UAC-0173 Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en854
ru56
de26
zh14
ja10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us368
ru82
cn26
gb26
tr16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike25
RedLine Stealer18
Mirai14
Vidar9
Raccoon8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined394
WordPress Plugin88
Operating System50
Content Management System30
Router Operating System28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined306
Microsoft48
Google18
Apple18
SourceCodester16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows30
Google Android10
Fortinet FortiOS8
Microsoft Exchange Server8
FreeBSD8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.69
2MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.69CVE-2007-0354
3nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.44CVE-2020-12440
4TOTOLINK N200RE Telnet Service custom.conf password in configuration file3.43.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.03CVE-2023-2790
5OpenSSL bn_wexpand input validation10.09.0$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.012370.04CVE-2009-3245
6DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.77CVE-2010-0966
7TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010756.80CVE-2006-6168
8MikroTik RouterOS RADVD out-of-bounds write7.57.2$0-$5k$0-$5kNot DefinedNot Defined0.000000.05CVE-2023-32154
9mailcow Sync Job os command injection7.37.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001740.03CVE-2023-26490
10LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.32
11Teltonika RUT9XX autologin.cgi os command injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.005720.02CVE-2018-17532
12WALLIX Access Manager information disclosure5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.001660.02CVE-2023-23592
13Advanced Guestbook htaccess path traversal5.65.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.041620.08CVE-2007-0609
14Hitachi Vantara Pentaho Business Analytics Server unknown vulnerability8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002370.02CVE-2022-43939
15RoundCube sql injection6.36.0$0-$5k$0-$5kHighOfficial Fix0.005940.05CVE-2021-44026
16PHP password_verify poison null byte3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000430.08CVE-2024-3096
17PHP proc_open command injection7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.14CVE-2024-1874
18PHPGurukul News Portal edit-post.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.17CVE-2024-3767
19Netgear SRX5308 Web Management Interface cross site scripting3.23.1$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000600.11CVE-2023-2385
20Mikrotik RouterOS SNMP out-of-bounds8.07.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.003070.00CVE-2022-45315

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1179.43.154.184hostedby.privatelayer.comUAC-017303/20/2024verifiedHigh
2XXX.XXX.XXX.XXxxx.xxxxxx.xxxXxx-xxxx03/20/2024verifiedHigh
3XXX.XXX.XXX.XXXxxxx.xxxXxx-xxxx03/20/2024verifiedHigh
4XXX.XXX.XXX.XXXxxxxxx.xxxxxxx.xxxXxx-xxxx03/20/2024verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-294, CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-CWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-184CWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
15TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
19TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (362)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File//proc/kcorepredictiveMedium
2File/admin.php/Admin/adminadd.htmlpredictiveHigh
3File/admin/about-us.phppredictiveHigh
4File/admin/action/delete-vaccine.phppredictiveHigh
5File/Admin/add-student.phppredictiveHigh
6File/admin/edit-post.phppredictiveHigh
7File/admin/index2.htmlpredictiveHigh
8File/admin/settings/save.phppredictiveHigh
9File/admin/userprofile.phppredictiveHigh
10File/api/baskets/{name}predictiveHigh
11File/app/index/controller/Common.phppredictiveHigh
12File/app/options.pypredictiveHigh
13File/Applications/Google\ Drive.app/Contents/MacOSpredictiveHigh
14File/apply.cgipredictiveMedium
15File/bitrix/admin/ldap_server_edit.phppredictiveHigh
16File/card_scan.phppredictiveHigh
17File/cgi-bin/nas_sharing.cgipredictiveHigh
18File/cgi-bin/wlogin.cgipredictiveHigh
19File/classes/Master.php?f=save_categorypredictiveHigh
20File/College/admin/teacher.phppredictiveHigh
21File/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashxpredictiveHigh
22File/cwc/loginpredictiveMedium
23File/dcim/rack-roles/predictiveHigh
24File/debuginfo.htmpredictiveHigh
25File/etc/quaggapredictiveMedium
26File/fftools/ffmpeg_enc.cpredictiveHigh
27File/forms/doLoginpredictiveHigh
28File/forum/away.phppredictiveHigh
29File/goform/addUserNamepredictiveHigh
30File/goform/aspFormpredictiveHigh
31File/goform/delAdpredictiveHigh
32File/goform/wifiSSIDsetpredictiveHigh
33File/gpac/src/bifs/unquantize.cpredictiveHigh
34File/h/calendarpredictiveMedium
35File/inc/topBarNav.phppredictiveHigh
36File/index.asppredictiveMedium
37File/index.phppredictiveMedium
38File/index.php?app=main&func=passport&action=loginpredictiveHigh
39File/install/predictiveMedium
40File/jfinal_cms/system/role/listpredictiveHigh
41File/kelas/datapredictiveMedium
42File/listplace/user/ticket/createpredictiveHigh
43File/xxxx_xxxxx.xxx?xxxx=x&xxxxxxxxxxx=xx-xxxxx&xxx=/xxxxxxxxxxxxxx/xxxx.xxxpredictiveHigh
44File/xxxxxxxx/xxxxx.xxxpredictiveHigh
45File/xxxx/xxx/xxxxxxpredictiveHigh
46File/xxxxx/xxxxxx/xxxxpredictiveHigh
47File/xxx-xxx/xxxxx/xxxxxx/xxxxxx_xxxxxx.xxxpredictiveHigh
48File/xxx-xpredictiveLow
49File/xxxxxx/xxxxxxxxxxxxxx!xxxxxxx.xxxxpredictiveHigh
50File/xxxxxxxxxx/xxxxxxxx/xxxxxpredictiveHigh
51File/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxxpredictiveHigh
52File/xxx/xxxx/xxxx_xxxx.xxxpredictiveHigh
53File/xxxxx/xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
54File/xxxxxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
55File/xxxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
56File/xxxx/xxxxxxxpredictiveHigh
57File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictiveHigh
58File/xxxxxx/xxxx.xxxpredictiveHigh
59File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
60File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxx/predictiveHigh
61File/xx-xxxxpredictiveMedium
62Filexxxxxxxxxxxxxxx.xxx.xxxpredictiveHigh
63Filexxxxxxxxxxxxxx.xxxxpredictiveHigh
64Filexxxx.xxxpredictiveMedium
65Filexxx_xxxxxxx.xxxpredictiveHigh
66Filexxx.xxxpredictiveLow
67Filexxxxx/xxxxxxxxxxxxx/xxxxxx_xxxxxx.xxxpredictiveHigh
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
70Filexxxxx\xxxx\xxxxxx_xxxx.xxxpredictiveHigh
71Filexxx_xxx.xxxpredictiveMedium
72Filexxx/xxxx/xxxx.xxx?xxxxxx=xxxxxx_xxxxxx_xxxxpredictiveHigh
73Filexxx\xxxxxxx\xxx\xxx.xxx.xxxpredictiveHigh
74Filexxxx.xxxpredictiveMedium
75Filexxxx/xxxx.xxxpredictiveHigh
76Filexxxx/xxxx.xxxxpredictiveHigh
77Filexxxx/xx_xxx.xxxpredictiveHigh
78Filexxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx.xxpredictiveMedium
80Filex/xxxxxx/xxxxx.xxxpredictiveHigh
81Filexxxx_xx_xxxx.xxxpredictiveHigh
82Filexxxxxxxxxx.xxxpredictiveHigh
83Filexxxxx\xxxxxx\xxxx.xxxpredictiveHigh
84Filexxx_xxx_xxx.xxpredictiveHigh
85Filex-xxxxxx/xxxxxxx.xpredictiveHigh
86Filexxx/xxxxxx_xxxx.xxxpredictiveHigh
87Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
88Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxpredictiveHigh
89Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
90Filexxxxx.xxxpredictiveMedium
91Filexxxxxxx_xxxx.xxxxpredictiveHigh
92Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
93Filexxxxxx.xxxpredictiveMedium
94Filexxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
95Filexxxxxx/xxxxxxx/xxx_xxx.xpredictiveHigh
96Filexxxx/xxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxx/xxxx.xxpredictiveHigh
97Filexxxxxx_xxxxx.xxxpredictiveHigh
98Filexxxxxx.xxxpredictiveMedium
99Filexxxxxxxxx_xxxxxx.xpredictiveHigh
100Filexxxxxxxxxx_xxxxxx.xxxpredictiveHigh
101Filexxxxxxxx-xxx.xxxpredictiveHigh
102Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxx/xxxx.xpredictiveHigh
103Filexxx_xxxxxxxx.xpredictiveHigh
104Filexxxx_xxx/xx/xxxxxxxx/xxxxxx.xxxpredictiveHigh
105Filexxxx_xxxx.xpredictiveMedium
106Filexxxx.xxxpredictiveMedium
107Filexxxxx.xxxpredictiveMedium
108Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
109Filexxxxxxxx-xxxxxx-xxxxxx.xxxpredictiveHigh
110Filexxxx.xxxpredictiveMedium
111Filexxxxx/xxxxxx.xxxpredictiveHigh
112Filexx/xxxxx/xxxxx.xpredictiveHigh
113Filexxxxxxx.xxxpredictiveMedium
114Filexxxx.xxxpredictiveMedium
115Filexxxx_xx.xxpredictiveMedium
116Filexxxxxxxxxxxx_xxxx.xxxpredictiveHigh
117Filexxxxxxxx/xxxx_xxxxpredictiveHigh
118Filexxxxxxxxx.xxxpredictiveHigh
119Filexxxxxxxxxxxx.xxxpredictiveHigh
120Filexxxxxxxxx.xxxpredictiveHigh
121Filexxx/xxxxxx.xxxpredictiveHigh
122Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
123Filexxxxxxx.xxxpredictiveMedium
124Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
125Filexxxxxxxx/xxxxx.xxx.xxxpredictiveHigh
126Filexxxxx.xxxxpredictiveMedium
127Filexxxxx.xxxpredictiveMedium
128Filexxxxx.xxpredictiveMedium
129Filexxxxxxxx.xxxpredictiveMedium
130Filexxxx_xxxx.xxxpredictiveHigh
131Filexxx/xxxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
132Filexxxxx_xxx.xxpredictiveMedium
133Filexxxxx.xxxpredictiveMedium
134Filexxxxx.xxxpredictiveMedium
135Filexxxxxx-xxxx.xxxpredictiveHigh
136Filexxxx.xpredictiveLow
137Filexxxxxxxxxxxx.xxxpredictiveHigh
138Filexxxx_xxxxx.xxxpredictiveHigh
139Filexxxxxx_xxxxxx.xxxpredictiveHigh
140Filexxxxxx.xxx?x=xxxxxx_xxxxpredictiveHigh
141Filexxxxxxxx_xxxxxxx.xxxpredictiveHigh
142Filexxxxxxx-xx/xxxxxx/xxx.xxpredictiveHigh
143Filexxxxxx/xxxxxxxx.xxpredictiveHigh
144Filexxxxxxxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
145Filexxx/xxxx/xxxx_xxxx.xpredictiveHigh
146Filexxxxxxxxxxxx.xxxxpredictiveHigh
147Filexxxx.xxxpredictiveMedium
148Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
149Filexxxxx/_xxxxx.xxpredictiveHigh
150Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
151Filexxxxxxxxxxxxxx.xxxpredictiveHigh
152Filexxxxxxx_xxxx.xxxpredictiveHigh
153Filexxxxx.xxxpredictiveMedium
154Filex_xx_xxx.xxxpredictiveMedium
155Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
156Filexxxx.xxxpredictiveMedium
157Filexxxxxxxx.xxxpredictiveMedium
158Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
159Filexxxxxxxx_xxxx.xxxpredictiveHigh
160Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
161Filexxxxxxxxxx.xxxpredictiveHigh
162Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
163Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveHigh
164Filexxxxxx_xxxxxx.xxxpredictiveHigh
165Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxxxxxxx_xxxx_xxxxx.xxxpredictiveHigh
166Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxxxxx.xxxpredictiveHigh
167Filexxxxx.xxxpredictiveMedium
168Filexxxxxxxxxxxxxx.xxxpredictiveHigh
169Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
170Filexxxxxxxxxxx.xxxpredictiveHigh
171Filexxx/xxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
172Filexxxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
173Filexxxxxx/predictiveLow
174Filexxxx-xxxxxxxx.xxxpredictiveHigh
175Filexxxx-xxxxx.xxxpredictiveHigh
176Filexxxx-xxxxxxxx.xxxpredictiveHigh
177Filexxxxxxxxx.xxxpredictiveHigh
178Filexxxxxxx_xxxxx.xxxpredictiveHigh
179Filexxxxxxx/xxxxxx.xxxxpredictiveHigh
180Filexxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
181Filexxxx/xxxxxx.xxxxpredictiveHigh
182Filexx/xxxxxxxxx/xxpredictiveHigh
183Filexxxxxxxxx.xpredictiveMedium
184Filexxxxxx.xxxpredictiveMedium
185Filexxxxxxx.xxxpredictiveMedium
186Filexxxxxxxxx.xxxpredictiveHigh
187Filexxxx_xxxxx.xxxpredictiveHigh
188Filexxxx.xxxpredictiveMedium
189Filexxxxxx/xxx.xxxpredictiveHigh
190Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveHigh
191Filexxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxxpredictiveHigh
192Filexxxxxx.xxxpredictiveMedium
193Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
194Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
195Filexxxx.xxpredictiveLow
196File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
197Library/xxx/xxx.xpredictiveMedium
198Libraryxxxxx.xx/xxxxx.xxxpredictiveHigh
199Libraryxxxxx_xxxxxxxx.xxxpredictiveHigh
200Libraryxxxxxxxxxxx.xxxpredictiveHigh
201Libraryxxxx.xxxpredictiveMedium
202Libraryxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
203Libraryxxx/xxxxxxxxxx.xpredictiveHigh
204Libraryxxx/xxxx_xxxxxx/xxxxx.xxpredictiveHigh
205LibraryxxxxpredictiveLow
206Libraryxxxxxxxxxxx.xxxpredictiveHigh
207Libraryxxxxxxxxxxx.xxxpredictiveHigh
208Libraryxxx/xxx/xxxx/predictiveHigh
209Libraryxxxxx.xxxpredictiveMedium
210Argument$_xxxxxx['xxx_xxxx']predictiveHigh
211Argument-xxxxxxxxxxxxxpredictiveHigh
212Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
213Argumentxx/xxpredictiveLow
214ArgumentxxxxxxxpredictiveLow
215ArgumentxxxxxxxxpredictiveMedium
216Argumentxxxxxx/xxxxxxxx/xxx_xxpredictiveHigh
217ArgumentxxxpredictiveLow
218Argumentxxxxxxxx_xxx_xxx/xxxxxxxx_xxxxxxxx_xxxpredictiveHigh
219ArgumentxxxxxxxxpredictiveMedium
220ArgumentxxxxxxxpredictiveLow
221ArgumentxxxxxxxxpredictiveMedium
222ArgumentxxxxpredictiveLow
223ArgumentxxxxxxxxpredictiveMedium
224ArgumentxxxxxpredictiveLow
225Argumentxxx_xxxx_xxxxxpredictiveHigh
226ArgumentxxxxxxxxxxxxpredictiveMedium
227ArgumentxxxpredictiveLow
228Argumentxxxxxxxx/xxxxxxxx xxxxxpredictiveHigh
229ArgumentxxxxxxxxxxpredictiveMedium
230Argumentxxx_xxpredictiveLow
231Argumentxx-xxxpredictiveLow
232ArgumentxxxxxxxxxpredictiveMedium
233ArgumentxxxxxxxxpredictiveMedium
234Argumentxxxx_xxpredictiveLow
235Argumentxxxxxxx[x][xxxx]predictiveHigh
236ArgumentxxxxxxxxxpredictiveMedium
237ArgumentxxxxxxpredictiveLow
238Argumentxxxxxx_xxxx_xxxxpredictiveHigh
239Argumentxxxxxxxxxx_xxpredictiveHigh
240ArgumentxxxxxxpredictiveLow
241ArgumentxxxxxxxpredictiveLow
242Argumentxxxxxxx_xxxx_xxxxpredictiveHigh
243ArgumentxxxxxpredictiveLow
244Argumentxxxxxx_xxxpredictiveMedium
245Argumentxxxxxx xxxxpredictiveMedium
246ArgumentxxxxxxxpredictiveLow
247ArgumentxxxxxxxxxxxxxpredictiveHigh
248Argumentxxxx_xxxxxx=xxxxpredictiveHigh
249Argumentxxx_xxxxpredictiveMedium
250ArgumentxxxxxxxpredictiveLow
251ArgumentxxxxxpredictiveLow
252Argumentxxxxx/xxxxxxxxpredictiveHigh
253Argumentxxxxx_xxxxxx/xxxxpredictiveHigh
254Argumentxxxxxxxx xxpredictiveMedium
255ArgumentxxxxxxxxxxxpredictiveMedium
256ArgumentxxxxxxxxxxxxxxpredictiveHigh
257Argumentxxxxx xxxxpredictiveMedium
258ArgumentxxxxpredictiveLow
259ArgumentxxxxxxpredictiveLow
260ArgumentxxxxxxxxpredictiveMedium
261ArgumentxxxxxxxxpredictiveMedium
262Argumentxxxx_xxxxxxpredictiveMedium
263Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
264Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
265ArgumentxxxxxxxxpredictiveMedium
266ArgumentxxxxpredictiveLow
267Argumentx_xxxxxxxpredictiveMedium
268ArgumentxxxxpredictiveLow
269ArgumentxxxxpredictiveLow
270Argumentxxxx/xxxxxx/xxxpredictiveHigh
271ArgumentxxxxxxxxpredictiveMedium
272ArgumentxxpredictiveLow
273Argumentxx/xxxpredictiveLow
274ArgumentxxxxxxxxxpredictiveMedium
275Argumentxxxxxxxxxxxxxx.xxxxxxxxxxxxxpredictiveHigh
276ArgumentxxxpredictiveLow
277ArgumentxxxxpredictiveLow
278Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
279ArgumentxxxxxxxxpredictiveMedium
280Argumentxxxxxxxxx/xxxxx_xxxxpredictiveHigh
281Argumentxxxxxxxx_xxxpredictiveMedium
282ArgumentxxxpredictiveLow
283ArgumentxxxxxxxxxxpredictiveMedium
284ArgumentxxxxxxxpredictiveLow
285ArgumentxxxxxxxxpredictiveMedium
286ArgumentxxxxxxxpredictiveLow
287ArgumentxxxxpredictiveLow
288ArgumentxxxxpredictiveLow
289ArgumentxxxpredictiveLow
290Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
291ArgumentxxxxxxpredictiveLow
292ArgumentxxxxxxxpredictiveLow
293ArgumentxxxxpredictiveLow
294ArgumentxxxxxxxpredictiveLow
295Argumentxxxxx_xpredictiveLow
296ArgumentxxxxxxxxpredictiveMedium
297Argumentxxxx_xxxxxxpredictiveMedium
298Argumentxxxx_xxxxxxpredictiveMedium
299ArgumentxxxxxxxxxpredictiveMedium
300ArgumentxxxxxxxxxxxpredictiveMedium
301Argumentxxxxxxx_xxxxxxxpredictiveHigh
302Argumentxxxxxxx_xx/xxxx_xxpredictiveHigh
303Argumentxxxxxxxx[xx]predictiveMedium
304ArgumentxxxpredictiveLow
305Argumentxxxxxx_xxxpredictiveMedium
306Argumentxxxxxx_xxxxpredictiveMedium
307Argumentxxxxxx_xxxxpredictiveMedium
308ArgumentxxxxxxxxxxpredictiveMedium
309ArgumentxxxxxpredictiveLow
310Argumentxxxxxxx_xxxpredictiveMedium
311ArgumentxxxxxxxxpredictiveMedium
312ArgumentxxxxpredictiveLow
313ArgumentxxxxxxpredictiveLow
314Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
315ArgumentxxxxxxpredictiveLow
316Argumentxxxxxxx_xxpredictiveMedium
317ArgumentxxxxxxxxxpredictiveMedium
318ArgumentxxxpredictiveLow
319ArgumentxxxxxxpredictiveLow
320Argumentxxxxxxxxxx.xxxxxxxxxxxpredictiveHigh
321Argumentxxxxxxx/xxxx/xxxxxxxpredictiveHigh
322ArgumentxxxxxxxxxxpredictiveMedium
323ArgumentxxxxxxxpredictiveLow
324ArgumentxxxpredictiveLow
325ArgumentxxxxxxxxxxxxpredictiveMedium
326ArgumentxxxpredictiveLow
327ArgumentxxxpredictiveLow
328ArgumentxxxxxxxxxpredictiveMedium
329Argumentxxxx_xxpredictiveLow
330ArgumentxxxxxxxxxxxpredictiveMedium
331ArgumentxxxxxxxxxpredictiveMedium
332ArgumentxxxpredictiveLow
333Argumentxxxxxx_xxxxxpredictiveMedium
334Argumentxxxxxx/xxxxxpredictiveMedium
335ArgumentxxxxpredictiveLow
336Argumentxxxxxxxxxxx.xxxxxxxxpredictiveHigh
337ArgumentxxxxxxpredictiveLow
338ArgumentxxxxxxxxpredictiveMedium
339Argumentxxxxxxxx/xxxxpredictiveHigh
340Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
341ArgumentxxxxxpredictiveLow
342ArgumentxxxxpredictiveLow
343ArgumentxxxxxxxpredictiveLow
344Argumentxxxxxxx xxxxxxpredictiveHigh
345ArgumentxxxxxpredictiveLow
346Argumentxx_xxxxxpredictiveMedium
347Argumentxxxxxx_xxxxxxpredictiveHigh
348Argumentx-xxxxxxxxx-xxxpredictiveHigh
349Argumentx-xxxx xxpredictiveMedium
350Argument_xxxxxxpredictiveLow
351Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
352Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
353Input Value//xxxxxxx.xxxpredictiveHigh
354Input Valuex%xx"()%xx%xx<xxx><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
355Input Value</xxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
356Input ValuexxxxxxxxxxpredictiveMedium
357Input Valuexxx://xxxxxx/xxxx=xxxxxxx.xxxxxx-xxxxxx/xxxxxxxx=xxxxx_xxxxxpredictiveHigh
358Input ValuexxxxpredictiveLow
359Pattern() {predictiveLow
360Network PortxxxxxpredictiveLow
361Network Portxxx/xxxxpredictiveMedium
362Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!