Baldr Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en886
zh34
de24
sv14
ar12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

nl996
ru4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Dorkbot4
Domestic Kitten3
Charming Kitten2
Mylobot2
Ursnif2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined234
Operating System126
Content Management System40
Firewall Software38
Web Server28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined234
Microsoft126
Cisco40
Apache34
Linux28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows90
Linux Kernel28
F5 BIG-IP22
Google Android16
WordPress16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined3.160.00000CVE-2020-12440
2Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.070.01055CVE-2014-8572
3Microsoft Windows WPAD access control8.07.9$25k-$100k$0-$5kHighOfficial Fix0.060.34346CVE-2016-3213
4Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.070.01648CVE-2021-34530
5Microsoft Windows Event Tracing Privilege Escalation7.36.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.010.01150CVE-2021-34487
6Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.430.25090CVE-2017-0055
7Cisco Secure Email and Web Manager Web-based Management Interface improper authentication9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.090.01055CVE-2022-20798
8nginx Log File link following7.87.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.090.05028CVE-2016-1247
9Apache HTTP Server mod_rewrite redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.090.07767CVE-2020-1927
10Microsoft .NET Core/Visual Studio denial of service6.45.5$5k-$25k$0-$5kUnprovenOfficial Fix0.010.02427CVE-2021-26423
11Microsoft Windows TCP/IP Stack Privilege Escalation9.98.6$100k and more$5k-$25kUnprovenOfficial Fix0.040.01728CVE-2021-26424
12Microsoft Windows Event Tracing Privilege Escalation8.37.3$100k and more$5k-$25kUnprovenOfficial Fix0.040.01150CVE-2021-26425
13Microsoft Windows Bluetooth Driver Privilege Escalation8.37.3$100k and more$5k-$25kUnprovenOfficial Fix0.020.01150CVE-2021-34537
14Microsoft Dynamics 365 Privilege Escalation8.57.4$25k-$100k$0-$5kUnprovenOfficial Fix0.020.01967CVE-2021-34524
15Microsoft Windows Storage Spaces Controller Local Privilege Escalation7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.01150CVE-2021-34536
16Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.01648CVE-2021-34533
17Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.02427CVE-2021-36926
18Microsoft ASP.NET Core/Visual Studio information disclosure4.94.3$5k-$25k$0-$5kUnprovenOfficial Fix0.000.01150CVE-2021-34532
19Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.02427CVE-2021-36933
20Microsoft Windows Remote Desktop Client Remote Code Execution8.87.9$100k and more$5k-$25kProof-of-ConceptOfficial Fix0.030.01728CVE-2021-34535

IOC - Indicator of Compromise (121)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.8.88.198BaldrverifiedHigh
25.45.73.87BaldrverifiedHigh
35.188.60.7BaldrverifiedHigh
45.188.60.18BaldrverifiedHigh
55.188.60.24BaldrverifiedHigh
65.188.60.30BaldrverifiedHigh
75.188.60.54BaldrverifiedHigh
85.188.60.68BaldrverifiedHigh
95.188.60.74BaldrverifiedHigh
105.188.60.101BaldrverifiedHigh
115.188.60.115BaldrverifiedHigh
125.188.60.206BaldrverifiedHigh
135.188.231.96BaldrverifiedHigh
145.188.231.210BaldrverifiedHigh
1518.207.217.146ec2-18-207-217-146.compute-1.amazonaws.comBaldrverifiedMedium
1618.221.49.166ec2-18-221-49-166.us-east-2.compute.amazonaws.comBaldrverifiedMedium
1723.19.58.101BaldrverifiedHigh
1823.95.95.6123-95-95-61-host.colocrossing.comBaldrverifiedHigh
1923.254.217.112hwsrv-930282.hostwindsdns.comBaldrverifiedHigh
2023.254.225.240sha29.phpautomailer.comBaldrverifiedHigh
2145.64.186.1045-64-186-10.static.bangmod-idc.comBaldrverifiedHigh
2245.77.252.14345.77.252.143.vultr.comBaldrverifiedMedium
2346.30.42.130assetshub.comBaldrverifiedHigh
2446.249.62.196BaldrverifiedHigh
2551.83.44.234dev.xyvo.nlBaldrverifiedHigh
26XX.XXX.XXX.XXXx.xx.xxxxxx.xxxxxxxxx.xxXxxxxverifiedHigh
27XX.XX.XX.XXXXxxxxverifiedHigh
28XX.XX.XXX.XXXxxx-xxx-xx-xx-.xxxxxxx-xxxXxxxxverifiedHigh
29XX.XXX.XX.XXXxx.xxx.xx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
30XX.XXX.XX.XXXxx.xxx.xx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
31XX.XXX.XX.XXXxx.xxx.xx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
32XX.XXX.XX.XXxx.xxx.xx.xx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
33XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
34XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
35XX.XX.XXX.XXxxxxxxxx.xxx.xxXxxxxverifiedHigh
36XX.XX.XX.XXXXxxxxverifiedHigh
37XX.XX.XX.XXXxxxxverifiedHigh
38XX.XXX.XXX.Xxxx-xxxx.xxXxxxxverifiedHigh
39XX.XXX.XXX.XXXXxxxxverifiedHigh
40XX.XXX.XXX.XXXxxxxxx.xxxxxx.xxxxxXxxxxverifiedHigh
41XX.XXX.XX.XXXxxxxverifiedHigh
42XX.XXX.XX.XXXxxxxverifiedHigh
43XX.XXX.XX.XXXXxxxxverifiedHigh
44XX.XX.XXX.XXXxxxxxxxxxx.xxxxxxxx.xxxx.xxxXxxxxverifiedHigh
45XX.XX.XXX.XXXxxxxxxx.xxXxxxxverifiedHigh
46XX.XX.XXX.XXXXxxxxverifiedHigh
47XX.XX.XXX.XXXXxxxxverifiedHigh
48XX.XX.XXX.XXXXxxxxverifiedHigh
49XX.XX.XXX.XXXXxxxxverifiedHigh
50XX.XX.XXX.XXXXxxxxverifiedHigh
51XX.XX.XXX.XXXXxxxxverifiedHigh
52XX.XX.XXX.XXXXxxxxverifiedHigh
53XX.XX.XXX.XXXXxxxxverifiedHigh
54XX.XX.XXX.XXXXxxxxverifiedHigh
55XX.XXX.XXX.XXXxxxxxxxx.xxxxxxxxxxx.xxXxxxxverifiedHigh
56XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
57XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
58XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
59XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
60XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
61XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
62XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
63XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
64XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
65XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
66XX.XX.X.XXxx.xx.x.xx.xxxxxxx-xxxxx.xx.xxxx.xxxxx.xxXxxxxverifiedHigh
67XXX.XXX.XXX.XXXXxxxxverifiedHigh
68XXX.XXX.XX.XXXxxxx.x.xxxxxxxxx.xxXxxxxverifiedHigh
69XXX.XXX.XXX.XXXXxxxxverifiedHigh
70XXX.XXX.XXX.XXXXxxxxverifiedHigh
71XXX.XXX.X.XXXXxxxxverifiedHigh
72XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
73XXX.XX.XX.XXXXxxxxverifiedHigh
74XXX.XXX.XXX.XXXXxxxxverifiedHigh
75XXX.XXX.XXX.XXXxxxxverifiedHigh
76XXX.XXX.XX.XXxxxxxxx.xxxx.xxxxxxx.xxxXxxxxverifiedHigh
77XXX.XXX.XX.XXxxxx.xxxxxxx.xxxXxxxxverifiedHigh
78XXX.XXX.XXX.XXxxxxxx.xxxXxxxxverifiedHigh
79XXX.XXX.XXX.XXxxxxxxxx.xxxXxxxxverifiedHigh
80XXX.XXX.XXX.XXxxxxxxxx.xxxxxxx.xxxx.xxXxxxxverifiedHigh
81XXX.XXX.XXX.XXxxxxxxxxxxxxxx.xxxx.xxXxxxxverifiedHigh
82XXX.XXX.XXX.XXxxxxxxxxxxx.xxXxxxxverifiedHigh
83XXX.XXX.XXX.XXxxxxxxxxxx.xxxx.xxXxxxxverifiedHigh
84XXX.XXX.XXX.XXXxxxxxxxxx.xxxx.xxxx.xxXxxxxverifiedHigh
85XXX.XXX.XXX.XXXxxxx.xxxx.xxXxxxxverifiedHigh
86XXX.XXX.XXX.XXxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
87XXX.XXX.XXX.XXxxxxxxxxx.xxXxxxxverifiedHigh
88XXX.XXX.XXX.XXxxxxxx.xxxXxxxxverifiedHigh
89XXX.XXX.XXX.XXxxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
90XXX.XXX.XXX.XXxxxxxx.xxxxxxxxx.xxxXxxxxverifiedHigh
91XXX.XXX.XXX.XXxxx.xxxx.xxXxxxxverifiedHigh
92XXX.XXX.XXX.XXxxxx.xxxx.xxXxxxxverifiedHigh
93XXX.XXX.XXX.XXXxxx.xxxXxxxxverifiedHigh
94XXX.XXX.XXX.XXXxxxxxxxx.xxxx.xxXxxxxverifiedHigh
95XXX.XXX.XX.XXXxxxxxxxxx.xxx.xxxxxxxxxxxx.xxXxxxxverifiedHigh
96XXX.XXX.XXX.XXxxxxxxxx.xxxxxxxx.xxXxxxxverifiedHigh
97XXX.XXX.XX.XXxxxxxx.xxxXxxxxverifiedHigh
98XXX.XXX.XX.XXxxxxxx.xxxXxxxxverifiedHigh
99XXX.XXX.XX.XXxxxxxx.xxxXxxxxverifiedHigh
100XXX.XXX.XX.XXxxxxxxxx.xxxxxxxxx.xxxxXxxxxverifiedHigh
101XXX.XXX.XX.XXxx.xxxxxx.xxxxxxxxx.xxxxXxxxxverifiedHigh
102XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxx-xxxXxxxxverifiedHigh
103XXX.XXX.X.XXxxxx.xxxx.xxXxxxxverifiedHigh
104XXX.XXX.X.XXXxxxx.xxxx.xxXxxxxverifiedHigh
105XXX.XXX.X.XXXxxxx.xxxx.xxXxxxxverifiedHigh
106XXX.XXX.X.Xxxxxxxxxxxxxxxxxx.xxxXxxxxverifiedHigh
107XXX.XXX.X.XXXxxxxxxx.xxxx.xxxx.xxXxxxxverifiedHigh
108XXX.XXX.XX.XXXxxxxxxxxx.xxxxx.xxx.xxXxxxxverifiedHigh
109XXX.XXX.XXX.XXXxxxxxxxxx.xxxxx.xxx.xxXxxxxverifiedHigh
110XXX.XXX.XXX.XXxxxxverifiedHigh
111XXX.XXX.XXX.XXXxxxxxxx.xxxxxxx.xxXxxxxverifiedHigh
112XXX.XXX.XX.XXxxxxxx.xxxXxxxxverifiedHigh
113XXX.XX.XXX.XXXxxxx-xxx-xx-xxx-xxx.xxxxxxxxx.xxxXxxxxverifiedHigh
114XXX.XX.XXX.XXXxxxxverifiedHigh
115XXX.XX.XXX.XXXXxxxxverifiedHigh
116XXX.XX.XXX.XXxxxx.xxxx.xxXxxxxverifiedHigh
117XXX.XXX.XXX.XXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxverifiedHigh
118XXX.XXX.XX.XXXxxxxx.xxxx-xxx.xx.xxx.xxx.xx-xxxx.xxxxXxxxxverifiedHigh
119XXX.XX.XX.XXXxxxxx.xxxxxx.xxxXxxxxverifiedHigh
120XXX.XXX.XXX.XXXxxxx.xxxx.xxxx.xxxx.xxxxxx.xxxxxxxxxxxx.xxxXxxxxverifiedHigh
121XXX.X.XXX.XXXxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Pathname TraversalpredictiveHigh
2T1055CWE-74InjectionpredictiveHigh
3T1059CWE-94Cross Site ScriptingpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
12TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (234)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.travis.ymlpredictiveMedium
2File/.envpredictiveLow
3File/admin.phppredictiveMedium
4File/admin/subnets/ripe-query.phppredictiveHigh
5File/core/conditions/AbstractWrapper.javapredictiveHigh
6File/debug/pprofpredictiveMedium
7File/exportpredictiveLow
8File/file?action=download&filepredictiveHigh
9File/hardwarepredictiveMedium
10File/medical/inventories.phppredictiveHigh
11File/monitoringpredictiveMedium
12File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
13File/plugin/LiveChat/getChat.json.phppredictiveHigh
14File/plugins/servlet/audit/resourcepredictiveHigh
15File/plugins/servlet/project-config/PROJECT/rolespredictiveHigh
16File/replicationpredictiveMedium
17File/RestAPIpredictiveMedium
18File/tmp/speedtest_urls.xmlpredictiveHigh
19File/tmp/zarafa-vacation-*predictiveHigh
20File/uncpath/predictiveMedium
21File/uploadpredictiveLow
22File/user/loader.php?api=1predictiveHigh
23File/var/log/nginxpredictiveHigh
24File/var/run/watchman.pidpredictiveHigh
25File/viewer/krpano.htmlpredictiveHigh
26File/wp-json/oembed/1.0/embed?urlpredictiveHigh
27Filexxxxx-xxxx.xxx?xxxxxx=xxx_xxxxxxx xxxxx[x][xxx]predictiveHigh
28Filexxxxxxx.xxxpredictiveMedium
29Filexxxxxxx.xxxpredictiveMedium
30Filexxx/xxx/xxxx-xxxpredictiveHigh
31Filexxx/xx/xxxxxxpredictiveHigh
32Filexxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxx/xxxxxxx/xxx/xxxxxx_xxxx.xpredictiveHigh
34Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
35Filexxxx-xxxx.xpredictiveMedium
36Filexxxx-xxxxxxx.xpredictiveHigh
37Filexxxx/xxxxxxx.xxxpredictiveHigh
38Filexxxxxx_xxxx.xxxpredictiveHigh
39Filex:\xxxxxxx xxxxx\xxxxxx xxxxx\xxx\xxxxxxx.xxxpredictiveHigh
40Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveHigh
41Filexxxxxxxx.xxxpredictiveMedium
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxxx.xxxpredictiveMedium
44Filexxx-xxx/xxxxpredictiveMedium
45Filexxx-xxx/xx.xxxpredictiveHigh
46Filexxx/xxxxxxx.xxpredictiveHigh
47Filexxxxx.xxxpredictiveMedium
48Filexxxxxx.xxxpredictiveMedium
49Filexxx_xxxxxx.xxxpredictiveHigh
50Filexxx.xxxpredictiveLow
51Filexxxxxx.xxxpredictiveMedium
52Filexxxxxxxx.xxpredictiveMedium
53Filex_xxxxxxpredictiveMedium
54Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
55Filexxxxxx.xxxpredictiveMedium
56Filexxxxxxx.xxxpredictiveMedium
57Filexxxxxxx/xxxxx/xxxxxx.xpredictiveHigh
58Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHigh
59Filexxxxxxx/xxx/xxxxxxx/xxxx.xpredictiveHigh
60Filexxxxxxx/xxxx/xxxx_xxxxxxxxx_xxxxx.xpredictiveHigh
61Filexxxx_xxxxx.xxxpredictiveHigh
62Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xpredictiveHigh
63Filexxxxxxxx.xpredictiveMedium
64Filexxx_xxxx.xpredictiveMedium
65Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
66Filexx/xxxxxxxxx.xpredictiveHigh
67Filexx/xxxxx.xpredictiveMedium
68Filexx/xxxxx/xxxxxxx.xpredictiveHigh
69Filexx.xxxxx.xxxpredictiveMedium
70Filexxxxx.xxxpredictiveMedium
71Filexxxxxxxxxx.xxpredictiveHigh
72Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
73Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
74Filexxxxx-xxxxx.xpredictiveHigh
75Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
76Filexxx/xxxxxx.xxxpredictiveHigh
77Filexxxxxxx/xxxx.xxxpredictiveHigh
78Filexxxxxxxx/xxxxx-xxxxxxxxx.xxxpredictiveHigh
79Filexxxxx.xxpredictiveMedium
80Filexxxxx.xxxpredictiveMedium
81Filexxxxx.xxx?xx=xxxxxxxx.xxxxxxpredictiveHigh
82Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
83Filexxxx_xxxx.xxxpredictiveHigh
84Filexxxx_xxxxxx.xxpredictiveHigh
85Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
86Filexxxxxx/xxxxx/xxxxx_xxxxxx_xxxxxx.xpredictiveHigh
87Filexxxxxxx/xx_xxx.xpredictiveHigh
88Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
89Filexxxx.xxxpredictiveMedium
90Filexxxxx.xxxpredictiveMedium
91Filexxxxx.xxxpredictiveMedium
92Filexxxx.xpredictiveLow
93Filexxxxxx_xxxxx_xxxxxxx.xpredictiveHigh
94Filexxxxxxxxxxxxxxxx.xpredictiveHigh
95Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
96Filexxx/xxxxxxxxx/x_xxxxxx.xpredictiveHigh
97Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
98Filexxx_xx.xpredictiveMedium
99Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
100Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
101Filexxxxxxxxx.xxx.xxxpredictiveHigh
102Filexxxxxxx.xxxpredictiveMedium
103Filexxxxxxxxxxxxx.xxxpredictiveHigh
104Filexxxxxxxxxxxx.xxxpredictiveHigh
105Filexxxxxxxxxxxxx.xxxxpredictiveHigh
106Filexxxxx.xxxpredictiveMedium
107Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
108Filexxx_xxxxxx/xxxxxx/xxxxxxxxxxxxpredictiveHigh
109Filexxxxxxxx.xxxpredictiveMedium
110Filexxxxxxx.xpredictiveMedium
111Filexxxxxxx.xxxpredictiveMedium
112Filexxxxxxxxxx/xxxxxxxxxx_xxxx.xxx?xxxxxx=xxxxxxpredictiveHigh
113Filexxxxxxx.xpredictiveMedium
114Filexxxx_xxx_xx.xpredictiveHigh
115Filexx_xxx.xpredictiveMedium
116Filexxx.xpredictiveLow
117Filexxxxxx.xpredictiveMedium
118Filexxxxx.xxxpredictiveMedium
119Filexxxx-xxxxxx.xpredictiveHigh
120Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
121Filexxxxxxx.xpredictiveMedium
122Filexxx/xxx_xxxxx.xpredictiveHigh
123Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
124Filexxxxxxxxxx.xpredictiveMedium
125Filexxxxxx.xxxpredictiveMedium
126Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
127Filexxxxxxxxx.xpredictiveMedium
128Filexxxx.xxxxxxxxx.xxxpredictiveHigh
129Filexxxxxx.xxxpredictiveMedium
130Filexxx.xxxpredictiveLow
131Filexxxxxx/xx/xxxx.xxxpredictiveHigh
132Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
133Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
134Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxpredictiveHigh
135Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
136Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
137Filexx/xx/xxxxxpredictiveMedium
138Filexx_xxxxxxx.xpredictiveMedium
139Filexxxxxx.x/xxxxx.x/xxxx.xpredictiveHigh
140File_xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
141File~/xxxx/xxx/xxxxxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
142Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
143Libraryxxxxx/xxxxxxxxx/xxxx.xxxxxxxxx.xxxpredictiveHigh
144Libraryxxxxxxxxx.xxxpredictiveHigh
145Libraryxxxxxxxx.xxxpredictiveMedium
146Libraryxxxxxxxxxx/xxxxxxxx.xpredictiveHigh
147Libraryxxxxxxxx.xxxpredictiveMedium
148Libraryxxxxxxxxx.xxxpredictiveHigh
149Libraryxxxxxx.xxx.xxx.xxxpredictiveHigh
150Libraryxxxxxxxx.xxxpredictiveMedium
151Libraryxxxxxxxx.xxxpredictiveMedium
152Argument-xpredictiveLow
153ArgumentxxxxxxpredictiveLow
154Argumentxxxxxx_xxxxpredictiveMedium
155ArgumentxxxxxxxxpredictiveMedium
156ArgumentxxxxxxxxxxpredictiveMedium
157ArgumentxxxpredictiveLow
158ArgumentxxxxxpredictiveLow
159Argumentxxx_xxpredictiveLow
160ArgumentxxxxxxxxxxxxxxxpredictiveHigh
161Argumentxxxx_xxpredictiveLow
162ArgumentxxxxxxpredictiveLow
163Argumentxxxxxxx-xxxxxxpredictiveHigh
164ArgumentxxxxxxxxxxpredictiveMedium
165ArgumentxxxxxxxpredictiveLow
166Argumentxxxxxxx_xxxx->xxx($xxxxxxxx)predictiveHigh
167ArgumentxxxxxxxxxxxpredictiveMedium
168ArgumentxxxxxxxxxxxpredictiveMedium
169Argumentxxxxxx_xxxxpredictiveMedium
170Argumentxxxxxxxxx->xxxxxxxxxpredictiveHigh
171ArgumentxxxxxxxxxxpredictiveMedium
172ArgumentxxxxxxxxpredictiveMedium
173ArgumentxxpredictiveLow
174ArgumentxxxxxxxxxxxxxxpredictiveHigh
175ArgumentxxxxxxxpredictiveLow
176Argumentxxxx_xxxxxx_xxxxpredictiveHigh
177Argumentxxxx x xxxxpredictiveMedium
178Argumentxxxxxxxxx/xxxxxxxxxpredictiveHigh
179ArgumentxxxpredictiveLow
180Argumentxx_xxxxpredictiveLow
181ArgumentxxxxpredictiveLow
182ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
183ArgumentxxpredictiveLow
184Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
185ArgumentxxxxxpredictiveLow
186Argumentxxxxx/xxxxxxpredictiveMedium
187Argumentxxxx_xxxxpredictiveMedium
188ArgumentxxxxxxxxpredictiveMedium
189ArgumentxxxxxxxxpredictiveMedium
190ArgumentxxxxxxxxxpredictiveMedium
191Argumentxxx_xxxpredictiveLow
192Argumentxxxxxxxx_xxxxxpredictiveHigh
193ArgumentxxxxxxpredictiveLow
194ArgumentxxxxxxpredictiveLow
195Argumentxx_xxxxxxx_xxxxxxxpredictiveHigh
196ArgumentxxxxxpredictiveLow
197Argumentxxxxxxx_xxxpredictiveMedium
198ArgumentxxxxpredictiveLow
199ArgumentxxxxxxxpredictiveLow
200ArgumentxxxxxxpredictiveLow
201Argumentxxxxxxxx_xxxxxpredictiveHigh
202ArgumentxxxxxxpredictiveLow
203ArgumentxxxpredictiveLow
204ArgumentxxxxxxxxxxxxpredictiveMedium
205ArgumentxxxxxxpredictiveLow
206ArgumentxxxxxxxxxpredictiveMedium
207ArgumentxxxxxxxxxpredictiveMedium
208ArgumentxxxpredictiveLow
209ArgumentxxxxxxpredictiveLow
210ArgumentxxxpredictiveLow
211ArgumentxxxxpredictiveLow
212Argumentxxxxxxxx-xxxxxxxxpredictiveHigh
213ArgumentxxxpredictiveLow
214ArgumentxxxxpredictiveLow
215ArgumentxxxxxxxxpredictiveMedium
216ArgumentxxxxxxxpredictiveLow
217Argumentxxxx->xxxxxxxpredictiveHigh
218ArgumentxxxpredictiveLow
219Argument\xxxxxx\predictiveMedium
220Argument_xxx_xxxxxxx_xxxxxxx_xxxxxxxxxxxxx_xxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxpredictiveHigh
221Argument_xxx_xxxxxxxxxxx_predictiveHigh
222Input Value.%xx.../.%xx.../predictiveHigh
223Input Valuexxx xxxxxxxxpredictiveMedium
224Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
225Input ValuexxxxxpredictiveLow
226Input Valuexxxxxxx_xxxxx.xxxxxxx_xxxxxxxpredictiveHigh
227Input Value\xpredictiveLow
228Input Value….//predictiveLow
229Pattern() {predictiveLow
230Pattern|xx|predictiveLow
231Network PortxxxxxpredictiveLow
232Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
233Network Portxxx/xx (xxxxxx)predictiveHigh
234Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!