Phorpiex Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (215)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	178
ja	14
zh	8
pt	4
pl	4

Country

us	122
gb	22
cn	14
jp	14
il	6

Actors

Unknown	1

Activities

Interest

Timeline

Type

Not Defined	90
Content Management System	22
Groupware Software	6
Programming Language Software	6
Application Server Software	6

Vendor

Not Defined	90
Apache	8
Oracle	8
Cisco	6
Synacor	4

Product

Drupal	6
WordPress	4
OpenResty	4
Cisco Secure Client Software	4
Nibbleblog	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	TikiWiki tiki-register.php input validation	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01075	10.00	CVE-2006-6168
2	CS-Cart index.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	High	Official Fix	0.00297	0.00	CVE-2008-1458
3	H2 Database Engine CLI information disclosure	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00042	0.07	CVE-2022-45868
4	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	Calculating	High	Workaround	0.02016	0.00	CVE-2007-1192
5	Zscaler Client Connector Configuration File link following	6.8	6.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.09	CVE-2023-28797
6	Cisco Secure Client Software denial of service	5.5	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.04	CVE-2023-20240
7	gin Context.FileAttachment Privilege Escalation	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00062	0.03	CVE-2023-29401
8	Juniper Junos OS buffer overflow	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00086	0.00	CVE-2023-22416
9	SnakeYAML Constructor deserialization	8.1	8.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00811	0.00	CVE-2022-1471
10	exceedone Exment/laravel-admin sql injection	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00129	0.03	CVE-2022-37333
11	cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal	6.3	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00079	0.07	CVE-2022-4065
12	Oracle Database Enterprise Edition Recovery EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT Privilege Escalation	7.2	7.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00164	0.44	CVE-2022-21511
13	Visualizer Tables and Charts Manager Plugin deserialization	7.5	7.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00231	0.00	CVE-2022-2444
14	Fortinet FortiOS CLI information disclosure	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00044	0.00	CVE-2021-32600
15	Lars Ellingsen Guestserver guestbook.cgi cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00169	0.07	CVE-2005-4222
16	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.99	CVE-2010-0966
17	Apache HTTP Server Response Split data processing	5.9	5.8	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00270	0.06	CVE-2016-8743
18	WordPress WP_Query class-wp-query.php sql injection	8.5	8.4	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00318	0.04	CVE-2017-5611
19	Drupal Session Data data processing	8.1	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04271	0.00	CVE-2016-3171
20	SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.11	CVE-2024-1875

Campaigns (1)

These are the campaigns that can be associated with the actor:

Sextortion

IOC - Indicator of Compromise (154)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	2.61.176.216	dynamic-2-61-176-216.pppoe.khakasnet.ru	Phorpiex		02/19/2022	verified	High
2	2.184.139.149		Phorpiex		02/19/2022	verified	High
3	5.232.28.65		Phorpiex		02/19/2022	verified	High
4	7.5.7.7		Phorpiex		04/28/2022	verified	High
5	17.42.251.10	mx01.mail.icloud.com	Phorpiex		05/06/2022	verified	High
6	20.72.235.82		Phorpiex		02/19/2022	verified	High
7	20.109.209.108		Phorpiex		02/19/2022	verified	High
8	20.206.235.31		Phorpiex		07/09/2022	verified	High
9	24.201.245.37	mx.videotron.ca	Phorpiex		04/28/2022	verified	High
10	31.59.189.4	31-59-189-4.shatel.ir	Phorpiex		02/19/2022	verified	High
11	34.212.80.54	cxr.mx.a.cloudfilter.net	Phorpiex		04/28/2022	verified	High
12	35.45.98.140		Phorpiex		07/09/2022	verified	High
13	35.205.61.67	67.61.205.35.bc.googleusercontent.com	Phorpiex		05/11/2022	verified	Medium
14	35.225.160.245	245.160.225.35.bc.googleusercontent.com	Phorpiex		04/28/2022	verified	Medium
15	37.255.99.93		Phorpiex		02/19/2022	verified	High
16	39.41.234.182		Phorpiex		02/19/2022	verified	High
17	42.248.182.125		Phorpiex		02/19/2022	verified	High
18	42.248.182.234		Phorpiex		02/19/2022	verified	High
19	42.248.183.250		Phorpiex		02/19/2022	verified	High
20	46.70.200.184		Phorpiex		02/19/2022	verified	High
21	46.224.180.246		Phorpiex		02/19/2022	verified	High
22	46.225.106.121		Phorpiex		02/19/2022	verified	High
23	57.197.27.187		Phorpiex		07/09/2022	verified	High
24	58.74.224.218		Phorpiex		07/09/2022	verified	High
25	60.162.101.123		Phorpiex		07/09/2022	verified	High
26	63.251.106.25		Phorpiex		07/22/2021	verified	High
27	64.8.70.104	mx.tds.net	Phorpiex		04/28/2022	verified	High
28	64.98.36.4	mx.b.hostedemail.com	Phorpiex		04/28/2022	verified	High
29	64.136.44.37	mx.dca.untd.com	Phorpiex		04/28/2022	verified	High
30	66.199.229.251	66-199-229-251.reverse.ezzi.net	Phorpiex		04/29/2022	verified	High
31	66.218.85.151	unknown.yahoo.com	Phorpiex		04/28/2022	verified	High
32	XX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
33	XX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
34	XX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
35	XX.XXX.XXX.XX	xxxxxxxxx.xxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
36	XX.XXX.XXX.XX	xxxxxxxxx.xxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
37	XX.XXX.XXX.XX	xxxxxxxxx.xxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
38	XX.XXX.XXX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
39	XX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
40	XX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
41	XX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
42	XX.XX.XX.X	xxxx-xxx.xxx.xxxxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
43	XX.XXX.XXX.XX	xxxxxxxxxxxx-xxx.xxxx.xxxx.xxxxxxxxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
44	XX.XXX.XXX.XX	xx.xxxxxxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
45	XX.X.XXX.XX		Xxxxxxxx		08/29/2021	verified	High
46	XX.XXX.XXX.XX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
47	XX.XXX.XXX.XXX	xxxxxxxx-xx-xx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
48	XX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
49	XX.XXX.X.XX	xxxx.xxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
50	XX.XXX.XXX.XXX	xxxx-xx-xxx-xxx-xxx.xxxxxxx.xxx	Xxxxxxxx		07/09/2022	verified	High
51	XX.XXX.XX.XX	xxx-xxx-xx-xx.xxxxxxxx.xxxxx.xx	Xxxxxxxx		07/09/2022	verified	High
52	XX.XX.XXX.XXX	xxxxxx.xx-xxx-xxx-xxx-xxx.xxxxxx.xx	Xxxxxxxx		07/09/2022	verified	High
53	XX.XXX.XX.XXX		Xxxxxxxx		02/10/2022	verified	High
54	XX.XXX.XX.XXX		Xxxxxxxx		02/10/2022	verified	High
55	XX.XXX.XX.XXX	xxxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		02/10/2022	verified	High
56	XX.XX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
57	XX.XX.XXX.XX		Xxxxxxxx		08/29/2021	verified	High
58	XX.XX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
59	XX.XX.XXX.XX		Xxxxxxxx		08/29/2021	verified	High
60	XX.XX.XXX.XXX		Xxxxxxxx		02/10/2022	verified	High
61	XX.XX.XXX.XXX		Xxxxxxxx		02/10/2022	verified	High
62	XX.XX.XXX.XXX		Xxxxxxxx		07/22/2021	verified	High
63	XX.XX.XXX.XXX		Xxxxxxxx		07/09/2022	verified	High
64	XX.XX.XXX.XX	xx-xx-xxx-xx.xxxx.xxxxxxxxxx.xx	Xxxxxxxx		02/10/2022	verified	High
65	XX.XXX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
66	XX.XXX.XX.XXX	xx-xxx-xx-xxx.xxxxxx.xx	Xxxxxxxx		02/19/2022	verified	High
67	XX.XX.X.XX	xx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xx	Xxxxxxxx		02/10/2022	verified	High
68	XX.XXX.XXX.XX	xxxx-xx.xxx.xxxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
69	XX.XXX.XX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
70	XX.XXX.XX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
71	XX.XXX.XX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
72	XX.XXX.XX.XX	xxxxxxxxx.xxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
73	XXX.XX.XXX.XX		Xxxxxxxx		07/09/2022	verified	High
74	XXX.XX.X.XXX		Xxxxxxxx		02/19/2022	verified	High
75	XXX.XXX.XXX.XX		Xxxxxxxx		07/09/2022	verified	High
76	XXX.XX.XX.XX		Xxxxxxxx		07/09/2022	verified	High
77	XXX.XX.XX.XXX		Xxxxxxxx		04/28/2022	verified	High
78	XXX.XX.X.XX		Xxxxxxxx		04/28/2022	verified	High
79	XXX.XX.X.XX		Xxxxxxxx		04/28/2022	verified	High
80	XXX.XX.XX.XXX		Xxxxxxxx		05/06/2022	verified	High
81	XXX.XX.XX.XX		Xxxxxxxx		04/28/2022	verified	High
82	XXX.XX.XXX.XX	xxxxxxxxx.xxxx.xxxx.xxx.xxx.xxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
83	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx-xxxxxx.xxxxxxxxxx.xxx	Xxxxxxxx		02/19/2022	verified	High
84	XXX.XXX.XXX.XXX		Xxxxxxxx		02/19/2022	verified	High
85	XXX.XXX.XX.XXX		Xxxxxxxx		02/10/2022	verified	High
86	XXX.XXX.XXX.XXX		Xxxxxxxx		02/19/2022	verified	High
87	XXX.XX.XX.XXX		Xxxxxxxx		07/09/2022	verified	High
88	XXX.XXX.XXX.X		Xxxxxxxx		07/09/2022	verified	High
89	XXX.XX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
90	XXX.XX.XXX.XXX		Xxxxxxxx		07/09/2022	verified	High
91	XXX.XXX.XX.XX	xx.xxxxx.xxx	Xxxxxxxx		02/10/2022	verified	High
92	XXX.XXX.XXX.XXX		Xxxxxxxx		07/09/2022	verified	High
93	XXX.XXX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
94	XXX.XXX.XXX.XX		Xxxxxxxx		02/10/2022	verified	High
95	XXX.XXX.XX.XX		Xxxxxxxx		02/10/2022	verified	High
96	XXX.XXX.XXX.XXX	xxxxxxxxx.xxxx.xx	Xxxxxxxx		07/09/2022	verified	High
97	XXX.XXX.XXX.XX	xxxxxx-xx.xxxxxxx.xxx	Xxxxxxxx		04/29/2022	verified	High
98	XXX.XXX.XXX.XX	xxxxxx-xx.xxxxxxx.xxx	Xxxxxxxx		04/29/2022	verified	High
99	XXX.XXX.XXX.XX	xx-xxx-xx-xxxx.xxxxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
100	XXX.XXX.XXX.XXX	xx-xxx-xx-xxxx.xxxxxxx.xxx	Xxxxxxxx		05/06/2022	verified	High
101	XXX.XXX.XX.XXX	xxx-xxxxxx.xxxxxxx.xxx	Xxxxxxxx		07/09/2022	verified	High
102	XXX.XX.XX.XXX	xxxxxxxxxx	Xxxxxxxx		05/06/2022	verified	High
103	XXX.XXX.XXX.XX		Xxxxxxxx		07/09/2022	verified	High
104	XXX.XX.XXX.XXX		Xxxxxxxx		07/09/2022	verified	High
105	XXX.XXX.XXX.XXX		Xxxxxxxx		07/09/2022	verified	High
106	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxxxxxxxxxxx.xxx.xx	Xxxxxxxx		07/09/2022	verified	High
107	XXX.XXX.XX.XXX		Xxxxxxxx		07/09/2022	verified	High
108	XXX.XXX.XX.XX	xxx-xxx-xx-xx.xx.xxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		02/10/2022	verified	High
109	XXX.XXX.X.XXX	xxxxxxxx-xx-xxxx.xxxxx.xxx	Xxxxxxxx		04/29/2022	verified	High
110	XXX.XXX.XXX.XX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
111	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
112	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
113	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
114	XXX.XXX.X.XX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
115	XXX.XXX.X.XX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
116	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
117	XXX.XXX.XX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
118	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
119	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
120	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
121	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
122	XXX.XXX.XXX.XXX	xxxxxxx.xxx.xxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
123	XXX.XX.XXX.XXX		Xxxxxxxx		02/10/2022	verified	High
124	XXX.XXX.XXX.XX		Xxxxxxxx		02/19/2022	verified	High
125	XXX.XXX.XX.XXX		Xxxxxxxx	Xxxxxxxxxx	02/10/2022	verified	High
126	XXX.XXX.XX.XXX		Xxxxxxxx		02/10/2022	verified	High
127	XXX.XXX.XXX.XX		Xxxxxxxx		02/09/2022	verified	High
128	XXX.XXX.XXX.XX		Xxxxxxxx		02/09/2022	verified	High
129	XXX.XXX.XXX.XX		Xxxxxxxx		02/09/2022	verified	High
130	XXX.XX.XXX.XX	xxx-xx-xxx-xx.xxxxxxxxxx.xxxxx.xxx	Xxxxxxxx		02/19/2022	verified	High
131	XXX.XXX.XXX.XXX	xxxx-xxx-xxx-xxx-xxx.xxxxxxx.xx	Xxxxxxxx		02/19/2022	verified	High
132	XXX.XXX.XXX.XXX		Xxxxxxxx		02/19/2022	verified	High
133	XXX.X.XX.XXX		Xxxxxxxx		12/21/2023	verified	High
134	XXX.XX.XXX.XX	xxxxxxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	Xxxxxxxxxx	02/10/2022	verified	High
135	XXX.XX.XXX.XX	xxxxxxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	Xxxxxxxxxx	02/10/2022	verified	High
136	XXX.XX.XXX.XX	xxxxxxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx	Xxxxxxxxxx	02/10/2022	verified	High
137	XXX.X.XX.XXX		Xxxxxxxx		07/09/2022	verified	High
138	XXX.XXX.XXX.XX		Xxxxxxxx		07/09/2022	verified	High
139	XXX.XX.XX.XX	xxxxxxxx.xxxx.xxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		04/29/2022	verified	High
140	XXX.XXX.XXX.XX	xx-xx-xxx-xx-xx-xx.xxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
141	XXX.XXX.XX.XXX	xxxxx.xxx-xxx-xx.xxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
142	XXX.XX.XXX.XX	xx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
143	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
144	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxxx		07/22/2021	verified	High
145	XXX.XXX.XXX.XXX		Xxxxxxxx		02/10/2022	verified	High
146	XXX.XX.XX.XX	xx.xxx.xxxxxx.xxx.xxxxxx.xxx	Xxxxxxxx		04/28/2022	verified	High
147	XXX.XX.XXX.XXX	xxx-xx-xxx-xxx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx		05/06/2022	verified	High
148	XXX.XXX.XX.X	xxxx.xxxx.xxx.xxx	Xxxxxxxx		04/28/2022	verified	High
149	XXX.XXX.XX.XX	xxxx.xxx.xxx	Xxxxxxxx		04/28/2022	verified	High
150	XXX.XX.XXX.XX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxx		04/29/2022	verified	High
151	XXX.X.XXX.XX		Xxxxxxxx		05/06/2022	verified	High
152	XXX.X.XXX.XX		Xxxxxxxx		05/11/2022	verified	High
153	XXX.XX.XXX.XXX		Xxxxxxxx		02/19/2022	verified	High
154	XXX.XXX.XX.XX		Xxxxxxxx		02/10/2022	verified	High

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-242	CWE-94, CWE-1321	Argument Injection	predictive	High
4	TXXXX.XXX	CAPEC-209	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
8	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
9	TXXXX	CAPEC-50	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
10	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
11	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
12	TXXXX.XXX	CAPEC-	CWE-XX	Xxxxxxxxxxxxx	predictive	High
13	TXXXX	CAPEC-20	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
14	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High
15	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxx Xxxxxx	predictive	High

IOA - Indicator of Attack (126)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin/add-category.php	predictive	High
2	File	/admin/read.php?mudi=getSignal	predictive	High
3	File	/cgi-bin/system_mgr.cgi	predictive	High
4	File	/cgi-bin/wlogin.cgi	predictive	High
5	File	/cloud_config/router_post/get_reset_pwd_veirfy_code	predictive	High
6	File	/etc/tomcat8/Catalina/attack	predictive	High
7	File	/index.php	predictive	Medium
8	File	/libraries	predictive	Medium
9	File	/proc/pid/attr	predictive	High
10	File	/register.php	predictive	High
11	File	/RestAPI	predictive	Medium
12	File	/service/upload	predictive	High
13	File	/view/student_exam_mark_insert_form1.php	predictive	High
14	File	/wp-admin/admin-ajax.php	predictive	High
15	File	xxxxxxx.xxx	predictive	Medium
16	File	xxxxx.xxx	predictive	Medium
17	File	xxxxx/xxxx_xxxxx_xxxx.xxx	predictive	High
18	File	xxxxxx/xxxxxxxxx.xx	predictive	High
19	File	xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	High
20	File	xxxxxxx.xx	predictive	Medium
21	File	xx_xxxxx_xxxxx.xxx	predictive	High
22	File	xx_xxxx.xxx	predictive	Medium
23	File	xxxxxxx\xxxxxxxxxx\xxxxx\xxxxxx.xxx	predictive	High
24	File	xxxxx.xxx	predictive	Medium
25	File	xxxxxx.xxx.xxx	predictive	High
26	File	xxxxxxxxxx.x	predictive	Medium
27	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
28	File	xxxxx.xxx	predictive	Medium
29	File	xxxxxxxxxxx_xxxxxxx_xx_xxxx_xxxx.xxx.xxx	predictive	High
30	File	xxxxxxxx-xxxxxx-xxxxxx.xxx	predictive	High
31	File	xxxxx/xxxxx_xxxx.xxx	predictive	High
32	File	xxxxxx.xxxx	predictive	Medium
33	File	xxxxxx.xxx	predictive	Medium
34	File	xx/xxxx/xxxxxxxxxxx.x	predictive	High
35	File	xxxxxxxx.xxxx.xxx	predictive	High
36	File	xxxxxx_xxx.xxx	predictive	High
37	File	xxxxxxxxx.xxx	predictive	High
38	File	xxxx/xxxx.x	predictive	Medium
39	File	xxx/xxxxxx.xxx	predictive	High
40	File	xxxxx.xxxx	predictive	Medium
41	File	xxxxx.xx	predictive	Medium
42	File	xxxxx.xxx	predictive	Medium
43	File	xxxxxx.x	predictive	Medium
44	File	xxxxx.xxxx	predictive	Medium
45	File	xxxxx_xx.xxxx	predictive	High
46	File	xxxxxx_xxxx.xxx	predictive	High
47	File	xx/xxxx.x	predictive	Medium
48	File	xxx/xxxxx	predictive	Medium
49	File	xxx_xxxx_xxx_xxxxxxxxxx.x	predictive	High
50	File	xxxx-xxx.xxx	predictive	Medium
51	File	xxxxxxxxxxxx.xxxx	predictive	High
52	File	xxxxxxxx.xxx	predictive	Medium
53	File	xxxxxxxx-xxx-xxxxxx.x	predictive	High
54	File	xxx.xxx	predictive	Low
55	File	xxxxxx/xxxxxxxxxx!xxxxxxx.xxxx	predictive	High
56	File	xxxxxx/xxxxxxxx.xxx	predictive	High
57	File	xxxxxxx.xxx	predictive	Medium
58	File	xxx_xxxxxxxx.xxx	predictive	High
59	File	xxxxx/xxxx/xxxxxxxx.xxx	predictive	High
60	File	xxxxxxx_xxxxxxxx.xxx	predictive	High
61	File	xxxxxx/xxxxxxx/xxxxxx/xxxxxxxx.xxx	predictive	High
62	File	xxxxxxxxxxxxxxxxx.xxxx	predictive	High
63	File	xxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxx	predictive	High
64	File	xxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxx	predictive	High
65	File	xxxx-xxxxxxxx.xxx	predictive	High
66	File	xxxx-xxxx_xxxx_xxxxxxx.xxx	predictive	High
67	File	xxxx-xxxxxxxx.xxx	predictive	High
68	File	xxxxxxxxx.xxxx	predictive	High
69	File	xxxxx/xxxxxxxx-xxxxxxxxx.xxx	predictive	High
70	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	High
71	File	xx-xxxxx.xxx	predictive	Medium
72	File	xx/xx/xxxxx	predictive	Medium
73	File	\xxxx\xxxxxxxxxx\xxxx.xxx	predictive	High
74	Library	/xxx/xxxx/xxxxx.x/xx-xxxx-xxxxxxx.xxxxx	predictive	High
75	Library	xxx/xx/xxxxxxx.xx	predictive	High
76	Library	xxx/xxxxxxx/xx.x	predictive	High
77	Library	xxx.xxxxxx.xxxxxx.xxxxxx.xxxx.xxxxxxxxx.xxxxxx	predictive	High
78	Argument	xx/xx	predictive	Low
79	Argument	xx_xx	predictive	Low
80	Argument	xxxxxxxx	predictive	Medium
81	Argument	xxxxx	predictive	Low
82	Argument	xxxxxxxxxx_xxxx	predictive	High
83	Argument	xxxxxxxxxx	predictive	Medium
84	Argument	xxxxx	predictive	Low
85	Argument	xxxxx	predictive	Low
86	Argument	xxx_xx	predictive	Low
87	Argument	xxxxxxx	predictive	Low
88	Argument	xxxxxxx	predictive	Low
89	Argument	xxxx	predictive	Low
90	Argument	xxxx	predictive	Low
91	Argument	xxxxxxxxxxx	predictive	Medium
92	Argument	xxx	predictive	Low
93	Argument	xxxxxxxxxxx_xxx	predictive	High
94	Argument	xxxxx_xxx	predictive	Medium
95	Argument	xxxxxxxx	predictive	Medium
96	Argument	xxxxxxxxx/xxxxxx	predictive	High
97	Argument	xxxx	predictive	Low
98	Argument	xxxxx	predictive	Low
99	Argument	xxxx	predictive	Low
100	Argument	xxxx	predictive	Low
101	Argument	xxxx_xxxxxxx	predictive	Medium
102	Argument	xx	predictive	Low
103	Argument	xx/xxx/xxxxx	predictive	Medium
104	Argument	xxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxx	predictive	High
105	Argument	xxxxxxxx	predictive	Medium
106	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	High
107	Argument	xxxx	predictive	Low
108	Argument	xxxx	predictive	Low
109	Argument	xxxxx	predictive	Low
110	Argument	xxxxxxxx	predictive	Medium
111	Argument	xxxx_xxxxxx	predictive	Medium
112	Argument	xxxxx_xxxx_xxxx	predictive	High
113	Argument	xxx	predictive	Low
114	Argument	xxxxxxxxxxx	predictive	Medium
115	Argument	xxxxxx_xxxx	predictive	Medium
116	Argument	xxxxxxxx	predictive	Medium
117	Argument	xxxxxxxxx	predictive	Medium
118	Argument	xxxxxxxx_xxxxxx_xxxxx	predictive	High
119	Argument	xxxxxxxxx	predictive	Medium
120	Argument	xxxxxxxxx	predictive	Medium
121	Argument	xxx	predictive	Low
122	Argument	xxxx	predictive	Low
123	Argument	xxxxx	predictive	Low
124	Argument	xxx	predictive	Low
125	Argument	x-xxxx	predictive	Low
126	Input Value	xxxxxxxxxxxx	predictive	Medium

References (17)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!