Spalax Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en760
zh170
de16
ru16
es12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us482
cn330
gb36
il34
tr28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike8
AsyncRAT2
Sliver2
Meterpreter2
IcedID1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined330
Content Management System46
Social Network Software36
WordPress Plugin36
Programming Language Software22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined266
Facebook38
Microsoft28
Apache22
Oracle22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Facebook WhatsApp26
Facebook WhatsApp Business14
WordPress14
Microsoft Windows12
PHP10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010757.22CVE-2006-6168
2V-EVA Press Release Script page.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.001870.09CVE-2010-5047
3LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.70
4Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009362.03CVE-2020-15906
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.76CVE-2010-0966
6PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.35CVE-2007-0529
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.65CVE-2007-0354
8DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.68CVE-2007-1167
9SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.26CVE-2024-1875
10jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.04CVE-2019-7550
11Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.24CVE-2009-4935
12ThinkPHP Language Pack pearcmd.php file inclusion8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.041530.00CVE-2022-47945
13vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001060.04CVE-2018-6200
14Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Configuration Setting ndmComponents.js information disclosure5.34.9$0-$5k$0-$5kProof-of-ConceptWorkaround0.000450.73CVE-2024-4021
15Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.35
16Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.18CVE-2005-4222
17AWStats Config awstats.pl cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005870.06CVE-2006-3681
18JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.004890.00CVE-2010-5048
19Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.53
20Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.966100.00CVE-2023-4966

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Spalax

IOC - Indicator of Compromise (64)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1128.90.108.132undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
2128.90.108.177undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
3128.90.112.34undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
4128.90.112.142undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
5128.90.115.100undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
6128.90.115.244undefined.hostname.localhostSpalaxSpalax05/31/2021verifiedHigh
7179.14.171.7Dinamic-Tigo-179-14-171-7.tigo.com.coSpalaxSpalax05/31/2021verifiedHigh
8179.14.173.93Dinamic-Tigo-179-14-173-93.tigo.com.coSpalaxSpalax05/31/2021verifiedHigh
9181.49.90.193dynamic-ip-1814990193.cable.net.coSpalaxSpalax05/31/2021verifiedHigh
10181.52.100.157static-ip-cr181520100157.cable.net.coSpalaxSpalax05/31/2021verifiedHigh
11181.52.102.87static-ip-cr18152010287.cable.net.coSpalaxSpalax05/31/2021verifiedHigh
12181.52.103.140static-ip-cr181520103140.cable.net.coSpalaxSpalax05/31/2021verifiedHigh
13181.52.104.2static-ip-cr1815201042.cable.net.coSpalaxSpalax05/31/2021verifiedHigh
14XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
15XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
16XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
17XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
18XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
19XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
20XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
21XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
22XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
23XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
24XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
25XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
26XXX.XX.XXX.XXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
27XXX.XX.XXX.XXXxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
28XXX.XX.X.XXxxxxxxx-xx-xxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
29XXX.XX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
30XXX.XX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
31XXX.XXX.XXX.XXXxxxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
32XXX.XXX.XXX.XXXxxxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
33XXX.XXX.XXX.XXXxxxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
34XXX.XXX.XXX.XXXxxxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
35XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
36XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
37XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
38XXX.XXX.XXX.XXxxx-xxx-xxx-xxx-xx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
39XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
40XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
41XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
42XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
43XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
44XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
45XXX.XXX.XXX.XXxxx-xxx-xxx-xxx-xx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
46XXX.XXX.XXX.XXxxx-xxx-xxx-xxx-xx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
47XXX.XX.XXX.Xxxxxxx-xx-xxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
48XXX.XX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
49XXX.XX.XXX.Xxxxxxxx-xx-xxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
50XXX.XX.XX.XXxxxxxx-xx-xxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
51XXX.XX.XX.XXXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
52XXX.XX.XX.XXXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
53XXX.XX.XX.XXXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
54XXX.XX.XX.XXxxxxxx-xx-xxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
55XXX.XX.XX.XXXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
56XXX.XXX.XXX.XXxxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
57XXX.XXX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
58XXX.XXX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
59XXX.XXX.XXX.XXXxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
60XXX.XXX.XX.XXxxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
61XXX.XXX.XX.XXXxxxxxx-xx-xxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
62XXX.XXX.XXX.XXXxxxxxxx-xx-xxxxxxxxxxxx.xxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
63XXX.XX.XXX.XXxxxxxxx-xx-xxx-xxx-xx-xxx-xx.xxxxxxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh
64XXX.XXX.XX.XXXxxxxxxxx-xxx-xx-xxx.xxx.xxx.xxXxxxxxXxxxxx05/31/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-25, CWE-36, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-50CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
26TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (411)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%SYSTEMDRIVE%\node_modules\.bin\wmic.exepredictiveHigh
2File/#ilang=DE&b=c_smartenergy_swgroupspredictiveHigh
3File/Account/login.phppredictiveHigh
4File/admin/predictiveLow
5File/admin/save.phppredictiveHigh
6File/adminapi/system/crudpredictiveHigh
7File/adminapi/system/file/openfilepredictiveHigh
8File/admin_route/dec_service_credits.phppredictiveHigh
9File/api/downloadpredictiveHigh
10File/api/v1/alertspredictiveHigh
11File/api/v1/terminal/sessions/?limit=1predictiveHigh
12File/api/v4/teams//channels/deletedpredictiveHigh
13File/api/wechat/app_authpredictiveHigh
14File/b2b-supermarket/shopping-cartpredictiveHigh
15File/cancel.phppredictiveMedium
16File/category.phppredictiveHigh
17File/categorypage.phppredictiveHigh
18File/cgi-bin/cstecgi.cgipredictiveHigh
19File/cgi-bin/vitogate.cgipredictiveHigh
20File/change-language/de_DEpredictiveHigh
21File/control/register_case.phppredictiveHigh
22File/debug/pprofpredictiveMedium
23File/devinfopredictiveMedium
24File/dist/index.jspredictiveHigh
25File/downloadpredictiveMedium
26File/fcgi/scrut_fcgi.fcgipredictiveHigh
27File/forum/away.phppredictiveHigh
28File/geoserver/gwc/rest.htmlpredictiveHigh
29File/goform/formSysCmdpredictiveHigh
30File/HNAP1predictiveLow
31File/hosts/firewall/ippredictiveHigh
32File/index.jsp#settingspredictiveHigh
33File/index.php/ccm/system/file/uploadpredictiveHigh
34File/jeecg-boot/sys/common/uploadpredictiveHigh
35File/log/decodmail.phppredictiveHigh
36File/ndmComponents.jspredictiveHigh
37File/oauth/idp/.well-known/openid-configurationpredictiveHigh
38File/OA_HTML/cabo/jsps/a.jsppredictiveHigh
39File/php/ping.phppredictiveHigh
40File/proxypredictiveLow
41File/RPS2019Service/status.htmlpredictiveHigh
42File/s/index.php?action=statisticspredictiveHigh
43File/settingpredictiveMedium
44File/Setting/change_password_savepredictiveHigh
45File/sicweb-ajax/tmproot/predictiveHigh
46File/signup.phppredictiveMedium
47File/spip.phppredictiveMedium
48File/xx_xxx.xxxpredictiveMedium
49File/xxxxxx/xxx/xx/xxxx/xxxx_xxxxx.xpredictiveHigh
50File/xxxxxxxx.xxxpredictiveHigh
51File/xxxxxx/xxxx/xxxxpredictiveHigh
52File/xxxxxxxxxxxx/xxxx/xxxxxxxxxxx?_xxxxxx=xxxxx&xx=xxxxxxxxxxxxx&xxxx=xx&xxxx=x&xxxx=x_xxxxxxxxxxx+xxxx&xxxx=xxxpredictiveHigh
53File/xxx/xxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
54File/xxxxxx/xxxxxxxxxxxxx?xxxxxx=xxxxxxpredictiveHigh
55File/xxxxxxx/predictiveMedium
56File/xxxx/xxxxx/xxxxxxxx?xx=xpredictiveHigh
57File/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
58File/xxxx-xxxx-xxxxxx.xxxpredictiveHigh
59File/xxxxxxxxxxx/xxxxxxxxpredictiveHigh
60File/xxxxxx/predictiveMedium
61File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
62File/xxxxxx/xxxx/xx_xxxxxxx_xxxx_xx.xxxpredictiveHigh
63File/xxx-xxx-xxxxx/xxxxxxx/xxxxpredictiveHigh
64File/xxx-xxx-xxxxx/xxxx/xxxpredictiveHigh
65File/xxxxxx/xxxxx.xxx/xxxxx/xxxxx/xxx_xxxxxx_xxxxxxxx.xxxxpredictiveHigh
66File?x=xxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
67Filexxxxxx.xxxpredictiveMedium
68Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
69Filexxxxxxx.xxxpredictiveMedium
70Filexxx-xxx.xxxpredictiveMedium
71Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
72Filexxxxx.xxxpredictiveMedium
73Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
74Filexxxxx/xxxxxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxx.xxxpredictiveHigh
76Filexxxxx/xxxxxxx/xxx-xxxxxx-xxxxxxxxx/xxxxxxx/xxxxx-xxxxxx-xxxxxxxxx-xxxx.xxxpredictiveHigh
77Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
78Filexxxxx_xxxxx.xxxpredictiveHigh
79Filexxxxxxxxx_x.xxxpredictiveHigh
80Filexxxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxx.xxxpredictiveMedium
82Filexxxxx_xxxxxx.xxxpredictiveHigh
83Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
84Filexxxxxxx.xxxpredictiveMedium
85Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
86Filexxx/xxxx/xxxx.xxxpredictiveHigh
87Filexxx-xxx.xxxpredictiveMedium
88Filexxxxxxxxxx.xxxpredictiveHigh
89Filexxxxxxxxx.xxxpredictiveHigh
90Filexxxxx-xxxx/xxxxxx.xpredictiveHigh
91Filexxxxxxx.xxpredictiveMedium
92Filexxx_xxxx_xxxxx.xpredictiveHigh
93Filexx_xxxx.xxxpredictiveMedium
94Filexxxx_xxxxxx_xxxxxx.xxxpredictiveHigh
95Filexxxxxxxx.xxxpredictiveMedium
96Filexxx-xxx/xxxxxxx.xxpredictiveHigh
97Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
98FilexxxxxxxpredictiveLow
99Filexxxx.xxxpredictiveMedium
100Filexxxxxxx/xxxxxx.xxxpredictiveHigh
101Filexxxxx.xxxpredictiveMedium
102Filexxxxx-xxxxxxx.xxxpredictiveHigh
103Filexxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
104Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
105Filexxxx.xxpredictiveLow
106Filexx_xxxxxxxxxxxxxx.xxxpredictiveHigh
107Filexxxxxxxx.xpredictiveMedium
108Filexxxxxxxx_xxx.xxxpredictiveHigh
109Filexxxxx.xxxpredictiveMedium
110Filexxxxxxxx/xxxxxx-xxxx.xxxpredictiveHigh
111Filexxxxxxxxxxxxx.xxxxpredictiveHigh
112Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxx.xpredictiveHigh
113Filexxxx_xxxxx.xxxpredictiveHigh
114Filexx/xxxxx/xxxxxxxxxx.xpredictiveHigh
115Filexx/xxx/xxxxxx/xx_xxxxxxx.xpredictiveHigh
116Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
117Filexxxxxxx/xxxx/xx/xxxxxx/xxxx.xxxpredictiveHigh
118Filexxxx.xxxpredictiveMedium
119Filexxxxxxx.xxxpredictiveMedium
120Filexxxxxxxxx.xxxpredictiveHigh
121Filexxxxxx.xxxpredictiveMedium
122Filexxxx.xpredictiveLow
123Filexxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
124Filexxxxxxxxxxxx.xxxpredictiveHigh
125Filexxxxxxxxxxxxxx.xxxpredictiveHigh
126Filexxx/xxxxxx.xxxpredictiveHigh
127Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
128Filexxxxxxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
130Filexxxxx.xxxpredictiveMedium
131Filexxxxx.xxxxpredictiveMedium
132Filexxxxx.xxxpredictiveMedium
133Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
134Filexxxxxxx_xxxx.xxxpredictiveHigh
135Filexxxx.xxxpredictiveMedium
136Filexxxxxxxxx/xxxx-xxxxxxxxxx.xxxpredictiveHigh
137Filexxxxxxxx/xxx-xxx/xxxxxxxxxx/xxxxxxx.xxpredictiveHigh
138Filexx/xxxxxx/xxxxxxxxxxxpredictiveHigh
139Filexxxx_xxxx.xxxpredictiveHigh
140Filexxxxx/xxx_xxx.xpredictiveHigh
141Filexxxxxx.xxxpredictiveMedium
142Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
143Filexxxxxxxxx/xxxxxx_xxxx_xxx.xpredictiveHigh
144Filexxxx.xxxpredictiveMedium
145Filexxxxx.xxxxpredictiveMedium
146Filexxxxxx.xxxpredictiveMedium
147Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
148Filexxxxx_xxxxx/xx_xxxxxxx.xpredictiveHigh
149Filexxxx/xxxxxxx_xxxx.xpredictiveHigh
150Filexxxxxxx.xxx/xxxxx.xxxpredictiveHigh
151Filexxxxxxx/xxx.xxxpredictiveHigh
152Filexxxxxx_xx.xxxpredictiveHigh
153Filexxxx/?x=xxxxxxxx/xxxx_xxxxxxxpredictiveHigh
154Filexxxxxxxx.xxpredictiveMedium
155Filexxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxpredictiveHigh
156Filexxx/xxxx/xxx.xpredictiveHigh
157Filexxxxx_xxxxxxxxxx.xxxpredictiveHigh
158Filexxx_xxxxxxxx.xpredictiveHigh
159Filexxx_xxxx.xxxpredictiveMedium
160Filexxxx.xxxpredictiveMedium
161Filexxxxxxxxxx.xxpredictiveHigh
162Filexxxxxx\xxx_xxxxxxx\xxxxxxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
163Filexxxxxxx.xxxpredictiveMedium
164Filexxx-xxx/?x=xxxxxxx_xxxxxpredictiveHigh
165Filexxxxxxx_xxxxxx_xxx.xxxxpredictiveHigh
166Filexxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
167Filexxxxxx_xxx.xxxpredictiveHigh
168Filexxxx_xxxx.xxxpredictiveHigh
169Filexxxxxxxxxx.xxxpredictiveHigh
170Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
171Filexxxxxxx.xxxpredictiveMedium
172Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxpredictiveHigh
173Filexxxxx.xxxpredictiveMedium
174Filexxxxxxxx.xxxpredictiveMedium
175Filexxxxxxxxxx.xxxpredictiveHigh
176Filexxxxxxxx.xxxpredictiveMedium
177Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
178Filexxxxxxxx.xxxpredictiveMedium
179Filexxx.xpredictiveLow
180Filexxxxxx.xxpredictiveMedium
181Filexxxxxx_xxxx_xxxx.xxxpredictiveHigh
182Filexxxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
183Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
184Filexxxxxxx.xxxpredictiveMedium
185Filexxxxxxxx.xxx.xxxpredictiveHigh
186Filexxxxxxx.xxxpredictiveMedium
187Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
188Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxx-xxxxxxxx.xxxpredictiveHigh
189Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
190Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
191Filexxxxxxx/xxxxxx.xxxpredictiveHigh
192Filexxx_xxxxx.xpredictiveMedium
193Filexxx/xxxxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
194Filexxx/xxxx/xxxx/xx/xxxxx/xxxxx/xxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
195Filexxxxxxx/xxxxx_xxxx.xxpredictiveHigh
196Filexxxxxx.xpredictiveMedium
197Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
198Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
199Filexxxxxxxxxx.xxxxxpredictiveHigh
200Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
201Filexxxxxxxx.xxxxx.xxxpredictiveHigh
202Filexxxx-xxxxx.xxxpredictiveHigh
203Filexxxx-xxxxx.xxxpredictiveHigh
204Filexxxx-xxxxxxxx.xxxpredictiveHigh
205Filexxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
206Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
207Filexxxxx.xxxpredictiveMedium
208Filexxxxx/xxxxx.xxxpredictiveHigh
209Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
210Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
211Filexxxxxxx.xxxpredictiveMedium
212Filexxxxxxx.xxxpredictiveMedium
213Filexxxxxxx.xxxpredictiveMedium
214Filexxxxxxx.xxxpredictiveMedium
215Filexxxxxx.xxxpredictiveMedium
216Filexxx.xxxpredictiveLow
217Filexxx.xxxpredictiveLow
218Filexxx/xxxxxxx/xxxxxxx/xxxxxxxxxx?xx=xpredictiveHigh
219Filexxx/xxxxxxx/xxxxxxx/xxxxxxxx?xx=xpredictiveHigh
220Filexxxxxxxx/xxxxx/xxxxxxxxx.xxxpredictiveHigh
221Filexxxxxxx_xxxxxxxxx.xxxpredictiveHigh
222Filexxxxxxxx.xxxpredictiveMedium
223Filexx-xxxxx/xxxxxxx.xxxpredictiveHigh
224Filexx-xxxx.xxxpredictiveMedium
225Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
226Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
227Filexx-xxxxx.xxxpredictiveMedium
228Filexx-xxxxxxxxx.xxxpredictiveHigh
229Filexxxxxx.xxxpredictiveMedium
230Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xpredictiveHigh
231Filexxxxxxxxxxx.xxxpredictiveHigh
232File_xxxxxx.xxxpredictiveMedium
233File__xxxx_xxxxxxxx.xxxpredictiveHigh
234File~/xxxxxxxx.xxxpredictiveHigh
235Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
236Libraryxxxxxx/xxxxxxx/xxx/xxx/xxxxx/xxxxxx/xxxxxxxxx.xxxpredictiveHigh
237Libraryxxxxxxxx.xxxpredictiveMedium
238Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictiveHigh
239Libraryxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
240Libraryxxx/xxxxxxxxx.xxpredictiveHigh
241Libraryxxxxx.xxxpredictiveMedium
242Libraryxxxxxxxx.xxxpredictiveMedium
243Libraryxxxxxxxxx.x.x.xxx.xxxpredictiveHigh
244Libraryxxxxxxxxxxxxxx.xxxxxpredictiveHigh
245Libraryxxxxxxx.xxxpredictiveMedium
246Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
247ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
248ArgumentxxxxxxpredictiveLow
249ArgumentxxxxxxxpredictiveLow
250ArgumentxxxxxxxpredictiveLow
251ArgumentxxxxpredictiveLow
252ArgumentxxxxxxxxxpredictiveMedium
253Argumentxxxx_xxxxxpredictiveMedium
254ArgumentxxpredictiveLow
255ArgumentxxxxxxpredictiveLow
256ArgumentxxxxxxxxpredictiveMedium
257ArgumentxxxxxxxxpredictiveMedium
258Argumentxxxx_xxxpredictiveMedium
259ArgumentxxxxpredictiveLow
260ArgumentxxxxxpredictiveLow
261Argumentxxxxxxxxxx_xxxxpredictiveHigh
262Argumentxxxx_xxpredictiveLow
263ArgumentxxxpredictiveLow
264ArgumentxxxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxxxpredictiveMedium
266Argumentxxxxxxxx_xxpredictiveMedium
267Argumentxxxxx/xxxxpredictiveMedium
268Argumentxxx_xxpredictiveLow
269ArgumentxxxxxxxxpredictiveMedium
270Argumentxxxxx_xxpredictiveMedium
271ArgumentxxxxxxpredictiveLow
272Argumentxxxxxx[xxxx]predictiveMedium
273Argumentxxxxxxx-xxxxxxpredictiveHigh
274ArgumentxxxxxxxxpredictiveMedium
275ArgumentxxxxxxxxxxpredictiveMedium
276ArgumentxxxxpredictiveLow
277ArgumentxxxxxxxxxpredictiveMedium
278ArgumentxxxxpredictiveLow
279ArgumentxxxxpredictiveLow
280ArgumentxxxxxxxxxxxpredictiveMedium
281ArgumentxxxxxxxpredictiveLow
282ArgumentxxxxxxxxxxpredictiveMedium
283ArgumentxxxxxpredictiveLow
284Argumentxxxxx/xxxx/xxxxx/xxxxxxxxpredictiveHigh
285Argumentxxxxx/xxxxpredictiveMedium
286Argumentxxxxx/xxxxxxxxpredictiveHigh
287ArgumentxxxxxpredictiveLow
288ArgumentxxxxxxxxxpredictiveMedium
289Argumentxxxxx_xxxpredictiveMedium
290Argumentxxxxxxxx[xxxxxxx_xx]predictiveHigh
291ArgumentxxxxpredictiveLow
292Argumentxxxxxxx/xxxxxxxxpredictiveHigh
293ArgumentxxxxxxxxpredictiveMedium
294ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
295Argumentxxxxxx_xxxpredictiveMedium
296Argumentxxxxx xxxxpredictiveMedium
297Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
298Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxpredictiveHigh
299Argumentxxxxxxxx[xxx_xx]predictiveHigh
300Argumentxxxxxxxxx/xxxxxxpredictiveHigh
301Argumentxx_xxpredictiveLow
302ArgumentxxxxxxpredictiveLow
303Argumentxxxxxxxxxxxxxxx._xxxxpredictiveHigh
304ArgumentxxxxpredictiveLow
305ArgumentxxxxpredictiveLow
306ArgumentxxxxpredictiveLow
307Argumentxxxx_xxxxpredictiveMedium
308ArgumentxxpredictiveLow
309ArgumentxxxxxxxxxxpredictiveMedium
310ArgumentxxxxxxpredictiveLow
311Argumentxx_xxxxxxxx/xx_xxxx/xx_xxxxxxx/xxxxxpredictiveHigh
312ArgumentxxxxxpredictiveLow
313Argumentxxx_xxxxxxxxpredictiveMedium
314ArgumentxxxxxxxpredictiveLow
315ArgumentxxxxxxxxxpredictiveMedium
316ArgumentxxxxxxxxxpredictiveMedium
317Argumentxx_xxxxxpredictiveMedium
318Argumentxxxxxxxx[xx]predictiveMedium
319ArgumentxxxxxxxxpredictiveMedium
320Argumentx/xx/xxxpredictiveMedium
321ArgumentxxxxpredictiveLow
322Argumentxxxx_xxxxpredictiveMedium
323ArgumentxxxpredictiveLow
324ArgumentxxxpredictiveLow
325ArgumentxxxxxxxpredictiveLow
326ArgumentxxxpredictiveLow
327ArgumentxxxpredictiveLow
328ArgumentxxxxxxxxxpredictiveMedium
329Argumentxxx_xxxxx_xxxxxxxxpredictiveHigh
330ArgumentxxxxpredictiveLow
331Argumentxxx/xxxpredictiveLow
332ArgumentxxxxpredictiveLow
333Argumentxx_xxpredictiveLow
334ArgumentxxxxxxpredictiveLow
335Argumentxxxxxx[]predictiveMedium
336Argumentxxxxxxxx/xxxxxxxxxpredictiveHigh
337ArgumentxxxxpredictiveLow
338ArgumentxxxxxxxxpredictiveMedium
339ArgumentxxxxxxxxpredictiveMedium
340Argumentxxxx_xxxxpredictiveMedium
341ArgumentxxxxxxxpredictiveLow
342Argumentxxxxxxx/xxxxxx/xxxxxxxpredictiveHigh
343Argumentxxxxx_xxxx_xxxxpredictiveHigh
344ArgumentxxxxxxxxpredictiveMedium
345Argumentxxxxxx_xxxx/xxxxxx_xx/xxxxxx_xxxx/xxxxxxxxpredictiveHigh
346Argumentxxxx_xxxpredictiveMedium
347ArgumentxxxxxxxxxxpredictiveMedium
348ArgumentxxxxxxxxxxxpredictiveMedium
349Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
350Argumentxxxxx_xxxxxxpredictiveMedium
351ArgumentxxxxxxxxpredictiveMedium
352ArgumentxxxxxxxxpredictiveMedium
353ArgumentxxxxxxxxxxpredictiveMedium
354ArgumentxxxxxxxxxpredictiveMedium
355ArgumentxxxxxxxxxxpredictiveMedium
356Argumentxxxxxx_xxxxpredictiveMedium
357ArgumentxxxxxxxxpredictiveMedium
358ArgumentxxxxxxpredictiveLow
359Argumentxxx_xxxxpredictiveMedium
360Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
361ArgumentxxxxxxxxxxpredictiveMedium
362ArgumentxxxxxxxxxpredictiveMedium
363Argumentxxxxxx_xxxx_xxxxpredictiveHigh
364ArgumentxxxxpredictiveLow
365ArgumentxxxxpredictiveLow
366ArgumentxxxxxxxxxpredictiveMedium
367Argumentxxxxxxxx_xxxx/xxxxxxxx_xxxxxxxpredictiveHigh
368ArgumentxxxxxxpredictiveLow
369Argumentxxxxxxx[]predictiveMedium
370ArgumentxxxxxxxxxxxpredictiveMedium
371Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
372Argumentxxxx_xx_xxxpredictiveMedium
373ArgumentxxxxxxxxpredictiveMedium
374ArgumentxxxxxpredictiveLow
375Argumentxxxxx/xxxx_xx/xxxxxx_xxxx/xxxxx/xxxx_xxxx/xxxx_xxxxx/xxxxx_xxxx/xxxxxxxxxxx/xxxxxxx_xxxx/xxxxxxx_xxxx/xxxxxxxx_xxxxxx/xxxxx_xxxx/xxxxxxpredictiveHigh
376ArgumentxxxxxpredictiveLow
377ArgumentxxxxxpredictiveLow
378ArgumentxxxxxxxpredictiveLow
379ArgumentxxxxxxxxxxxpredictiveMedium
380Argumentxxxxx/xxxxxxxxpredictiveHigh
381ArgumentxxxpredictiveLow
382ArgumentxxxpredictiveLow
383Argumentxxxxxx/xxxxxpredictiveMedium
384Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
385ArgumentxxxxxxxxpredictiveMedium
386Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
387ArgumentxxxpredictiveLow
388Argumentxxxx->xxxxxxxpredictiveHigh
389Argumentx-xxxxx-xxxxxxxpredictiveHigh
390Argumentxxxx xxxxxxxxpredictiveHigh
391Argument_xxx_xxxxxxxxxxx_predictiveHigh
392Input Value"><xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveHigh
393Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
394Input Value../predictiveLow
395Input Value/\xxxxxxx.xxxpredictiveHigh
396Input ValuexxxxpredictiveLow
397Input Valuex%xxxx%xxx=xpredictiveMedium
398Input Valuexx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --predictiveHigh
399Input Value<xxx xxx="x" xxxxxxx="xxxxxxx.xxx(x)">predictiveHigh
400Input Value<xxx xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
401Input Value<xxxxxxx>xxpredictiveMedium
402Input Value<xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
403Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
404Input Value<xxx xxxxxxx="xxxxx(x)" xxxxx=xxxxxxx:xxxxx>xxxxx xxxx</xxx>predictiveHigh
405Input Valuexxxxxxx -xxxpredictiveMedium
406Input Valuexxxxxx|xxx|xxxxxxxpredictiveHigh
407Input Valuexxxxxx%xx+xx+%xxx%xx+%xx+%xxx%xx+--+-predictiveHigh
408Input Value\xxx\xxx\xxx\xxx\xxxpredictiveHigh
409Network Portxxx/xxxxxpredictiveMedium
410Network Portxxx/xxxxpredictiveMedium
411Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!