APT3 Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en700
zh178
ru20
ja18
de18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us360
cn276
ru30
es16
fr12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

APT32
Nanocore RAT1
RedLine Stealer1
Microcin1
Babar1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined350
Operating System58
Chip Software34
Content Management System32
Router Operating System30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined274
Microsoft52
Apple36
Google30
IBM26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows26
Qualcomm Snapdragon Auto24
Qualcomm Snapdragon Compute24
Qualcomm Snapdragon Industrial IOT24
Qualcomm Snapdragon Connectivity22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010757.43CVE-2006-6168
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.73CVE-2010-0966
3Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.56
4ALPACA improper authentication5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001100.06CVE-2021-3618
5nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.73CVE-2020-12440
6SolarWinds Network Performance Monitor deserialization9.89.8$0-$5k$0-$5kNot DefinedOfficial Fix0.691840.08CVE-2021-31474
7Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.002460.07CVE-2014-8572
8MantisBT cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.004820.05CVE-2014-9571
9MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.65CVE-2007-0354
10jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.04CVE-2019-7550
11Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.002630.05CVE-2009-2814
12Phpsugar PHP Melody page_manager.php cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000870.00CVE-2017-15648
13TP-Link TL-WR902AC dm_fillObjByStr stack-based overflow6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.001720.01CVE-2022-25074
14Netgear WN604/WN802Tv2/WNAP210/WNAP320/WNDAP350/WNDAP360 boardDataWW.php command injection9.89.8$5k-$25k$0-$5kHighNot Defined0.973730.06CVE-2016-1555
15TRENDnet TV-IP110WN/TV-IP121WN network.cgi memory corruption8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002600.02CVE-2018-19240
16jQuery Property extend Pollution cross site scripting6.66.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.035350.12CVE-2019-11358
17DevExpress.XtraReports.UI deserialization5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.015020.00CVE-2021-36483
18Francisco Burzi PHP-Nuke Downloads Module viewsdownload sql injection5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.001870.00CVE-2005-0996
19Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.03CVE-2011-0643
20Hancom Office 2010 SE memory corruption7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.111510.03CVE-2013-7420

Campaigns (2)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
123.99.20.198APT312/15/2020verifiedHigh
254.169.89.240ec2-54-169-89-240.ap-southeast-1.compute.amazonaws.comAPT312/24/2020verifiedMedium
3104.151.248.173173.248-151-104.rdns.scalabledns.comAPT3Double Tap12/12/2020verifiedHigh
4XXX.XX.XXX.XXxxx-xxx-xx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxx12/15/2020verifiedMedium
5XXX.XX.XX.XXXxxx12/15/2020verifiedHigh
6XXX.XXX.X.XXXXxxxXxx-xxxx-xxxx06/05/2021verifiedHigh
7XXX.XXX.XXX.XXXXxxx05/31/2021verifiedHigh
8XXX.XXX.XX.XXXxxxxxxxxxx.xxxxxx.xxxXxxxXxxxxx Xxx12/12/2020verifiedHigh
9XXX.XX.XXX.XXXXxxx12/24/2020verifiedHigh
10XXX.XX.XXX.XXxxxxxx-xx.xxxxxxxxxxxxxxxx.xxxXxxxXxxxxx Xxx01/01/2021verifiedHigh
11XXX.XXX.XX.XXXxxxXxxxxx Xxx12/12/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-104CWE-250, CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-184CWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
14TXXXXCAPEC-108CWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
19TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
22TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
23TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
24TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
25TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
26TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (388)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/act/ActDao.xmlpredictiveHigh
3File/ajax.php?action=read_msgpredictiveHigh
4File/ajax/networking/get_netcfg.phppredictiveHigh
5File/api/clusters/local/topics/{topic}/messagespredictiveHigh
6File/api/gen/clients/{language}predictiveHigh
7File/app/options.pypredictiveHigh
8File/bin/httpdpredictiveMedium
9File/cgi-bin/wapopenpredictiveHigh
10File/ci_spms/admin/categorypredictiveHigh
11File/ci_spms/admin/search/searching/predictiveHigh
12File/classes/Master.php?f=delete_appointmentpredictiveHigh
13File/classes/Master.php?f=delete_trainpredictiveHigh
14File/cms/print.phppredictiveHigh
15File/concat?/%2557EB-INF/web.xmlpredictiveHigh
16File/Content/Template/root/reverse-shell.aspxpredictiveHigh
17File/ctcprotocol/ProtocolpredictiveHigh
18File/dashboard/menu-list.phppredictiveHigh
19File/data/removepredictiveMedium
20File/debug/pprofpredictiveMedium
21File/ebics-server/ebics.aspxpredictiveHigh
22File/ffos/classes/Master.php?f=save_categorypredictiveHigh
23File/forum/away.phppredictiveHigh
24File/goform/net\_Web\_get_valuepredictiveHigh
25File/goforms/rlminfopredictiveHigh
26File/GponForm/usb_restore_Form?script/predictiveHigh
27File/group1/uploapredictiveHigh
28File/hedwig.cgipredictiveMedium
29File/HNAP1predictiveLow
30File/HNAP1/SetClientInfopredictiveHigh
31File/Items/*/RemoteImages/DownloadpredictiveHigh
32File/manage/IPSetup.phppredictiveHigh
33File/menu.htmlpredictiveMedium
34File/modules/profile/index.phppredictiveHigh
35File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
36File/navigate/navigate_download.phppredictiveHigh
37File/ocwbs/admin/?page=user/manage_userpredictiveHigh
38File/ofrs/admin/?page=user/manage_userpredictiveHigh
39File/out.phppredictiveMedium
40File/password.htmlpredictiveHigh
41File/patient/appointment.phppredictiveHigh
42File/php_action/fetchSelectedUser.phppredictiveHigh
43File/pluginpredictiveLow
44File/prescription/prescription/delete/predictiveHigh
45File/pro/common/downloadpredictiveHigh
46File/xxxxxxxx-xxxx/xxxxxxxx_xxxx.xxxpredictiveHigh
47File/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
48File/xxxxxxxxx//../predictiveHigh
49File/xxxx/xxx/x/xxxxxxpredictiveHigh
50File/x/predictiveLow
51File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
52File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
53File/xxxx.xxxpredictiveMedium
54File/xxxxxxxx-xxxx/xxx/xxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
55File/xxx/xxxxxx.xpredictiveHigh
56File/xxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
57File/xxxpredictiveLow
58File/xxxxxxx/predictiveMedium
59File/xxxxxxxx_xxxxx/?x=xxxx_xxxxxxxpredictiveHigh
60File/xxxxxxxxx/xxxxpredictiveHigh
61File/xxxx/?xxxx=xx_xxxxxxxxpredictiveHigh
62File/xx-xxxxpredictiveMedium
63File/xx-xxxx/xxxxxx/x.x/xxxxx?xxxpredictiveHigh
64Filex.xxx.xxx\xxxx\xxxxxxxx.xxxpredictiveHigh
65Filexxx.xxxpredictiveLow
66Filexxxxxxx.xxxpredictiveMedium
67Filexxxxx/?xxxx=xxxxxxxpredictiveHigh
68Filexxxxx/xxx.xxxpredictiveHigh
69Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
70Filexxxxx/xx_xxxxxxxx.xxxpredictiveHigh
71Filexxxxx/xxxx-xxxxx.xxxpredictiveHigh
72Filexxxxx/xxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
73Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
74Filexxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
75Filexxxxx/xxxxxxxx.xxxxpredictiveHigh
76Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
77Filexxxx/xxxxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
78Filexxxx_xxxxxxx.xxxpredictiveHigh
79Filexxx/xxx/xxxxxpredictiveHigh
80Filexxx/xxxxxxxxxxx/xxxx/xxxxxxxx_xxxxxxxxxx.xxpredictiveHigh
81Filexxxxxxxxxxxx/xxxxxxxxx/xxx/xxxxx.xxxpredictiveHigh
82Filexxxxxx/xxxxxxxxx.xxpredictiveHigh
83Filexxxxxxxxxxxxxx.xxxpredictiveHigh
84Filexxxx.xxx_xxxxx_xxxx_xxxx-xxxx.xxxpredictiveHigh
85Filexxxx/xxxxxpredictiveMedium
86Filexxxxxxx.xxpredictiveMedium
87Filexxxxxx/xxxxxx.xxxpredictiveHigh
88Filexxxxxx.xxxxpredictiveMedium
89Filexxxxxxxx.xxxpredictiveMedium
90Filexxxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxxpredictiveHigh
91Filexxx_xxxxxxxxx.xxxpredictiveHigh
92Filex:\xxxxxxxxpredictiveMedium
93Filexxx-xxxx.xxxpredictiveMedium
94Filexxxxxxxxx.xxxpredictiveHigh
95Filexx_xxxx.xxxpredictiveMedium
96Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
97Filexxx.xxxxpredictiveMedium
98Filexxxx.xxxpredictiveMedium
99Filexxxxx.xxxpredictiveMedium
100Filexx.xxxxxx.xxxx.xxxx.xxxxxxx.xxxxpredictiveHigh
101Filexxxxxx/xxx.xpredictiveMedium
102Filexxxx_xxxxxxxx/xx.xxxpredictiveHigh
103Filexxxx_xxxx.xxxpredictiveHigh
104Filexxxxxxx.xxxxxxxx.xxxpredictiveHigh
105Filexxxx.xxpredictiveLow
106Filex_xxxxxxpredictiveMedium
107Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
108Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
109Filexx.xxxpredictiveLow
110Filexxxxxxxxxxxx.xxxpredictiveHigh
111Filexxxx_xxxx.xxxpredictiveHigh
112Filexxxxxxxx_xxxxx_xxxxxxxxx.xxxpredictiveHigh
113Filexxxxxxx.xxxpredictiveMedium
114Filexxxxxxxx.xxxpredictiveMedium
115Filexxxxx.xxxpredictiveMedium
116Filexxxxxxx.xxxpredictiveMedium
117Filexxxx-xxxxx.xpredictiveMedium
118Filexxxx.xpredictiveLow
119Filexxxx.xxxpredictiveMedium
120Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
121Filexx_xxxx.xxxpredictiveMedium
122Filexxxxxxxxx.xxx.xxxpredictiveHigh
123Filexxxxxxxxxx.xxxpredictiveHigh
124Filexxxxx.xxxpredictiveMedium
125Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
126Filexxxx.xxxpredictiveMedium
127Filexxxxxxxx/xxxx_xxxxpredictiveHigh
128Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
130Filexxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
131Filexxxx.xxxpredictiveMedium
132Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
133Filexxxx.xxpredictiveLow
134Filexxxxxxxxxxxxxx.xxxpredictiveHigh
135Filexxx/xxx.xpredictiveMedium
136Filexxxxxxx.xpredictiveMedium
137Filexxx/xxxxxx.xxxpredictiveHigh
138Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
139Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
140Filexxxxx.xxxxpredictiveMedium
141Filexxxxx.xxpredictiveMedium
142Filexxxxx.xxxpredictiveMedium
143Filexxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
144Filexxxxxxx.xpredictiveMedium
145Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
146Filexxxxxxxx/xx/xxxx_xxxxxx.xxpredictiveHigh
147Filexxxxx.xxxpredictiveMedium
148Filexxx.xpredictiveLow
149Filexxxx.xxxpredictiveMedium
150Filexxxx_xxxx.xxxpredictiveHigh
151Filexxx_xxxxxx_xxxxxx.xxpredictiveHigh
152Filexxxx.xpredictiveLow
153Filexx/xxxxxx.xxxxxxxxxxx.xxpredictiveHigh
154Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictiveHigh
155Filexxxxxxxxxxxx/xxxxxx_xxxxx.xxpredictiveHigh
156Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
157Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
158Filexxxx/xxxxxxxx/xxxxxx_xxxxxxxx.xpredictiveHigh
159Filexxxxx.xxxpredictiveMedium
160Filexxxxx.xxxpredictiveMedium
161Filexxxxx/predictiveLow
162Filexxxxx_xxxpredictiveMedium
163Filexxxxx/xxxxxxxx/xxxxxxxx.xxpredictiveHigh
164Filexxxxxxx.xxxpredictiveMedium
165Filexxxxxxx/xxxx/xxxx_xxxx.xxpredictiveHigh
166Filexxx_xxxxx.xpredictiveMedium
167Filexxxxxx/xxxxxx.xxxpredictiveHigh
168Filexxxxxxxx.xxpredictiveMedium
169Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
170Filexxx_xx/xxx_xx_xxxxxx.xpredictiveHigh
171Filexxx/xxxxxxxxx/xxx_xxxxx.xpredictiveHigh
172Filexxxxxxx.xxxpredictiveMedium
173Filexxxx_xxxx.xxxpredictiveHigh
174Filexxxxxxxxx.xxxpredictiveHigh
175Filexxxxxx.xxxpredictiveMedium
176Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
177Filexxxx_xxxxxxx.xxxpredictiveHigh
178Filexxx_xxxxxx.xxpredictiveHigh
179Filexxxxxxxxx.xxx.xxxpredictiveHigh
180Filexxx/xxxxxx_xxxx.xxxpredictiveHigh
181Filexxxxx/xxxxxxxx/xxx/xxx_xxxxx.xxxpredictiveHigh
182Filexxxxxxxx.xxxpredictiveMedium
183Filexxxxxxxxx.xxxpredictiveHigh
184Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
185Filexxxxxx/xxxxx_xxxxxxxx/xxxxxxx.xxxxpredictiveHigh
186Filexxxxxxxxxxxx/xxx.xxx/xxxxx/xxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxx.xxpredictiveHigh
187Filexxxx.xxxpredictiveMedium
188Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
189Filexxxxxxxx.xxxpredictiveMedium
190Filexxxxxxxxxxxxxx.xxxpredictiveHigh
191Filexxxxx-xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
192Filexxxx.xxxpredictiveMedium
193Filexxxxx.xxxpredictiveMedium
194Filexxxxxxxxxx.xxxpredictiveHigh
195Filexxxxxxxx.xxxpredictiveMedium
196Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
197Filexxxxxx.xpredictiveMedium
198Filexxxxxx/xxxxxxxx.xxxpredictiveHigh
199Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
200Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
201Filexxxx.xxxpredictiveMedium
202Filexxxx.xxxpredictiveMedium
203Filexxxx/xxxxx.xxxpredictiveHigh
204Filexxxx/xxxx.xxxpredictiveHigh
205Filexxxx_xxxx.xxxpredictiveHigh
206Filexxxxxxx.xxxpredictiveMedium
207Filexxx/xxxxxxx/xxx_xxxx.xpredictiveHigh
208Filexxx/xxxx-xxxxxxxx.xpredictiveHigh
209Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
210Filexx_xxxx/xxxxxxxxxxxxxxxx.xpredictiveHigh
211Filexxx_xxxxx.xpredictiveMedium
212Filexxxxxxx.xxxpredictiveMedium
213Filexxxxxx.xxxpredictiveMedium
214Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
215Filexxx-xxxx.xpredictiveMedium
216Filexxxxxxxx.xxxpredictiveMedium
217Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
218Filexxxxxxx.xxxpredictiveMedium
219Filexxxx-xxxxx.xxxpredictiveHigh
220Filexxxx-xxxxxxxx.xxxpredictiveHigh
221Filexxxxx/xxxx_xxxxx.xpredictiveHigh
222Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
223FilexxxxxxxxxpredictiveMedium
224Filexxxxxxx_xxxxx.xxxpredictiveHigh
225Filexxxx.xxxxpredictiveMedium
226Filexxxxxxxxx.xxxpredictiveHigh
227Filexxxxx.xxxpredictiveMedium
228Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
229Filexxxx\xxxxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
230Filexxxxx.xpredictiveLow
231Filexxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
232Filexxxxx.xxxpredictiveMedium
233Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
234Filexxxxxxx-xxxx.xxxpredictiveHigh
235Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
236Filexxxxxx.xxxxpredictiveMedium
237File\xxxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
238File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
239File~/xxxxxxxx/xxxxx/xxxxx-xx-xxxxxx-xxxxx-xxxx-xxxx.xxxpredictiveHigh
240File~/xxxxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
241Libraryxxxxxx.xxxpredictiveMedium
242Libraryxxxx/xxx/xxxxxx.xxxpredictiveHigh
243Libraryxxxxx.xxxpredictiveMedium
244Libraryxxxxxxxxxx.xxxpredictiveHigh
245Libraryxxx/xxxxxxx.xxpredictiveHigh
246Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHigh
247Libraryxxx/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxx.xxxxx.xxxpredictiveHigh
248Argument$_xxxxxx['xxx_xxxx']predictiveHigh
249Argument?xxxxxxpredictiveLow
250Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
251ArgumentxxxxxpredictiveLow
252Argumentxxxxx_xxxxxxxxpredictiveHigh
253ArgumentxxxxxpredictiveLow
254ArgumentxxxpredictiveLow
255Argumentxxxx(xxxx_xxxx)predictiveHigh
256ArgumentxxxxxpredictiveLow
257Argumentxxxxxx_xxxxpredictiveMedium
258ArgumentxxxxxxxxpredictiveMedium
259Argumentxxxxxxx_xxpredictiveMedium
260Argumentxxxxxxxxxx_xxxxpredictiveHigh
261ArgumentxxxpredictiveLow
262ArgumentxxxxxxxxxxpredictiveMedium
263Argumentxxxx_xxpredictiveLow
264ArgumentxxxxxxpredictiveLow
265ArgumentxxxxxxxpredictiveLow
266Argumentxxxxxxx-xxxxxxpredictiveHigh
267Argumentxxxxxxx-xxxxxxxx-xxxxxxpredictiveHigh
268Argumentxxxxx_xxpredictiveMedium
269Argumentxxxxxx_xxpredictiveMedium
270ArgumentxxxxpredictiveLow
271Argumentxxxx_xxxxpredictiveMedium
272ArgumentxxxxxxxxxxxpredictiveMedium
273ArgumentxxxxpredictiveLow
274Argumentxxxx_xxxxxx=xxxxpredictiveHigh
275ArgumentxxxxxpredictiveLow
276ArgumentxxxxxxpredictiveLow
277ArgumentxxxxpredictiveLow
278ArgumentxxxxxxxxxxpredictiveMedium
279ArgumentxxxxxxxxpredictiveMedium
280ArgumentxxxxxxxxpredictiveMedium
281ArgumentxxxxxxxxxxxxxxxpredictiveHigh
282ArgumentxxxxxpredictiveLow
283ArgumentxxxxpredictiveLow
284Argumentxxxxxxxx_xxxxxxxpredictiveHigh
285ArgumentxxxxpredictiveLow
286ArgumentxxxxxxxpredictiveLow
287ArgumentxxxxxxxxxxxxxxpredictiveHigh
288ArgumentxxpredictiveLow
289ArgumentxxpredictiveLow
290Argumentxx/xxxxxpredictiveMedium
291Argumentxx_xxxxxxxxpredictiveMedium
292ArgumentxxxxxpredictiveLow
293ArgumentxxxxxxxxpredictiveMedium
294ArgumentxxxxxxpredictiveLow
295ArgumentxxxxpredictiveLow
296ArgumentxxxxpredictiveLow
297Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
298Argumentxxxxxxxx_xxxpredictiveMedium
299ArgumentxxxxpredictiveLow
300ArgumentxxxxxxxxxxpredictiveMedium
301ArgumentxxxxxxxxpredictiveMedium
302ArgumentxxxpredictiveLow
303ArgumentxxxxxxxpredictiveLow
304ArgumentxxxpredictiveLow
305Argumentxxxx/xxxxxxxxxxxpredictiveHigh
306Argumentxxxxxxx/xxxxxxxpredictiveHigh
307ArgumentxxxxxxxxpredictiveMedium
308Argumentxx_xxpredictiveLow
309Argumentxxxxxx xxxxxxpredictiveHigh
310ArgumentxxxxxxpredictiveLow
311ArgumentxxxxxxxxxxpredictiveMedium
312ArgumentxxxxpredictiveLow
313ArgumentxxxxxxpredictiveLow
314ArgumentxxxxxxpredictiveLow
315Argumentxxxxxxxx/xxxxxxpredictiveHigh
316Argumentxxxx_xxxxxpredictiveMedium
317ArgumentxxxpredictiveLow
318ArgumentxxxxxxxxxxxxxxxpredictiveHigh
319ArgumentxxxxxxxxpredictiveMedium
320ArgumentxxxxpredictiveLow
321ArgumentxxxxxxxxpredictiveMedium
322ArgumentxxxxxxxxxpredictiveMedium
323Argumentxxx_xxxxxx_xxxxpredictiveHigh
324ArgumentxxxxxxxxpredictiveMedium
325Argumentxxxxxxx xxxxxpredictiveHigh
326ArgumentxxxxxpredictiveLow
327ArgumentxxxxxxpredictiveLow
328Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
329Argumentxxxxx_xxxxxxpredictiveMedium
330Argumentxxxxxxxx_xxpredictiveMedium
331ArgumentxxxxxxxpredictiveLow
332ArgumentxxxxxxxxxxpredictiveMedium
333ArgumentxxxxxxxxxxxxxxpredictiveHigh
334ArgumentxxxxxxxxxxpredictiveMedium
335ArgumentxxxxxxpredictiveLow
336ArgumentxxxxxxxpredictiveLow
337ArgumentxxxxxxxxxxxxxxxpredictiveHigh
338Argumentxxxxxx/xxxxxx/xxxpredictiveHigh
339ArgumentxxxxxxpredictiveLow
340Argumentxxxxxx xxxxpredictiveMedium
341Argumentxxxxxx_xxxxxxpredictiveHigh
342ArgumentxxxxxxxxxxpredictiveMedium
343ArgumentxxxxxxxpredictiveLow
344Argumentxxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]predictiveHigh
345ArgumentxxxxxxxxxxxpredictiveMedium
346Argumentxxxx_xxxxxpredictiveMedium
347ArgumentxxxxxxxpredictiveLow
348ArgumentxxxxxxxpredictiveLow
349ArgumentxxxxxxxxpredictiveMedium
350ArgumentxxxxxxpredictiveLow
351ArgumentxxxxxxxxxpredictiveMedium
352ArgumentxxxpredictiveLow
353ArgumentxxxpredictiveLow
354ArgumentxxxpredictiveLow
355ArgumentxxxxxpredictiveLow
356Argumentxxxxxx/xxxxxxxx/xxxx/xxxpredictiveHigh
357Argumentxxxx_xx[]predictiveMedium
358ArgumentxxxpredictiveLow
359ArgumentxxxpredictiveLow
360ArgumentxxxxpredictiveLow
361Argumentxxxx-xxxxxpredictiveMedium
362ArgumentxxxxxxpredictiveLow
363ArgumentxxxxxxxxpredictiveMedium
364Argumentxxxxxxxx/xxxxpredictiveHigh
365ArgumentxxxxxxxxxxxxpredictiveMedium
366ArgumentxxxpredictiveLow
367Argumentxxxxxxx_xxxxpredictiveMedium
368ArgumentxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
369ArgumentxxxxxxxxpredictiveMedium
370Argumentx-xxxxxxxxx-xxxpredictiveHigh
371Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
372Argument_xxxx[_xxx_xxxx_xxxxpredictiveHigh
373Argument__xxxxxxxxxxxxxpredictiveHigh
374Argument__xxxxxxxxxpredictiveMedium
375Input Value"><xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
376Input Value'"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
377Input Value../predictiveLow
378Input Value../..predictiveLow
379Input Value../../../../xxxxxx/xxxxxx/xxxxxx/xxxxxx.xxxxxx-x.xxxpredictiveHigh
380Input Value../../../../xxxxx_xxxxx.xxxpredictiveHigh
381Input Value/..predictiveLow
382Input Valuexxx' xxx xxxxx(x) xxx 'xxxx'='xxxxpredictiveHigh
383Input Valuex=xpredictiveLow
384Pattern|xx xx xx|predictiveMedium
385Network PortxxxxxpredictiveLow
386Network Portxxx/xxxxpredictiveMedium
387Network Portxxx/xxxxxpredictiveMedium
388Network Portxxx/xxx (xxx)predictiveHigh

References (9)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!