H0lyGh0st Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en924
zh24
ru16
fr12
de6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn412
us278
vn224
ru24
ie14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Indexsinas1
Venom RAT1
Mirai1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined282
Operating System62
Content Management System34
WordPress Plugin24
Web Browser24

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined234
Microsoft62
Apple36
Oracle30
Google12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows34
Apple macOS12
Apple iOS10
Mozilla Firefox10
Google Android8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.019600.04CVE-2007-1287
2Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009362.44CVE-2020-15906
3TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010754.91CVE-2006-6168
4DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.28CVE-2010-0966
5Microsoft Windows win32k.sys xxxMenuWindowProc denial of service5.55.0$5k-$25k$0-$5kProof-of-ConceptUnavailable0.000000.03
6Apple CUPS Interface cross site scripting4.34.1$5k-$25k$0-$5kHighOfficial Fix0.008640.00CVE-2014-2856
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.10CVE-2007-0354
8Ivanti Secure Access Client config8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.05CVE-2023-35080
9Apache Superset External URL redirect4.94.9$5k-$25k$0-$5kNot DefinedNot Defined0.004360.03CVE-2021-28125
10LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.27
11Oracle PeopleSoft Enterprise PeopleTools Integration Broker access control6.55.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.007990.05CVE-2017-3548
12Pirelli DRG A115 v3 ADSL Router DNS privileges management7.36.6$0-$5k$0-$5kFunctionalWorkaround0.000000.02
13nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002412.48CVE-2020-12440
14NotificationX Plugin SQL Statement sql injection5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.024140.04CVE-2022-0349
15Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.61

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • H0lyGh0st

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1127.0.0.1localhostH0lyGh0st10/10/2022verifiedHigh
2XXX.XX.XX.XXXXxx-xxxxXxxxxxxxx07/15/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-24, CWE-29Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-108CWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
21TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
22TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
24TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
25TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (347)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/predictiveLow
2File/admin/admin_user.phppredictiveHigh
3File/admin/category/savepredictiveHigh
4File/admin/list_ipAddressPolicy.phppredictiveHigh
5File/admin/subject.phppredictiveHigh
6File/auth/auth.php?user=1predictiveHigh
7File/boaform/device_reset.cgipredictiveHigh
8File/cgi-bin/cstecgi.cgipredictiveHigh
9File/cgi-bin/cstecgi.cgi?action=loginpredictiveHigh
10File/cgi-bin/cstecgi.cgi?action=login&flag=1predictiveHigh
11File/cgi-bin/nas_sharing.cgipredictiveHigh
12File/cgi-bin/system_mgr.cgipredictiveHigh
13File/cgi-bin/wlogin.cgipredictiveHigh
14File/cgi/cpaddons_report.plpredictiveHigh
15File/common/dict/listpredictiveHigh
16File/debug/pprofpredictiveMedium
17File/DXR.axdpredictiveMedium
18File/forum/away.phppredictiveHigh
19File/goform/DhcpListClientpredictiveHigh
20File/goform/goform_get_cmd_processpredictiveHigh
21File/HNAP1/predictiveLow
22File/hrm/leaverequest.phppredictiveHigh
23File/importexport.phppredictiveHigh
24File/install/predictiveMedium
25File/Interface/DevManage/VM.phppredictiveHigh
26File/main/doctype.phppredictiveHigh
27File/main/webservices/additional_webservices.phppredictiveHigh
28File/mcpredictiveLow
29File/ndmComponents.jspredictiveHigh
30File/net/bluetooth/rfcomm/core.CpredictiveHigh
31File/oauth/idp/.well-known/openid-configurationpredictiveHigh
32File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
33File/pdfpredictiveLow
34File/register.phppredictiveHigh
35File/remote/put_filepredictiveHigh
36File/setting/NTPSyncWithHostpredictiveHigh
37File/spip.phppredictiveMedium
38File/squashfs-root/etc_ro/custom.confpredictiveHigh
39File/src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.cpredictiveHigh
40File/xxxxx/xxxxxxxxxxx.xxxpredictiveHigh
41File/xxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
42File/xxx/xxxx/xxxxxxxxxxxx?xxxxxxxx=xxxxxpredictiveHigh
43File/xxxxxxxx/xxxxxx-xxxxxxx.xxxpredictiveHigh
44File/xxxxxx-xxxxxxxx-xxxx/predictiveHigh
45File/xxxxxxx/xxxx.xxxpredictiveHigh
46File/xxx/xxx/xxxx-xx/xxpredictiveHigh
47File/xxx/xxx/xxxx/xxxx-xxx-xxxxxxxxpredictiveHigh
48File/xxx/xxxxxxxx.xxxpredictiveHigh
49File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
50Filexxxxxxxxxxx.xxxpredictiveHigh
51Filexxxxxx/xxxx/xxxxxx.xxxxpredictiveHigh
52Filexxxxxxx.xxxpredictiveMedium
53Filexxx.xxxpredictiveLow
54Filexxxxx.xxxpredictiveMedium
55Filexxxxx.xxxxpredictiveMedium
56Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
57Filexxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
58Filexxxxx/xxxxxxx/xxxxxxx_xxxx_xxxx.xxxpredictiveHigh
59Filexxxxx/xxxx/xxxxxx/xxxxxxx/xxxxxx/xxxx_xxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxx.xxxpredictiveMedium
61Filexxxxx_xxxxxx.xxxpredictiveHigh
62Filexxxxxxxx.xxxpredictiveMedium
63Filexxx/xxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
64Filexxx/xxxxxxx/xxxxxxxxxxx_xxxxxx.xxpredictiveHigh
65Filexxxxxxx.xpredictiveMedium
66Filexxxxxxxx.xxxxpredictiveHigh
67Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
68Filexxxxxxx.xxpredictiveMedium
69Filexxxxxxx/xxxxx/xxxx/predictiveHigh
70Filexxxxxxx.xxxxpredictiveMedium
71Filexxx/xxxxxpredictiveMedium
72Filexxxxxx.xpredictiveMedium
73Filexxxxx/xxx-xxxxxx.xpredictiveHigh
74Filexxxxxxxxxx/xxx/xxxxxxx.xxxxpredictiveHigh
75Filexxxxxxx/xxxxxxx/xxxxxxx.xxxx?xxxxpredictiveHigh
76Filexxxx.xpredictiveLow
77Filexxx-xxxx.xxxpredictiveMedium
78Filexxx-xxx/xxxxxxx_xxxxxxxxpredictiveHigh
79Filexxx-xxx/xxxxx/xxxxx/xxxxx/xxx_xxxx/xxxx_xxxx/predictiveHigh
80Filexxxxxxxx/xxxxxxxxxxx/xxxxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
81Filexxxxx.xxxpredictiveMedium
82Filexxx.xxx?xxx=xxxxx_xxxxpredictiveHigh
83Filexxxxxx/xxx.xpredictiveMedium
84Filexxxxxx/xxx.xpredictiveMedium
85Filexxxxx-xxxxxxx.xxxpredictiveHigh
86Filexxxxxx.xxxpredictiveMedium
87Filexxxxxx.xxxpredictiveMedium
88Filexxxxxx/x.xpredictiveMedium
89Filexxxx/xxxxxx.xxxxpredictiveHigh
90Filexxxxxxxx.xxxpredictiveMedium
91Filexxxxxxx.xxxpredictiveMedium
92Filexxxxxxx.xxxpredictiveMedium
93Filexxxxxxx.xxxpredictiveMedium
94Filexxxxx.xxxpredictiveMedium
95Filexxxxxxxxxxxxxxxx-xxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxxxxxx/xxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
96Filexxxxxxx/xxx/xxx/xxx_xxxxxx.xpredictiveHigh
97Filexxxxxxx/xxxxx/xxxxx/xxxxxx-xxx.xpredictiveHigh
98Filexxxxx.xxxpredictiveMedium
99Filexxxxx_xx.xxpredictiveMedium
100Filexxxxxxx.xpredictiveMedium
101Filexxxx-xxxx.xpredictiveMedium
102Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
103Filexxxx.xxxpredictiveMedium
104Filexxxxxx/xxxxx/xxxx.xxxxxxxx.xxxpredictiveHigh
105Filexxxxxxxxxx.xxxpredictiveHigh
106Filexxxxxx.xxxxpredictiveMedium
107Filexx-xxxxxxx/xxxxxxxpredictiveHigh
108Filexxxxxx/xxxxxxxxxxxxxpredictiveHigh
109Filexxxx.xxxpredictiveMedium
110Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
111Filexxxxxxxxx.xxxpredictiveHigh
112Filexxxxxx_xxxx_xxxxxx.xxxpredictiveHigh
113Filexxxx.xxxpredictiveMedium
114Filexxxx.xpredictiveLow
115Filexxxx_xxxx.xpredictiveMedium
116Filexxxxxx_xxxxxxx.xxxxpredictiveHigh
117Filexxx/xxxxxx.xxxpredictiveHigh
118Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
119Filexxxxx.xxxpredictiveMedium
120Filexxxxx.xxxxpredictiveMedium
121Filexxxxx.xxxpredictiveMedium
122Filexxxxxxxx.xxxpredictiveMedium
123Filexxxxxxx.xpredictiveMedium
124Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
125Filexxxxxxxxxxxxx.xxxpredictiveHigh
126Filexxxxx.xpredictiveLow
127Filexxx/xxxxxx.xxxpredictiveHigh
128Filexxxx.xpredictiveLow
129Filexxxxxxxxxx/xxxxxxxxxxxxx.xpredictiveHigh
130Filexxxxxxx/xxxx.xpredictiveHigh
131Filexxxxxxx.xxpredictiveMedium
132Filexxxxx.xxxpredictiveMedium
133Filexxxxxxxxxx/xx.xpredictiveHigh
134Filexxxx.xxxpredictiveMedium
135Filexxxxxxxx.xxxpredictiveMedium
136Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
137Filexxxxxx.xxxpredictiveMedium
138Filexxxxx.xxx.xxxpredictiveHigh
139Filexxx_xxxxx.xxxx/xxx_xxxxxxxx.xxxxpredictiveHigh
140Filexxx/xxxxxxxxx/xxx_xxxxxxxxx.xpredictiveHigh
141Filexxxxxx.xxxpredictiveMedium
142Filexxx_xxxx.xxxpredictiveMedium
143Filexxx/xx/xxx/xxxxxxxxxxpredictiveHigh
144Filexx/xxxxxxx/xxxxxxxx/xxx-xxxxxx.xpredictiveHigh
145Filexx/xxxxxxx/xxxxxxxx/xxx.xpredictiveHigh
146Filexxxxx.xxxpredictiveMedium
147Filexxxxxxxx-xxxxxxxx.xxxpredictiveHigh
148Filexxxxxxxxxxx.xxxxpredictiveHigh
149Filexxxxxxx.xxxpredictiveMedium
150Filexxxxxxx-xxxxxx.xxxpredictiveHigh
151Filexxxxxx/xxxxxxxxxx/xxx/xxxx.xxxpredictiveHigh
152Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
153Filexxxxxxx.xxxpredictiveMedium
154Filexxx.xxxxx.xxxpredictiveHigh
155Filexxxxx.xxxpredictiveMedium
156Filexxxxx.xxxpredictiveMedium
157Filexxxxxxxxxx.xxxpredictiveHigh
158Filexxxxxxxxxxxx.xxxpredictiveHigh
159Filexxxxxxx.xxpredictiveMedium
160Filexxx.xxxpredictiveLow
161Filexx_xxx.xxpredictiveMedium
162Filexxxxxx.xxpredictiveMedium
163Filexxxxxxx/xxxxxxxxxxpredictiveHigh
164Filexxxxxx.xxxpredictiveMedium
165Filexxxxxx-xxxxx.xxxpredictiveHigh
166Filexxxxxx_xxxxxxxxx.xxxpredictiveHigh
167Filexxxxxxx.xxxpredictiveMedium
168Filexxxx_xxxxxxx.xxxpredictiveHigh
169Filexx_xxxxx_xxxx.xxxpredictiveHigh
170Filexxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
171Filexxx.xxxxpredictiveMedium
172Filexxxxxxx.xxxpredictiveMedium
173Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
174Filexxx/xxxx/xxxx/xx/xxxxx/xxxxx/xxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
175Filexxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
176Filexxxxxxxx.xxxpredictiveMedium
177Filexxx_xxxxxxx.xpredictiveHigh
178Filexxxx-xxxxx.xxxpredictiveHigh
179Filexxxx-xxxxx.xxxpredictiveHigh
180Filexxxx-xxxxxxxx.xxxpredictiveHigh
181Filexxxxx/xxxxx/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
182Filexxxxx_xxx_xxxxxxx.xxxpredictiveHigh
183Filexxxxx.xxxpredictiveMedium
184Filexxxxxxxx-xxx.xxxpredictiveHigh
185Filexx/x.x.xx.xxxxxx/xxxxxxx/xx/xxxxx.xx.xxxxxxxxxpredictiveHigh
186Filexxxxxx/xxxxx.xxx/xxxx/xxxxpredictiveHigh
187Filexxxxxxxx/xxxxxxxxpredictiveHigh
188Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
189Filexxxx_xxxxx.xxxpredictiveHigh
190Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
191Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
192Filexx/xxxxxxxxx/xxpredictiveHigh
193Filexxxxxx.xxxpredictiveMedium
194Filexxx_xxxxx.xxxxpredictiveHigh
195Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveHigh
196Filexxxxxx.xxxpredictiveMedium
197Filexxxxxxxx.xxxpredictiveMedium
198Filexxxxxx.xxxpredictiveMedium
199Filexx.xxxxxx/xxxxxxx/predictiveHigh
200Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
201Filexx-xxxxxxx/xxxxxxx/xxxx-xx-xxxx/predictiveHigh
202Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
203Filexx-xxxxxxxxxxx.xxxpredictiveHigh
204Filexx/xx/xxxxxpredictiveMedium
205Filexxxx.xxpredictiveLow
206File\xx_xxxx\xxx\xxxxxxxx\xxxxxxxx_xxxxxxx.xxpredictiveHigh
207File{{xxxxxxxx}}/xxxxxpredictiveHigh
208Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
209Libraryxx/xxx/xxxx_xxxxxx.xxxpredictiveHigh
210Libraryx:/xxxxxxx xxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
211Libraryxxxxxxx.xxxpredictiveMedium
212Libraryxxxxxx_xxxxxxxx.xxxpredictiveHigh
213Libraryxxxxxxx-xxxxxx.xxxpredictiveHigh
214Libraryxxx/xxxx.xpredictiveMedium
215Libraryxxx/xx/xxxxx/xxxxxxxxxx/xxxx.xxpredictiveHigh
216Libraryxxx/xxx.xpredictiveMedium
217Libraryxxxxxx.xxxpredictiveMedium
218Libraryxxxxx.xxxpredictiveMedium
219Libraryxxxxxxx.xxxpredictiveMedium
220Libraryxxxxxx.xxxpredictiveMedium
221Argument.xxxxxxxxpredictiveMedium
222Argumentxx/xxpredictiveLow
223ArgumentxxxxxxpredictiveLow
224ArgumentxxxxxpredictiveLow
225ArgumentxxxxpredictiveLow
226ArgumentxxxxxxxxxxxxxpredictiveHigh
227ArgumentxxxxxxxxxxxxxxpredictiveHigh
228ArgumentxxxxxxxxpredictiveMedium
229Argumentxxxx_xxxpredictiveMedium
230ArgumentxxxxxpredictiveLow
231ArgumentxxxxxxpredictiveLow
232ArgumentxxxxxxxpredictiveLow
233ArgumentxxxxxxxxxxpredictiveMedium
234ArgumentxxxpredictiveLow
235ArgumentxxxxxxxpredictiveLow
236Argumentxxxxxxx xxxx/xxxxxxxxxxxpredictiveHigh
237ArgumentxxxxxxpredictiveLow
238ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
239Argumentxxxx_xxpredictiveLow
240ArgumentxxxxxpredictiveLow
241Argumentxxxxxxxxx_xxxxxx/xxxxxxxxx_xxxxxxpredictiveHigh
242ArgumentxxxxxxxxxpredictiveMedium
243ArgumentxxxxxxxpredictiveLow
244ArgumentxxxxxxpredictiveLow
245ArgumentxxxxxxxxxxxxpredictiveMedium
246ArgumentxxxxxpredictiveLow
247ArgumentxxxpredictiveLow
248ArgumentxxxxpredictiveLow
249ArgumentxxxxpredictiveLow
250ArgumentxxxxxxxxpredictiveMedium
251Argumentxxxxxxxx/xxxxxxx/xxxxxpredictiveHigh
252ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
253Argumentxxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveHigh
254Argumentxx_xxxxpredictiveLow
255ArgumentxxxxxxxpredictiveLow
256ArgumentxxxxxpredictiveLow
257Argumentxxxxxxxxx/xxxxxxpredictiveHigh
258Argumentxx=xxxxxx)predictiveMedium
259ArgumentxxxxxxxpredictiveLow
260Argumentxxxx_xxxxpredictiveMedium
261ArgumentxxxxpredictiveLow
262ArgumentxxpredictiveLow
263ArgumentxxpredictiveLow
264ArgumentxxpredictiveLow
265ArgumentxxxxxxxxxpredictiveMedium
266ArgumentxxxpredictiveLow
267Argumentxxx_xxxxxxxxpredictiveMedium
268ArgumentxxxxxxxpredictiveLow
269ArgumentxxxxxxxxxxxxxxpredictiveHigh
270Argumentxxxxxxxxx/xxxxxpredictiveHigh
271ArgumentxxxxxxxpredictiveLow
272ArgumentxxxxpredictiveLow
273ArgumentxxxxpredictiveLow
274ArgumentxxxxxxxxxxpredictiveMedium
275ArgumentxxxxxxxxxpredictiveMedium
276Argumentxxx_xxxxxxx_xxxpredictiveHigh
277ArgumentxxxxxxxxxpredictiveMedium
278Argumentxxxxx_xxxxxx_xxx/xxxxx_xxxx_xxxxxxxxpredictiveHigh
279ArgumentxxxxpredictiveLow
280ArgumentxxxxxxxxxpredictiveMedium
281Argumentxxxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxpredictiveHigh
282Argumentxxx_xxxpredictiveLow
283ArgumentxxxxxxxxxpredictiveMedium
284Argumentxx_xxpredictiveLow
285Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
286ArgumentxxpredictiveLow
287ArgumentxxxxpredictiveLow
288ArgumentxxxxxxxxpredictiveMedium
289Argumentxxxxx_xxxx_xxxxpredictiveHigh
290Argumentxxx_xxxxxxxxpredictiveMedium
291Argumentxxxx_xxxx_xxxxpredictiveHigh
292Argumentxxx/xxxxpredictiveMedium
293ArgumentxxxxxxxxxxxxxxxpredictiveHigh
294ArgumentxxxxxxxpredictiveLow
295Argumentxxxxxxx_xx[xxxxx]predictiveHigh
296ArgumentxxxxxxxxxxxxpredictiveMedium
297Argumentxxxx_xxxpredictiveMedium
298ArgumentxxxxxxxxxxxxpredictiveMedium
299ArgumentxxxxxxpredictiveLow
300ArgumentxxxxxxxxxxpredictiveMedium
301Argumentxxxxxxxx_xxxxxx_xxxxxpredictiveHigh
302Argumentxxxx_xxxxpredictiveMedium
303Argumentxxxxxx_xxpredictiveMedium
304ArgumentxxxxxxxxxpredictiveMedium
305ArgumentxxxpredictiveLow
306ArgumentxxxxxxxxxxxpredictiveMedium
307Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveHigh
308Argumentxxxx_xxpredictiveLow
309Argumentxxxx/xxxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
310ArgumentxxxxxxpredictiveLow
311Argumentxxxxxxx[]predictiveMedium
312Argumentxxx_xxxxxpredictiveMedium
313ArgumentxxxxxxpredictiveLow
314ArgumentxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
315ArgumentxxxxxxxxxxxxxxxpredictiveHigh
316Argumentxxxxxxxxxx_xxxx_xxxxxxpredictiveHigh
317ArgumentxxpredictiveLow
318ArgumentxxxxxxpredictiveLow
319ArgumentxxxpredictiveLow
320ArgumentxxxxxxxxpredictiveMedium
321ArgumentxxxxxxxxpredictiveMedium
322Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
323ArgumentxxxxxxxxxpredictiveMedium
324Argumentxxx_xxxxpredictiveMedium
325ArgumentxxxxpredictiveLow
326ArgumentxxpredictiveLow
327ArgumentxxxpredictiveLow
328ArgumentxxxxxxpredictiveLow
329Argumentx-xxxxxxxxx-xxxpredictiveHigh
330Argumentx-xxxxxxxxx-xxxxpredictiveHigh
331ArgumentxxpredictiveLow
332ArgumentxxxpredictiveLow
333ArgumentxxxxpredictiveLow
334Input Value"><xxxxxx xxx="xxxxx://xx.xxx/xxxxxxxxxx"></xxxxxx>predictiveHigh
335Input Value%xxpredictiveLow
336Input Value%xxxxxxxx%xxxxxxx%xxxxxxxx.xxxxxxxxxxxx%xxxxx,%xxxxx,%xxxxx%xx%xx%xx/xxxxxx%xxpredictiveHigh
337Input Value../../../xxx/xxxxxxpredictiveHigh
338Input Value/%xxpredictiveLow
339Input Valuex%xx"()%xx%xx<xxx><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
340Input Value<xxxxxx>xxxxx('xxxxxxxx.xxxxxx='+xxxxxxxx.xxxxxx)</xxxxxx>.xxxxxpredictiveHigh
341Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
342Input Value<xxxxx/xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
343Input ValuexxxxxxpredictiveLow
344Input Value\xpredictiveLow
345Pattern|xx|predictiveLow
346Network Portxxx/xxx (xxx)predictiveHigh
347Network Portxxx xxxxxx xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!