.92.165 - Unknown High
312 101.34.93.112 - Unknown High
313 101.34.97.101 - Unknown High
314 101.34.104.168 - Unknown High
315 101.34.110.138 - Unknown High
316 101.34.111.163 - Unknown High
317 101.34.115.251 - Unknown High
318 101.34.126.126 - Unknown High
319 101.34.128.238 - Unknown High
320 101.34.148.38 - Unknown High
321 101.34.159.25 - Unknown High
322 101.34.162.92 - Unknown High
323 101.34.169.46 - Unknown High
324 101.34.169.131 - Unknown High
325 101.34.178.187 - Unknown High
326 101.34.180.41 - Unknown High
327 101.34.188.210 - Unknown High
328 101.34.205.66 - Unknown High
329 101.34.210.230 - Unknown High
330 101.34.216.223 - Unknown High
331 101.34.217.232 - Unknown High
332 101.34.239.71 - Unknown High
333 101.34.239.245 - Unknown High
334 101.34.243.135 - Unknown High
335 101.34.244.233 - Unknown High
336 101.35.14.61 - Unknown High
337 101.35.14.224 - Unknown High
338 101.35.22.4 - Unknown High
339 101.35.29.181 - Unknown High
340 101.35.79.199 - Unknown High
341 101.35.84.188 - Unknown High
342 101.35.86.219 - Unknown High
343 101.35.88.228 - Unknown High
344 101.35.95.67 - Unknown High
345 101.35.100.211 - Unknown High
346 101.35.105.197 - Unknown High
347 101.35.106.33 - Unknown High
348 101.35.107.254 - Unknown High
349 101.35.111.90 - Unknown High
350 101.35.113.111 - Unknown High
351 101.35.117.99 - Unknown High
352 101.35.121.22 - Unknown High
353 101.35.121.227 - Unknown High
354 101.35.124.104 - Unknown High
355 101.35.125.53 - Unknown High
356 101.35.125.67 - Unknown High
357 101.35.126.16 - Unknown High
358 101.35.133.184 - Unknown High
359 101.35.138.184 - Unknown High
360 101.35.142.171 - Unknown High
361 101.35.147.122 - Unknown High
362 101.35.153.30 - Unknown High
363 101.35.153.43 - Unknown High
364 101.35.153.158 - Unknown High
365 101.35.154.34 - Unknown High
366 101.35.155.102 - Unknown High
367 101.35.159.188 - Unknown High
368 101.35.173.226 - Unknown High
369 101.35.181.117 - Unknown High
370 101.35.187.36 - Unknown High
371 101.35.199.85 - Unknown High
372 101.36.64.90 - Unknown High
373 101.36.64.91 - Unknown High
374 101.36.109.28 - Unknown High
375 101.36.112.72 - Unknown High
376 101.36.121.133 - Unknown High
377 101.36.126.105 - Unknown High
378 101.37.13.34 - Unknown High
379 101.37.14.122 - Unknown High
380 101.37.15.184 - Unknown High
381 101.37.23.113 - Unknown High
382 101.37.33.19 - Unknown High
383 101.37.78.11 - Unknown High
384 101.37.80.13 - Unknown High
385 101.37.146.122 - Unknown High
386 101.37.152.150 - Unknown High
387 101.37.173.189 - Unknown High
388 101.37.204.48 - Unknown High
389 101.42.90.43 - Unknown High
390 101.42.96.88 - Unknown High
391 101.42.99.243 - Unknown High
392 101.42.101.185 - Unknown High
393 101.42.138.23 - Unknown High
394 101.43.0.65 - Unknown High
395 101.43.6.104 - Unknown High
396 101.43.9.17 - Unknown High
397 101.43.29.159 - Unknown High
398 101.43.32.173 - Unknown High
399 101.43.33.139 - Unknown High
400 101.43.37.148 - Unknown High
401 101.43.40.206 - Unknown High
402 101.43.49.244 - Unknown High
403 101.43.59.126 - Unknown High
404 101.43.60.140 - Unknown High
405 101.43.65.150 - Unknown High
406 101.43.73.105 - Unknown High
407 101.43.79.222 - Unknown High
408 101.43.111.97 - Unknown High
409 101.50.103.248 ntl-50-103-248.nayatel.com Unknown High
410 101.51.30.43 node-5yj.pool-101-51.dynamic.totinternet.net Unknown High
411 101.53.240.19 - Unknown High
412 101.53.254.9 - Unknown High
413 101.65.35.104 - Unknown High
414 101.71.37.219 - Unknown High
415 101.71.38.179 - Unknown High
416 101.72.205.224 - Unknown High
417 101.78.242.88 - Unknown High
418 101.89.203.119 - Unknown High
419 101.89.239.166 - Unknown High
420 101.91.94.183 - Unknown High
421 101.91.229.22 - Unknown High
422 101.99.84.24 server1.kamon.la Unknown High
423 101.99.84.46 server1.kamon.la Unknown High
424 101.99.90.100 vps.bringbikestore.com Unknown High
425 101.99.90.202 server1.kamon.la Unknown High
426 101.99.94.139 mail.bestmimo.com Unknown High
427 101.99.94.175 server1.kamon.la Unknown High
428 101.99.94.204 server1.kamon.la Unknown High
429 101.108.2.74 node-ga.pool-101-108.dynamic.totinternet.net Unknown High
430 101.108.92.111 node-i9b.pool-101-108.dynamic.totinternet.net Unknown High
431 101.108.125.44 node-oq4.pool-101-108.dynamic.totinternet.net Unknown High
432 101.108.133.219 node-qfv.pool-101-108.dynamic.totinternet.net Unknown High
433 101.109.175.33 node-yld.pool-101-109.dynamic.totinternet.net Unknown High
434 101.110.54.5 mercury2.chugoku-np.co.jp Unknown High
435 101.128.119.241 - Unknown High
436 101.132.75.114 - Unknown High
437 101.132.133.183 - Unknown High
438 101.132.138.57 - Unknown High
439 101.132.143.167 - Unknown High
440 101.132.190.179 - Unknown High
441 101.132.195.91 - Unknown High
442 101.132.236.2 - Unknown High
443 101.133.132.60 - Unknown High
444 101.133.217.207 - Unknown High
445 101.133.222.113 - Unknown High
446 101.133.237.141 - Unknown High
447 101.182.207.73 cpe-101-182-207-73.qb11.qld.asp.telstra.net Unknown High
448 101.190.132.185 cpe-101-190-132-185.nb15.nsw.asp.telstra.net Unknown High
449 101.200.49.219 - Unknown High
450 101.200.81.38 - Unknown High
451 101.200.82.235 - Unknown High
452 101.200.132.251 - Unknown High
453 101.200.138.203 - Unknown High
454 101.200.145.141 - Unknown High
455 101.200.146.126 - Unknown High
456 101.200.157.33 - Unknown High
457 101.200.163.219 - Unknown High
458 101.200.180.221 - Unknown High
459 101.200.205.22 - Unknown High
460 101.201.34.36 - Unknown High
461 101.201.48.125 - Unknown High
462 101.201.153.156 - Unknown High
463 101.226.211.101 - Unknown High
464 101.255.92.242 - Unknown High
465 102.22.83.110 - Unknown High
466 102.37.43.76 - Unknown High
467 102.37.43.81 - Unknown High
468 102.41.118.44 host-102.41.118.44.tedata.net Unknown High
469 102.65.38.57 102-65-38-57.ftth.web.africa Unknown High
470 102.65.38.67 102-65-38-67.ftth.web.africa Unknown High
471 102.65.38.88 102-65-38-88.ftth.web.africa Unknown High
472 102.65.38.131 102-65-38-131.ftth.web.africa Unknown High
473 102.65.38.185 102-65-38-185.ftth.web.africa Unknown High
474 102.67.140.101 - Unknown High
475 102.68.17.97 - Unknown High
476 102.101.61.52 - Unknown High
477 102.129.218.87 - Unknown High
478 102.129.255.162 - Unknown High
479 102.135.136.76 - Unknown High
480 102.156.67.68 - Unknown High
481 102.164.208.44 - Unknown High
482 102.164.208.48 - Unknown High
483 102.164.211.138 - Unknown High
484 102.176.221.78 - Unknown High
485 102.177.192.60 - Unknown High
486 102.185.13.89 - Unknown High
487 102.185.242.27 - Unknown High
488 102.185.244.132 - Unknown High
489 102.187.59.94 - Unknown High
490 102.187.95.88 - Unknown High
491 102.190.183.108 - Unknown High
492 102.190.213.116 - Unknown High
493 102.190.246.65 - Unknown High
494 103.3.228.66 PTPL-AS56272-REV-66.228.3.103-CHN.PULSE.IN Unknown High
495 103.3.246.123 - Unknown High
496 103.4.30.79 - Unknown High
497 103.4.31.38 - Unknown High
498 103.6.213.203 - Unknown High
499 103.8.26.102 main.bjaya.com.my Unknown High
500 103.8.26.103 main.bjaya.com.my Unknown High
501 103.8.79.215 ip-customer.dnsbit.net Unknown High
502 103.9.188.23 ezecom.103.9.188.0.23.ezecom.com.kh Unknown High
503 103.9.188.78 ezecom.103.9.188.0.78.ezecom.com.kh Unknown High
504 103.12.160.164 - Unknown High
505 103.13.230.149 - Unknown High
506 103.14.34.85 - Unknown High
507 103.14.35.76 - Unknown High
508 103.15.137.15 - Unknown High
509 103.18.108.116 eliteoutdoorgear.com.au Unknown High
510 103.20.61.143 103.20.61.143.layerdns.cloud Unknown High
511 103.20.220.16 - Unknown High
512 103.20.220.114 - Unknown High
513 103.20.221.165 - Unknown High
514 103.23.237.6 - Unknown High
515 103.25.188.188 - Unknown High
516 103.27.22.162 162customer.super.net.pk Unknown High
517 103.27.50.179 103.27.50.179.balajibroadband.com Unknown High
518 103.27.109.249 - Unknown High
519 103.27.186.70 - Unknown High
520 103.27.186.249 - Unknown High
521 103.27.202.147 103-27-202-147.static.bangmod-idc.com Unknown High
522 103.28.70.172 - Unknown High
523 103.29.185.138 ip-103-29-185-138.pascalwave.com Unknown High
524 103.30.43.90 - Unknown High
525 103.30.43.205 - Unknown High
526 103.30.203.41 - Unknown High
527 103.30.203.48 - Unknown High
528 103.30.247.115 b.siapkerja.id Unknown High
529 103.30.247.116 db.siapkerja.id Unknown High
530 103.36.48.159 - Unknown High
531 103.36.79.3 103.36.79.3.wowsolutions.in Unknown High
532 103.36.126.221 - Unknown High
533 103.37.3.122 - Unknown High
534 103.37.41.130 - Unknown High
535 103.37.41.131 - Unknown High
536 103.37.41.132 - Unknown High
537 103.37.41.133 - Unknown High
538 103.37.41.134 - Unknown High
539 103.39.213.205 - Unknown High
540 103.39.222.147 - Unknown High
541 103.39.230.213 - Unknown High
542 103.41.25.1 1.25.41.103.netplus.co.in Unknown High
543 103.41.25.13 13.25.41.103.netplus.co.in Unknown High
544 103.41.25.56 56.25.41.103.netplus.co.in Unknown High
545 103.41.25.89 89.25.41.103.netplus.co.in Unknown High
546 103.41.25.132 132.25.41.103.netplus.co.in Unknown High
547 103.41.25.137 137.25.41.103.netplus.co.in Unknown High
548 103.41.25.178 178.25.41.103.netplus.co.in Unknown High
549 103.41.25.179 179.25.41.103.netplus.co.in Unknown High
550 103.41.25.194 194.25.41.103.netplus.co.in Unknown High
551 103.41.25.207 207.25.41.103.netplus.co.in Unknown High
552 103.41.36.34 34.36.41.103.netplus.co.in Unknown High
553 103.41.36.221 221.36.41.103.netplus.co.in Unknown High
554 103.41.65.144 - Unknown High
555 103.41.65.228 - Unknown High
556 103.41.207.11 - Unknown High
557 103.42.56.15 ip.vnptcorp.com Unknown High
558 103.42.57.18 57-18.ip.vnptcorp.com Unknown High
559 103.43.187.117 - Unknown High
560 103.45.16.85 - Unknown High
561 103.45.66.85 - Unknown High
562 103.45.68.31 - Unknown High
563 103.45.68.85 - Unknown High
564 103.45.108.145 - Unknown High
565 103.45.128.46 - Unknown High
566 103.45.131.164 - Unknown High
567 103.45.138.180 - Unknown High
568 103.45.143.166 - Unknown High
569 103.45.158.28 - Unknown High
570 103.45.158.52 - Unknown High
571 103.45.158.78 - Unknown High
572 103.45.158.182 - Unknown High
573 103.45.158.199 - Unknown High
574 103.45.180.154 - Unknown High
575 103.46.128.46 - Unknown High
576 103.47.60.57 doklahta.jatengprov.go.id Unknown High
577 103.47.170.130 - Unknown High
578 103.47.170.131 - Unknown High
579 103.47.170.149 - Unknown High
580 103.48.169.169 - Unknown High
581 103.51.20.143 - Unknown High
582 103.52.135.61 103-52-0-61-mcnbd.com Unknown High
583 103.52.153.210 - Unknown High
584 103.52.154.146 - Unknown High
585 103.54.41.193 - Unknown High
586 103.54.42.218 - Unknown High
587 103.54.126.2 - Unknown High
588 103.54.126.3 - Unknown High
589 103.54.126.4 - Unknown High
590 103.54.126.5 - Unknown High
591 103.54.126.6 - Unknown High
592 103.56.16.108 - Unknown High
593 103.56.19.57 - Unknown High
594 103.56.19.71 - Unknown High
595 103.56.19.76 - Unknown High
596 103.56.19.130 - Unknown High
597 103.56.43.209 103-56-43-209.rev.expl.in Unknown High
598 103.56.55.215 103.56.55.215.static.xtom.com Unknown High
599 103.56.112.187 - Unknown High
600 103.56.148.233 host.mbnsekuriti.com Unknown High
601 103.56.207.230 fufos.eadieldla.net Unknown High
602 103.58.102.177 ip-177-102-58-103.wjv-1.biznetg.io Unknown High
603 103.59.74.57 - Unknown High
604 103.59.103.39 - Unknown High
605 103.59.105.226 - Unknown High
606 103.61.100.10 - Unknown High
607 103.61.100.117 - Unknown High
608 103.61.100.131 - Unknown High
609 103.61.100.252 - Unknown High
610 103.61.101.11 - Unknown High
611 103.62.144.98 - Unknown High
612 103.65.193.144 - Unknown High
613 103.65.195.95 - Unknown High
614 103.65.196.44 - Unknown High
615 103.66.72.217 - Unknown High
616 103.68.251.31 network.powernet.vn Unknown High
617 103.69.216.86 - Unknown High
618 103.70.5.247 103-70-5-247.static.bestidc.net Unknown High
619 103.70.136.122 upgoldo.info Unknown High
620 103.70.191.78 - Unknown High
621 103.72.4.163 - Unknown High
622 103.72.4.166 - Unknown High
623 103.72.164.76 - Unknown High
624 103.73.64.115 - Unknown High
625 103.73.97.119 servers.linkchina.com.cn Unknown High
626 103.73.101.98 - Unknown High
627 103.73.102.174 103-73-102-174.kkn.com.pk Unknown High
628 103.73.160.211 - Unknown High
629 103.74.143.53 - Unknown High
630 103.74.192.26 - Unknown High
631 103.74.192.54 - Unknown High
632 103.75.32.38 - Unknown High
633 103.75.32.173 - Unknown High
634 103.75.201.2 - Unknown High
635 103.76.20.226 - Unknown High
636 103.76.150.14 - Unknown High
637 103.76.160.110 - Unknown High
638 103.77.205.102 - Unknown High
639 103.79.77.195 103.79.77.195.static.hostdare.com Unknown High
640 103.79.78.146 103.79.78.146.static.hostdare.com Unknown High
641 103.80.18.200 - Unknown High
642 103.81.86.132 - Unknown High
643 103.82.146.212 - Unknown High
644 ... ... ... ...

There are 2573 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used within Log4j. This data is unique as it uses our predictive model for actor profiling.

ID Technique Weakness Description Confidence
1 T1040 CWE-294 Authentication Bypass by Capture-replay High
2 T1059.007 CWE-79 Cross Site Scripting High
3 T1068 CWE-264, CWE-284 Execution with Unnecessary Privileges High
4 ... ... ... ...

There are 6 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration during Log4j. This data is unique as it uses our predictive model for actor profiling.

ID Type Indicator Confidence
1 File /cgi-bin/login High
2 File /config/getuser High
3 File /ghost/preview High
4 File /index.php Medium
5 File /member/index/login.html High
6 File /public/login.htm High
7 File admin.php Medium
8 File admin/cgi-bin/listdir.pl High
9 File admin/cgi-bin/rulemgr.pl/getfile/ High
10 ... ... ...

There are 78 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the campaign and the associated activities:

Literature

The following articles explain our unique predictive cyber threat intelligence:

License

(c) 1997-2022 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!