APT-C-36 Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en780
zh144
de24
es16
ru12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us514
cn306
tr48
gb36
il30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike10
AsyncRAT3
Mirai2
Meterpreter2
IcedID1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined326
Social Network Software44
Content Management System38
WordPress Plugin38
Operating System20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined256
Facebook44
Microsoft26
SourceCodester24
Oracle18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Facebook WhatsApp34
WordPress16
Facebook WhatsApp Business14
PHP12
Microsoft Windows10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010759.47CVE-2006-6168
2V-EVA Press Release Script page.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.001870.04CVE-2010-5047
3LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.67
4Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009361.83CVE-2020-15906
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.42CVE-2010-0966
6DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.99CVE-2007-1167
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.02CVE-2007-0354
8PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.18CVE-2007-0529
9SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.21CVE-2024-1875
10AWStats Config awstats.pl cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005870.19CVE-2006-3681
11Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000000.36
12jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.04CVE-2019-7550
13Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.08CVE-2009-4935
14ThinkPHP Language Pack pearcmd.php file inclusion8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.041370.04CVE-2022-47945
15Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Configuration Setting ndmComponents.js information disclosure5.34.9$0-$5k$0-$5kProof-of-ConceptWorkaround0.000450.11CVE-2024-4021
16Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.14CVE-2005-4222
17JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.004890.05CVE-2010-5048
18Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.32
19Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.967100.04CVE-2023-4966
20PHP CityPortal index.php sql injection8.58.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002850.04CVE-2017-15970

IOC - Indicator of Compromise (11)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
146.246.12.6c-46-246-12-6.ip4.frootvpn.comAPT-C-3603/02/2023verifiedHigh
246.246.86.3c-46-246-86-3.ip4.frootvpn.comAPT-C-3603/02/2023verifiedHigh
3128.90.106.22undefined.hostname.localhostAPT-C-3612/11/2020verifiedHigh
4XXX.XX.XXX.XXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
5XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
6XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
7XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
8XXX.XX.XXX.Xxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
9XXX.XX.XXX.XXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
10XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxx-x-xx12/11/2020verifiedHigh
11XXX.XXX.XXX.XXXXxx-x-xx03/02/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-25, CWE-36, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-50CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
21TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-112CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
25TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (419)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%SYSTEMDRIVE%\node_modules\.bin\wmic.exepredictiveHigh
2File/#ilang=DE&b=c_smartenergy_swgroupspredictiveHigh
3File/Account/login.phppredictiveHigh
4File/admin/predictiveLow
5File/Admin/changepassword.phppredictiveHigh
6File/admin/general-settingpredictiveHigh
7File/admin/save.phppredictiveHigh
8File/admin/servicepredictiveHigh
9File/adminapi/system/crudpredictiveHigh
10File/adminapi/system/file/openfilepredictiveHigh
11File/admin_route/dec_service_credits.phppredictiveHigh
12File/api/downloadpredictiveHigh
13File/api/v1/alertspredictiveHigh
14File/api/v1/terminal/sessions/?limit=1predictiveHigh
15File/api/v4/teams//channels/deletedpredictiveHigh
16File/api/wechat/app_authpredictiveHigh
17File/b2b-supermarket/shopping-cartpredictiveHigh
18File/cancel.phppredictiveMedium
19File/category.phppredictiveHigh
20File/categorypage.phppredictiveHigh
21File/cgi-bin/cstecgi.cgipredictiveHigh
22File/cgi-bin/vitogate.cgipredictiveHigh
23File/change-language/de_DEpredictiveHigh
24File/control/register_case.phppredictiveHigh
25File/debug/pprofpredictiveMedium
26File/devinfopredictiveMedium
27File/dist/index.jspredictiveHigh
28File/downloadpredictiveMedium
29File/fcgi/scrut_fcgi.fcgipredictiveHigh
30File/forum/away.phppredictiveHigh
31File/geoserver/gwc/rest.htmlpredictiveHigh
32File/goform/formSysCmdpredictiveHigh
33File/HNAP1predictiveLow
34File/hosts/firewall/ippredictiveHigh
35File/index.jsp#settingspredictiveHigh
36File/index.phppredictiveMedium
37File/index.php/ccm/system/file/uploadpredictiveHigh
38File/log/decodmail.phppredictiveHigh
39File/ndmComponents.jspredictiveHigh
40File/oauth/idp/.well-known/openid-configurationpredictiveHigh
41File/OA_HTML/cabo/jsps/a.jsppredictiveHigh
42File/php/ping.phppredictiveHigh
43File/proxypredictiveLow
44File/register.phppredictiveHigh
45File/RPS2019Service/status.htmlpredictiveHigh
46File/s/index.php?action=statisticspredictiveHigh
47File/settingpredictiveMedium
48File/Setting/change_password_savepredictiveHigh
49File/xxxxxx-xxxx/xxxxxxx/predictiveHigh
50File/xxxxxx.xxxpredictiveMedium
51File/xxxx.xxxpredictiveMedium
52File/xx_xxx.xxxpredictiveMedium
53File/xxxxxx/xxx/xx/xxxx/xxxx_xxxxx.xpredictiveHigh
54File/xxxxxxxx.xxxpredictiveHigh
55File/xxxxxx/xxxx/xxxxpredictiveHigh
56File/xxxxxxxxxxxx/xxxx/xxxxxxxxxxx?_xxxxxx=xxxxx&xx=xxxxxxxxxxxxx&xxxx=xx&xxxx=x&xxxx=x_xxxxxxxxxxx+xxxx&xxxx=xxxpredictiveHigh
57File/xxx/xxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
58File/xxxxxx/xxxxxxxxxxxxx?xxxxxx=xxxxxxpredictiveHigh
59File/xxxxxxx/predictiveMedium
60File/xxxx/xxxxx/xxxxxxxx?xx=xpredictiveHigh
61File/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
62File/xxxx-xxxx-xxxxxx.xxxpredictiveHigh
63File/xxxx/xxxxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
64File/xxxxxxxxxxx/xxxxxxxxpredictiveHigh
65File/xxxxxx/predictiveMedium
66File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
67File/xxxxxx/xxxx/xx_xxxxxxx_xxxx_xx.xxxpredictiveHigh
68File/xxx-xxx-xxxxx/xxxxxxx/xxxxpredictiveHigh
69File/xxxxxx/xxxxx.xxx/xxxxx/xxxxx/xxx_xxxxxx_xxxxxxxx.xxxxpredictiveHigh
70File?x=xxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
71Filexxxxxx.xxxpredictiveMedium
72Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
73Filexxxxxxx.xxxpredictiveMedium
74Filexxx-xxx.xxxpredictiveMedium
75Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
76Filexxxxx.xxxpredictiveMedium
77Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
78Filexxxxx/xxxxxxxx.xxxpredictiveHigh
79Filexxxxx/xxxxx.xxxpredictiveHigh
80Filexxxxx/xxxxxxx/xxx-xxxxxx-xxxxxxxxx/xxxxxxx/xxxxx-xxxxxx-xxxxxxxxx-xxxx.xxxpredictiveHigh
81Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
82Filexxxxx_xxxxx.xxxpredictiveHigh
83Filexxxxxxxxx_x.xxxpredictiveHigh
84Filexxxxxxxxxxxxx.xxxpredictiveHigh
85Filexxxxx.xxxpredictiveMedium
86Filexxxxx_xxxxxx.xxxpredictiveHigh
87Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
88Filexxxxxxx.xxxpredictiveMedium
89Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
90Filexxx/xxxx/xxxx.xxxpredictiveHigh
91Filexxx-xxx.xxxpredictiveMedium
92Filexxxxxxxxxx.xxxpredictiveHigh
93Filexxxxxxxxx.xxxpredictiveHigh
94Filexxxxx-xxxx/xxxxxx.xpredictiveHigh
95Filexxxxxxx.xxpredictiveMedium
96Filexxx_xxxx_xxxxx.xpredictiveHigh
97Filexx_xxxx.xxxpredictiveMedium
98Filexxxx_xxxxxx_xxxxxx.xxxpredictiveHigh
99Filexxxxxxxx.xxxpredictiveMedium
100Filexxx-xxx/xxxxxxx.xxpredictiveHigh
101Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
102FilexxxxxxxpredictiveLow
103Filexxxx.xxxpredictiveMedium
104Filexxxxxxx/xxxxxx.xxxpredictiveHigh
105Filexxxxx.xxxpredictiveMedium
106Filexxxxx-xxxxxxx.xxxpredictiveHigh
107Filexxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
108Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
109Filexxxx.xxpredictiveLow
110Filexx_xxxxxxxxxxxxxx.xxxpredictiveHigh
111Filexxxxxxxx.xpredictiveMedium
112Filexxxxxxx.xxxpredictiveMedium
113Filexxxxxxxx_xxx.xxxpredictiveHigh
114Filexxxxx.xxxpredictiveMedium
115Filexxxxxxxx/xxxxxx-xxxx.xxxpredictiveHigh
116Filexxxxxxxxxxxxx.xxxxpredictiveHigh
117Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxx.xpredictiveHigh
118Filexxxx_xxxxx.xxxpredictiveHigh
119Filexx/xxxxx/xxxxxxxxxx.xpredictiveHigh
120Filexx/xxx/xxxxxx/xx_xxxxxxx.xpredictiveHigh
121Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
122Filexxxxxxx/xxxx/xx/xxxxxx/xxxx.xxxpredictiveHigh
123Filexxxx.xxxpredictiveMedium
124Filexxxxxxx.xxxpredictiveMedium
125Filexxxxxxxxx.xxxpredictiveHigh
126Filexxxxxx.xxxpredictiveMedium
127Filexxxx.xpredictiveLow
128Filexxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
129Filexxxxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxxxxxxxxxx.xxxpredictiveHigh
131Filexxx/xxxxxx.xxxpredictiveHigh
132Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
133Filexxxxxxxxxxxxx.xxxpredictiveHigh
134Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
135Filexxxxx.xxxpredictiveMedium
136Filexxxxx.xxxxpredictiveMedium
137Filexxxxx.xxxpredictiveMedium
138Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
139Filexxxxxxx_xxxx.xxxpredictiveHigh
140Filexxxx.xxxpredictiveMedium
141Filexxxxxxxxx/xxxx-xxxxxxxxxx.xxxpredictiveHigh
142Filexxxxxxxx/xxx-xxx/xxxxxxxxxx/xxxxxxx.xxpredictiveHigh
143Filexx/xxxxxx/xxxxxxxxxxxpredictiveHigh
144Filexxxx_xxxx.xxxpredictiveHigh
145Filexxxxx/xxx_xxx.xpredictiveHigh
146Filexxxxxx.xxxpredictiveMedium
147Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
148Filexxxxxxxxx/xxxxxx_xxxx_xxx.xpredictiveHigh
149Filexxxx.xxxpredictiveMedium
150Filexxxxx-xxxxxx-xxxxxx.xxxxpredictiveHigh
151Filexxxxx.xxxxpredictiveMedium
152Filexxxxxx.xxxpredictiveMedium
153Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
154Filexxxxx_xxxxx/xx_xxxxxxx.xpredictiveHigh
155Filexxxx/xxxxxxx_xxxx.xpredictiveHigh
156Filexxxxxxx.xxx/xxxxx.xxxpredictiveHigh
157Filexxxxxxx/xxx.xxxpredictiveHigh
158Filexxxxxx_xx.xxxpredictiveHigh
159Filexxxx/?x=xxxxxxxx/xxxx_xxxxxxxpredictiveHigh
160Filexxxxxxxx.xxpredictiveMedium
161Filexxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxpredictiveHigh
162Filexxx/xxxx/xxx.xpredictiveHigh
163Filexxxxx_xxxxxxxxxx.xxxpredictiveHigh
164Filexxx_xxxxxxxx.xpredictiveHigh
165Filexxx_xxxx.xxxpredictiveMedium
166Filexxxx.xxxpredictiveMedium
167Filexxxxxxxxxx.xxpredictiveHigh
168Filexxxxxx\xxx_xxxxxxx\xxxxxxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
169Filexxxxxxx.xxxpredictiveMedium
170Filexxxxxxx_xxxxxx_xxx.xxxxpredictiveHigh
171Filexxxxxxx/xxxxxxxxx/xxx.xxxpredictiveHigh
172Filexxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
173Filexxxxxx_xxx.xxxpredictiveHigh
174Filexxxx_xxxx.xxxpredictiveHigh
175Filexxxxxxxxxx.xxxpredictiveHigh
176Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
177Filexxxxxxx.xxxpredictiveMedium
178Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxpredictiveHigh
179Filexxxxxxxx.xxxpredictiveMedium
180Filexxxxxxxxxx.xxxpredictiveHigh
181Filexxxxxxxx.xxxpredictiveMedium
182Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
183Filexxxxxxxx.xxxpredictiveMedium
184Filexxx.xpredictiveLow
185Filexxxxxx.xxpredictiveMedium
186Filexxxxxx_xxxx_xxxx.xxxpredictiveHigh
187Filexxxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
188Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
189Filexxxxxxx.xxxpredictiveMedium
190Filexxxxxxx.xxxpredictiveMedium
191Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
192Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxx-xxxxxxxx.xxxpredictiveHigh
193Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
194Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
195Filexxxxxxx/xxxxxx.xxxpredictiveHigh
196Filexxx_xxxxx.xpredictiveMedium
197Filexxx/xxxxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
198Filexxx/xxxx/xxxx/xx/xxxxx/xxxxx/xxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
199Filexxxxxxx/xxxxx_xxxx.xxpredictiveHigh
200Filexxxxxx.xpredictiveMedium
201Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
202Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
203Filexxxxxxxxxx.xxxxxpredictiveHigh
204Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
205Filexxxxxxxx.xxxxx.xxxpredictiveHigh
206Filexxxxxx-xxxxxx.xxxpredictiveHigh
207Filexxxx-xxxxx.xxxpredictiveHigh
208Filexxxx-xxxxx.xxxpredictiveHigh
209Filexxxx-xxxxxxxx.xxxpredictiveHigh
210Filexxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
211Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
212Filexxxxx.xxxpredictiveMedium
213Filexxxxx/xxxxx.xxxpredictiveHigh
214Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
215Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
216Filexxxxxxx.xxxpredictiveMedium
217Filexxxxxxx.xxxpredictiveMedium
218Filexxxxxxx.xxxpredictiveMedium
219Filexxxxxxx.xxxpredictiveMedium
220Filexxxxxx.xxxpredictiveMedium
221Filexxx.xxxpredictiveLow
222Filexxx.xxxpredictiveLow
223Filexxx/xxxxxxx/xxxxxxx/xxxxxxxxxx?xx=xpredictiveHigh
224Filexxx/xxxxxxx/xxxxxxx/xxxxxxxx?xx=xpredictiveHigh
225Filexxxxxxxx/xxxxx/xxxxxxxxx.xxxpredictiveHigh
226Filexxxxxxx_xxxxxxxxx.xxxpredictiveHigh
227Filexxxxxxxx.xxxpredictiveMedium
228Filexx-xxxxx/xxxxxxx.xxxpredictiveHigh
229Filexx-xxxx.xxxpredictiveMedium
230Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
231Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
232Filexx-xxxxx.xxxpredictiveMedium
233Filexx-xxxxxxxxx.xxxpredictiveHigh
234Filexxxxxx.xxxpredictiveMedium
235Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xpredictiveHigh
236Filexxxxxxxxxxx.xxxpredictiveHigh
237File_xxxxxx.xxxpredictiveMedium
238File~/xxxxxxxx.xxxpredictiveHigh
239Libraryxxxxxx/xxxxxxx/xxx/xxx/xxxxx/xxxxxx/xxxxxxxxx.xxxpredictiveHigh
240Libraryxxxxxxxx.xxxpredictiveMedium
241Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictiveHigh
242Libraryxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
243Libraryxxx/xxxxxxxxx.xxpredictiveHigh
244Libraryxxxxx.xxxpredictiveMedium
245Libraryxxxxxxxxx.x.x.xxx.xxxpredictiveHigh
246Libraryxxxxxxxxxxxxxx.xxxxxpredictiveHigh
247Libraryxxxxxxx.xxxpredictiveMedium
248Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
249ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
250ArgumentxxxxxxpredictiveLow
251ArgumentxxxxxxxpredictiveLow
252ArgumentxxxxxxxpredictiveLow
253ArgumentxxxxpredictiveLow
254ArgumentxxxxxxxxxpredictiveMedium
255Argumentxxxx_xxxxxpredictiveMedium
256ArgumentxxpredictiveLow
257ArgumentxxxxxxpredictiveLow
258ArgumentxxxxxxxxpredictiveMedium
259ArgumentxxxxxxxxpredictiveMedium
260Argumentxxxx_xxxpredictiveMedium
261ArgumentxxxxpredictiveLow
262ArgumentxxxxxpredictiveLow
263Argumentxxxxxxxxxx_xxxxpredictiveHigh
264Argumentxxxx_xxpredictiveLow
265ArgumentxxxpredictiveLow
266ArgumentxxxxxxxxxxpredictiveMedium
267ArgumentxxxxxxxxxxpredictiveMedium
268Argumentxxxxxxxx_xxpredictiveMedium
269Argumentxxxxx/xxxxpredictiveMedium
270Argumentxxx_xxpredictiveLow
271ArgumentxxxxxxxxpredictiveMedium
272Argumentxxxxx_xxpredictiveMedium
273ArgumentxxxxxxpredictiveLow
274Argumentxxxxxx[xxxx]predictiveMedium
275Argumentxxxxxxx-xxxxxxpredictiveHigh
276ArgumentxxxxxxxxpredictiveMedium
277ArgumentxxxxxxxxxxpredictiveMedium
278ArgumentxxxxpredictiveLow
279ArgumentxxxxxxxxxpredictiveMedium
280ArgumentxxxxpredictiveLow
281ArgumentxxxxpredictiveLow
282ArgumentxxxxxxxxxxxpredictiveMedium
283ArgumentxxxxxxxpredictiveLow
284ArgumentxxxxxxxxxxpredictiveMedium
285ArgumentxxxxxpredictiveLow
286Argumentxxxxx/xxxx/xxxxx/xxxxxxxxpredictiveHigh
287Argumentxxxxx/xxxxpredictiveMedium
288Argumentxxxxx/xxxxxxxxpredictiveHigh
289ArgumentxxxxxpredictiveLow
290ArgumentxxxxxxxxxpredictiveMedium
291Argumentxxxxx_xxxpredictiveMedium
292Argumentxxxxxxxx[xxxxxxx_xx]predictiveHigh
293Argumentxxxxxxx/xxxxpredictiveMedium
294ArgumentxxxxpredictiveLow
295Argumentxxxxxxx/xxxxxxxxpredictiveHigh
296ArgumentxxxxxxxxpredictiveMedium
297ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
298Argumentxxxxxx_xxxpredictiveMedium
299Argumentxxxxx xxxxpredictiveMedium
300Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
301Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxpredictiveHigh
302Argumentxxxxxxxx[xxx_xx]predictiveHigh
303Argumentxxxxxxxxx/xxxxxxpredictiveHigh
304Argumentxx_xxpredictiveLow
305ArgumentxxxxxxpredictiveLow
306Argumentxxxxxxxxxxxxxxx._xxxxpredictiveHigh
307ArgumentxxxxpredictiveLow
308ArgumentxxxxpredictiveLow
309ArgumentxxxxpredictiveLow
310ArgumentxxxxxxxxpredictiveMedium
311ArgumentxxxxpredictiveLow
312Argumentxxxx_xxxxpredictiveMedium
313ArgumentxxpredictiveLow
314ArgumentxxxxxxxxxxpredictiveMedium
315ArgumentxxxxxxpredictiveLow
316Argumentxx_xxxxxxxx/xx_xxxx/xx_xxxxxxx/xxxxxpredictiveHigh
317Argumentxx_xxxxxpredictiveMedium
318ArgumentxxxxxpredictiveLow
319Argumentxxx_xxxxxxxxpredictiveMedium
320ArgumentxxxxxxxpredictiveLow
321ArgumentxxxxxpredictiveLow
322ArgumentxxxxxxxxxpredictiveMedium
323ArgumentxxxxxxxxxpredictiveMedium
324Argumentxx_xxxxxpredictiveMedium
325Argumentxxxxxxxx[xx]predictiveMedium
326ArgumentxxxxxxxxpredictiveMedium
327Argumentx/xx/xxxpredictiveMedium
328ArgumentxxxxpredictiveLow
329Argumentxxxx_xxxxpredictiveMedium
330ArgumentxxxpredictiveLow
331ArgumentxxxpredictiveLow
332ArgumentxxxxxxxpredictiveLow
333ArgumentxxxpredictiveLow
334ArgumentxxxpredictiveLow
335ArgumentxxxxxxxxxpredictiveMedium
336Argumentxxx_xxxxx_xxxxxxxxpredictiveHigh
337ArgumentxxxxpredictiveLow
338Argumentxxxx/xxxxxx/xxxxxxxpredictiveHigh
339Argumentxxx/xxxpredictiveLow
340ArgumentxxxxpredictiveLow
341Argumentxx_xxpredictiveLow
342ArgumentxxxxxxpredictiveLow
343Argumentxxxxxx[]predictiveMedium
344Argumentxxxxxxxx/xxxxxxxxxpredictiveHigh
345ArgumentxxxxpredictiveLow
346ArgumentxxxxxxxxpredictiveMedium
347ArgumentxxxxpredictiveLow
348Argumentxxxx_xxxxpredictiveMedium
349ArgumentxxxxxxxpredictiveLow
350Argumentxxxxxxx/xxxxxx/xxxxxxxpredictiveHigh
351Argumentxxxxx_xxxx_xxxxpredictiveHigh
352ArgumentxxxxxxxxpredictiveMedium
353Argumentxxxxxx_xxxx/xxxxxx_xx/xxxxxx_xxxx/xxxxxxxxpredictiveHigh
354Argumentxxxx_xxxpredictiveMedium
355ArgumentxxxxxxxxxxpredictiveMedium
356ArgumentxxxxxxxxxxxpredictiveMedium
357Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
358ArgumentxxxxxxxxpredictiveMedium
359ArgumentxxxxxxxxpredictiveMedium
360ArgumentxxxxxxxxxxpredictiveMedium
361ArgumentxxxxxxxxxpredictiveMedium
362ArgumentxxxxxxxxxxpredictiveMedium
363Argumentxxxxxx_xxxxpredictiveMedium
364ArgumentxxxxxxxxpredictiveMedium
365ArgumentxxxxxxpredictiveLow
366Argumentxxx_xxxxpredictiveMedium
367Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
368ArgumentxxxxxxxxxxpredictiveMedium
369ArgumentxxxxxxxxxpredictiveMedium
370Argumentxxxxxx_xxxx_xxxxpredictiveHigh
371ArgumentxxxxpredictiveLow
372ArgumentxxxxpredictiveLow
373ArgumentxxxxxxxxxpredictiveMedium
374Argumentxxxxxxxx_xxxx/xxxxxxxx_xxxxxxxpredictiveHigh
375ArgumentxxxxxxpredictiveLow
376Argumentxxxxxxx[]predictiveMedium
377ArgumentxxxxxxxxxxxpredictiveMedium
378Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
379Argumentxxxx_xx_xxxpredictiveMedium
380ArgumentxxxxxpredictiveLow
381Argumentxxxxx/xxxx_xx/xxxxxx_xxxx/xxxxx/xxxx_xxxx/xxxx_xxxxx/xxxxx_xxxx/xxxxxxxxxxx/xxxxxxx_xxxx/xxxxxxx_xxxx/xxxxxxxx_xxxxxx/xxxxx_xxxx/xxxxxxpredictiveHigh
382ArgumentxxxxxpredictiveLow
383ArgumentxxxxxpredictiveLow
384ArgumentxxxxxxxpredictiveLow
385Argumentxxxxxx_xxxxxxxx/xxxxxx_xxxxxxxx/xxxxxxxxxx_xxxxxxxxpredictiveHigh
386ArgumentxxxxxxxxxxxpredictiveMedium
387Argumentxxxxx/xxxxxxxxpredictiveHigh
388ArgumentxxxpredictiveLow
389ArgumentxxxpredictiveLow
390Argumentxxxxxx/xxxxxpredictiveMedium
391Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
392ArgumentxxxxxxxxpredictiveMedium
393Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
394ArgumentxxxpredictiveLow
395Argumentxxxx->xxxxxxxpredictiveHigh
396Argumentx-xxxxx-xxxxxxxpredictiveHigh
397Argumentxxxx xxxxxxxxpredictiveHigh
398Argument_xxx_xxxxxxxxxxx_predictiveHigh
399Input Value"><xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveHigh
400Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
401Input Value../predictiveLow
402Input Value/\xxxxxxx.xxxpredictiveHigh
403Input ValuexxxxpredictiveLow
404Input Valuex%xxxx%xxx=xpredictiveMedium
405Input Valuexx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --predictiveHigh
406Input Value<xxx xxx="x" xxxxxxx="xxxxxxx.xxx(x)">predictiveHigh
407Input Value<xxx xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
408Input Value<xxxxxxx>xxpredictiveMedium
409Input Value<xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
410Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
411Input Value<xxx xxxxxxx="xxxxx(x)" xxxxx=xxxxxxx:xxxxx>xxxxx xxxx</xxx>predictiveHigh
412Input Valuexxxxxxx -xxxpredictiveMedium
413Input Valuexxxxxx|xxx|xxxxxxxpredictiveHigh
414Input Valuexxxxxx%xx+xx+%xxx%xx+%xx+%xxx%xx+--+-predictiveHigh
415Input Valuexxx.xxxxxxx.xxx?predictiveHigh
416Input Value\xxx\xxx\xxx\xxx\xxxpredictiveHigh
417Network Portxxx/xxxxxpredictiveMedium
418Network Portxxx/xxxxpredictiveMedium
419Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!