DPRK Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en712
zh282
ja6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

hk1000

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows42
Tuxera ntfs-3g24
Google Chrome22
Apple iOS16
Adobe Acrobat Reader16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1D-Link DIR-645 Interface Wireless command injection9.88.8$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.040.07584CVE-2015-2051
2Symantec Gateway ipchange.php exec access control8.88.4$5k-$25k$0-$5kHighOfficial Fix0.010.81590CVE-2012-0297
3Fortinet FortiOS/FortiProxy Administrative Interface authentication bypass9.89.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.89292CVE-2022-40684
4Palo Alto PAN-OS GlobalProtect Portal stack-based overflow9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01086CVE-2021-3064
5Apache Ambari pathname traversal6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2020-13924
6OpenSSL AES OCB Mode missing encryption5.65.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01537CVE-2022-2097
7Cisco ASA/Firepower Threat Defense DNS Inspection resource consumption8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2022-20760
8Apple iOS/iPadOS Kernel out-of-bounds write7.87.5$25k-$100k$5k-$25kHighOfficial Fix0.000.01455CVE-2022-32917
9Microsoft Windows Support Diagnostic Tool Follina Remote Code Execution7.37.1$25k-$100k$0-$5kHighWorkaround0.040.69589CVE-2022-30190
10Apache Log4j Incomplete Fix CVE-2021-44228 deserialization4.54.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.71951CVE-2021-45046
11Fortinet FortiOS sslvpnd heap-based overflow9.89.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.110.01156CVE-2022-42475
12RainyGao DocSys ZIP File Decompression path traversal5.55.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00890CVE-2022-4402
13maku-boot Scheduled Task AbstractScheduleJob.java doExecute injection6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.00890CVE-2022-4322
14Oracle Communications Messaging Server Apache PDFBox denial of service5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.120.05242CVE-2021-31812
15Apache Shiro RequestDispatcher improper authentication8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01246CVE-2022-40664
16nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined1.360.00000CVE-2020-12440
17Microsoft App Installer Privilege Escalation7.16.2$5k-$25k$0-$5kUnprovenOfficial Fix0.010.01150CVE-2021-43890
18Apache Log4j JMSAppender deserialization8.88.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.68637CVE-2021-4104
19Apache Tomcat HTTP Header request smuggling7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined0.070.05242CVE-2021-33037
20Microsoft Exchange Server Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.31667CVE-2021-42321

Campaigns (6)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (136)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.62.56.160r-160.56.62.5.ptr.avast.comDPRKverifiedHigh
25.62.56.161r-161.56.62.5.ptr.avast.comDPRKverifiedHigh
35.62.56.162r-162.56.62.5.ptr.avast.comDPRKverifiedHigh
45.62.56.163r-163.56.62.5.ptr.avast.comDPRKverifiedHigh
55.62.61.64r-64.61.62.5.ptr.avast.comDPRKverifiedHigh
65.62.61.65r-65.61.62.5.ptr.avast.comDPRKverifiedHigh
75.62.61.66r-66.61.62.5.ptr.avast.comDPRKverifiedHigh
85.62.61.67r-67.61.62.5.ptr.avast.comDPRKverifiedHigh
914.140.116.17214-140-116-172-sapient.comDPRKHoplightverifiedHigh
1021.252.107.198DPRKHOPLIGHTverifiedHigh
1126.165.218.44DPRKHOPLIGHTverifiedHigh
1245.33.2.79li956-79.members.linode.comDPRKAppleJeusverifiedHigh
1345.33.23.183li977-183.members.linode.comDPRKAppleJeusverifiedHigh
1445.42.151.0DPRKverifiedHigh
1545.42.151.11DPRKverifiedHigh
1645.42.151.12DPRKverifiedHigh
1745.42.151.13DPRKverifiedHigh
1845.42.151.14DPRKverifiedHigh
1945.56.79.23li929-23.members.linode.comDPRKAppleJeusverifiedHigh
2045.79.19.196li1118-196.members.linode.comDPRKAppleJeusverifiedHigh
2145.199.63.220DPRKAppleJeusverifiedHigh
2246.36.203.81DPRKverifiedHigh
2346.36.203.82DPRKverifiedHigh
2447.206.4.145static-47-206-4-145.srst.fl.frontiernet.netDPRKHOPLIGHTverifiedHigh
2551.68.152.96ns3122934.ip-51-68-152.euDPRKBLINDINGCANverifiedHigh
2654.241.91.49ec2-54-241-91-49.us-west-1.compute.amazonaws.comDPRKBLINDINGCANverifiedMedium
2757.73.224.0DPRKverifiedHigh
2870.224.36.194adsl-70-224-36-194.dsl.sbndin.ameritech.netDPRKHOPLIGHTverifiedHigh
29XX.XX.XXX.XXxx-xxx-xx-xx.xxxxxxxxxx.xxxxxxxxxx.xxx.xxXxxxXxxxxxxxverifiedHigh
30XX.XX.XXX.XXXxxx-xxx-xx-xx.xxxxxxxxxx.xxxxxxxxxx.xxx.xxXxxxXxxxxxxxverifiedHigh
31XX.XX.XXX.XXXxxx.xx-xx-xxx.xxxxxxxxxx.xxxXxxxXxxxxxxxverifiedHigh
32XX.XXX.XXX.XXxxxverifiedHigh
33XX.XXX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
34XX.XX.XX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxXxxxxxxxverifiedHigh
35XXX.XXX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
36XXX.XXX.XX.XXXXxxxXxxxxxxxxverifiedHigh
37XXX.XXX.XX.XXxxxx.xxxxxxxx.xx.xxXxxxXxxxxxxxverifiedHigh
38XXX.XXX.XXX.XXXXxxxXxxxxxxxverifiedHigh
39XXX.XXX.XXX.XXxxxXxxxxxxxverifiedHigh
40XXX.XX.XXX.XXXXxxxXxxxxxxxverifiedHigh
41XXX.XXX.XXX.XXXxxxx-xxxx-xxx.xxxx.xxx.xxxXxxxXxxxxxxxverifiedHigh
42XXX.XXX.XXX.XXXXxxxXxxxxxxxverifiedHigh
43XXX.XX.XXX.XXXxxxXxxxxxxxxxxxverifiedHigh
44XXX.XXX.XXX.XXXxxxXxxxxxxxxverifiedHigh
45XXX.XXX.XX.XXXxxx-xxxxxxx.xxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
46XXX.X.XXX.XXxx.xxxxxxxxxxx.xxXxxxverifiedHigh
47XXX.XX.X.XXxxxverifiedHigh
48XXX.XX.XX.XXXXxxxverifiedHigh
49XXX.XX.XX.XXXXxxxXxxxxxxxxverifiedHigh
50XXX.XX.XXX.XXxxxverifiedHigh
51XXX.XX.XXX.XXxxxverifiedHigh
52XXX.XX.XXX.XXxxxverifiedHigh
53XXX.XX.XXX.XXxxxverifiedHigh
54XXX.XX.XXX.XXXxxxverifiedHigh
55XXX.XX.XXX.XXXxxxverifiedHigh
56XXX.XX.XXX.XXXxxxverifiedHigh
57XXX.XX.XXX.XXxxx.xxxx.xxXxxxverifiedHigh
58XXX.XX.XXX.XXxxx.xxxx.xxXxxxverifiedHigh
59XXX.XX.XXX.XXXxxxverifiedHigh
60XXX.XX.XXX.XXxxxxxxx.xxx.xxXxxxverifiedHigh
61XXX.XX.XXX.XXXxxxverifiedHigh
62XXX.XX.XXX.XXXxxxverifiedHigh
63XXX.XX.XXX.XXXxxxverifiedHigh
64XXX.XX.XXX.XXXxxxverifiedHigh
65XXX.XX.XXX.XXXxxxverifiedHigh
66XXX.XX.XXX.XXXxxxverifiedHigh
67XXX.XX.XXX.XXXxxxverifiedHigh
68XXX.XX.XXX.XXXxxxverifiedHigh
69XXX.XX.XXX.XXXxxxverifiedHigh
70XXX.XX.XXX.XXXxxxverifiedHigh
71XXX.XX.XXX.XXXxxxverifiedHigh
72XXX.XX.XXX.XXXxxxverifiedHigh
73XXX.XX.XXX.XXXxxxverifiedHigh
74XXX.XX.XXX.XXXxxxverifiedHigh
75XXX.XX.XXX.XXxxxverifiedHigh
76XXX.XX.XXX.XXXxxxverifiedHigh
77XXX.XX.XXX.XXXxxxverifiedHigh
78XXX.XX.XXX.XXXxxxverifiedHigh
79XXX.XX.XXX.XXXXxxxverifiedHigh
80XXX.XX.XXX.XXxxxverifiedHigh
81XXX.XX.XXX.XXxxxverifiedHigh
82XXX.XX.XXX.XXxxxx.xxxx-xx.xxx.xxXxxxverifiedHigh
83XXX.XX.XXX.XXXxxxverifiedHigh
84XXX.XX.XXX.XXXXxxxverifiedHigh
85XXX.XX.XXX.XXxxxverifiedHigh
86XXX.XX.XXX.XXXxxxverifiedHigh
87XXX.XX.XXX.XXXxxxverifiedHigh
88XXX.XX.XXX.XXxxxx.xxxx.xxx.xxXxxxverifiedHigh
89XXX.XX.XXX.XXxxx.xxxx.xxx.xxXxxxverifiedHigh
90XXX.XX.XXX.XXXXxxxverifiedHigh
91XXX.XX.XXX.XXXXxxxXxxxxxxxverifiedHigh
92XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
93XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
94XXX.XX.XXX.XXXXxxxverifiedHigh
95XXX.XXX.XXX.XXXXxxxXxxxxxxxxverifiedHigh
96XXX.XXX.XXX.XXxxxxx.xxxx.xxxXxxxXxxxxxxxxverifiedHigh
97XXX.XXX.X.XXXXxxxXxxxxxxxverifiedHigh
98XXX.XX.XX.XXxxxxxxxx.xx-xxx-xx-xx.xxxXxxxXxxxxxxxxxxverifiedHigh
99XXX.XXX.XXX.XXXxxxXxxxxxxxverifiedHigh
100XXX.XXX.XXX.XXxxx-xx-xxx.xxx.xx.xxXxxxXxxxxxxxverifiedHigh
101XXX.XX.XXX.XXXXxxxXxxxxxxxxverifiedHigh
102XXX.XX.XXX.XXXXxxxXxxxxxxxxverifiedHigh
103XXX.XX.XXX.XXXXxxxXxxxxxxxxverifiedHigh
104XXX.XX.XXX.XXXXxxxXxxxxxxxxverifiedHigh
105XXX.XX.XXX.XXXxxxxx-xxx.xxxxxxx.xxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
106XXX.XXX.XX.XXxxxxxxxxx-x.xxx-xxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
107XXX.XXX.XX.XXXxxxXxxxxxxxxverifiedHigh
108XXX.XX.XX.XXxxx.xx.xx-xx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxXxxxxxxxxxxverifiedHigh
109XXX.XX.XXX.XXXxxxXxxxxxxxxverifiedHigh
110XXX.XX.XX.XXxxx-xx-xx-xx.xxx.xxxxxxxxxxx.xxxXxxxXxxxxxxxxverifiedHigh
111XXX.XX.XXX.XXxxxverifiedHigh
112XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
113XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
114XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
115XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
116XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
117XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
118XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
119XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
120XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
121XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
122XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
123XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
124XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
125XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
126XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
127XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
128XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
129XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
130XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
131XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
132XXX.XXX.XXX.XXXXxxxXxxxxxxxxxxxverifiedHigh
133XXX.XXX.X.XXXxxxXxxxxxxxverifiedHigh
134XXX.XXX.X.XXXXxxxXxxxxxxxverifiedHigh
135XXX.XXX.XX.XXXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxXxxxxxxxverifiedHigh
136XXX.XXX.XX.XXXXxxxXxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Pathname TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94, CWE-1321Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxxx XxxxxxxxxpredictiveHigh
18TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (238)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin-panel1.phppredictiveHigh
2File/admin/academic/studenview_left.phppredictiveHigh
3File/admin/controller/JobLogController.javapredictiveHigh
4File/admin/login.phppredictiveHigh
5File/ad_js.phppredictiveMedium
6File/alerts/alertConfigField.phppredictiveHigh
7File/API/system/admins/sessionpredictiveHigh
8File/cgi-bin/ExportALLSettings.shpredictiveHigh
9File/config/config.phppredictiveHigh
10File/context/%2e/WEB-INF/web.xmlpredictiveHigh
11File/core/conditions/AbstractWrapper.javapredictiveHigh
12File/DataHandler/AM/AM_Handler.ashxpredictiveHigh
13File/DataHandler/HandlerAlarmGroup.ashxpredictiveHigh
14File/DataHandler/HandlerEnergyType.ashxpredictiveHigh
15File/DataHandler/Handler_CFG.ashxpredictiveHigh
16File/ECT_Provider/predictiveHigh
17File/etc/passwdpredictiveMedium
18File/face-recognition-php/facepay-master/camera.phppredictiveHigh
19File/fuel/index.php/fuel/logs/itemspredictiveHigh
20File/fuel/index.php/fuel/pages/itemspredictiveHigh
21File/image_zoom.phppredictiveHigh
22File/include/config.cache.phppredictiveHigh
23File/index.phppredictiveMedium
24File/mkshop/Men/profile.phppredictiveHigh
25File/plugin/ajax.phppredictiveHigh
26File/proxy/predictiveLow
27File/public/plugins/predictiveHigh
28File/rest/api/2/searchpredictiveHigh
29File/rest/api/latest/projectvalidate/keypredictiveHigh
30File/rom-0predictiveLow
31File/xxxxxxx/xxxxxxxx.xxxpredictiveHigh
32File/xxxpredictiveLow
33File/xxxxxxx/predictiveMedium
34File/xxxxxxpredictiveLow
35File/xxxxxxx/xxxxpredictiveHigh
36File/xxxxx/xxxxxxxxxxxxxxpredictiveHigh
37Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
38Filexxxxx.xxxpredictiveMedium
39Filexxxxx/xxxxxxxxx.xxxpredictiveHigh
40Filexxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
41Filexxx_xxxxxxx.xxxpredictiveHigh
42Filexxxxxx.xxxpredictiveMedium
43Filexxxxxx.xpredictiveMedium
44Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
45Filexxx_xxxx_xxxx.xpredictiveHigh
46Filexxx.xxxpredictiveLow
47Filexxx-xxxx.xxxpredictiveMedium
48Filexxx/xxxxxxx.xxpredictiveHigh
49Filexxxxxxx.xxxpredictiveMedium
50Filexxxxxx_xxxxxxxx.xpredictiveHigh
51Filexxxxxx_xxxxx.xxpredictiveHigh
52Filexxxxxx.xxxpredictiveMedium
53Filexxxxxx.xxxpredictiveMedium
54Filexxxxxxx.xpredictiveMedium
55Filexxxxxxxxx.xxxxxxx.xxxpredictiveHigh
56Filexxxxxxxxxx/xxxx.xxxpredictiveHigh
57Filexxxxxxx/xxxx.xxxpredictiveHigh
58Filexxxxxx/xxxx/xxxxxxxx.xpredictiveHigh
59Filexxxxxxx/xxx/xxx/xxx/xxxx_xxx.xpredictiveHigh
60Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
61Filexxxxxxx/xxxxx/xxxxx/xxxxxxx.xpredictiveHigh
62Filexx/xxxx/xxxxxx.xpredictiveHigh
63Filexx/xxxxx/xxxxxxx.xpredictiveHigh
64Filexxxx/xxxxxxx/xxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
65Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
66Filex/xpredictiveLow
67Filexxxxx.xxxpredictiveMedium
68Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxpredictiveHigh
69Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxxxxxpredictiveHigh
70Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxxxxxxxpredictiveHigh
71Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxpredictiveHigh
72Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
73Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxpredictiveHigh
74Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
75Filexxxxxx.xpredictiveMedium
76Filexxxx_xxxxx.xxxpredictiveHigh
77Filexxx.x/xxxxxx.xpredictiveHigh
78Filexxxxxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
80Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxxx/xxx_xxx.xpredictiveHigh
82Filexxxxx.xxxpredictiveMedium
83Filexxxxx.xxxpredictiveMedium
84Filexxxxxxxxxx.xxxpredictiveHigh
85Filexxx-xxxxxxxx/xxxx.xxxpredictiveHigh
86Filexxxxxxxx_xxxx.xxxpredictiveHigh
87Filexxxxxxxx.xxpredictiveMedium
88Filexxxxxxx/xxxxx/xx_xxxxxx.xpredictiveHigh
89Filexxx_xxxxx.xpredictiveMedium
90Filexxx/xxxx/xxxxxx.xpredictiveHigh
91Filexxxx.xxxxxx.xxpredictiveHigh
92Filexxx_xxxxxxxx.xpredictiveHigh
93Filexxxxxxxxxxx.xxxpredictiveHigh
94Filexxx_xxxx.xpredictiveMedium
95Filexx_xxx.xpredictiveMedium
96Filexxxxxxxx.xxxpredictiveMedium
97Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
98Filexx/xxxxpredictiveLow
99Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveHigh
100Filexxxxxxxxxx.xxpredictiveHigh
101Filexxxxxxx.xxxpredictiveMedium
102Filexxxxxxx/xxxxx/xxxxx-xxxxxxxxx.xpredictiveHigh
103Filexxxxx/xxxxxxx.xpredictiveHigh
104Filexxxxxxxxxx.xxxpredictiveHigh
105Filexxxx\xxxxxxx\xxxxxxx\xxxxxxxx_xxxxxx.xxxpredictiveHigh
106Filexxx.xxxpredictiveLow
107FilexxxxxxxxxxxxxxxxxxxxpredictiveHigh
108Filexxxxxxxxxx.xxpredictiveHigh
109Filexxxxxx.xxxpredictiveMedium
110Filexxxx_xxx_xx.xpredictiveHigh
111Filexxxxxxx/xxxxxxx/xxxxxxxx.xxxxpredictiveHigh
112Filexxxxxxx.xpredictiveMedium
113Filexxxxxx.xxpredictiveMedium
114Filexxxxxx.xxxpredictiveMedium
115Filexxxxxxx.xpredictiveMedium
116Filexxxx/xxxxxx.xxxpredictiveHigh
117Filexxxxxxx.xxxpredictiveMedium
118Filexxxxxxxxxx.xpredictiveMedium
119Filexxx_xxxx.xpredictiveMedium
120Filexxxxxx.xpredictiveMedium
121Filexxxxxxxxx.xxxpredictiveHigh
122Filexx/xxx.xpredictiveMedium
123Filexxxxxx.xxxpredictiveMedium
124Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
125Filexxxxxxxx/predictiveMedium
126Filexxxxxxxxxx.xxxxpredictiveHigh
127Filexxxxxx-xxxxx.xxxpredictiveHigh
128Filexxx.xxxxpredictiveMedium
129Filexxxxxxx/xxxx/xxx/xxxx.xxxpredictiveHigh
130Filexxxxxxx.xxx.xxxpredictiveHigh
131Filexxxxxxxxx.xpredictiveMedium
132Filexxxxx/xxxxxxxxpredictiveHigh
133Filexxxxxxxx.xpredictiveMedium
134File\xxxxxxxx.xxxpredictiveHigh
135File~/xxxxx-xxxxx.xxxpredictiveHigh
136File~/xxxxxx-xxxx.xxxpredictiveHigh
137File~/xxxxx-xxxxxxxx.xxxpredictiveHigh
138File~/xxxxxx-xxxxx.xxxpredictiveHigh
139File~/xxx/xxxxxxxxx/xxxx/xxxx/xxxxxx.xxxpredictiveHigh
140File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
141File~/xxxxxxxxxxxxx-xxxxxxxxxxxxxx.xxxpredictiveHigh
142File~/xxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
143File~/xxxxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
144File~/xxxx-xxxxxxxxxx-xxxxx.xxxpredictiveHigh
145File~/xxxx/xxxxxxxxxx.xxxpredictiveHigh
146File~/xxxxx/xxxxxxxxxxxxx.xxxx.xxxpredictiveHigh
147Libraryxxxxx.xxxpredictiveMedium
148Libraryxxxxxx.xxxpredictiveMedium
149Libraryxx_xxx.xxxpredictiveMedium
150Libraryxxx/xxxxxxx/xxxxxxxxx.xxxpredictiveHigh
151Libraryxxx/xxxxxx/xxxxx_xxxx.xxpredictiveHigh
152Libraryxxx/xxx/xxxxx.xxpredictiveHigh
153Libraryxxxxxxxxxxx.xpredictiveHigh
154Libraryxxxxxx.xxxpredictiveMedium
155Libraryxxxxxxxx.xxxpredictiveMedium
156Argument$xxxxxxx['xxx_xxxx']predictiveHigh
157Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
158Argumentxxxxxx:/xxxxxxxx:/xxxxxxxxxxxxxx:predictiveHigh
159ArgumentxxxxpredictiveLow
160ArgumentxxxxxxpredictiveLow
161ArgumentxxxxxxxxxxxxxpredictiveHigh
162ArgumentxxxxxxpredictiveLow
163Argumentxxxxxxxx_xxxxpredictiveHigh
164ArgumentxxxpredictiveLow
165ArgumentxxxxxxpredictiveLow
166ArgumentxxxxxxxpredictiveLow
167Argumentxxxxxxxxx xxxxpredictiveHigh
168Argumentxxxxxxx-xxxxxxpredictiveHigh
169Argumentxx xxxxpredictiveLow
170ArgumentxxxxxxxxxxxxpredictiveMedium
171ArgumentxxxxxxxxxxpredictiveMedium
172ArgumentxxxxxpredictiveLow
173ArgumentxxxxxxxxxpredictiveMedium
174ArgumentxxxxxxxxxxxxxxxpredictiveHigh
175ArgumentxxxxxpredictiveLow
176Argumentxx_xxxxx_xxpredictiveMedium
177ArgumentxxxxxpredictiveLow
178ArgumentxxxxxxxpredictiveLow
179Argumentxxxxx_xxxx_xxxxpredictiveHigh
180ArgumentxxxxxpredictiveLow
181Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
182ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
183Argumentxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
184ArgumentxxpredictiveLow
185Argumentxx/xxxxxxxxxxxpredictiveHigh
186Argumentxxxxxx_xxx_xxxxpredictiveHigh
187ArgumentxxxpredictiveLow
188ArgumentxxxpredictiveLow
189ArgumentxxxxpredictiveLow
190ArgumentxxxxxxxpredictiveLow
191Argumentxx_xxxxxxxpredictiveMedium
192Argumentxxxx_xxxxxxpredictiveMedium
193Argumentxxxx_xxxxpredictiveMedium
194ArgumentxxxxpredictiveLow
195ArgumentxxxxxxxpredictiveLow
196ArgumentxxxxxxxpredictiveLow
197ArgumentxxxxpredictiveLow
198ArgumentxxxxxxpredictiveLow
199Argumentxxxx_xxpredictiveLow
200Argumentxxx_xx_xxxx/xxx_xx_xxxxxxxxpredictiveHigh
201ArgumentxxxpredictiveLow
202ArgumentxxxxxxxpredictiveLow
203ArgumentxxxxxxpredictiveLow
204Argumentxxxxxx_xxxxpredictiveMedium
205Argumentxxxxxxxx_xxxxpredictiveHigh
206ArgumentxxxxxxxxxxpredictiveMedium
207ArgumentxxxxxxxxxxxxpredictiveMedium
208ArgumentxxxxpredictiveLow
209ArgumentxxxxxxpredictiveLow
210ArgumentxxxxxxxxxpredictiveMedium
211ArgumentxxxxxxxxxpredictiveMedium
212Argumentxxxxxx_xxxx_xxxpredictiveHigh
213ArgumentxxxpredictiveLow
214ArgumentxxxpredictiveLow
215ArgumentxxxxxpredictiveLow
216Argumentxxxxxxxx-xxxxxxxxpredictiveHigh
217ArgumentxxxxpredictiveLow
218Argumentxxx-xxxpredictiveLow
219ArgumentxxxpredictiveLow
220ArgumentxxxxpredictiveLow
221ArgumentxxxxxxpredictiveLow
222ArgumentxxxxxxxxpredictiveMedium
223ArgumentxxxxxxxxxxxpredictiveMedium
224Argumentxxxx_xxxxxxxxxpredictiveHigh
225ArgumentxxxxpredictiveLow
226ArgumentxxxpredictiveLow
227Argumentxxxxx_xxxxxxxxxx_xxxxxpredictiveHigh
228Argument_xxxxxxxxpredictiveMedium
229Input Value%xx%xxpredictiveLow
230Input Value../predictiveLow
231Input ValuexxxxxxpredictiveLow
232Input Value\xxxxxpredictiveLow
233Input Value\xxx\xxx\xxx\xxxpredictiveHigh
234PatternxxxxpredictiveLow
235Network Portxxx/xx (xxx)predictiveMedium
236Network Portxxx/xx (xxxxxx)predictiveHigh
237Network Portxxx/xxx (xxxx)predictiveHigh
238Network Portxxx xxxxxx xxxxpredictiveHigh

References (13)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!