AveMaria Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en722
es166
de26
pt22
fr18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us444
es168
br52
gb44
io34

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Ave Maria17
RedLine Stealer13
AsyncRAT12
Nanocore RAT12
Remcos11

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined302
Content Management System66
Operating System48
Programming Language Software42
WordPress Plugin32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined276
Cisco50
Apple48
Microsoft46
Apache32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows24
Apple iTunes20
Apache HTTP Server18
phpMyAdmin12
Linux Kernel12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.08CVE-2017-0055
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.50CVE-2010-0966
3Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.29CVE-2009-4935
4Gempar Script Toko Online shop_display_products.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001000.02CVE-2009-0296
5PHP Scripts Mall Online Lottery PHP Readymade Script Edit Profile cross-site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.001120.03CVE-2019-9604
6Heartland Payment Systems Payment Gateway PHP SDK hps heartland-php Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000720.00CVE-2017-7992
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.18CVE-2007-0354
8Check point Firewall-1/VPN-1 IKE Aggressive Mode missing encryption5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.004090.04CVE-2002-1623
9vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.00CVE-2016-6195
10MantisBT Cloning bug_report_page.php input validation5.45.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000610.00CVE-2018-9839
11Cisco Prime Infrastructure Virtual Domain System access control5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000800.00CVE-2019-1906
12Microsoft Windows Support Diagnostic Tool Follina Remote Code Execution7.37.1$25k-$100k$0-$5kHighWorkaround0.971750.08CVE-2022-30190
13PRTG Network Monitor login.htm access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002880.04CVE-2018-19410
14Microsoft Windows Remote Desktop/Terminal Services Web Connection improper authentication6.36.2$25k-$100k$0-$5kNot DefinedWorkaround0.000000.02
15OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.34CVE-2016-6210
16Gravity Forms Plugin common.php Password information disclosure6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001780.07CVE-2020-13764
17Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.05CVE-2009-4889
18MidiCart PHP Shopping Cart item_show.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.05
19WooCommerce Checkout Manager Plugin access control7.06.8$0-$5k$0-$5kNot DefinedOfficial Fix0.001010.03CVE-2019-11807
20Hindu Matrimonial Script payment.php privileges management7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001670.04CVE-2017-20075

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • AveMaria

IOC - Indicator of Compromise (31)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.56.56.88nutir.topAveMaria10/05/2022verifiedHigh
22.56.57.85AveMaria10/05/2022verifiedHigh
35.2.68.67AveMaria05/18/2022verifiedHigh
420.7.14.99AveMaria04/06/2023verifiedHigh
531.210.20.231AveMaria07/06/2022verifiedHigh
637.0.14.204AveMaria10/05/2022verifiedHigh
737.0.14.206AveMaria10/05/2022verifiedHigh
8XX.XX.XXX.XXXxxxxxxx04/06/2023verifiedHigh
9XX.XXX.XXX.XXXXxxxxxxx10/05/2022verifiedHigh
10XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxx10/05/2022verifiedMedium
11XX.X.XX.XXXxxx-xx-x-xx.xxxxxx.xxxXxxxxxxx10/05/2022verifiedHigh
12XX.XXX.XXX.XXXxxxxxxx10/05/2022verifiedHigh
13XX.XX.XX.XXXXxxxxxxx10/05/2022verifiedHigh
14XX.XX.XX.XXXxxxxxxx04/06/2023verifiedHigh
15XX.XX.XX.XXXXxxxxxxx04/06/2023verifiedHigh
16XX.XXX.XXX.XXxx-xxx-xxx-xx.xxxxxx.xxx-xxxxxxx.xxxXxxxXxxxxxxx12/17/2020verifiedHigh
17XXX.XXX.XXX.XXXxxxxxxx10/05/2022verifiedHigh
18XXX.XXX.XXX.XXXXxxxxxxx10/05/2022verifiedHigh
19XXX.XXX.XX.XXXxxx-xxxx-x-xxxxxx.xxx.xxx.xxXxxxXxxxxxxx12/17/2020verifiedHigh
20XXX.XXX.XX.XXXXxxxxxxx07/06/2022verifiedHigh
21XXX.XX.XX.XXXxxxxxxx04/06/2023verifiedHigh
22XXX.XX.XXX.XXXXxxxxxxx07/06/2022verifiedHigh
23XXX.XX.XXX.XXXxxxxxx-xx.xxxxxxxxxxx.xxXxxxXxxxxxxx12/17/2020verifiedHigh
24XXX.XXX.XX.XXXXxxxxxxx05/18/2022verifiedHigh
25XXX.XXX.XXX.XXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxXxxxxxxx12/17/2020verifiedHigh
26XXX.XXX.XX.XXXXxxxxxxx05/18/2022verifiedHigh
27XXX.X.XX.XXXXxxxxxxx05/12/2022verifiedHigh
28XXX.X.XX.XXXXxxxxxxx10/05/2022verifiedHigh
29XXX.XXX.XXX.XXXXxxxxxxx10/05/2022verifiedHigh
30XXX.X.XXX.XXXxxx-x-xxx-xxx.xxxxxx-xx-xxxxxxxxxxx.xxxXxxxXxxxxxxx12/17/2020verifiedHigh
31XXX.XXX.XX.XXXXxxxxxxx07/06/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-24Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-294, CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-CWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
11TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
13TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
14TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
15TXXXXCAPEC-108CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (473)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File$SPLUNK_HOME/etc/splunk-launch.confpredictiveHigh
2File.htaccesspredictiveMedium
3File/.ssh/authorized_keyspredictiveHigh
4File/account/details.phppredictiveHigh
5File/admin/academic/studenview_left.phppredictiveHigh
6File/admin/admin.php?module=admin_group_edit&agIDpredictiveHigh
7File/admin/contenttemppredictiveHigh
8File/Admin/login.phppredictiveHigh
9File/admin/payment.phppredictiveHigh
10File/admin/syslogpredictiveHigh
11File/admin/user/manage_user.phppredictiveHigh
12File/advance_push/public/loginpredictiveHigh
13File/anony/mjpg.cgipredictiveHigh
14File/application/index/controller/Databasesource.phppredictiveHigh
15File/application/index/controller/File.phppredictiveHigh
16File/application/plugins/controller/Upload.phppredictiveHigh
17File/assets/components/gallery/connector.phppredictiveHigh
18File/cgi-bin/cstecgi.cgipredictiveHigh
19File/cgi-bin/wlogin.cgipredictiveHigh
20File/classes/master.php?f=delete_orderpredictiveHigh
21File/course/filterRecords/predictiveHigh
22File/ctcprotocol/ProtocolpredictiveHigh
23File/device/device=140/tab=wifi/viewpredictiveHigh
24File/download/imagepredictiveHigh
25File/etc/sudoerspredictiveMedium
26File/ext/collect/find_text.dopredictiveHigh
27File/Forms/predictiveLow
28File/forum/away.phppredictiveHigh
29File/framework/modules/users/models/user.phppredictiveHigh
30File/ghost/previewpredictiveHigh
31File/HNAP1/SetAccessPointModepredictiveHigh
32File/index.phppredictiveMedium
33File/mcategory.phppredictiveHigh
34File/member/picture/albumpredictiveHigh
35File/mysql/api/diags.phppredictiveHigh
36File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
37File/ndmComponents.jspredictiveHigh
38File/oauth/idp/.well-known/openid-configurationpredictiveHigh
39File/phpcollab/users/edituser.phppredictiveHigh
40File/plainpredictiveLow
41File/products/details.asppredictiveHigh
42File/product_list.phppredictiveHigh
43File/public/login.htmpredictiveHigh
44File/replicationpredictiveMedium
45File/service/uploadpredictiveHigh
46File/services/details.asppredictiveHigh
47File/showfile.phppredictiveHigh
48File/trx_addons/v2/get/sc_layoutpredictiveHigh
49File/uncpath/predictiveMedium
50File/upload/catalog/controller/account/password.phppredictiveHigh
51File/usr/bin/pkexecpredictiveHigh
52File/var/WEB-GUI/cgi-bin/telnet.cgipredictiveHigh
53File/wbms/classes/Master.php?f=delete_clientpredictiveHigh
54File/web/api/app/Controller/HostController.phppredictiveHigh
55File/xxxxxxxx/xxxxxxx/xxxxxxxpredictiveHigh
56File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
57Filex.xxx.xxxpredictiveMedium
58Filex.x.x\xxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxxx/xxxxxxxx/xxxxxxx_xxxxxx.xxxpredictiveHigh
61Filexxxxxxx.xxxpredictiveMedium
62Filexxx-xxxxxxxxxxx.xxxpredictiveHigh
63Filexxx_xxx.xxxpredictiveMedium
64Filexxx_xx_xxxx.xxxpredictiveHigh
65Filexxxxx-xxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxxx/xxxxx.xxxpredictiveHigh
68Filexxxxx/xxx_xxxxx/xxxxxxxxxx.xxx?xxxxxx=xxxxpredictiveHigh
69Filexxxxx/xxxx.xxxpredictiveHigh
70Filexxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
71Filexxxxx/xxxxxxx_xxxxxxxx.xxx?xxx=xxxxxxpredictiveHigh
72Filexxxxx/xxxxxxxx.xxx?xxxx=xxxxxxxxxxpredictiveHigh
73Filexxxxx/xxxxxx_xxxxxxx.xxxpredictiveHigh
74Filexxxxx/xxxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxxxx/xxxx.xx?xxxxxxxxxxxx=xxxxxxxxxxxx&xxxxxxxx=xxxxxxx/xxxxpredictiveHigh
76Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
77Filexxxxx_xxx.xxxpredictiveHigh
78Filexxxxx_xxxx.xxxpredictiveHigh
79Filexxx/xxxxxxx/xxxxxxxxpredictiveHigh
80Filexxx/xxxxx/xxxxxxx/xxxx-xxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
81Filexxxxxxxxxxx/xxxxx/xxxxxxxxxx/x/xxx.xxxpredictiveHigh
82Filexxx\xxxxxxxxxx_xxxxxxxx\xxxxxxxxxx_xxxxxxx_xxxxxxx.xxxpredictiveHigh
83Filexxxxxxx.xxxpredictiveMedium
84Filexxxxxx/xxxx/xxxxxxxxx-xxxxxxx.xxxpredictiveHigh
85Filexxxx-xxxx.xpredictiveMedium
86Filexxxx.xxx.xxxpredictiveMedium
87Filexxxxxxx.xxpredictiveMedium
88Filexxxxx.xxxpredictiveMedium
89Filexxxxxx_xxxxxx.xxxpredictiveHigh
90Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveHigh
91Filexxx_xxxxxx_xxxx.xxxpredictiveHigh
92Filexxx.xxxpredictiveLow
93Filex-xxxxxx/xxxxxxx.xpredictiveHigh
94Filexxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
95Filexxx.xxxpredictiveLow
96Filexxxxxxx.xxxpredictiveMedium
97Filexxx-xxx/xxxxxxx.xxpredictiveHigh
98Filexxx-xxx/xxx/xxxxxx.xxpredictiveHigh
99Filexxx/xxxxxxx.xxpredictiveHigh
100Filexxxxx.xx_xxxxxxxxx.xxxpredictiveHigh
101Filexxxxx.xxxpredictiveMedium
102Filexxx.xxxpredictiveLow
103Filexxxxxx/xxx.xpredictiveMedium
104Filexxx/xx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxx.xxxxpredictiveHigh
105Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
106Filexxxxxx.xxxpredictiveMedium
107Filexxxxxx.xpredictiveMedium
108Filexxxxxx.xxx.xxxpredictiveHigh
109Filexxxxxx.xxxpredictiveMedium
110Filexxxxxxxxx.xxxxxxx.xxxpredictiveHigh
111Filexxxxxxx.xxxpredictiveMedium
112Filexxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
113Filexxxxxxxxxxx/xxxxx.xxpredictiveHigh
114Filexxxx/xxxxxx/xxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
115Filexxxxxx_xxxxxxx.xxxpredictiveHigh
116Filexxxx/xxxx_xxxx.xxxpredictiveHigh
117Filexxxxxxx.xxxpredictiveMedium
118Filexxxx.xxpredictiveLow
119Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
120Filexxxx/xxx/xxxxxx.xxxpredictiveHigh
121Filexxxxx.xpredictiveLow
122Filexxxxxx.xpredictiveMedium
123Filexxxx\xx_xx.xxxpredictiveHigh
124Filexxxxxxxx.xxpredictiveMedium
125Filexxxxxxxxxxx/xxxxxxxx/xxx/xxxx_xxxx/xxxxxxx/xx_xxxxxxxx.xxxpredictiveHigh
126Filexxxx/xxxxx.xxxpredictiveHigh
127Filexxxxxx.xxxpredictiveMedium
128Filexxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxxxx_xxxxxxxxxx.xxxpredictiveHigh
131Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
132Filexxxxxx/xxxxxxxxxx/xxxxxxxxxx.xxpredictiveHigh
133Filexxxxxxxx.xxx.xxxpredictiveHigh
134Filexxxxx.xxxpredictiveMedium
135Filexxxx.xxxpredictiveMedium
136Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
137Filexxx/xxxx/xxxx.xpredictiveHigh
138Filexxx/xxxx/xxxx.xpredictiveHigh
139Filexxx/xxxx/xxx.xpredictiveHigh
140Filexxxxxxxxxxx/xxxxx.xxxpredictiveHigh
141Filexxxx/xxxxxpredictiveMedium
142Filexxxx.xxxpredictiveMedium
143Filexxxxxxxx.xxpredictiveMedium
144Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
145Filexxxxxxx.xxxpredictiveMedium
146Filexxxxxxxx.xpredictiveMedium
147Filexxxxxxx/xxxxxx/xxxx_xxxxxx/xxxxxxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
148Filexxxxxxxxxxxxx.xxxxxpredictiveHigh
149Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
150Filexxxxxxxx/xxxx/xxxx.xxpredictiveHigh
151Filexxx/xxxxxxxxx-xxxpredictiveHigh
152Filexxx/xxxx.xpredictiveMedium
153Filexxx.xxxpredictiveLow
154Filexxx/xxxxxx.xxxpredictiveHigh
155Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
156Filexxxxxxx.xxxpredictiveMedium
157Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
158Filexxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
159Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
160Filexxxxx.xxpredictiveMedium
161Filexxxxx.xxxpredictiveMedium
162Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
163Filexxxxx.xxxxpredictiveMedium
164Filexxxxx.xxx?x=xxxx&x=xxx&x=xxxxxxxx&x=[xxx]&x=[xxx]predictiveHigh
165Filexxxxx.xxx?xxxx=xxxxxxx_xxxxxpredictiveHigh
166Filexxxxx.xxx?x=xxxxxxxxxxxxpredictiveHigh
167Filexxxxx.xxx?xxxx=xxxxpredictiveHigh
168Filexxxxxx.xxxpredictiveMedium
169Filexxxxx.xxxxxxx.xxxpredictiveHigh
170Filexxxxx/xxxxxxxxxxxx/xxxxxpredictiveHigh
171Filexxxx_xxxxxxx.xxxpredictiveHigh
172Filexxxx_xxxx.xxxpredictiveHigh
173Filexxx_xxxxxxxxx.xxxpredictiveHigh
174Filexxxxx/xxxxxxxx.xpredictiveHigh
175Filexxxxxxxxx.xxxpredictiveHigh
176Filexxxxx.xxxpredictiveMedium
177Filexxxxx/?xxxxxx=xxxxxxx&xxxxpredictiveHigh
178Filexxxxx_xxx.xxxpredictiveHigh
179Filexxxxxxxxxx_xxxxxxxxxx/xxxx.xxxpredictiveHigh
180Filexxxx.xxxpredictiveMedium
181Filexxxx/xxxxxx/xxxxx_xxxx.xxxpredictiveHigh
182Filexxxx_xxxxx.xxxpredictiveHigh
183Filexxx.xxxpredictiveLow
184Filexxxxx/xxxx_xxxxxxx/xxxxxxxxx/xxxx.xxxpredictiveHigh
185Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
186Filexxxxxxx/xxxxx/xx_xxxxxx.xpredictiveHigh
187Filexxxxxxx\xxxxxxxxx\xxxxxxx.xxxpredictiveHigh
188Filexxx_xxxxx.xxxpredictiveHigh
189Filexxx/xxxx/xxx_xxxxxxx.xpredictiveHigh
190Filexxx/xxxxxxxxx/xxxxxxxxx_xxxxx.xpredictiveHigh
191Filexxx/xxx_xxxxx/xxxx_xxxxxxxxx.xpredictiveHigh
192Filexxxxx.xpredictiveLow
193Filexxxx.xxxpredictiveMedium
194Filexxx-xxxx-xxxpredictiveMedium
195Filexxxxx.xxxpredictiveMedium
196Filexxx_xxxx.xxxpredictiveMedium
197Filexx.xxpredictiveLow
198Filexxxxxx/xxxxxxx-xxx-xxxpredictiveHigh
199Filexxx.xxpredictiveLow
200Filexxxxxxxxx.xxx.xxxpredictiveHigh
201Filexxxxxxx.xxxpredictiveMedium
202Filexxxxxxxxxxxxx.xxxpredictiveHigh
203Filexxxxxxx/xxxxxxxxx/xxx.xxxpredictiveHigh
204Filexxxxxxxx.xxxxx.xxxpredictiveHigh
205Filexxxxxxxx.xxxpredictiveMedium
206Filexxxxxxx.xxxpredictiveMedium
207Filexxxxx/xxxxxxx.xxxpredictiveHigh
208Filexxxx.xxxpredictiveMedium
209Filexxxxxxxx.xxxpredictiveMedium
210Filexxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
211Filexxxxxxx_xxxx.xxxpredictiveHigh
212Filexxxxxxxx.xxxpredictiveMedium
213Filexxxxxx/xxxxx/xxxx/xxxxxxx.xxxxpredictiveHigh
214Filexxxxxx/xxxxxxx.xxxpredictiveHigh
215Filexxxxxxxx.xxxpredictiveMedium
216Filexxxxx_xxxxxxx.xxxpredictiveHigh
217Filexxxxx.xxxpredictiveMedium
218Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
219Filexxxxxxxx.xxxpredictiveMedium
220Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
221Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
222Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
223Filexxxxx.xxxpredictiveMedium
224Filexxxxxxxxxx.xxxpredictiveHigh
225Filexxxxxxx.xxpredictiveMedium
226Filexxxxxx.xxpredictiveMedium
227Filexxxxxx.xxxpredictiveMedium
228Filexxxx_xxxxxxxxx.xxxpredictiveHigh
229Filexxxxxx.xxxpredictiveMedium
230Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveHigh
231Filexxxxx.xxxpredictiveMedium
232Filexxxx-xxxxxx.xpredictiveHigh
233Filexxxx.xxxpredictiveMedium
234Filexxxx/xxxxx_xxxxxx.xxxpredictiveHigh
235Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
236Filexxxxxxxxxxx.xxxpredictiveHigh
237Filexxxxx.xxxpredictiveMedium
238Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
239Filexxxxxx.xxxxxxx.xxxpredictiveHigh
240Filexxx/xxxx_xxxxxx.xpredictiveHigh
241Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxx/xxxxxx/xxxxx/xxxxxx.xxxxpredictiveHigh
242Filexxx/xxxx.xpredictiveMedium
243Filexxxxx_xxxxx.xxxpredictiveHigh
244Filexxxxxx_xxxxxxxxxx.xxxpredictiveHigh
245Filexxx_xxxxx.xpredictiveMedium
246Filexxxxx/xxxx/xxxx.xxxpredictiveHigh
247Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
248Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
249Filexxx_xxxx_xxxxxx.xxxpredictiveHigh
250Filexxxxxxxx/xxxxxxxxx.xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
251Filexxxx-xxxxxx.xxxpredictiveHigh
252Filexxxxx-xxxx.xxxpredictiveHigh
253Filexxxxxxx.xxxpredictiveMedium
254Filexxxx-xxxxxxxx.xxxpredictiveHigh
255Filexxx.xxxpredictiveLow
256Filexxxxxx.xxxpredictiveMedium
257Filexxxxxx.xxxxxxx.xxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
258Filexxxx/xxxxxxxxxx.xxx?xxxxxx=xxxxpredictiveHigh
259Filexxxxx.xxxpredictiveMedium
260Filexxxx\xxxxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
261Filexxxx_xxxx.xxxpredictiveHigh
262Filexxx/xxx-xxxxxxxx.xxxpredictiveHigh
263Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
264Filexxxxxxx.xxxpredictiveMedium
265Filexxxxx/xxxxx.xxpredictiveHigh
266Filexxxxxxxx.xpredictiveMedium
267Filexxxxxxxx/xxxxxx.xxxxxxxxpredictiveHigh
268Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
269Filexx-xxxxx/xxxxx-xxxx.xxx?xxxxxx=xxxxxx_xxxxxxxxxx_xxxxpredictiveHigh
270Filexx-xxxxx/xxxxx-xxxx.xxx?xxxxxx=xxxxxx_xxxxxxxpredictiveHigh
271Filexx-xxxxx/xxxxx.xxx?xxxx=xxxxxxxxx-xxxxxxxxx&xxxxxx=xxxxpredictiveHigh
272Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
273Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
274Filexx-xxxx.xxxpredictiveMedium
275Filexx-xxxxx.xxxpredictiveMedium
276Filexx-xxxxxxxxxxx.xxxpredictiveHigh
277Filexx-xxxxxxxxx.xxxpredictiveHigh
278Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
279Filexxxxxxx.xxxpredictiveMedium
280File\xxx\xxxxxxxx\xxxxxxxx\xxxxxxxx.xxxpredictiveHigh
281Libraryxxx_xxxxxx.xxxpredictiveHigh
282Libraryxxxxxx[xxxxxx_xxxxpredictiveHigh
283Libraryxxxxxxxxx/xxx/xxxxxxxxxx/xxxx/xxxxx/xxxxxxx.xxxxx.xxxpredictiveHigh
284Libraryxxx/xxxxxx/xxxxxxxxx/xxx_xxxxxxx.xpredictiveHigh
285Libraryxxxxxx.xxxpredictiveMedium
286Libraryxxxx.xxx.xxxpredictiveMedium
287Libraryxxxxxxx.xxxpredictiveMedium
288Libraryxxx/xxxxxxxxxxxxxx/xxxx-xxxxxxxxxx.xxxpredictiveHigh
289Libraryxxxxxxx/xxxxxx/xxx/xxxxxx_xxxxxx_xxxxx.xxxpredictiveHigh
290Libraryxxxxxxxx_xxxpredictiveMedium
291Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
292Libraryxxxxx/xxxxxx/xxx/xxxxx/xxxxx.xxxxx_xx.xxxpredictiveHigh
293Libraryxxx/xxx/xxxx/predictiveHigh
294Libraryxx-xxxxxxx/xxxxxxx/xxxxxx/xxx_xxxx.xxxpredictiveHigh
295Argument$xxxxxxxxpredictiveMedium
296Argument-xpredictiveLow
297Argument-xxxxxxxxxxxxxpredictiveHigh
298Argumentxx/xxpredictiveLow
299Argumentxxx_xxxpredictiveLow
300Argumentxxxxxx_xxxxxx_xxxxpredictiveHigh
301ArgumentxxxxxxxxpredictiveMedium
302Argumentxxx_xxxpredictiveLow
303ArgumentxxxxxxpredictiveLow
304ArgumentxxxxxxxxpredictiveMedium
305Argumentxxxx_xxxxpredictiveMedium
306ArgumentxxxxxxpredictiveLow
307Argumentxxxxxxx_xxpredictiveMedium
308Argumentxxx_xxxpredictiveLow
309ArgumentxxxpredictiveLow
310ArgumentxxxxxxxxxxpredictiveMedium
311ArgumentxxxxxpredictiveLow
312Argumentxxx_xxpredictiveLow
313Argumentxxx_xxxxpredictiveMedium
314ArgumentxxxxpredictiveLow
315Argumentxxxx xxpredictiveLow
316ArgumentxxxpredictiveLow
317ArgumentxxxxxxxxxxxxxxxpredictiveHigh
318Argumentxxxxxxx_xxxpredictiveMedium
319ArgumentxxxxxxxxxpredictiveMedium
320Argumentxxxx_xxpredictiveLow
321ArgumentxxxxxxxpredictiveLow
322ArgumentxxxxxxxpredictiveLow
323ArgumentxxxxxxpredictiveLow
324Argumentxxxxxx[xxxxxx_xxxx]predictiveHigh
325Argumentxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx/xxxxxxxpredictiveHigh
326ArgumentxxxxxxxpredictiveLow
327Argumentxxxx/xxxxpredictiveMedium
328Argumentxxxxxxx_xxxx->xxx($xxxxxxxx)predictiveHigh
329Argumentxxxxxx_xxxpredictiveMedium
330ArgumentxxxxxxxpredictiveLow
331ArgumentxxxxxxxxxxxxxpredictiveHigh
332ArgumentxxxxxxxpredictiveLow
333Argumentxxxxxxxxx_xxxxxx_xxxxpredictiveHigh
334Argumentxxxxx_xxxxxxxpredictiveHigh
335Argumentxx_xxxxx_xxpredictiveMedium
336ArgumentxxxxxpredictiveLow
337Argumentxxxxxxxx-xxxxxxpredictiveHigh
338ArgumentxxxxpredictiveLow
339ArgumentxxxxxxpredictiveLow
340ArgumentxxxxxxxxxxxxpredictiveMedium
341Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
342ArgumentxxxxxpredictiveLow
343Argumentxxxxxxxxx/xxxxxxpredictiveHigh
344Argumentxxxx xxxxpredictiveMedium
345Argumentxxxx_xxxx/xxxx_xxxx/xxxxxxxpredictiveHigh
346Argumentxxxxxxx[xx]/xxxxxxx[xxxxx]predictiveHigh
347ArgumentxxxxxxxxpredictiveMedium
348ArgumentxxxxpredictiveLow
349ArgumentxxxxxxxxpredictiveMedium
350ArgumentxxxxxxxxpredictiveMedium
351Argumentxxxx_xxxxxxpredictiveMedium
352Argumentxxxx_xxxxxxxpredictiveMedium
353ArgumentxxpredictiveLow
354ArgumentxxpredictiveLow
355ArgumentxxxxxxxxxpredictiveMedium
356ArgumentxxxpredictiveLow
357ArgumentxxxxxxxxpredictiveMedium
358ArgumentxxxxxxxxpredictiveMedium
359ArgumentxxxpredictiveLow
360ArgumentxxxxxxxxxpredictiveMedium
361ArgumentxxxxxxpredictiveLow
362ArgumentxxxxxxxxxxxxxpredictiveHigh
363Argumentxxxx_xxpredictiveLow
364ArgumentxxxxxxxpredictiveLow
365Argumentxx-xxxxxx-xxxxxx-xxxxpredictiveHigh
366ArgumentxxxxpredictiveLow
367Argumentxxxx_xxx_xxpredictiveMedium
368ArgumentxxxxxxpredictiveLow
369Argumentxxx_xxxxpredictiveMedium
370Argumentxxxx_xxxxxx_xxpredictiveHigh
371ArgumentxxxxxxxxxpredictiveMedium
372Argumentxxx_xxxxxxx_xxxpredictiveHigh
373Argumentxxxxxxx xxxxpredictiveMedium
374Argumentxxxxxxxxx/xxxxxxxxxpredictiveHigh
375ArgumentxxxxxxpredictiveLow
376ArgumentxxxxpredictiveLow
377Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
378Argumentxxx_xxxxpredictiveMedium
379Argumentx_xxpredictiveLow
380ArgumentxxxxpredictiveLow
381Argumentxxxx/xxxxxxxxxxxpredictiveHigh
382Argumentxxxx/xxxxxxxxxxx/xxxxxxxxxpredictiveHigh
383Argumentxxxx/xxxxxxpredictiveMedium
384ArgumentxxxxxxxxxxxxpredictiveMedium
385Argumentxxx_xpredictiveLow
386ArgumentxxxxpredictiveLow
387Argumentxxxx_xxxxpredictiveMedium
388ArgumentxxxxxpredictiveLow
389Argumentxxxx_xxxxxx[xxxxxxxx]predictiveHigh
390ArgumentxxxxxpredictiveLow
391ArgumentxxpredictiveLow
392Argumentxxxxxx_xxxxxx[xxxxxx_xxxx]predictiveHigh
393ArgumentxxxxpredictiveLow
394Argumentxxxxxxx.xxx_xxxxxxxxxxpredictiveHigh
395ArgumentxxxxxpredictiveLow
396ArgumentxxxxxxxpredictiveLow
397Argumentxxxxx_xxpredictiveMedium
398Argumentxxx_xxxxx_xxpredictiveMedium
399ArgumentxxxxpredictiveLow
400Argumentxxxx_xxxx_xxxxxpredictiveHigh
401ArgumentxxxxxxxxpredictiveMedium
402ArgumentxxxxxxxxpredictiveMedium
403ArgumentxxxxpredictiveLow
404ArgumentxxxxxxxxxxxxxpredictiveHigh
405ArgumentxxxxxxxxxpredictiveMedium
406ArgumentxxxxxxxxxpredictiveMedium
407Argumentxxxxx_xxxx_xxxxpredictiveHigh
408ArgumentxxxpredictiveLow
409ArgumentxxxxxxxxpredictiveMedium
410ArgumentxxxxxxxpredictiveLow
411ArgumentxxxxxxxxxpredictiveMedium
412Argumentxxxxxxx_xxpredictiveMedium
413Argumentxxxxxxx_xxpredictiveMedium
414Argumentx_xxx_xxxpredictiveMedium
415ArgumentxxxxxxxxxxxpredictiveMedium
416ArgumentxxxxpredictiveLow
417ArgumentxxxxxxxxpredictiveMedium
418Argumentxxxxxx_xxxxxxx_xxxxxpredictiveHigh
419ArgumentxxxxxxxxpredictiveMedium
420Argumentxxxxxx_xxxxpredictiveMedium
421ArgumentxxxxxxxxpredictiveMedium
422Argumentxxxxxxx_xxxxx_xxxxx_xxxxxxx=xxxxxpredictiveHigh
423ArgumentxxxxxxpredictiveLow
424ArgumentxxpredictiveLow
425ArgumentxxxxxxxpredictiveLow
426Argumentxxxxxxxxxx[x][xxxxx]/xxxxxxxxxx[x][xxxxxxxxxxx]/xxxxxxxxxx[x][xxxxxxxxxxx]predictiveHigh
427Argumentxxxxxx_xxxx_xxxxpredictiveHigh
428Argumentxxxxxxx_xxpredictiveMedium
429ArgumentxxxxxxxxxpredictiveMedium
430Argumentxxxx_xxxxxxxx_xxxx_xxxxxpredictiveHigh
431ArgumentxxpredictiveLow
432ArgumentxxpredictiveLow
433Argumentxxxxxxx xxxxxxxpredictiveHigh
434ArgumentxxxxxxxxxpredictiveMedium
435ArgumentxxxxxxxxpredictiveMedium
436ArgumentxxxxxxxxxpredictiveMedium
437Argumentxxxxx_xxxx/xxxxx_xxxxxx/xxx_xxxx/xxx_xxxxxx/xxxxxxxxpredictiveHigh
438Argumentxxxxxxxx_xxxpredictiveMedium
439ArgumentxxxxxxxxxpredictiveMedium
440ArgumentxxxxxxpredictiveLow
441ArgumentxxxxxxxpredictiveLow
442Argumentx_xxpredictiveLow
443Argumentxx_xxpredictiveLow
444Argumentxx_xxxxx_xxpredictiveMedium
445ArgumentxxxxxxxxpredictiveMedium
446ArgumentxxxxpredictiveLow
447ArgumentxxxpredictiveLow
448ArgumentxxxxxxxxxxxxxpredictiveHigh
449ArgumentxxxxxxxxxxxpredictiveMedium
450Argumentxxxxxx_xxxxpredictiveMedium
451ArgumentxxxpredictiveLow
452ArgumentxxxxpredictiveLow
453ArgumentxxxxxxpredictiveLow
454ArgumentxxxxxxxxpredictiveMedium
455ArgumentxxxxxxxxpredictiveMedium
456Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
457ArgumentxxxxxxxpredictiveLow
458ArgumentxxxxpredictiveLow
459Argumentxxxx_xxxxxxx_xxxx_xxxxpredictiveHigh
460Argumentxxxx->xxxxxxxpredictiveHigh
461ArgumentxxxxxxxpredictiveLow
462Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
463Input Value../predictiveLow
464Input Value../..predictiveLow
465Input Value../../xxx-xxx/xxxpredictiveHigh
466Input Valuex' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
467Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
468Input ValuexxxxxpredictiveLow
469Network PortxxxxpredictiveLow
470Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
471Network PortxxxpredictiveLow
472Network Portxxx/xxx (xxx)predictiveHigh
473Network Portxxx xxxxxx xxxxpredictiveHigh

References (13)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!