V3G4 Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en896
fr30
es26
de18
zh16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us280
lu186
es14
de6
cn4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

V3G43
BumbleBee2
Mirai2
RedLine Stealer2
Sandworm1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined454
Operating System46
WordPress Plugin36
Content Management System32
Smartphone Operating System30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined344
Google44
Microsoft26
Linux22
Apache20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android26
Linux Kernel22
Microsoft Windows14
Unisoc T61014
Unisoc T60614

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Phorum read.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.002320.00CVE-2002-2340
2nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002412.40CVE-2020-12440
3Open Networking Foundation ONOS API Documentation Dashboard cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000710.02CVE-2023-24279
4Node.js http Module request smuggling8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.003190.00CVE-2022-35256
5GNU Mailman Admin Login Page/Pipermail Index Summary cross site scripting6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.014800.03CVE-2002-0388
6SensioLabs Symfony sfBasicSecurityUser.class.php unknown vulnerability5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.003680.00CVE-2012-2667
7Mitel MiVoice Connect Service Appliance Privilege Escalation6.36.3$0-$5k$0-$5kHighNot Defined0.035850.00CVE-2022-29499
8GLPI Login Page sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001800.04CVE-2022-31061
9Apple macOS PluginKit state issue3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000620.00CVE-2022-32838
10Selesta Visual Access Manager vam_anagraphic.php Reflected cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.000820.00CVE-2019-19991
11Qubely Plugin AJAX Action qubely_delete_saved_block cross-site request forgery4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000530.00CVE-2021-25013
12Dell Networking X-Series denial of service7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.001860.00CVE-2021-36321
13Samsung sec_log information disclosure4.44.3$0-$5k$0-$5kHighOfficial Fix0.001180.05CVE-2021-25369
14PHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.87CVE-2024-4294
15Apache HugeGraph-Server RESTful-API Privilege Escalation6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.03CVE-2024-27348
16SourceCodester Warehouse Management System supplier.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-3613
17OpenBSD Random Number Generator random.c prng seed6.76.7$5k-$25k$0-$5kNot DefinedNot Defined0.013460.04CVE-2012-1577
18TBK DVR-4104/DVR-4216 os command injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000460.16CVE-2024-3721
19Tianwell Fire Intelligent Command Platform API Interface page sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.09CVE-2024-3720

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1104.244.72.64winging.co.ukV3G402/22/2023verifiedHigh
2XXX.XXX.X.XXXXxxx02/22/2023verifiedHigh
3XXX.XX.XX.XXXxxx02/22/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (29)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-104CWE-250, CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
13TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-108CWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXXxxxxxxxxxxx XxxxxxxpredictiveHigh
21TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
22TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
24TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
25TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
26TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
27TXXXX.XXXCAPEC-CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
28TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
29TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (365)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%APPDATA%\Securepoint SSL VPNpredictiveHigh
2File//proc/kcorepredictiveMedium
3File/action/iperfpredictiveHigh
4File/admin.php/admin/plog/index.htmlpredictiveHigh
5File/admin.php/singer/admin/singer/delpredictiveHigh
6File/admin.php?id=siteoptions&social=display&value=0&sid=2predictiveHigh
7File/admin/?page=orders/view_orderpredictiveHigh
8File/admin/comn/service/update.jsonpredictiveHigh
9File/admin/siteoptions.php&action=displaygoal&value=1&roleid=1predictiveHigh
10File/admin/transactions/update_status.phppredictiveHigh
11File/admin/uesrs.php&action=display&value=HidepredictiveHigh
12File/administrator/components/menu/predictiveHigh
13File/assets/php/upload.phppredictiveHigh
14File/auparse/auparse.cpredictiveHigh
15File/back/index.php/user/User/?1predictiveHigh
16File/backups/predictiveMedium
17File/cgi-bin/cstecgi.cgi?action=loginpredictiveHigh
18File/cgi-bin/logs.hapredictiveHigh
19File/claire_blakepredictiveHigh
20File/classes/Master.php?f=delete_servicepredictiveHigh
21File/common/info.cgipredictiveHigh
22File/core/table/querypredictiveHigh
23File/cupseasylive/costcentercreate.phppredictiveHigh
24File/damicms-master/admin.php?s=/Article/doeditpredictiveHigh
25File/device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___predictiveHigh
26File/doctor/view-appointment-detail.phppredictiveHigh
27File/feedback/post/predictiveHigh
28File/gaia-job-admin/user/addpredictiveHigh
29File/goform/dir_setWanWifipredictiveHigh
30File/goform/loginpredictiveHigh
31File/goform/SetInternetLanInfopredictiveHigh
32File/goform/setportListpredictiveHigh
33File/goform/SetPptpServerCfgpredictiveHigh
34File/goform/WifiBasicSetpredictiveHigh
35File/group/applypredictiveMedium
36File/gusetbook/savepredictiveHigh
37File/hdf5/src/H5Fint.cpredictiveHigh
38File/includes/login.phppredictiveHigh
39File/index.cfm/_api/asset/image/predictiveHigh
40File/insurance/editClient.phppredictiveHigh
41File/xxxxxxxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
42File/xxxxxx/xxxxxxx-xxxxx.xxxpredictiveHigh
43File/xxxxxx/xxxx/xxxxxxxxxxx.xxxpredictiveHigh
44File/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
45File/xxxxxxxxx/xxxxpredictiveHigh
46File/xxxx/xxxxxxpredictiveMedium
47File/xxxxxx-xxxx-xxxxx/xxxx-xxxxxx.xxxpredictiveHigh
48File/xxx_xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
49File/xxxxxxx.xxxpredictiveMedium
50File/xxxx/xxxxx/predictiveMedium
51File/xxxxxxxx.xxxpredictiveHigh
52File/xxxxxxx-xxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
53File/xxxxxxxpredictiveMedium
54File/xxx_xxxxxxxxxxx_xxxxxx/xxxxxxxxxxx/xxx_xxxxx.xxxpredictiveHigh
55File/xxxx/xxxxx/xxxxxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
56File/xxxxxxx/xxxxxxxxxxxpredictiveHigh
57File/xxxx/xxxxx/xxxxxxxxxx.xxxpredictiveHigh
58File/xxxxxxx_xxxx.xxxpredictiveHigh
59File/xxx/xxxxx/xpredictiveMedium
60File/xxxx/xxxxxx_xxxxxxx.xxxpredictiveHigh
61File/xxx/xxxxxx/xxx/xxxpredictiveHigh
62File/xxx/xxx_xxxxxxxxxx.xxxpredictiveHigh
63File/xxx/xxx/xxxxxxxx-$xxxxpredictiveHigh
64File/xxxxxpredictiveLow
65File/xxxxxxxx_xxxxx/xxxxxxx/xxxxxx.xxx?x=xxxxxx_xxxxxxxxpredictiveHigh
66File/xxxxxxxx_xxxxx/xxxxxxx/xxxxxx.xxx?x=xxx_xxxxxpredictiveHigh
67File/_xxxxxpredictiveLow
68File?xxxx=xxxxxpredictiveMedium
69Filexxxxxxxx/xxx/xxxxxxxx/xx.xpredictiveHigh
70Filexxxxx/predictiveLow
71Filexxxxx/?x=xxxxx&x=xxxxx&x=xxxxxxxxxxpredictiveHigh
72Filexxxxx/xxxxx.xxxpredictiveHigh
73Filexxxxx/xxxxxxxx/xxxxx.xxx?xxxx=xxxpredictiveHigh
74Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
75Filexxxxxxxxxxxxx/xxxxx.xxx?xxxxxx=xxx_xxxx&xxxx=xxxxxxxxpredictiveHigh
76Filexxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxxpredictiveHigh
77Filexxxxx.xxxpredictiveMedium
78Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
79Filexxx/xxxxx/xxxxxx-xxxxxx/xxxx-xxxxxx.xxxpredictiveHigh
80Filexxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveHigh
81Filexxxxxxx.xxxpredictiveMedium
82FilexxxxxxxxxxpredictiveMedium
83Filexxxxx.xxxxxxxxx.xxxxxxpredictiveHigh
84Filexxxxxxx_xxxxxxxxx_xxxx.xxxpredictiveHigh
85Filexxxxxxxxxxx.xxxpredictiveHigh
86Filexxx/xxx/xxxxxxxxxxxxxx.xxpredictiveHigh
87Filexxxxxx.xxxpredictiveMedium
88Filexxxxx.xxpredictiveMedium
89Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
90Filexxxx_xx.xxpredictiveMedium
91Filexxxxx_xxxxxxx_xxxxxx.xxxpredictiveHigh
92Filex:\xxxxxxxx\predictiveMedium
93Filex:\xxxxxxpredictiveMedium
94Filexxxxxxxx.xxxpredictiveMedium
95Filexxxx.xxxpredictiveMedium
96Filexxx-xxx/predictiveMedium
97Filexxxxxxxxx.xxxpredictiveHigh
98Filexxx.xxxpredictiveLow
99Filexxxxxx.xxx.xxxpredictiveHigh
100Filexxxxxx.xxxpredictiveMedium
101Filexxxxxxx.xxxpredictiveMedium
102Filexxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
103Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
104Filexxxx/xxxxxxx/xxxxx/xxxxxx_xxx_xx.xxpredictiveHigh
105Filexxxxxx_xxxxx.xpredictiveHigh
106Filexxxxxxxxxxxx.xxxpredictiveHigh
107Filexxxxxx.xxxpredictiveMedium
108Filexxxxxx.xxxpredictiveMedium
109Filexxxx_xxxxxx.xxxpredictiveHigh
110FilexxxxxxxxpredictiveMedium
111Filexxxxxxx/xxx/xxxx/xxxxxxx-xxx.xpredictiveHigh
112Filexxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
113Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
114Filexxxxxxx-xxxx.xxxpredictiveHigh
115Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xxpredictiveHigh
116Filexxxxxxx.xxx/xxxxx.xxx/xxxxxxx.xxxpredictiveHigh
117Filexxxxxxxx-xxxxxx.xxpredictiveHigh
118Filexxxxxxxxxx/xxxxxxxxxx_xxxx.xxpredictiveHigh
119Filexx/xxxxxx/xxxxx.xpredictiveHigh
120Filexx/xxx/xxxxxx/xxxxxxxx.xpredictiveHigh
121Filexxxxxxxx.xpredictiveMedium
122Filexxxxxxxxxxxxxx.xpredictiveHigh
123Filexxxxxxx/xxxx/xx/xx/xxxxxx.xxxpredictiveHigh
124Filexxxxxxx.xxxpredictiveMedium
125Filexxx_xxxx.xxpredictiveMedium
126Filexxxxxxx_xxx.xxxxpredictiveHigh
127Filexxxxx/xxxxx/xxxxx/xxxxxxxx.xxpredictiveHigh
128Filexx/xxxx/xxxx-xxxx.xpredictiveHigh
129Filexxxxxx_xx.xpredictiveMedium
130Filexxx/xxxxxxx.xxxpredictiveHigh
131Filexxxxxxxx/xxxx/xxxxx/xxxxxx/xxxxxxxxxx.xxx.xxxpredictiveHigh
132Filexxxxx.xxpredictiveMedium
133Filexxxxx.xxxpredictiveMedium
134Filexxxxx.xxx/xxxxxx/xxxxxxxxxxx/xxxx/xxx.x.x.x/xxxx/xx/xxxxxx/predictiveHigh
135Filexx/xxxxxxxxx.xpredictiveHigh
136Filexx/xxxxxxx.xpredictiveMedium
137Filexx_xxx.xpredictiveMedium
138Filexxxxx/xxxx_xxxx.xpredictiveHigh
139Filexxxxx.xpredictiveLow
140Filexxx/xxxxxx_xxxxxxx/xxx_xxxx/xxxx.xxpredictiveHigh
141Filexxx/xxxxxxxx.xxpredictiveHigh
142Filexxx/xxxxxxx/xxxx/xxxxxxx_xxxx.xxpredictiveHigh
143Filexxxxxxxxxx/xxxxxx.xpredictiveHigh
144Filexxxxxxxxxxx/xx_xxxxx.xpredictiveHigh
145Filexxxxxxxxxxx/xx_xxxxxxxxxx.xpredictiveHigh
146Filexxxxxxxxxxx/xx_xxxxxxxxxx.xpredictiveHigh
147Filexxxxxxxxxxx/xx_xxxxxxxxxx.xpredictiveHigh
148Filexxxxxxxxxxx/xxxxxxx.xpredictiveHigh
149Filexxxx/xxx/x/xxx_xxxxxx.xpredictiveHigh
150Filexxxxx/xxxxxxxxxxxx.xxx?xxxxxxxxxxx=xxxxxxxxxxxxxxxxxpredictiveHigh
151Filexxxx.xpredictiveLow
152Filexxxx/xxx/xxxx/xxxxx.xxxx.xxxpredictiveHigh
153Filexxxxxx_xxxxxx_xxxxx_xxxx_xxxx.xxxpredictiveHigh
154Filexxxxxx_xxxx.xxxpredictiveHigh
155Filexxxxxx.xxxpredictiveMedium
156Filexxxxxxxxxxxxx.xxxxpredictiveHigh
157Filexxxxxxx.xxxpredictiveMedium
158Filexxxxxxx/xxxxxxxx/xxxx/xxxx-xx.xpredictiveHigh
159Filexxx_xx/xxx_xx_xxxxxx.xpredictiveHigh
160Filexxx/xxxx/xxxx_xxx.xpredictiveHigh
161Filexxx/xxx/xx_xxx.xpredictiveHigh
162Filexxxxxxxxx.xxxpredictiveHigh
163Filexxx_xxxxx.xpredictiveMedium
164Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
165Filexxxxxxx.xxxpredictiveMedium
166Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
167Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
168Filexxxxxx.xxxpredictiveMedium
169Filexxxxxx.xpredictiveMedium
170Filexx_xxxxxxxxxxpredictiveHigh
171Filexxxx_xxxxxxxx.xxxpredictiveHigh
172Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
173Filexxxxxx_xxx.xxxpredictiveHigh
174Filexxxxxxx_xxxx.xxxpredictiveHigh
175Filexxxxxx/xxxxxx.xpredictiveHigh
176Filexxxxx-xxxx.xx.xxxpredictiveHigh
177Filexxxx.xxxpredictiveMedium
178Filexxxxx-xxxxxxpredictiveMedium
179Filexxxxxxx/xxxxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
180Filexxxxxxx.xxxpredictiveMedium
181Filexxx_xxxx_xxxxxxxxx.xxpredictiveHigh
182Filexxx.xxxxpredictiveMedium
183Filexxxx/xxxxx/xxxxx.xxxpredictiveHigh
184Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
185Filexxxxxx/xxxx/xxxxxx/xxxxxx/xxxxxxxxxx.xxpredictiveHigh
186Filexxxxxxx:xxxxxxxxxxxxxxpredictiveHigh
187Filexxx/xxxxxxxxx/xxxxx/xxxxxxx/predictiveHigh
188Filexxx/xxxx.xxxpredictiveMedium
189Filexxx/xxx_xxxxxxx.xpredictiveHigh
190Filexxx/xxx_xxxx.xpredictiveHigh
191Filexxx/xxx/xxx_xxxx/xxxx.xpredictiveHigh
192Filexxx/xxx/xxx_xxx/xxxxxx/xxx_xxxxxx_xxxxx.xpredictiveHigh
193Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
194Filexxxxxx/xxxxxxxx.xxx?xxxx=xxxxxxxxxxpredictiveHigh
195Filexxxxxxx_xxxx.xxxpredictiveHigh
196Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
197Filexxxxxxxx.xxxpredictiveMedium
198Filexxxx.xxxxpredictiveMedium
199Filexxxxxx/xxx/xxxxx.xxxpredictiveHigh
200Filexxxxxx.xxxpredictiveMedium
201Filexxxxxx.xxxxpredictiveMedium
202Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
203Filexxxxx.xxxpredictiveMedium
204Filexxxxx.xpredictiveLow
205Filexxxxxxxxx.xpredictiveMedium
206Filexxxx-xxxxxx.xxxpredictiveHigh
207Filexx-xxxxxxx/xxxxxxx/xx-xxxxxx/predictiveHigh
208Filexx-xxxxxxxx/xxxxxx-xxxxxx.xxxpredictiveHigh
209File\xxxxx\xxxxx.xxxx#/xxxxxx/xxxxxpredictiveHigh
210File\xxxx\xxxxxxx\xxxxxx.xxx?x=xxxxxx_xxxpredictiveHigh
211File~/xxxx-xxxx.xxxpredictiveHigh
212File~/xxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
213File~/xxxxxx_xxxxpredictiveHigh
214File~/xxxx.xxxpredictiveMedium
215Libraryxxx-xx-xxx-xxxx-xxxxxx-xx-x-x.xxxpredictiveHigh
216Libraryxxxxxxxxx.xxxpredictiveHigh
217Libraryxxxxxx/xxx/xxxxxx_xxxx.xxxpredictiveHigh
218Libraryxxxxxx.xxxpredictiveMedium
219Libraryxxx_xxxx_xxxxxx.xxxpredictiveHigh
220Libraryxxxxxx.xxxpredictiveMedium
221Libraryxxx/xxxx/xxxxxx/xxxxxx.xpredictiveHigh
222Libraryxxx/xxxx_xxxxx.xpredictiveHigh
223Libraryxxx/xxxxxxx.xxx.xxxpredictiveHigh
224Libraryxxx/xxxx/xxxxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
225Libraryxxxxxx_xxx.xxxpredictiveHigh
226Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
227Argument--xxxpredictiveLow
228Argumentxxxxxx-xxxxxxxxpredictiveHigh
229ArgumentxxxxxxpredictiveLow
230Argumentxxxxxx_xxpredictiveMedium
231ArgumentxxxxxxxxxxxxxpredictiveHigh
232ArgumentxxxpredictiveLow
233ArgumentxxxxxxxxpredictiveMedium
234ArgumentxxxxxxxpredictiveLow
235ArgumentxxpredictiveLow
236ArgumentxxxxpredictiveLow
237Argumentxxxxxx_xxpredictiveMedium
238Argumentxx_xxxxxxxpredictiveMedium
239ArgumentxxxxxxxpredictiveLow
240Argumentxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
241ArgumentxxxxxxxxxxxxxpredictiveHigh
242ArgumentxxxxxxxpredictiveLow
243ArgumentxxxxxxxxxxpredictiveMedium
244ArgumentxxxxxxxxxxxxpredictiveMedium
245Argumentxxxxxxx xxxxxxpredictiveHigh
246ArgumentxxxxxxxpredictiveLow
247Argumentxxxxxxx_xxxxxxxxxxxx_xxxxxpredictiveHigh
248Argumentxxxxxxxx_xxxxxxxpredictiveHigh
249ArgumentxxxxxxxxxpredictiveMedium
250ArgumentxxxpredictiveLow
251ArgumentxxxxxxxxxxxpredictiveMedium
252ArgumentxxxxxxxxxxpredictiveMedium
253Argumentxxxxxx xx xxxx xxxpredictiveHigh
254Argumentxxx_xxxxpredictiveMedium
255ArgumentxxxxxxpredictiveLow
256ArgumentxxxpredictiveLow
257ArgumentxxxxxpredictiveLow
258Argumentxxxxx xxxxxxx/xxxxx xxxxxxxxxpredictiveHigh
259ArgumentxxxxxxxpredictiveLow
260ArgumentxxxxpredictiveLow
261ArgumentxxxxxxxxxxxpredictiveMedium
262ArgumentxxxxxpredictiveLow
263Argumentxxxx/xxxxxpredictiveMedium
264ArgumentxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxpredictiveMedium
266ArgumentxxxxxxxxpredictiveMedium
267ArgumentxxxxxxxxxxxxpredictiveMedium
268Argumentxxxxxx_xxxxxxxxxpredictiveHigh
269ArgumentxxxxpredictiveLow
270ArgumentxxxxxxpredictiveLow
271ArgumentxxxxpredictiveLow
272Argumentxxxx_xxxxxpredictiveMedium
273ArgumentxxpredictiveLow
274Argumentxx/xxxpredictiveLow
275Argumentxx/xxxxxpredictiveMedium
276ArgumentxxxpredictiveLow
277ArgumentxxxxpredictiveLow
278Argumentxxxx[*][xxxx]predictiveHigh
279Argumentxx_xxxxxxx_xxxx/xx_xxxxxxxpredictiveHigh
280Argumentxxxx xxxxxxxxxxxpredictiveHigh
281ArgumentxxxxxxxxxxxxxxpredictiveHigh
282Argumentxxx/xxxpredictiveLow
283Argumentxxx[xxxx_xx]predictiveMedium
284Argumentxxxx_xxxxxxpredictiveMedium
285ArgumentxxxxxxxxxxpredictiveMedium
286Argumentxxx_xxxxxpredictiveMedium
287ArgumentxxxxxxxxxxxxxpredictiveHigh
288Argumentxxx_xxxxpredictiveMedium
289ArgumentxxxxxxpredictiveLow
290Argumentxxxx_xxxxxxxx/xxxxxx_xxxxxxxx/xxxxxx_xxxxxxxxpredictiveHigh
291ArgumentxxxxpredictiveLow
292ArgumentxxxxxxxpredictiveLow
293ArgumentxxpredictiveLow
294ArgumentxxxxpredictiveLow
295ArgumentxxxxxxxpredictiveLow
296Argumentxxxxxxxx/xxxxxxxxxpredictiveHigh
297Argumentxxxx_xxxpredictiveMedium
298ArgumentxxxpredictiveLow
299Argumentxxxxxxx_xxxpredictiveMedium
300ArgumentxxxxpredictiveLow
301ArgumentxxxxpredictiveLow
302Argumentxxxx/xxxx_xxpredictiveMedium
303ArgumentxxxxxxxxpredictiveMedium
304ArgumentxxxxpredictiveLow
305ArgumentxxxxxxxpredictiveLow
306Argumentxxx_xxxpredictiveLow
307Argumentxxxx_xxxxxxpredictiveMedium
308ArgumentxxxxxxxxxxxpredictiveMedium
309Argumentxxxxxx_xxxx/xxxxxx_xx/xxxxxx_xxxx/xxxxxxxxpredictiveHigh
310Argumentxxxx_xx_xxxpredictiveMedium
311Argumentxxxxx_xxxxpredictiveMedium
312Argumentxxxx_xxxx_xxxxpredictiveHigh
313ArgumentxxpredictiveLow
314ArgumentxxxxxpredictiveLow
315ArgumentxxxxxxxxxpredictiveMedium
316ArgumentxxxxxxpredictiveLow
317ArgumentxxxxxxpredictiveLow
318ArgumentxxxpredictiveLow
319Argumentxxxx_xxpredictiveLow
320ArgumentxxxxxpredictiveLow
321ArgumentxxxxxxpredictiveLow
322Argumentxxxxxxxxxxx/xxxxxxx/xxxxxxxxpredictiveHigh
323Argumentxxxxxx xxxxpredictiveMedium
324Argumentxxxxxx_xxxxpredictiveMedium
325Argumentxxxxxx xxxxxx xxxx/xxxx xxxxx xxxxxxx/xxxxx xxxx/xxxxx xxxxxx/xxxxxxxx/xxxxx xxxxxxxx/xxxxx xxxx/xxxx xxxxxxxxxxxpredictiveHigh
326ArgumentxxxxxxxpredictiveLow
327ArgumentxxxxxxpredictiveLow
328ArgumentxxxxpredictiveLow
329ArgumentxxxxxxxpredictiveLow
330ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
331ArgumentxxxpredictiveLow
332Argumentxxxxxx_xxxxxxxxpredictiveHigh
333Argumentx/xxxxpredictiveLow
334ArgumentxxxxxpredictiveLow
335ArgumentxxxxxxxxpredictiveMedium
336ArgumentxxxxxxxxxxxxxpredictiveHigh
337Argumentxxxxxx_xxxx_xxxpredictiveHigh
338ArgumentxxxpredictiveLow
339ArgumentxxxxxpredictiveLow
340Argumentxxx/xxxxxxpredictiveMedium
341ArgumentxxxpredictiveLow
342ArgumentxxxpredictiveLow
343Argumentxxxxxx/xxxxxx-xxpredictiveHigh
344ArgumentxxxpredictiveLow
345ArgumentxxxpredictiveLow
346ArgumentxxxxxxpredictiveLow
347ArgumentxxxxxxxxpredictiveMedium
348ArgumentxxxxxxxxpredictiveMedium
349Argumentxxxx_xxxxpredictiveMedium
350Argumentxxxx/xxxxpredictiveMedium
351ArgumentxxpredictiveLow
352ArgumentxxxxxxxpredictiveLow
353Argumentxxxxxxx_xxxpredictiveMedium
354Argument_xxxxxxxpredictiveMedium
355Input Value%xxxxxxxx%xxxxxxx(x)%xx/xxxxxx%xxpredictiveHigh
356Input Value..predictiveLow
357Input ValuexxxxxxxxxxxxxpredictiveHigh
358Input Valuexxx "><xxx xxx="" xxxxxxx="xxxxx(xxxxxxxx.xxxxxx)">predictiveHigh
359Input ValuexxxpredictiveLow
360Input Valuexxx://xxxxxx/xxxx=xxxxxxx.xxxxxx-xxxxxx/xxxxxxxx=xxxxx_xxxxxpredictiveHigh
361Pattern() {predictiveLow
362Network PortxxxxpredictiveLow
363Network Portxxx/xx (xxx)predictiveMedium
364Network Portxxx/xx (xxxxxx)predictiveHigh
365Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!