Andariel Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (817)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en574
zh192
es18
ru8
de6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn414
us284
gb20
ru12
be8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Andariel18
Cobalt Strike7
Nanocore RAT5
GhostEmperor4
Remcos4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined280
Operating System56
Content Management System40
Router Operating System28
Bug Tracking Software22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined238
Microsoft68
Oracle28
Cisco24
Apache20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows36
Oracle VM VirtualBox12
WordPress12
Cisco IOS XE12
Microsoft Office12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.04CVE-2019-7550
2ipTIME NAS-I Bulletin Manage unrestricted upload7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.009880.05CVE-2020-7847
3Fortinet FortiOS/FortiProxy Administrative Interface authentication bypass9.89.7$25k-$100k$5k-$25kHighOfficial Fix0.971640.05CVE-2022-40684
4Cisco IOS XE hard-coded credentials8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.003660.03CVE-2018-0150
5Cisco Secure Access Control System EAP-FAST Authentication Module improper authentication9.89.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.005030.00CVE-2013-3466
6ThinkPHP index.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.001790.02CVE-2018-10225
7Interspire Email Marketer Dynamiccontenttags.php sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000870.07CVE-2018-19551
8Codoforum New Topic cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2020-9007
9WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.003180.04CVE-2017-5611
10Linux Kernel Netlink Attribute nft_inner.c null pointer dereference7.37.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.03CVE-2023-5972
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.17
12ampleShop category.cfm sql injection7.37.3$0-$5k$0-$5kNot DefinedUnavailable0.006210.02CVE-2006-2038
13Interspire Email Marketer Dynamiccontenttags.php sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000870.02CVE-2018-19553
14KingView stgopenstorage API integer overflow6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000440.00CVE-2018-7471
15Grafana information disclosure5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.035300.02CVE-2018-19039
16Aleksandr Guidrevitch WP Meteor Website Speed Optimization Addon Plugin cross-site request forgery5.85.8$0-$5k$0-$5kNot DefinedNot Defined0.000580.05CVE-2023-26543
17GNU C Library __vsyslog_internal heap-based overflow7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.007700.03CVE-2023-6246
18nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.83CVE-2020-12440
19ProjectSend reset-password.php password recovery5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.004090.00CVE-2020-28874
20Zoho ManageEngine ADManager Plus Privilege Escalation5.75.6$0-$5k$0-$5kNot DefinedOfficial Fix0.001300.00CVE-2023-38743

Campaigns (4)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (31)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
14.246.144.112Andariel09/02/2023verifiedHigh
24.246.149.227Andariel09/02/2023verifiedHigh
38.213.128.76Andariel09/02/2023verifiedHigh
413.76.133.68Andariel09/02/2023verifiedHigh
527.102.107.224Andariel09/02/2023verifiedHigh
627.102.107.230Andariel09/02/2023verifiedHigh
727.102.107.233Andariel09/02/2023verifiedHigh
8XX.XXX.XXX.XXXXxxxxxxx09/02/2023verifiedHigh
9XX.XXX.XXX.XXXXxxxxxxx09/02/2023verifiedHigh
10XX.XXX.XXX.XXXxxxxxxx09/02/2023verifiedHigh
11XX.XXX.XXX.XXXXxxxxxxxXxxxxxxx11/27/2023verifiedHigh
12XX.XXX.XXX.XXXXxxxxxxx11/22/2023verifiedHigh
13XX.XXX.XXX.XXXXxxxxxxx11/22/2023verifiedHigh
14XX.XXX.XXX.XXXXxxxxxxx11/22/2023verifiedHigh
15XX.XXX.XXX.XXXXxxxxxxx09/02/2023verifiedHigh
16XX.XXX.XXX.XXXXxxxxxxxXxx-xxxx-xxxxx12/20/2023verifiedHigh
17XX.XXX.XXX.XXxxxx.xxxxxxxx.xxxXxxxxxxx09/02/2023verifiedHigh
18XX.XXX.XX.XXXxxxxxxxXxx-xxxx-xxxxx12/20/2023verifiedHigh
19XX.XXX.XX.XXXXxxxxxxxXxx-xxxx-xxxxx12/20/2023verifiedHigh
20XX.XX.XXX.XXxx-xxx-xx.xxxxxxxx.xxxxXxxxxxxx03/19/2024verifiedHigh
21XX.XX.XXX.XXXxxxxxxx11/22/2023verifiedHigh
22XXX.XXX.XXX.XXXXxxxxxxx11/22/2023verifiedHigh
23XXX.XXX.XXX.XXXXxxxxxxx09/02/2023verifiedHigh
24XXX.XXX.XX.XXXXxxxxxxxXxx-xxxx-xxxxx12/20/2023verifiedHigh
25XXX.XXX.XX.XXXXxxxxxxxXxx-xxxx-xxxxx11/27/2023verifiedHigh
26XXX.XXX.XX.XXXXxxxxxxxXxx-xxxx-xxxxx11/27/2023verifiedHigh
27XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxx09/02/2023verifiedHigh
28XXX.XXX.XXX.XXXxxxxxxxXxxxxxxxxx11/27/2023verifiedHigh
29XXX.XX.X.XXXxx-x-xxx.xxxxxxxx.xxxxXxxxxxxx11/22/2023verifiedHigh
30XXX.XXX.XXX.XXXXxxxxxxxXxxxxx Xxxxxx11/27/2023verifiedHigh
31XXX.XXX.XXX.XXXXxxxxxxx09/02/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-104CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXX.XXXCAPEC-CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
22TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
23TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (312)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.envpredictiveLow
2File/admin/article.phppredictiveHigh
3File/admin/comment.phppredictiveHigh
4File/admin/index.phppredictiveHigh
5File/admin/index2.htmlpredictiveHigh
6File/admin/uesrs.php&action=type&userrole=Admin&userid=3predictiveHigh
7File/api/v1/terminal/sessions/?limit=1predictiveHigh
8File/assets/something/services/AppModule.classpredictiveHigh
9File/authenticate.phppredictiveHigh
10File/blogpredictiveLow
11File/cgi-bin/login.cgipredictiveHigh
12File/cgi-bin/luci/api/wirelesspredictiveHigh
13File/cgi-bin/system_mgr.cgipredictiveHigh
14File/cgi-bin/webprocpredictiveHigh
15File/dist/index.jspredictiveHigh
16File/Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashxpredictiveHigh
17File/etc/postfix/sender_loginpredictiveHigh
18File/expert_wizard.phppredictiveHigh
19File/fax/fax_send.phppredictiveHigh
20File/files/list-filepredictiveHigh
21File/forum/away.phppredictiveHigh
22File/goform/RGFirewallELpredictiveHigh
23File/inc/parser/xhtml.phppredictiveHigh
24File/index.php?menu=asterisk_clipredictiveHigh
25File/jsoa/hntdCustomDesktopActionContentpredictiveHigh
26File/lists/index.phppredictiveHigh
27File/login.htmlpredictiveMedium
28File/medical/inventories.phppredictiveHigh
29File/mobilebroker/ServiceToBroker.svc/Json/ConnectpredictiveHigh
30File/newpredictiveLow
31File/public/login.htmpredictiveHigh
32File/secure/QueryComponent!Default.jspapredictiveHigh
33File/static/ueditor/php/controller.phppredictiveHigh
34File/system?action=ServiceAdminpredictiveHigh
35File/timeline2.phppredictiveHigh
36File/xxxxxx.xxxpredictiveMedium
37File/xxx/xxxxx/xpredictiveMedium
38File/xx/xxxxxxxxxxxxxx/xxxxxxpredictiveHigh
39File/xxxxxxx/predictiveMedium
40File/xxxxxxpredictiveLow
41File/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
42File/xxx/xxx/xxxxxpredictiveHigh
43File/xxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx-xxxxxxxx/xxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxx/xxxxxxxxxxx.xxxpredictiveHigh
44File/xxxxxxxx/xxxxxxx/xxxxxxxpredictiveHigh
45File/xx-xxxxpredictiveMedium
46Filexxxxxxx.xxxpredictiveMedium
47Filexxxxxxx.xxxpredictiveMedium
48Filexxx_xxxx_xxxx.xxxpredictiveHigh
49Filexxx_xxxxx.xxxpredictiveHigh
50Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
51Filexxxxx/xxxxx.xxx?x=xxxxxxxx&x=xxxpredictiveHigh
52Filexxxxx/xxxxxx.xxx?xxxxxx=xxx_xxxxpredictiveHigh
53Filexxxxx/xxxxxxxxxx/xxxxxxx_xxxxxx.xxxpredictiveHigh
54Filexxxxx/xxxxxxxxxxxxxxx.xxpredictiveHigh
55Filexxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
56Filexxxxx/xxxx_xxxxxxxxxx.xxxpredictiveHigh
57Filexxxxxxx.xxxpredictiveMedium
58Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
59Filexxxxxxxxxx/xxxxx/xxxxxxx_xxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxx.xxxpredictiveMedium
61Filexxxx/xxxxxx/xxxxxx_xxxpredictiveHigh
62Filexxxx_xxxxxxxxxx.xpredictiveHigh
63Filexxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
64Filexxx/xxxxxxxx/xxxxxxpredictiveHigh
65Filexxx_xxxxxxx.xxxpredictiveHigh
66Filexxx/xxxxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
67Filexxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
68Filexxxxxxxx.xxxpredictiveMedium
69Filexxx.xxxpredictiveLow
70Filexxx.xxxpredictiveLow
71Filexxxxxxxxxx.xxxpredictiveHigh
72Filexxxxxxxx.xxxpredictiveMedium
73Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
74Filexxx-xxx/xxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxxxx.xxxpredictiveHigh
76Filexxx_xxxxxxxx_xxx_xx.xxxxxpredictiveHigh
77Filexxxx.xpredictiveLow
78Filexxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxx.xpredictiveMedium
80Filexxxxxx-xxxxxxx.xxxpredictiveHigh
81Filexxxxxx/xx_xxx.xpredictiveHigh
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxx_xxxxxxx.xxxpredictiveHigh
84Filexxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
85Filexxxxxx.xxxpredictiveMedium
86Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
87Filexxxxx.xxxpredictiveMedium
88Filexxxxxxx_xxxxxxx.xxpredictiveHigh
89Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xpredictiveHigh
90Filexxxx.xxxxpredictiveMedium
91Filexxxxxxx_xxxx.xxxx.xxx/xxxxxxx_xxxx.xxxpredictiveHigh
92Filexxxx.xxxpredictiveMedium
93Filexxxxxxxxxxxx.xxxpredictiveHigh
94Filexxxxxxxx.xxpredictiveMedium
95Filexxxx/xxxxxxxxxxxxxxxxpredictiveHigh
96Filexxxxxxxx.xxxpredictiveMedium
97Filexxxxx/xxxx.xxxpredictiveHigh
98Filexx/xx_xxxxx.xpredictiveHigh
99Filexxxxxxxxx.xxxpredictiveHigh
100Filexx.xxxxx.xxxpredictiveMedium
101Filexxxxxxx.xxxpredictiveMedium
102Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
103Filexxxxxxxxx.xxxxpredictiveHigh
104Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
105Filexxxxxx_xxx_xxxx_xxxxx_xx_xxxxx.xpredictiveHigh
106Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
107Filexxx.xxxpredictiveLow
108Filexxx/xxxxxx.xxxpredictiveHigh
109Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
110Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
111Filexxxxx.xxxpredictiveMedium
112Filexxxxx.xxxpredictiveMedium
113Filexxxxxxx-xxxxxxxxx>/xxxxxxxxxx/xxx-xxxpredictiveHigh
114Filexxxxxxxxxxxxx.xxxpredictiveHigh
115Filexx/xxxxxx/xxxxxx/xxxxxx_xxxxxxx.xxxpredictiveHigh
116Filexxx/xxx_xxxxxxxxxx.xpredictiveHigh
117Filex_xxxxxxxx_xxxxxpredictiveHigh
118Filexxxxxx/xxxxxx.xpredictiveHigh
119Filexxxxxxxxxxxx/xxxxxxx/xxxxxxxxxxxx.xpredictiveHigh
120Filexxxxxxxxxxx/xxx.xpredictiveHigh
121Filexxxxxxxxxxx/xxxxx.xpredictiveHigh
122Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
123Filexxxxxxxxxxxxx.xxxpredictiveHigh
124Filexxxxx.xxxpredictiveMedium
125Filexxxxx.xxxpredictiveMedium
126Filexxxxxxxxx.xxxpredictiveHigh
127Filexxxxxxx.xxxxpredictiveMedium
128Filexxxx.xxxpredictiveMedium
129Filexxxxxxx.xxxpredictiveMedium
130Filexxxx/xxxxx.xxxpredictiveHigh
131Filexxxxxxx/xxxx_xxx_xxxxx.xxxpredictiveHigh
132Filexxx_xxxxxxxxxx.xpredictiveHigh
133Filexxxxxxxxx/xxxx-xxxxpredictiveHigh
134Filexxxxxxx.xxxpredictiveMedium
135Filexxxxxxx.xxxpredictiveMedium
136Filexxx_xxxxx.xpredictiveMedium
137Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxxpredictiveHigh
138Filexxxxxx.xpredictiveMedium
139Filexxxxxxx.xxxpredictiveMedium
140Filexxxxxxxxxxxxx.xxxpredictiveHigh
141Filexxxxxx.xxxpredictiveMedium
142Filexxxx/xxxxxx.xxxpredictiveHigh
143Filexxxxx_xxxx.xpredictiveMedium
144Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
145Filexxxx.xxxpredictiveMedium
146Filexxxxxxx.xxpredictiveMedium
147Filexxxxxxxx.xxxpredictiveMedium
148Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
149Filexxxxxx.xxxpredictiveMedium
150Filexxxxx-xxxxxxxx.xxxpredictiveHigh
151Filexxxxxxxxx/xxxxx.xxxpredictiveHigh
152Filexxx.xxxpredictiveLow
153Filexx_xxx.xxpredictiveMedium
154Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
155Filexxxxx.xxxpredictiveMedium
156Filexxxx-xxxxxx.xpredictiveHigh
157Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
158Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
159Filexxx/xxx_xxx.xxpredictiveHigh
160Filexxx/xxxx/xxxx/xxx.xxxxxxxx.xxxxxxx/xxxxxxx/xxx/xxxxxx.xxxxpredictiveHigh
161Filexxxx_xxxxxxxxx.xxxpredictiveHigh
162Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
163Filexx/xxxxxpredictiveMedium
164FilexxxxxxxxxxxpredictiveMedium
165Filexxxxxxxx/xxxxxxxxpredictiveHigh
166Filexxxx.xxpredictiveLow
167Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
168Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
169Filexxxxxxx/xxxxxxxx_xxxx_xx_xxx.xpredictiveHigh
170Filexx-xxxxx/xxxxx.xxxpredictiveHigh
171Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
172Filexx-xxxx.xxxpredictiveMedium
173Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
174Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
175Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
176Filexx-xxxxx.xxxpredictiveMedium
177File_x_/xxxx/_x_/xxx/xxxxxx_xxxxxxxxxxxxxpredictiveHigh
178File__xxxx_xxxxxxxx.xxxpredictiveHigh
179File~/xxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
180Libraryxxxxxxxxx.xxxpredictiveHigh
181LibraryxxxxxxpredictiveLow
182Libraryxxx/xxx/xxxx.xxxxx.xxxpredictiveHigh
183Libraryxxx-xxxxxxx/xxxx-xxxxxx.xpredictiveHigh
184Libraryxxx/xxxxxxx.xxx.xxxpredictiveHigh
185Libraryxxx/xxxxxxxx.xxpredictiveHigh
186Libraryxxxxxx.xxx.xxxxxx.xxxpredictiveHigh
187Libraryxxxxxxxxxxxxx.xxxpredictiveHigh
188Libraryxxxxxxxx.xxxpredictiveMedium
189Libraryxxxxxxxxxxxx.xxxpredictiveHigh
190Libraryxxxxx xxxx xxxxxxxx xxxxxxxxxxxxpredictiveHigh
191Libraryxxxxxx.xxxxx.xxxxxxxxpredictiveHigh
192Argument$_xxxxxx['xxxx_xxxx_xxxxx']predictiveHigh
193Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
194Argument-xpredictiveLow
195ArgumentxxxxxxpredictiveLow
196Argumentxxxx_xxpredictiveLow
197Argumentxxxx_xxxxpredictiveMedium
198ArgumentxxxxxxxxpredictiveMedium
199Argumentxxxxxxx[]predictiveMedium
200Argumentxxxxx_xxxxpredictiveMedium
201ArgumentxxxpredictiveLow
202Argumentxxxxxxxx_xxpredictiveMedium
203ArgumentxxxxxpredictiveLow
204ArgumentxxxxxpredictiveLow
205Argumentxxx_xxpredictiveLow
206ArgumentxxxxxxxpredictiveLow
207ArgumentxxxxxxxpredictiveLow
208Argumentxxxxxxxxxx_xxxxx_xxxxxxpredictiveHigh
209Argumentxxxxxxx_xxx/xxxxxpredictiveHigh
210ArgumentxxxxxxpredictiveLow
211ArgumentxxxxxxxxpredictiveMedium
212Argumentxxxxxxxxxxx/xxxxxxxx/xxxxx/xxxxxxxxpredictiveHigh
213ArgumentxxxpredictiveLow
214Argumentxxxx_xxxxxx_xxxxxxxxxpredictiveHigh
215Argumentxxxx xxxxxxxpredictiveMedium
216ArgumentxxxxxpredictiveLow
217ArgumentxxxxxpredictiveLow
218Argumentxxxxx/xxxxxxpredictiveMedium
219Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
220ArgumentxxxxxpredictiveLow
221Argumentxxxxxxx xxxxpredictiveMedium
222ArgumentxxxpredictiveLow
223Argumentxxxx/xxxxxxxxxxpredictiveHigh
224ArgumentxxxxxxxxpredictiveMedium
225ArgumentxxxxxxxxpredictiveMedium
226Argumentxxxx xxxxpredictiveMedium
227Argumentxxxxx xxxxxpredictiveMedium
228ArgumentxxxxxxxpredictiveLow
229ArgumentxxxxxxxxxpredictiveMedium
230ArgumentxxxxpredictiveLow
231ArgumentxxxxpredictiveLow
232ArgumentxxxxxxxxpredictiveMedium
233Argumentxxxx_xxxxxpredictiveMedium
234ArgumentxxpredictiveLow
235ArgumentxxxxxxxxxpredictiveMedium
236Argumentxx_xxxxxxxxpredictiveMedium
237Argumentxxxxx_xxxxpredictiveMedium
238ArgumentxxxxxxxpredictiveLow
239Argumentxx xxxxxxxpredictiveMedium
240ArgumentxxxxxxxxxpredictiveMedium
241ArgumentxxxxpredictiveLow
242Argumentx_xxxxxxxxpredictiveMedium
243ArgumentxxxpredictiveLow
244ArgumentxxxxpredictiveLow
245Argumentxxxxxx/xxpredictiveMedium
246ArgumentxxxpredictiveLow
247ArgumentxxxxxxxxpredictiveMedium
248Argumentxxx_xxxxpredictiveMedium
249ArgumentxxxxxxxxxpredictiveMedium
250Argumentxxxxx_xxxxxx_xxx/xxxxx_xxxx_xxxxxxxxpredictiveHigh
251ArgumentxxxpredictiveLow
252ArgumentxxxxxpredictiveLow
253Argumentxxxxxxx/xxxxxxxxpredictiveHigh
254ArgumentxxxxpredictiveLow
255ArgumentxxxxxxxxpredictiveMedium
256ArgumentxxxxxxxpredictiveLow
257Argumentxxxxx_xxxxpredictiveMedium
258Argumentxxxx_xxpredictiveLow
259ArgumentxxxxxxxxpredictiveMedium
260ArgumentxxxxpredictiveLow
261ArgumentxxxxxxxxpredictiveMedium
262ArgumentxxxxxxxxxxxxxpredictiveHigh
263Argumentxxxxxxx_xpredictiveMedium
264ArgumentxxxxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxxpredictiveMedium
266ArgumentxxxxxxpredictiveLow
267Argumentxxxxxxxxx_predictiveMedium
268ArgumentxxxxxxxxxpredictiveMedium
269ArgumentxxxxxxxpredictiveLow
270ArgumentxxxxxxpredictiveLow
271ArgumentxxxxxxxxxxpredictiveMedium
272ArgumentxxxpredictiveLow
273ArgumentxxxxxxxxxxxxxxpredictiveHigh
274ArgumentxxxxxxxxxpredictiveMedium
275Argumentxx_xxpredictiveLow
276ArgumentxxxpredictiveLow
277ArgumentxxxxpredictiveLow
278ArgumentxxxxxxxxpredictiveMedium
279ArgumentxxxxxxxpredictiveLow
280ArgumentxxxxxpredictiveLow
281ArgumentxxxxxxxxpredictiveMedium
282ArgumentxxxpredictiveLow
283ArgumentxxxxxpredictiveLow
284Argumentxxxxxxxxxx_xxpredictiveHigh
285ArgumentxxxxxxxxpredictiveMedium
286Argumentxxxxxx_xxpredictiveMedium
287ArgumentxxxpredictiveLow
288Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
289ArgumentxxxxxxxxpredictiveMedium
290Argumentxxxx_xxpredictiveLow
291Argumentxxxxxxxxxxxx[xxxx]predictiveHigh
292Argumentxxxx->xxxxxxxpredictiveHigh
293Argumentx-xxxx-xxxxxpredictiveMedium
294Argumentxxxx/xxxxx/xxxxpredictiveHigh
295Argument\xxxxxx\predictiveMedium
296Argument_x_xxxxxxxxxxpredictiveHigh
297Input Value-xpredictiveLow
298Input Value.%xx.../.%xx.../predictiveHigh
299Input Value../..predictiveLow
300Input Valuex'predictiveLow
301Input Value><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
302Input Value@xxxxxxx.xxx.xxxxxxx.xxxpredictiveHigh
303Input Valuexxxx.xxx::$xxxxpredictiveHigh
304Input Valuexxxxx&#xx;xxxx:predictiveHigh
305Input Valuexxxx'%xxxxx%xx(xxxxxx*xxxx(xxxxxx(xxxxx(xx)))x)--%xxpredictiveHigh
306Input Value\xxx\xxxpredictiveMedium
307Network PortxxxxpredictiveLow
308Network Portxxx/xx & xxx/xxxpredictiveHigh
309Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
310Network Portxxx/xxxpredictiveLow
311Network Portxxx/xxxxpredictiveMedium
312Network Portxxx/xxxxxpredictiveMedium

References (6)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!