Transparent Tribe Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en856
de74
es22
ru18
it12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us436
ru20
es18
gb14
it10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Transparent Tribe11
APT366
Crimson RAT3
NjRAT2
Grizzly Steppe1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined308
Content Management System40
Operating System36
Web Browser34
WordPress Plugin24

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined246
Microsoft34
Google20
IBM18
Cisco14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Linux Kernel14
Google Chrome14
Microsoft Windows12
Microsoft Internet Explorer10
Qualcomm Snapdragon Auto10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1AWStats Config awstats.pl cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005870.06CVE-2006-3681
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.86CVE-2010-0966
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
4DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.60CVE-2007-1167
5YaBB yabb.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.012400.04CVE-2004-2402
6YaBB yabb.pl cross-site request forgery8.88.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.015220.00CVE-2004-2403
7Bitrix Site Manager redirect.php link following5.34.7$0-$5k$0-$5kUnprovenUnavailable0.001130.03CVE-2008-2052
8PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.003480.03CVE-2015-4134
9Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.966100.00CVE-2023-4966
10Openads adclick.php Remote Code Execution7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.018710.26CVE-2007-2046
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.64
12Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.19
13YaBB cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001720.03CVE-2005-4426
14FUDforum Signature index.php cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.00
15jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.04CVE-2019-7550
16Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.002630.05CVE-2009-2814
17Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.005260.03CVE-2011-0643
18OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.15CVE-2016-6210
19Avengers News System ans.pl privileges management7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.005820.04CVE-2002-0306
20FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.19CVE-2008-5928

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (40)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.189.131.67officetech.pkofficetech.pkTransparent Tribe12/23/2020verifiedHigh
25.189.137.8vending.softjourn.if.uaTransparent Tribe12/23/2020verifiedHigh
35.189.143.225Transparent Tribe12/23/2020verifiedHigh
45.189.145.248ip-248-145-189-5.static.contabo.netTransparent Tribe12/23/2020verifiedHigh
55.189.152.147ccloud.armax.deTransparent Tribe12/23/2020verifiedHigh
65.189.167.23mltx.deTransparent Tribe12/23/2020verifiedHigh
75.189.167.65vmi437585.contaboserver.netTransparent Tribe12/23/2020verifiedHigh
85.189.167.220Transparent Tribe12/23/2020verifiedHigh
9X.XXX.XXX.XXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx03/29/2022verifiedHigh
10X.XXX.XXX.XXXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
11XX.XXX.XXX.XXXXxxxxxxxxxx Xxxxx03/02/2023verifiedHigh
12XX.XXX.XXX.XXXXxxxxxxxxxx XxxxxXxxxxx Xxxxxxx Xxxxxxxxx03/04/2022verifiedHigh
13XX.XXX.XXX.XXxxxxxxx.xxxx.xxxXxxxxxxxxxx XxxxxXxxxx-xx03/22/2022verifiedHigh
14XX.XX.XX.XXXxxxx.xxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
15XX.X.XX.XXxxxxx.xxxxxxxxxxx.xxxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
16XX.XXX.XXX.XXxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
17XX.XXX.XXX.XXXxxxxxxxx.xxxxxxx.xxxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
18XX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxx.xxxxxxxxxx.xx.xxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
19XX.XX.XX.XXxx.xx.xx.xx.xxxxxxx.xxxxxxx.xxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
20XXX.XXX.XXX.XXXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
21XXX.XXX.XXX.XXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
22XXX.XXX.XXX.XXXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
23XXX.XXX.XXX.XXXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
24XXX.XX.XX.XXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx03/29/2022verifiedHigh
25XXX.XX.XX.XXXxxxxxxxxxx XxxxxXxxxx-xx03/22/2022verifiedHigh
26XXX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
27XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
28XXX.XXX.XXX.XXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
29XXX.XXX.XX.XXXXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
30XXX.X.XX.XXxxx-x-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx XxxxxXxxxxxxxx12/21/2022verifiedHigh
31XXX.XX.XXX.XXxx-xx-xxx-xx-xxx.xxxxxx.xxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
32XXX.XXX.XXX.XXxxxxxxxx.xxxxxxx.xxxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
33XXX.XXX.XXX.XXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx03/29/2022verifiedHigh
34XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxx.xxxXxxxxxxxxxx XxxxxXxxxxxxxx12/21/2022verifiedHigh
35XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxx.xxxxxxxxxxxx.xxx.xxXxxxxxxxxxx Xxxxx03/29/2022verifiedHigh
36XXX.XXX.XXX.XXXXxxxxxxxxxx Xxxxx03/29/2022verifiedHigh
37XXX.XXX.XX.XXXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
38XXX.XXX.XX.XXXxxxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
39XXX.XXX.XX.XXxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh
40XXX.XXX.XX.XXXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxxxxx Xxxxx12/23/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (29)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-CWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
11TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
13TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
14TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
15TXXXXCAPEC-108CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
21TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
22TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
23TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
24TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
25TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
26TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
27TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
28TXXXX.XXXCAPEC-CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
29TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (338)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin.php?action=editpagepredictiveHigh
2File/admin/imagealbum/listpredictiveHigh
3File/api/V2/internal/TaskPermissions/CheckTaskAccesspredictiveHigh
4File/coders/pdf.cpredictiveHigh
5File/downloadpredictiveMedium
6File/etc/grafana/grafana.inipredictiveHigh
7File/exponentcms/administration/configure_sitepredictiveHigh
8File/exportpredictiveLow
9File/forgetpassword.phppredictiveHigh
10File/forum/away.phppredictiveHigh
11File/fos/admin/ajax.phppredictiveHigh
12File/fudforum/index.phppredictiveHigh
13File/goform/setVLANpredictiveHigh
14File/goform/WifiBasicSetpredictiveHigh
15File/horde/util/go.phppredictiveHigh
16File/hss/?page=view_productpredictiveHigh
17File/importexport.phppredictiveHigh
18File/index.php/ccm/system/file/uploadpredictiveHigh
19File/isms/admin/stocks/view_stock.phppredictiveHigh
20File/lab.htmlpredictiveMedium
21File/list/<path:folderpath>predictiveHigh
22File/oauth/idp/.well-known/openid-configurationpredictiveHigh
23File/out.phppredictiveMedium
24File/php-jms/updateBlankTxtview.phppredictiveHigh
25File/products/details.asppredictiveHigh
26File/RestAPIpredictiveMedium
27File/sm/api/v1/firewall/zone/servicespredictiveHigh
28File/spacecom/login.phppredictiveHigh
29File/src/helper.cpredictiveHigh
30File/strings/ctype-simple.cpredictiveHigh
31File/sys/dict/queryTableDatapredictiveHigh
32File/uncpath/predictiveMedium
33File/user/dls_download.phppredictiveHigh
34File/usr/local/WowzaStreamingEngine/bin/predictiveHigh
35File/v1/sql-runnerpredictiveHigh
36File/web/IndexController.javapredictiveHigh
37Fileacknowledge.cpredictiveHigh
38Fileactions/CompanyDetailsSave.phppredictiveHigh
39Filexxxxxxx.xxxpredictiveMedium
40Filexxx_xxxxxxx.xxxpredictiveHigh
41Filexxxxx.xxxpredictiveMedium
42Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
43Filexxxxx/xxx/xxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
44Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxx\xxxxxxxxx\xxxx_xxxxxxx.xxxpredictiveHigh
48Filexxxxxxxxxx.xxxpredictiveHigh
49Filexxxxx_xxxxxx.xxxpredictiveHigh
50Filexxx.xxpredictiveLow
51Filexxx_xxxx.xxxpredictiveMedium
52Filexxxxxxxxxxx.xxxpredictiveHigh
53Filexxx/xxxxxxxxxxx/xxxxxxx_xxxxxxxxxx.xxpredictiveHigh
54Filexxxx/xxxxxxxx/xxxx/xxxxx/xxx.xxxpredictiveHigh
55Filexxxxxxxx.xxxpredictiveMedium
56Filexxx:.xxxpredictiveMedium
57Filexxxxxx/xxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
58Filexxxxxxx.xxpredictiveMedium
59Filexxx/xxxx.xpredictiveMedium
60Filexxxxx/xxxx_xxxxx.xpredictiveHigh
61Filexxxxxxx.xxxpredictiveMedium
62Filexxxxxx.xxxpredictiveMedium
63Filexxx_xxx.xxpredictiveMedium
64Filexxx_xxxxxx_xxxxxx_xxxx.xxxpredictiveHigh
65Filexxxxxxxx.xxxpredictiveMedium
66Filexxxxxxx.xxxpredictiveMedium
67Filexxxxxxxxx.xxxpredictiveHigh
68Filexxxxxxxxxx-x.xxxpredictiveHigh
69Filexxx-xxx/xxxxxxx.xxpredictiveHigh
70Filexxx-xxx/xxxxxx.xxxpredictiveHigh
71Filexxx-xxx/xxxx/xxxxxxxxpredictiveHigh
72Filexxxxx.xxxpredictiveMedium
73Filexxx.xxxpredictiveLow
74Filexxx.xxxpredictiveLow
75Filexxxxxx/xxxx.xpredictiveHigh
76Filexxxxxxx_xxxxxx.xxxpredictiveHigh
77Filexxxxxxxx.xxxpredictiveMedium
78Filexxxxxx.xxxpredictiveMedium
79Filexxxx/xxxxxxxx/xxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
80Filexxxx/xxxxxxx/xxxxx_xxx.xxpredictiveHigh
81Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxx.xxxpredictiveHigh
83Filexxxxxx_xxxxx.xpredictiveHigh
84Filexxxxxx.xxxpredictiveMedium
85Filexxxxxxxxx.xxxpredictiveHigh
86Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
87Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
88Filexxxxxxxx.xxxpredictiveMedium
89Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
90Filexxxxxxx/xxx/xxx/xxxxxxx/xxxxxxx_xxxxx.xpredictiveHigh
91Filexxxxxxx/xxxxx/xxx/xxxxx/xxxxx.xpredictiveHigh
92Filexxx_xxxx/xxx_xxx.xpredictiveHigh
93Filexxxxx/xxxxxxxx.xxxpredictiveHigh
94Filexxxx.xxxpredictiveMedium
95Filexxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.xpredictiveHigh
96Filexxx.xxxpredictiveLow
97Filexxxxxx_xxxx/xxxxxx_xxx.xpredictiveHigh
98Filexxxx.xpredictiveLow
99Filexxxxxxxxx.xxxpredictiveHigh
100Filexxxxxxx.xpredictiveMedium
101Filexx/xxxxx/xxxxxxx.xpredictiveHigh
102Filexxxx.xpredictiveLow
103Filexxxxxxx.xpredictiveMedium
104Filexxxxxxxxxxxxx.xxxxxpredictiveHigh
105Filexxx.xxxpredictiveLow
106Filexxxxxxx.xxxpredictiveMedium
107Filexxxxxx/xxxxxpredictiveMedium
108Filexxxx.xxxpredictiveMedium
109Filexxx_xxxx_xxxxx.xpredictiveHigh
110Filexxxxxxxxxxxxxxxxxx.xxpredictiveHigh
111Filexxx/xxxxxx.xxxpredictiveHigh
112Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
113Filexxx/xxxxx/xxxx_xxx.xxx?xxxxxxx=xxxxxxx&xxxxxxxxx=xxxxxxxxxxxxxpredictiveHigh
114Filexxxxxxxx/xxxxxxxx.xxxpredictiveHigh
115Filexxxxxxxx/xxxxxxx.xxxpredictiveHigh
116Filexxxxx.xxxxpredictiveMedium
117Filexxxxx.xxxpredictiveMedium
118Filexxxxx.xxx?xxxxxx=xxxxxxxx&xxxx=xxxxpredictiveHigh
119Filexxxxx.xxx?x=/xxxxx/xxxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
120Filexxxx.xxx.xxxpredictiveMedium
121Filexxxxxxx.xxxpredictiveMedium
122Filexxxxxxxx/xxx_xxxx_xxxx.xpredictiveHigh
123Filexxxxxxxxxxx/xxxxxx_xxxx.xpredictiveHigh
124Filexxxxxxxxx.xxpredictiveMedium
125Filexxxxxxxxxx/xxxxxxx_xxx.xpredictiveHigh
126Filexxxxxx.xxpredictiveMedium
127Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxx/xxxxxx_xxxx_xx_xxx?xxx_xxxpredictiveHigh
128Filexxxxx.xxxpredictiveMedium
129Filexxxxx_xx.xxxxpredictiveHigh
130Filexxxx-x.xxxpredictiveMedium
131Filexxxx.xxxpredictiveMedium
132Filexxxxxxxx.xxxpredictiveMedium
133Filexxxxxxxxxxxx.xxxpredictiveHigh
134Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
135Filexxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
136Filexxx/xxxxxxxxx/xxxx.xpredictiveHigh
137Filexxx/xxxx/xxxxxx_xxx_xxxx.xpredictiveHigh
138Filexxxxxx-xxxxxxx-xxxxxxx.xxpredictiveHigh
139Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
140Filexxxxxx_xxxxx/?xxxxxx=xxxxxxxxxxxpredictiveHigh
141Filexxx_xxxx.xxxpredictiveMedium
142Filexxxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
143Filexxxxxxx/xxxxxx-xxx.xpredictiveHigh
144Filexxxxxxxxx_xxxxxxxxx/xxxxxxxxxx/xxxxx/xxxxxxxxxx/xxxxxx.xxpredictiveHigh
145Filexxxxxx_xxxxxxx.xxpredictiveHigh
146Filexxxxxxx.xxxpredictiveMedium
147Filexxxxxxxxxxxxxx/xxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxx.xxxxpredictiveHigh
148Filexxxxxxxxx.xxxpredictiveHigh
149Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
150Filexxxx/xxxxxxxxx.xxxpredictiveHigh
151Filexxxxxx.xpredictiveMedium
152Filexxxxx/xxx/xxxxxx_xxxxx/!xxxxxxxx?xxxxxxxxxx=xxxx-xxxxx-xx-xxxx.xxxxxxxx_xxxxxxxxxxxxxpredictiveHigh
153Filex_xx_xxx.xxxpredictiveMedium
154Filexxxxx.xxxpredictiveMedium
155Filexxxx.xxxpredictiveMedium
156Filexxxxx.xxxpredictiveMedium
157Filexxxxxxxx.xxpredictiveMedium
158Filexxxxxxxx.xxxpredictiveMedium
159Filexxxxxxxxxx.xxxpredictiveHigh
160Filexxxxxxx.xxpredictiveMedium
161Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
162Filexxxxxxxx.xxxpredictiveMedium
163Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
164Filexxxxxxxxxxxx.xxxxxxxx.xxxpredictiveHigh
165Filexxxxxxxxx.xpredictiveMedium
166Filexxxxxxxxxx/xxxxxxxxxx_xxxx.xxx?xxxxxx=xxxxxxpredictiveHigh
167Filexxxxxxx.xpredictiveMedium
168Filexxxxxx_xxxxxx.xxxpredictiveHigh
169Filexxxxxxxxxxxxxx.xxxpredictiveHigh
170Filex/xxxxx/xxxxxxx/xxxx/xxxpredictiveHigh
171Filexxxxxxx/xxx-xxxxxx-xxxxpredictiveHigh
172Filexxxxxxxxxx.xxxpredictiveHigh
173FilexxxxxxpredictiveLow
174Filexxxxxx.xxxpredictiveMedium
175Filexxxxxx.xxxpredictiveMedium
176Filexxxxx/xxx/xxxxx.xpredictiveHigh
177Filexxx/xxx/xxx_xxxx/xxxx.xpredictiveHigh
178Filexxxx.xxxxxxxxxxxx.xxxxpredictiveHigh
179Filexxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
180Filexxxxxx.xxxpredictiveMedium
181Filexxxxxx/xxxxx.xxx?x=xxx&x=xxxxxxxxxx:xxxxxpredictiveHigh
182Filexxxxxx.xxxxpredictiveMedium
183Filexxx.xxxpredictiveLow
184Filexxxx-xxxxxxx.xxxpredictiveHigh
185Filexxxxxxxxx.xxxpredictiveHigh
186Filexxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
187Filexxx/xxxxxx/xxxxxx/xxxx/xxxxx.xxxpredictiveHigh
188Filexxxx-xxxx-xxxxxx.xxxpredictiveHigh
189Filexxxx.xxxpredictiveMedium
190Filexxxxxxx.xxxpredictiveMedium
191Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
192Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
193Filexx-xxxxxxx/xxxxxxx/xxxxxxx/xxxxx_xxxxpredictiveHigh
194Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
195Filexx-xxxxx.xxxpredictiveMedium
196Filexx/xxxxxxx/xxxxxxx.xpredictiveHigh
197Filexxxx.xxpredictiveLow
198File\xxx_xxx.xxxpredictiveMedium
199File_xxxxxx/xxxxxxxx.xpredictiveHigh
200File~/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
201Libraryxxxx/xxxx/xxx/xxxxxxx.xpredictiveHigh
202Libraryxxxxxxxx.xxxpredictiveMedium
203Libraryxxxx/xxx/xxxxxxx/xxxx.xpredictiveHigh
204Libraryxxxxxx.xxxpredictiveMedium
205Libraryxxxxx.xxxpredictiveMedium
206Libraryxxx/xxxxxx.xpredictiveMedium
207Libraryxxxxxx.xxxpredictiveMedium
208Libraryxxxxxxx.xpredictiveMedium
209Libraryxxxxxxxxx.xxxpredictiveHigh
210Libraryxxxxx.xxxpredictiveMedium
211Libraryxxxxxxx/xxxxxxx.xpredictiveHigh
212Argument$_xxxxxpredictiveLow
213Argument-xxx-xxxxpredictiveMedium
214ArgumentxxxxpredictiveLow
215Argumentxxxxxx_xxxxpredictiveMedium
216ArgumentxxxxxxxxxxpredictiveMedium
217ArgumentxxxxxpredictiveLow
218ArgumentxxxpredictiveLow
219ArgumentxxxxxpredictiveLow
220ArgumentxxxxxxxxxxxxxpredictiveHigh
221ArgumentxxxxxxxxpredictiveMedium
222ArgumentxxxxxpredictiveLow
223ArgumentxxxxxxpredictiveLow
224ArgumentxxxxxxxxxxpredictiveMedium
225Argumentxxx_xxpredictiveLow
226ArgumentxxxpredictiveLow
227ArgumentxxxxxpredictiveLow
228ArgumentxxxpredictiveLow
229ArgumentxxxxxxxxxxxpredictiveMedium
230ArgumentxxxxxxpredictiveLow
231Argumentxxxxxx/xxxpredictiveMedium
232ArgumentxxxxxxxxxxxxxpredictiveHigh
233Argumentxxxxxxx_xxpredictiveMedium
234Argumentxxx_x_xxxpredictiveMedium
235Argumentxxxxxx x xxx xxxxxxxxxxpredictiveHigh
236Argumentx_xxxxxx.xxxx_xxxxxpredictiveHigh
237Argumentxxxxx/xxxxxpredictiveMedium
238ArgumentxxxxxxxxxxxpredictiveMedium
239ArgumentxxxxpredictiveLow
240ArgumentxxxxxxxxxxxpredictiveMedium
241ArgumentxxxxxxxpredictiveLow
242ArgumentxxxxxpredictiveLow
243ArgumentxxxxxpredictiveLow
244Argumentxx_xxxxx_xxpredictiveMedium
245ArgumentxxxxpredictiveLow
246ArgumentxxxxxxxpredictiveLow
247ArgumentxxxxxpredictiveLow
248Argumentxxxx xxxxpredictiveMedium
249ArgumentxxpredictiveLow
250ArgumentxxxxpredictiveLow
251ArgumentxxxxpredictiveLow
252ArgumentxxxxpredictiveLow
253ArgumentxxpredictiveLow
254ArgumentxxpredictiveLow
255ArgumentxxxxxpredictiveLow
256Argumentxxxx_xxpredictiveLow
257Argumentxx_xxxxxxxxpredictiveMedium
258ArgumentxxxpredictiveLow
259ArgumentxxxxpredictiveLow
260ArgumentxxpredictiveLow
261ArgumentxxxxxxxpredictiveLow
262Argumentxxxxx_xxxxpredictiveMedium
263ArgumentxxxxxxpredictiveLow
264ArgumentxxxxpredictiveLow
265ArgumentxxxxxxxxxxpredictiveMedium
266ArgumentxxxxxpredictiveLow
267ArgumentxxxpredictiveLow
268ArgumentxxpredictiveLow
269ArgumentxxxxxxxpredictiveLow
270ArgumentxxxxxxxpredictiveLow
271ArgumentxxxxpredictiveLow
272ArgumentxxxxxpredictiveLow
273ArgumentxxxxxxxxpredictiveMedium
274ArgumentxxxxpredictiveLow
275ArgumentxxxxpredictiveLow
276Argumentxxxx_xxxxpredictiveMedium
277Argumentxxxxx_xxxx_xxxxpredictiveHigh
278ArgumentxxxxxxxxpredictiveMedium
279Argumentxxxxxxx xxxxx/xxxxx xxxxxxxxxxxpredictiveHigh
280Argumentxxxxxxx_xxpredictiveMedium
281Argumentxxxxxxx xxxxpredictiveMedium
282Argumentx_xxxxpredictiveLow
283ArgumentxxxxxpredictiveLow
284Argumentxxxxx/xxxxxxpredictiveMedium
285Argumentxxxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
286Argumentxxxxxx_xxxpredictiveMedium
287Argumentxxxxxx/xxxxxxxxxxxxpredictiveHigh
288Argumentxxxxxxx_xxpredictiveMedium
289ArgumentxxxxxxpredictiveLow
290ArgumentxxxxxxpredictiveLow
291ArgumentxxxxxxxxxpredictiveMedium
292Argumentxxxxxxxxxxxxx/xxxxxpredictiveHigh
293ArgumentxxxxxxxxxxpredictiveMedium
294ArgumentxxxpredictiveLow
295ArgumentxxxxxxxxxpredictiveMedium
296ArgumentxxxxxxxxxxxxpredictiveMedium
297Argumentxxxx/xxxxxxxxxxxx xxxx/xxxx xxxxx/xxxx xxxxxxpredictiveHigh
298ArgumentxxxxxxxpredictiveLow
299ArgumentxxxxxxpredictiveLow
300ArgumentxxxxpredictiveLow
301Argumentxxxxxxxx/xxxxxxxxx/xxxxxxxxxpredictiveHigh
302ArgumentxxxxxxxxxxxpredictiveMedium
303ArgumentxxxxxpredictiveLow
304ArgumentxxxxxxxxxpredictiveMedium
305ArgumentxxxxpredictiveLow
306ArgumentxxxpredictiveLow
307ArgumentxxxpredictiveLow
308ArgumentxxxxxxxxpredictiveMedium
309ArgumentxxxxxpredictiveLow
310ArgumentxxxxxpredictiveLow
311Argumentxxxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
312ArgumentxxxxxxxxxpredictiveMedium
313ArgumentxxxxpredictiveLow
314Argumentxxxxxxx_xxxxxxxpredictiveHigh
315ArgumentxxxxxxxxxxxpredictiveMedium
316ArgumentxxxpredictiveLow
317Argumentxxxx-xxxxxpredictiveMedium
318ArgumentxxxxxxxxpredictiveMedium
319ArgumentxxxxxxxxpredictiveMedium
320Argumentxxxxxxxx/xxxxpredictiveHigh
321Argumentxxxxxxxx/xxxxxxxpredictiveHigh
322ArgumentxxxxxxxxxpredictiveMedium
323ArgumentxxxxxxpredictiveLow
324ArgumentxxxxxpredictiveLow
325ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
326ArgumentxxxxpredictiveLow
327ArgumentxxxxxpredictiveLow
328Input Value'"></xxxxxxxx><xxx xxx=xx xxxxxxx=xxxxx(x)>predictiveHigh
329Input Value/..predictiveLow
330Input Valuexxx[...]predictiveMedium
331Input Valuexxxxxxxxxx%xx%xx%xxxxxxxx%xxxxxxx%xx%xxxxxx%xxxxxx%xx%xx%xx%xxxxxxxx%xxxxxxxxxxxxxpredictiveHigh
332Input Valuexxxxx://xxx.xxxx.xxpredictiveHigh
333Patternxxxxxx-xxxxxxxxpredictiveHigh
334Patternxxxxxxx-xxxxxxxx-xxxxxxxxpredictiveHigh
335Pattern_xxx_xxx/_xxx_xxx/xxxxxxxx.xxxpredictiveHigh
336Network Portxxx/xxpredictiveLow
337Network Portxxx/xxxpredictiveLow
338Network Portxxx/xxxxpredictiveMedium

References (9)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!