Nanocore Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	818
zh	122
de	20
fr	12
es	6

Country

us	670
cn	202
lu	24
ru	20
fr	12

Actors

Cobalt Strike	5
Ave Maria	3
Nanocore	3
RedLine Stealer	3
AsyncRAT	2

Activities

Interest

Timeline

Type

Not Defined	392
Operating System	70
Programming Language Software	42
Content Management System	40
Web Browser	32

Vendor

Not Defined	278
Microsoft	42
Apple	40
Oracle	38
Cisco	24

Product

Apple Mac OS X	34
Oracle Java SE	24
Linux Kernel	16
Microsoft Windows	14
Google Chrome	14

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	Calculating	High	Workaround	0.02016	0.00	CVE-2007-1192
2	Microsoft IIS cross site scripting	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00548	0.09	CVE-2017-0055
3	Basilix Webmail login.php3 command injection	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00000	0.07
4	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.50	CVE-2010-0966
5	Basti2web Book Panel books.php sql injection	7.3	7.0	$0-$5k	$0-$5k	High	Official Fix	0.00064	0.03	CVE-2009-4889
6	Microsoft IIS IP/Domain Restriction access control	6.5	5.7	$25k-$100k	$0-$5k	Unproven	Official Fix	0.00817	0.28	CVE-2014-4078
7	vsftpd deny_file unknown vulnerability	3.7	3.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00312	0.28	CVE-2015-1419
8	Apache Log4j SMTP Appender SMTPS certificate validation	3.7	3.7	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00191	0.04	CVE-2020-9488
9	Dropbear SSH input validation	8.5	8.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02911	0.19	CVE-2016-7406
10	HP Storage Data Protector memory corruption	10.0	10.0	$25k-$100k	$0-$5k	High	Not Defined	0.52178	0.00	CVE-2014-2623
11	Guangzhou 1GE ONU/V2804RGW formPing os command injection	5.9	5.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.71915	0.04	CVE-2020-8958
12	LogicBoard CMS away.php redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	2.69
13	Dropbear SSH dropbearconvert input validation	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00956	0.03	CVE-2016-7407
14	OpenSSH Authentication Username information disclosure	5.3	4.8	$5k-$25k	$0-$5k	High	Official Fix	0.10737	0.12	CVE-2016-6210
15	Eclipse Jetty temp file	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00072	0.04	CVE-2020-27216
16	RARLabs WinRAR ZIP Archive Remote Code Execution	6.3	6.0	$0-$5k	$0-$5k	High	Official Fix	0.33850	0.04	CVE-2023-38831
17	Dropbear SSH Server Login format string	9.8	9.4	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00000	0.04
18	SourceCodester Simple Cold Storage Management System Contact Us cross-site request forgery	4.3	4.1	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00068	0.00	CVE-2022-3585
19	Boa Webserver GET wapopen path traversal	6.4	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.73540	0.09	CVE-2017-9833
20	FLDS redir.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00203	0.03	CVE-2008-5928

Campaigns (1)

These are the campaigns that can be associated with the actor:

Tax-Themed Phishing

IOC - Indicator of Compromise (165)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	2.57.90.16		Nanocore		12/17/2022	verified	High
2	3.18.7.81	ec2-3-18-7-81.us-east-2.compute.amazonaws.com	Nanocore		12/17/2022	verified	Medium
3	3.220.57.224	ec2-3-220-57-224.compute-1.amazonaws.com	Nanocore		12/17/2022	verified	Medium
4	3.232.242.170	ec2-3-232-242-170.compute-1.amazonaws.com	Nanocore		12/17/2022	verified	Medium
5	5.79.68.107		Nanocore		10/23/2023	verified	High
6	8.8.8.8	dns.google	Nanocore		12/06/2021	verified	High
7	20.42.65.92		Nanocore		12/06/2021	verified	High
8	23.7.178.157	a23-7-178-157.deploy.static.akamaitechnologies.com	Nanocore		02/27/2023	verified	High
9	23.192.63.45	a23-192-63-45.deploy.static.akamaitechnologies.com	Nanocore		02/27/2023	verified	High
10	23.193.194.148	a23-193-194-148.deploy.static.akamaitechnologies.com	Nanocore		06/03/2023	verified	High
11	23.221.227.169	a23-221-227-169.deploy.static.akamaitechnologies.com	Nanocore		10/31/2022	verified	High
12	23.230.152.134		Nanocore		11/07/2022	verified	High
13	23.235.221.158	vps53141.inmotionhosting.com	Nanocore	Tax-Themed Phishing	08/29/2021	verified	High
14	31.31.196.51	server222.hosting.reg.ru	Nanocore		11/07/2022	verified	High
15	34.102.136.180	180.136.102.34.bc.googleusercontent.com	Nanocore		11/07/2022	verified	Medium
16	34.117.168.233	233.168.117.34.bc.googleusercontent.com	Nanocore		11/07/2022	verified	Medium
17	34.237.212.127	ec2-34-237-212-127.compute-1.amazonaws.com	Nanocore		10/23/2023	verified	Medium
18	35.76.115.170	ec2-35-76-115-170.ap-northeast-1.compute.amazonaws.com	Nanocore		03/07/2023	verified	Medium
19	35.169.217.142	ec2-35-169-217-142.compute-1.amazonaws.com	Nanocore		01/24/2023	verified	Medium
20	35.205.61.67	67.61.205.35.bc.googleusercontent.com	Nanocore		01/24/2023	verified	Medium
21	35.208.225.54	54.225.208.35.bc.googleusercontent.com	Nanocore		12/17/2022	verified	Medium
22	37.0.14.207		Nanocore		03/07/2023	verified	High
23	37.0.14.209		Nanocore		03/07/2023	verified	High
24	37.49.224.172		Nanocore		10/23/2023	verified	High
25	37.235.1.174	resolver1.freedns.zone.powered.by.virtexxa.com	Nanocore		01/24/2023	verified	High
26	37.235.1.177	resolver2.freedns.zone.powered.by.virtexxa.com	Nanocore		01/24/2023	verified	High
27	38.6.77.91		Nanocore		11/07/2022	verified	High
28	38.48.189.90		Nanocore		12/17/2022	verified	High
29	38.79.142.66	box6.dnsexit.com	Nanocore		02/27/2023	verified	High
30	39.96.26.145		Nanocore		10/23/2023	verified	High
31	44.219.130.155	ec2-44-219-130-155.compute-1.amazonaws.com	Nanocore		10/23/2023	verified	Medium
32	45.12.253.242		Nanocore		06/03/2023	verified	High
33	45.33.6.223	sqlite.org	Nanocore		10/31/2022	verified	High
34	XX.XX.XX.XXX	xx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
35	XX.XXX.XXX.XXX		Xxxxxxxx		07/06/2022	verified	High
36	XX.XXX.XXX.XXX	xxxxx.xxxxx.xxx	Xxxxxxxx		06/03/2023	verified	High
37	XX.XX.XXX.XXX	xxxxxxx.xxxxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
38	XX.XX.XXX.XXX	xxxxx.xx-xx-xx-xxx.xx	Xxxxxxxx		01/06/2019	verified	High
39	XX.XX.XX.XXX	xxx-xx-xx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	Medium
40	XX.XX.XX.XX	xxx-xx-xx-xx-xx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxx		01/24/2023	verified	Medium
41	XX.XX.XX.XXX	xxx-xx-xx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	Medium
42	XX.XX.XXX.XX		Xxxxxxxx		03/07/2023	verified	High
43	XX.XX.X.XX	xxxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		01/24/2023	verified	High
44	XX.XX.X.XX	xxxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		01/24/2023	verified	High
45	XX.XXX.XXX.XXX	xx-xxx-xxx-xxx.xxxxxx.xxxxx.xxx	Xxxxxxxx		06/03/2023	verified	High
46	XX.XXX.XXX.XXX	xx-xxx-xxx-xxx.xxxxxx.xxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
47	XX.XXX.XX.XXX		Xxxxxxxx		11/07/2022	verified	High
48	XX.XX.XXX.XXX	xxxxxxx.xxxxxxxxxxxx.xxx.xx	Xxxxxxxx		10/23/2023	verified	High
49	XX.XX.XXX.XXX	xxx.xxx.xx.xx.xxxxxx.xxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
50	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xxx.xxx.xx.xxx	Xxxxxxxx		07/23/2022	verified	High
51	XX.X.XX.XX	xxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
52	XX.X.XXX.XXX	xxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
53	XX.XX.XX.X		Xxxxxxxx		11/07/2022	verified	High
54	XX.XX.XX.XXX	xxxx-xxxx.xxxxxx.xxxxx-x.xxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
55	XX.XX.XX.XXX	xxxxxxxxxx.xxxxxxxxxxxxx.xx	Xxxxxxxx		02/27/2023	verified	High
56	XX.XXX.XXX.XX		Xxxxxxxx		12/17/2022	verified	High
57	XX.XXX.XXX.XX		Xxxxxxxx		10/23/2023	verified	High
58	XX.XXX.XXX.XXX		Xxxxxxxx		08/01/2021	verified	High
59	XX.XXX.XXX.XX	xxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		04/09/2022	verified	High
60	XX.XXX.XX.XX		Xxxxxxxx		01/30/2023	verified	High
61	XX.XX.XXX.X	xx.xx.xxx.x.xx.xxxxxxx.xx	Xxxxxxxx		12/17/2022	verified	High
62	XX.XXX.XX.XX		Xxxxxxxx		08/01/2021	verified	High
63	XX.XX.XXX.XXX		Xxxxxxxx		01/06/2019	verified	High
64	XX.XXX.XXX.XX		Xxxxxxxx		10/31/2022	verified	High
65	XX.XXX.XXX.XXX		Xxxxxxxx		10/23/2023	verified	High
66	XX.XXX.XXX.XXX	xxxxx.xxxxxxxxx.xx	Xxxxxxxx		01/30/2023	verified	High
67	XX.XXX.XXX.XX	xxxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx		09/17/2022	verified	High
68	XX.XXX.XXX.XX	xxxx-xxx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx		09/17/2022	verified	High
69	XX.XXX.XXX.XXX	xxxx-xxx-xxx.xxxxxxxxxxxx.xxx	Xxxxxxxx		09/17/2022	verified	High
70	XXX.XX.XX.XXX	xxxxx.xxxxxxxxxxx.xx	Xxxxxxxx		12/17/2022	verified	High
71	XXX.XX.XX.XXX		Xxxxxxxx		12/17/2022	verified	High
72	XXX.XX.XXX.XX		Xxxxxxxx		02/27/2023	verified	High
73	XXX.XX.XX.XXX		Xxxxxxxx		11/07/2022	verified	High
74	XXX.XXX.XX.XX		Xxxxxxxx		12/06/2021	verified	High
75	XXX.XXX.XX.XXX	xxxxxx-xx.xxxxxxxx.xxx	Xxxxxxxx		01/30/2023	verified	High
76	XXX.XXX.XXX.XXX		Xxxxxxxx		08/20/2022	verified	High
77	XXX.XXX.X.XXX	xxxxxxxxxxxxxxx.xx	Xxxxxxxx		12/17/2022	verified	High
78	XXX.XXX.XX.XX	xxxxxxxxxx.xxx	Xxxxxxxx		09/17/2022	verified	High
79	XXX.XXX.XX.XXX		Xxxxxxxx		09/17/2022	verified	High
80	XXX.XXX.X.XXX	xxxx.xxxxxxxxxx.xxx	Xxxxxxxx	Xxx-xxxxxx Xxxxxxxx	08/29/2021	verified	High
81	XXX.XX.XXX.XX		Xxxxxxxx		04/01/2022	verified	High
82	XXX.XXX.XXX.XXX		Xxxxxxxx		10/31/2022	verified	High
83	XXX.XXX.XXX.XXX		Xxxxxxxx		01/30/2023	verified	High
84	XXX.XXX.XX.XX		Xxxxxxxx	Xxx-xxxxxx Xxxxxxxx	08/29/2021	verified	High
85	XXX.XXX.XXX.XX		Xxxxxxxx		09/17/2022	verified	High
86	XXX.XX.XXX.XX	xxxx.xx-xxx-xx-xxx.xx	Xxxxxxxx		04/01/2022	verified	High
87	XXX.XXX.XX.XXX	xxxxxxxx.xx.xx	Xxxxxxxx		04/09/2022	verified	High
88	XXX.XXX.XX.XXX	xxxxxxxx-xx-xxx.xxxxx.xxx	Xxxxxxxx		02/27/2023	verified	High
89	XXX.XX.XXX.XX		Xxxxxxxx		07/23/2022	verified	High
90	XXX.XX.XXX.XXX		Xxxxxxxx		07/23/2022	verified	High
91	XXX.XX.XXX.XXX		Xxxxxxxx		07/23/2022	verified	High
92	XXX.XX.XXX.XX	xxxx.xx-xxx-xx-xxx.xxx	Xxxxxxxx		10/31/2022	verified	High
93	XXX.XXX.XXX.XXX		Xxxxxxxx		08/20/2022	verified	High
94	XXX.XXX.XXX.XXX		Xxxxxxxx		12/17/2022	verified	High
95	XXX.XXX.XX.XXX		Xxxxxxxx		09/17/2022	verified	High
96	XXX.X.XXX.XX	xxxxxxxxxx-x.xxx-xxxxxxx.xxx	Xxxxxxxx		08/20/2022	verified	High
97	XXX.XX.XX.X	xxxxxx.x.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxxxxxx		12/17/2022	verified	High
98	XXX.XXX.XX.XX	xxx-xxx-xx-xx.xxxxxxxxxxxx.xxx	Xxxxxxxx		06/03/2023	verified	High
99	XXX.XXX.XXX.XXX	xxxxxxx.xxxxxxxx.xxx	Xxxxxxxx		10/31/2022	verified	High
100	XXX.XXX.XXX.XX		Xxxxxxxx		09/17/2022	verified	High
101	XXX.XX.XX.XXX		Xxxxxxxx		10/31/2022	verified	High
102	XXX.XXX.XXX.XXX	xxxxxx-xxx.xxxxxxx.xxxxxx.xxx	Xxxxxxxx		10/31/2022	verified	High
103	XXX.XXX.XX.XX	xxx-xxx-xx-xx.xxxxxx.xxxxx.xxx	Xxxxxxxx		01/30/2023	verified	High
104	XXX.XXX.XXX.XX	xxx.xxx.xxx.xx.xxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		01/24/2023	verified	High
105	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxx.xx	Xxxxxxxx		09/24/2022	verified	High
106	XXX.XX.XX.XXX		Xxxxxxxx		12/06/2021	verified	High
107	XXX.XXX.XX.XX		Xxxxxxxx		10/31/2022	verified	High
108	XXX.XX.XX.XXX		Xxxxxxxx		01/24/2023	verified	High
109	XXX.XXX.XX.XX		Xxxxxxxx		09/17/2022	verified	High
110	XXX.XXX.XX.XX		Xxxxxxxx		01/24/2023	verified	High
111	XXX.XXX.XX.XX		Xxxxxxxx		01/24/2023	verified	High
112	XXX.XXX.XX.XX		Xxxxxxxx		01/24/2023	verified	High
113	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxx.xxxx.xxx	Xxxxxxxx		01/24/2023	verified	High
114	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxx.xxxx.xxx	Xxxxxxxx		10/31/2022	verified	High
115	XXX.XXX.XXX.XX	xxxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
116	XXX.XXX.XX.XXX		Xxxxxxxx		04/28/2022	verified	High
117	XXX.XXX.X.X		Xxxxxxxx		12/06/2021	verified	High
118	XXX.XXX.X.X		Xxxxxxxx		12/06/2021	verified	High
119	XXX.XXX.X.XXX		Xxxxxxxx		12/06/2021	verified	High
120	XXX.XXX.XX.XX	xxxxxxxx.xxxx.xxx	Xxxxxxxx		02/27/2023	verified	High
121	XXX.XXX.XX.XX	xxxxxxxx.xxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
122	XXX.XXX.XX.XX		Xxxxxxxx		09/17/2022	verified	High
123	XXX.XXX.XXX.X		Xxxxxxxx		02/27/2023	verified	High
124	XXX.X.XX.XXX		Xxxxxxxx		08/01/2021	verified	High
125	XXX.X.XX.XX		Xxxxxxxx		08/01/2021	verified	High
126	XXX.X.XX.XX		Xxxxxxxx		03/07/2023	verified	High
127	XXX.X.XX.XX		Xxxxxxxx		10/23/2023	verified	High
128	XXX.X.XX.XX		Xxxxxxxx		10/23/2023	verified	High
129	XXX.X.XX.XX		Xxxxxxxx		03/07/2023	verified	High
130	XXX.X.XX.XXX		Xxxxxxxx		03/07/2023	verified	High
131	XXX.X.XX.XXX		Xxxxxxxx		11/07/2022	verified	High
132	XXX.X.XX.XXX		Xxxxxxxx		11/07/2022	verified	High
133	XXX.X.XX.XXX		Xxxxxxxx		07/06/2022	verified	High
134	XXX.XX.XXX.XXX		Xxxxxxxx		11/07/2022	verified	High
135	XXX.XXX.XX.XXX		Xxxxxxxx		03/07/2023	verified	High
136	XXX.XXX.XX.XX	xxx.xxxxxxxxxx.xxx	Xxxxxxxx		09/07/2022	verified	High
137	XXX.XXX.XXX.XXX	xxxx.xxxxxxxx.xx	Xxxxxxxx		11/07/2022	verified	High
138	XXX.XX.XX.XXX	xxx-xx-xx-xxx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
139	XXX.XX.XXX.XX	xxx-xx-xxx-xx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxxxx		10/31/2022	verified	High
140	XXX.XX.XXX.XXX	xxxxxxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
141	XXX.XX.XXX.XXX		Xxxxxxxx		11/07/2022	verified	High
142	XXX.XXX.XX.XXX	xxxx-xxxxxxxxxxx.xxxxxxxxxx-xxxx.xxx-xxxxxxx.xxx	Xxxxxxxx		10/23/2023	verified	High
143	XXX.XX.XXX.XXX		Xxxxxxxx		11/07/2022	verified	High
144	XXX.XX.XX.XX	xxxxxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		10/23/2023	verified	High
145	XXX.XX.XX.XXX		Xxxxxxxx		11/07/2022	verified	High
146	XXX.XXX.XXX.XX	xxxxxxxxxxxx.xxxxx.xxxx	Xxxxxxxx		10/31/2022	verified	High
147	XXX.XXX.XX.XXX	xxxxxxxxxx.xxxx.xxxxx.xx.xxxxxxx	Xxxxxxxx		10/23/2023	verified	High
148	XXX.XX.XX.XXX	xx-xx.xxxxxxxxxx.xxx	Xxxxxxxx		02/27/2023	verified	High
149	XXX.XX.XXX.XX	xxxxx-xxxxxxxx.xxxxxxxx.xxx	Xxxxxxxx		02/27/2023	verified	High
150	XXX.XXX.XXX.XX	xxxxxxxxxx.xxxxxxxxx.xxx	Xxxxxxxx		10/23/2023	verified	High
151	XXX.XXX.XXX.XX		Xxxxxxxx		08/20/2022	verified	High
152	XXX.XX.XXX.XXX		Xxxxxxxx		10/31/2022	verified	High
153	XXX.XX.XXX.XXX	xxx.xxxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		08/20/2022	verified	High
154	XXX.XX.XXX.XXX	xxx.xxxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		08/20/2022	verified	High
155	XXX.XX.XXX.XXX	xxx.xxxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		08/20/2022	verified	High
156	XXX.XX.XXX.X	xx-xxx.xxx	Xxxxxxxx		09/07/2022	verified	High
157	XXX.XX.XXX.XXX		Xxxxxxxx		11/07/2022	verified	High
158	XXX.XX.XXX.XXX		Xxxxxxxx	Xxx-xxxxxx Xxxxxxxx	08/29/2021	verified	High
159	XXX.XX.XXX.XXX		Xxxxxxxx	Xxx-xxxxxx Xxxxxxxx	08/29/2021	verified	High
160	XXX.XXX.XX.XXX		Xxxxxxxx		03/07/2023	verified	High
161	XXX.XXX.XX.X	xxxxxxxx.xxx.xxx	Xxxxxxxx		10/23/2023	verified	High
162	XXX.XX.X.XXX	xx-xxx.xx.x.xxx.xxxxxxxxx.xxx	Xxxxxxxx		09/17/2022	verified	High
163	XXX.XX.XXX.XXX	xxxxxxxx.xxxxxx.xxx	Xxxxxxxx		11/07/2022	verified	High
164	XXX.XX.XX.XXX	xxxxxx.xxxxxxxxxxx.xxx	Xxxxxxxx		12/17/2022	verified	High
165	XXX.XXX.XXX.XXX		Xxxxxxxx		12/06/2021	verified	High

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-21, CWE-22, CWE-23	Path Traversal	predictive	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
3	T1059	CAPEC-137	CWE-88, CWE-94	Argument Injection	predictive	High
4	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
6	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	High
7	TXXXX.XXX	CAPEC-16	CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	High
8	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
9	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
10	TXXXX	CAPEC-	CWE-XXX, CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
11	TXXXX	CAPEC-1	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
12	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
13	TXXXX	CAPEC-50	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
14	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
15	TXXXX.XXX	CAPEC-133	CWE-XXX	Xxxxxxxx	predictive	High
16	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
17	TXXXX.XXX	CAPEC-	CWE-XX	Xxxxxxxxxxxxx	predictive	High
18	TXXXX	CAPEC-157	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
19	TXXXX.XXX	CAPEC-59	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	High
20	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (365)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/+CSCOE+/logon.html	predictive	High
2	File	/api/admin/system/store/order/list	predictive	High
3	File	/api/sys/set_passwd	predictive	High
4	File	/bin/boa	predictive	Medium
5	File	/cgi-bin/wapopen	predictive	High
6	File	/cgi-bin/wlogin.cgi	predictive	High
7	File	/csms/?page=contact_us	predictive	High
8	File	/dev/urandom	predictive	Medium
9	File	/etc/ajenti/config.yml	predictive	High
10	File	/etc/quantum/quantum.conf	predictive	High
11	File	/exec/	predictive	Low
12	File	/forum/away.php	predictive	High
13	File	/getcfg.php	predictive	Medium
14	File	/goform/telnet	predictive	High
15	File	/HNAP1	predictive	Low
16	File	/mgmt/tm/util/bash	predictive	High
17	File	/modules/profile/index.php	predictive	High
18	File	/modules/projects/vw_files.php	predictive	High
19	File	/plain	predictive	Low
20	File	/rom-0	predictive	Low
21	File	/staff/tools/custom-fields	predictive	High
22	File	/tmp/phpglibccheck	predictive	High
23	File	/uncpath/	predictive	Medium
24	File	/upload	predictive	Low
25	File	/var/tmp/sess_*	predictive	High
26	File	/xyhai.php?s=/Auth/editUser	predictive	High
27	File	/_next	predictive	Low
28	File	action.php	predictive	Medium
29	File	actionHandler/ajax_managed_services.php	predictive	High
30	File	actionphp/download.File.php	predictive	High
31	File	add_comment.php	predictive	High
32	File	admin/admin.php	predictive	High
33	File	admin/admin.shtml	predictive	High
34	File	admin/content.php	predictive	High
35	File	admin/index.php?id=users/action=edit/user_id=1	predictive	High
36	File	admin_gallery.php3	predictive	High
37	File	affich.php	predictive	Medium
38	File	agent/Core/Controller/SendRequest.cpp	predictive	High
39	File	ajax-actions.php	predictive	High
40	File	ajax/telemetry.php	predictive	High
41	File	akeyActivationLogin.do	predictive	High
42	File	album_portal.php	predictive	High
43	File	alipay/alipayapi.php	predictive	High
44	File	xxxxxx-xxxx.xxxx	predictive	High
45	File	xxxxxx.xxx	predictive	Medium
46	File	xxxxxxxxx-xxxxxxx-xxxxxxx.xxx	predictive	High
47	File	xxxxxxxxxx.xxx	predictive	High
48	File	xxxxxxx.xxxx	predictive	Medium
49	File	xxxxxx.xxxxxxx.xxx	predictive	High
50	File	xxxxxxx.xx	predictive	Medium
51	File	xxx/xxxxxx_xxxxxxx.xxx	predictive	High
52	File	xxxxxxxxxx/xxxxxxxx/xxxx/x	predictive	High
53	File	xxxxxxx/xxxxx/xxxxxxxx	predictive	High
54	File	xxxxx.xxx	predictive	Medium
55	File	xxxx_xxx.xxx	predictive	Medium
56	File	xxx.x	predictive	Low
57	File	xxxxxxxxx.xxx	predictive	High
58	File	xxxxxxxxxxxxxxxxxxx.xxx	predictive	High
59	File	xxxxxxxxx.xxx	predictive	High
60	File	xxxxx.xxxxxxxxxxxx.xxx	predictive	High
61	File	xxxxxxxxxx.xxx	predictive	High
62	File	xxx.xxx	predictive	Low
63	File	xxxxxxxxxxxxxxxxxxxx.xxxx	predictive	High
64	File	xxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxx	predictive	High
65	File	xxxxxx.xxx.xxx	predictive	High
66	File	xxxxxxx.x	predictive	Medium
67	File	xxxx/xxxxxxxxxxxxxxxxxxxx.xxx	predictive	High
68	File	xxxxxx_xxxxxxx.xxx	predictive	High
69	File	xxx-xxx/xxxxxxxxxxxxx.xxx	predictive	High
70	File	xx_xxxx.x	predictive	Medium
71	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
72	File	xxxxxxxxxxxxxxx/	predictive	High
73	File	xxxxxxxxxxxxx/xxxxxx/xxxx.xxx	predictive	High
74	File	xxxxxxx.xxx	predictive	Medium
75	File	xxxxxxx_xxxx.xxx	predictive	High
76	File	xxxxxxxx.xxx	predictive	Medium
77	File	xxxxxxxxxxxxxxxx.x	predictive	High
78	File	xxxxxxxxxxxxxxx.xxx	predictive	High
79	File	xxxxxxxx-xxxx.xxx	predictive	High
80	File	xxxxxxxxxxxxxxxxxxxxxx	predictive	High
81	File	xxxxxxx/xxx/xxxxxxxx.x	predictive	High
82	File	xxxxxxx/xxx/xxx/xxxxx.x	predictive	High
83	File	xxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx_xxxxx.x	predictive	High
84	File	xxxxxxx/xxx/xxxxxx/xxxx_xxxxxxxxxx.x	predictive	High
85	File	x/xxxxxx/xxxxxxxx.xxx	predictive	High
86	File	xxxxxxxx.xxx	predictive	Medium
87	File	xxxxx.xxx	predictive	Medium
88	File	xxxxxxx-xxxxxxx/xxxx/xxxxxx/xxxxxxxx/xxx/xxxxxxxxx/xxxxxx.xx	predictive	High
89	File	xxxxx.xxx	predictive	Medium
90	File	xxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.x	predictive	High
91	File	xxx/xxxx/xxxx_xxxxxx.x	predictive	High
92	File	xxx/xxxxxxxx/xxx.x	predictive	High
93	File	xxx_xxxx.x	predictive	Medium
94	File	xxxx.xxx	predictive	Medium
95	File	xxxxxxxxxx/xxx.xx	predictive	High
96	File	xxxxxx.xxx	predictive	Medium
97	File	xxxxxxxxx/xx/xxxxxxxxxxxx.xxx	predictive	High
98	File	xxx_xxxxxx.x	predictive	Medium
99	File	xxxxxxxxxxxxxx.xxx	predictive	High
100	File	xxxxxxxxx.xxx	predictive	High
101	File	xxxxxxxxx.xx	predictive	Medium
102	File	xxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxx	predictive	High
103	File	xxxx-xxxxxxx.x	predictive	High
104	File	xxxxxx.xxx	predictive	Medium
105	File	xxxxxx/xxxxxx	predictive	High
106	File	xxxx.xxx	predictive	Medium
107	File	xxxxxx_xx.x	predictive	Medium
108	File	xxxx_xxxx.x	predictive	Medium
109	File	xx/xxx/xxxxx.x	predictive	High
110	File	xxxxx.xxx	predictive	Medium
111	File	x-xxxx.xxx	predictive	Medium
112	File	xxx/xxxxxx.xxx	predictive	High
113	File	xxxxx.xxx	predictive	Medium
114	File	xxxxx.xxx?xxx=xxxx&xxx=xxxxxxxx	predictive	High
115	File	xxxx.xxx.xxx	predictive	Medium
116	File	xxxxxxx/xxxxx.xxx	predictive	High
117	File	xxxxxxxxx/xxx/xxx_xxxxxxxx.xxx	predictive	High
118	File	xxxxxxx.xxxxx	predictive	High
119	File	xxxxxxxx.xxx	predictive	Medium
120	File	xxxx_xxxx.xxx	predictive	High
121	File	xx-xxxxx.x	predictive	Medium
122	File	xxxxxx.x	predictive	Medium
123	File	xxxxxx/xxxxx/xxxx.x	predictive	High
124	File	xxxxxxxxxx/xxx/xxxxxx_xxxx.xxx	predictive	High
125	File	xxx/xxxxxxxxxx/xxxxxxxxx.xx	predictive	High
126	File	xxxxxx.x	predictive	Medium
127	File	xxxxxxxxx/xxxxxx.xxx.xxx	predictive	High
128	File	xxxxxxxxx/xxxxxxxx.xxx	predictive	High
129	File	xxxxx.xxxx	predictive	Medium
130	File	xxxxx.xxx	predictive	Medium
131	File	xxxxx.xxxx	predictive	Medium
132	File	xxx.x	predictive	Low
133	File	xxxxx_xxxxxxxxxx_xxxx.x	predictive	High
134	File	xxxx.xxx	predictive	Medium
135	File	xxxx.xxx	predictive	Medium
136	File	xxxxxxxx.xxx.x	predictive	High
137	File	xx/xxx.x	predictive	Medium
138	File	xxxxx/__xxxx_xxxx.xxx	predictive	High
139	File	xxxxxxx/xxx_xxxxxxxx.xxx	predictive	High
140	File	xxx_xxxxx.x	predictive	Medium
141	File	xxx_xxxxx_xxxxxx_xxxxx.xxx	predictive	High
142	File	xxx_xxxxxxxx.xxx	predictive	High
143	File	xxx_xxxxx_xxxxx.x	predictive	High
144	File	xxx_xxxxx_xxxx.x	predictive	High
145	File	xxxxxxx/xxxxx.x	predictive	High
146	File	xxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxx	predictive	High
147	File	xxxxxx_xxxxxx.xxx	predictive	High
148	File	xxx/xxxx/xxxx_xxxxxx.x	predictive	High
149	File	xxx_xxxxxxxx.x	predictive	High
150	File	xxxxxxx.xxx	predictive	Medium
151	File	xxx_xxxx.xxx	predictive	Medium
152	File	xxxxxxx_xxxxxxxxx.x	predictive	High
153	File	xxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxx	predictive	High
154	File	xxxxxx_xxxxxxx.xx	predictive	High
155	File	xxxxxx.xxx	predictive	Medium
156	File	xxxxxx/xxxxxxx-xxx-xxx	predictive	High
157	File	xxxxxxx.xxx	predictive	Medium
158	File	xxxxxxxxxx.xxx.xxx	predictive	High
159	File	xxx	predictive	Low
160	File	xxxxx_xxxxxx.xxx	predictive	High
161	File	xxxx_xxx.xxx	predictive	Medium
162	File	xxxxxxxx.xx	predictive	Medium
163	File	xxxx.xxx	predictive	Medium
164	File	xxxxxxxx.xxx	predictive	Medium
165	File	xxxxxxx.xx	predictive	Medium
166	File	xxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxx.xxx	predictive	High
167	File	xxxxxxxxxx.xxx	predictive	High
168	File	xxx_xxxxxx.xxx	predictive	High
169	File	xxxxx_xxxxx.xxx	predictive	High
170	File	xxxx.xxx	predictive	Medium
171	File	xxxxx.xxx	predictive	Medium
172	File	xxxxx.xxx	predictive	Medium
173	File	xxxxxxxx.xxx	predictive	Medium
174	File	xxxxxxxxxxxx.xxx	predictive	High
175	File	xxxxxxxx_xxxx.xxx	predictive	High
176	File	xxxxx.xxx	predictive	Medium
177	File	xx_xxxx.x	predictive	Medium
178	File	xxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.x	predictive	High
179	File	xxxxxxxx.xxx	predictive	Medium
180	File	xxxx-xxxxxx.x	predictive	High
181	File	xxxx.xxx	predictive	Medium
182	File	xxxx_xxxxxxx_xxxxxxxx.xxx	predictive	High
183	File	xxxxx/xxxxxxxx/xxxxxxxxx.xxx	predictive	High
184	File	xxxxx_xxxxx.xxx	predictive	High
185	File	xxxxxxxxxxxx.xxx	predictive	High
186	File	xxxxxxxxx.xxx	predictive	High
187	File	xxxxx.x	predictive	Low
188	File	xxx_xxx.x	predictive	Medium
189	File	xxxx-xxxxx.xxx	predictive	High
190	File	xxxxx/xxxx-xxxxxx.x	predictive	High
191	File	xx/xxx/xxxxxxxx	predictive	High
192	File	xxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xx	predictive	High
193	File	xxx.xxx	predictive	Low
194	File	xxxxx/xxxxxxxx.xxx	predictive	High
195	File	xxxxx_xxxxx.xxxx	predictive	High
196	File	xxxx/xxxxxxxx/xxxxxxxx.xxxx	predictive	High
197	File	xxxxxxxxx.xx	predictive	Medium
198	File	xxxxxxx.xxx	predictive	Medium
199	File	xxxxxx.xxx	predictive	Medium
200	File	xxx\_xxxxxxx\_xxxxxxx.xxx	predictive	High
201	File	xxx.xxx	predictive	Low
202	File	xxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxx	predictive	High
203	File	xx-xxxxx/xxxxx.xxx?xxxx=xx_xxxxxxx_xxxx_xxxxxx.xxx&xxxxxxx=x	predictive	High
204	File	xx-xxxxxxxx/xxxxx-xx-xxxxx.xxx	predictive	High
205	File	xx-xxxxx.xxx	predictive	Medium
206	File	xxxxxxxxxx.xxx	predictive	High
207	File	xxxxx.x	predictive	Low
208	File	xxxxx.xxx	predictive	Medium
209	File	xxx/xx_xxx.xxx	predictive	High
210	File	\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxx	predictive	High
211	File	~/xxx-xxx-xxxxxx.xxx	predictive	High
212	Library	xxx_xxxx_xxxxxx.xxx	predictive	High
213	Library	xxxxxxxx/xxxxxxx/xxxxxxxx/xxx/xxxx/xxxx/xxxxxx/xxx/xxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx/xxxxxx/xxxxxxxx_xxxxxxxxxxxxxxxx.xxxx	predictive	High
214	Library	xxxxxx[xxxxxx_xxxx	predictive	High
215	Library	xxxxxx.xxx	predictive	Medium
216	Library	xxxxxxx-xxxxxxx/xxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx.xxxx	predictive	High
217	Library	xxx/xxx/xxx.xxxx.xxx	predictive	High
218	Library	xxxxxx/xxx/xxxxxxxxx/xxx/xxx_xxx.x	predictive	High
219	Library	xxx/xxxxxx/xxxxxxxx.xx	predictive	High
220	Library	xxx/xxxxxx/xxxxxxx/xxxxxxxxx.xx	predictive	High
221	Library	xxx/xxxxxx/xxxxxxx/xxxxx.xx	predictive	High
222	Library	xxx/xxxxxx/xxx/xxxxxxxxxxx_xxxxxxxxx.xx	predictive	High
223	Library	xxx/x.x	predictive	Low
224	Library	xxx/xxxxxxx/xxxxx.xx	predictive	High
225	Library	xxx/xxxxxxx.xx	predictive	High
226	Library	xxxxxxxxx.x.x.xxx.xxx	predictive	High
227	Library	xxxxxxxx.xxx	predictive	Medium
228	Library	xxxxxx.xxx	predictive	Medium
229	Library	xxxxxxxxxx.xxx	predictive	High
230	Library	xxxxxx.xxx	predictive	Medium
231	Library	xxxxxxx.xxx/xxxxxx.xxx	predictive	High
232	Library	xxxxxx.xxx	predictive	Medium
233	Argument	$xxxxxxx	predictive	Medium
234	Argument	-x	predictive	Low
235	Argument	-x/-x	predictive	Low
236	Argument	xx/xx	predictive	Low
237	Argument	xxxxxxxxxxxx	predictive	Medium
238	Argument	xxxxx_xxx	predictive	Medium
239	Argument	xxxxxx_xxxx	predictive	Medium
240	Argument	xxxxxxxxxxxxxx	predictive	High
241	Argument	xxxx	predictive	Low
242	Argument	xxxxxxxx	predictive	Medium
243	Argument	xxxxxxxx	predictive	Medium
244	Argument	xxxxx	predictive	Low
245	Argument	xxxxxx	predictive	Low
246	Argument	xxx_xxx	predictive	Low
247	Argument	xxx	predictive	Low
248	Argument	xxxxx	predictive	Low
249	Argument	xxx_xx	predictive	Low
250	Argument	xxxx_xx	predictive	Low
251	Argument	xxxxxxx	predictive	Low
252	Argument	xxxxxx	predictive	Low
253	Argument	xxxxxx/xxxxxxx	predictive	High
254	Argument	xxxxxx[xxxxxx_xxxx]	predictive	High
255	Argument	xxxxxxx	predictive	Low
256	Argument	xxxxxxxxxx	predictive	Medium
257	Argument	xxxxxx	predictive	Low
258	Argument	xxxxxx_xx	predictive	Medium
259	Argument	xxx_x_xxx	predictive	Medium
260	Argument	xx_xxxxxxxxxxxxx_xx	predictive	High
261	Argument	xxxxxxxxxxxxxxxx	predictive	High
262	Argument	xxxx_xxx	predictive	Medium
263	Argument	xxxx xx xxxxxxx	predictive	High
264	Argument	xxx_xxxx	predictive	Medium
265	Argument	xxx	predictive	Low
266	Argument	xxx_xxxx	predictive	Medium
267	Argument	xxxxxxx	predictive	Low
268	Argument	xxx	predictive	Low
269	Argument	xxxxx	predictive	Low
270	Argument	xxxxxxxx[xxxx_xxx]	predictive	High
271	Argument	xxxxx xxxx	predictive	Medium
272	Argument	xxxxxxx	predictive	Low
273	Argument	xxxxx	predictive	Low
274	Argument	xxxxx_xx	predictive	Medium
275	Argument	xxxx	predictive	Low
276	Argument	xxxxxxxxxx	predictive	Medium
277	Argument	xxx_xxxxx_xx	predictive	Medium
278	Argument	xxxxx_xxxx	predictive	Medium
279	Argument	xxxx=xxxxxx	predictive	Medium
280	Argument	xxxxx_xx	predictive	Medium
281	Argument	xxxxxx	predictive	Low
282	Argument	x_xxxxxxxx	predictive	Medium
283	Argument	xxx-xxx-xxxx	predictive	Medium
284	Argument	xxxx	predictive	Low
285	Argument	xxxx	predictive	Low
286	Argument	xx_xxxx_xx/xx_xxxx_xx	predictive	High
287	Argument	xxx_xxxxxxxxx	predictive	High
288	Argument	xxx_xxxxxx	predictive	Medium
289	Argument	xx	predictive	Low
290	Argument	xxxxxxxxxx	predictive	Medium
291	Argument	xxxxx_xxxx/xxxxxx/xxxxx	predictive	High
292	Argument	xxxxx	predictive	Low
293	Argument	xxxx_xx	predictive	Low
294	Argument	xx_xxxxx	predictive	Medium
295	Argument	xxx	predictive	Low
296	Argument	xxxxxxxx	predictive	Medium
297	Argument	xxxxxxxxxx	predictive	Medium
298	Argument	xxx_xxxxxxx_xxx	predictive	High
299	Argument	xxxxxxxxxxxx_xxxxxx	predictive	High
300	Argument	xxxxxxxxx	predictive	Medium
301	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	High
302	Argument	xxxxxxxxxxx	predictive	Medium
303	Argument	xxxxxxxxxxxxxxxxxxxxxxx	predictive	High
304	Argument	xxxx	predictive	Low
305	Argument	xxxx/xxxxxxxxxx xxxxx/xxxxx	predictive	High
306	Argument	xxxx_xxxx	predictive	Medium
307	Argument	xxxxxxxxx	predictive	Medium
308	Argument	xxxxxx_xxx	predictive	Medium
309	Argument	xxxxxxxxxxxxxxxx	predictive	High
310	Argument	x_xx	predictive	Low
311	Argument	xx	predictive	Low
312	Argument	xxxx	predictive	Low
313	Argument	xxxx_xxxx_xxxxxxx	predictive	High
314	Argument	xxxxxxxx	predictive	Medium
315	Argument	xxxxxxxx	predictive	Medium
316	Argument	xxxx[xxxxxxxxxxxxxxxxx]	predictive	High
317	Argument	xxxxxxxxx	predictive	Medium
318	Argument	xxxxx_xxxx_xxxx	predictive	High
319	Argument	xxxxxxxxxx[x]	predictive	High
320	Argument	xxxx_xx	predictive	Low
321	Argument	xxxxxxxx	predictive	Medium
322	Argument	xxxxxx	predictive	Low
323	Argument	xxxxxxxx	predictive	Medium
324	Argument	xxxxxxxx	predictive	Medium
325	Argument	xxxxxxxx	predictive	Medium
326	Argument	xxxxxxx	predictive	Low
327	Argument	xxxxxx	predictive	Low
328	Argument	xxxxx	predictive	Low
329	Argument	xxxx	predictive	Low
330	Argument	xxxxxx/xxxxx	predictive	Medium
331	Argument	xxxxxx	predictive	Low
332	Argument	xxxxxxx_xxxxx	predictive	High
333	Argument	xxxxxxx	predictive	Low
334	Argument	xxxxxxxx	predictive	Medium
335	Argument	xxxxxxx_xxxx	predictive	Medium
336	Argument	xxxxxxxxxxx_xxxx	predictive	High
337	Argument	xxxxxxxxx	predictive	Medium
338	Argument	xxx	predictive	Low
339	Argument	xxxxxx	predictive	Low
340	Argument	xxxxxxxxxx	predictive	Medium
341	Argument	xxxxxxxx	predictive	Medium
342	Argument	xxxxxxxxxxxx	predictive	Medium
343	Argument	xxx	predictive	Low
344	Argument	xxxxxxxxxxx	predictive	Medium
345	Argument	xxxx	predictive	Low
346	Argument	xxx	predictive	Low
347	Argument	xxxx	predictive	Low
348	Argument	xxxxxxxx	predictive	Medium
349	Argument	xxxxxxxx/xxxx	predictive	High
350	Argument	xxxx	predictive	Low
351	Argument	xxxx_xxxxxxx	predictive	Medium
352	Argument	xxxxx	predictive	Low
353	Argument	xxx	predictive	Low
354	Input Value	../	predictive	Low
355	Input Value	../..	predictive	Low
356	Input Value	/xx *	predictive	Low
357	Input Value	x\"><xxxxxx>xxxxx(x)</xxxxxx>	predictive	High
358	Input Value	<xxxxxx>xxxxx(xxxxxxxx.xxxxxx);</xxxxxx>	predictive	High
359	Input Value	xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx	predictive	High
360	Input Value	xxxxxxxx.+xxx	predictive	High
361	Input Value	…/.	predictive	Low
362	Pattern	x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|.\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|x\|xx\|	predictive	High
363	Network Port	xx xxxxxxx xxx.xx.xx.xx	predictive	High
364	Network Port	xxx/xxxx	predictive	Medium
365	Network Port	xxx xxxxxx xxxx	predictive	High

References (24)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!