Groundhog Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en688
zh194
de28
ru16
ja14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us428
cn280
de14
ru14
ir10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
Qualcomm Snapdragon Auto18
Qualcomm Snapdragon Compute18
Qualcomm Snapdragon Industrial IOT18
Qualcomm Snapdragon Connectivity16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.520.01009CVE-2006-6168
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.660.00954CVE-2010-0966
3Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.470.00000
4ALPACA improper authentication5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00110CVE-2021-3618
5nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined2.050.00241CVE-2020-12440
6SolarWinds Network Performance Monitor deserialization9.89.8$0-$5k$0-$5kNot DefinedOfficial Fix0.080.69184CVE-2021-31474
7vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00312CVE-2015-1419
8MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.300.02462CVE-2007-0354
9Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.00246CVE-2014-8572
10MantisBT cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00482CVE-2014-9571
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.290.00000
12jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00289CVE-2019-7550
13Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.080.00263CVE-2009-2814
14Upload Widget in OutSystems Platform unrestricted upload6.96.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00086CVE-2020-29441
15Guangzhou 1GE ONU/V2804RGW formPing os command injection5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.020.77079CVE-2020-8958
16FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.050.00203CVE-2008-5928
17Phpsugar PHP Melody page_manager.php cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00075CVE-2017-15648
18TP-Link TL-WR902AC dm_fillObjByStr stack-based overflow6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.010.00172CVE-2022-25074
19nginx Error Page request smuggling6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00277CVE-2019-20372
20Netgear WN604/WN802Tv2/WNAP210/WNAP320/WNDAP350/WNDAP360 boardDataWW.php command injection9.89.4$25k-$100k$0-$5kProof-of-ConceptNot Defined0.010.97373CVE-2016-1555

IOC - Indicator of Compromise (139)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.93.16.186Groundhog12/24/2020verifiedHigh
21.93.18.99Groundhog12/24/2020verifiedHigh
31.93.60.81Groundhog12/24/2020verifiedHigh
41.93.62.132Groundhog12/24/2020verifiedHigh
58.8.4.4dns.googleGroundhog12/24/2020verifiedHigh
68.23.224.120dynupdate.no-ip.comGroundhog12/24/2020verifiedHigh
714.17.93.147Groundhog12/24/2020verifiedHigh
814.19.222.76Groundhog12/24/2020verifiedHigh
923.234.28.5Groundhog12/24/2020verifiedHigh
1023.234.41.199Groundhog12/24/2020verifiedHigh
1123.234.41.219Groundhog12/24/2020verifiedHigh
1223.234.43.134Groundhog12/24/2020verifiedHigh
1323.234.60.140Groundhog12/24/2020verifiedHigh
1423.252.162.178Groundhog12/24/2020verifiedHigh
1523.252.164.225Groundhog12/24/2020verifiedHigh
1627.152.183.116Groundhog12/24/2020verifiedHigh
1736.251.136.189Groundhog12/24/2020verifiedHigh
1837.59.210.99Groundhog12/24/2020verifiedHigh
1943.225.59.7Groundhog12/24/2020verifiedHigh
2043.240.51.113Groundhog12/24/2020verifiedHigh
2146.229.169.89Groundhog12/24/2020verifiedHigh
2258.64.187.29Groundhog12/24/2020verifiedHigh
2358.218.213.237Groundhog12/24/2020verifiedHigh
2458.221.35.5Groundhog12/24/2020verifiedHigh
2558.221.45.242Groundhog12/24/2020verifiedHigh
2659.56.64.169Groundhog12/24/2020verifiedHigh
2759.188.86.215Groundhog12/24/2020verifiedHigh
2859.188.86.222Groundhog12/24/2020verifiedHigh
29XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
30XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
31XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
32XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
33XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
34XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
35XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
36XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
37XX.XXX.XXX.XXxxxxxxxx12/24/2020verifiedHigh
38XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
39XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
40XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
41XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
42XX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
43XX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
44XX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
45XX.XXX.XX.XXxxxxxxxx12/24/2020verifiedHigh
46XX.XXX.XX.XXxxxxxxx.xxxxxxx-xx.xxXxxxxxxxx12/24/2020verifiedHigh
47XX.XXX.XXX.XXXxxx.xxxxxxxxx.xxXxxxxxxxx12/24/2020verifiedHigh
48XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxx.xxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
49XX.XX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
50XX.XX.XX.XXXxxxxxxx-xx-xx-xx-xxx.xxxx.xxx.xxXxxxxxxxx12/24/2020verifiedHigh
51XX.XXX.X.XXxx-xxx-x-xx.xxxxxx.xxXxxxxxxxx12/24/2020verifiedHigh
52XX.XX.XXX.XXxxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
53XX.XX.XX.XXxxxxxxx.xxxxxxxxxxxxx.xxXxxxxxxxx12/24/2020verifiedHigh
54XX.XXX.XX.XXXxxxxxxxx.xx-xx-xxx-xx.xxXxxxxxxxx12/24/2020verifiedHigh
55XX.XXX.XXX.XXXxxxxxx.xxxx-x.xxxXxxxxxxxx12/24/2020verifiedHigh
56XX.XXX.XXX.XXxxxxxxxx12/24/2020verifiedHigh
57XX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
58XX.XXX.XXX.XXXxxxx.xxx.xxXxxxxxxxx12/24/2020verifiedHigh
59XX.XX.XXX.XXxxxxxxxxxx.xxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
60XX.XX.X.XXXxx-xx-x-xxx.xxx.xxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
61XX.XXX.X.XXXxxxxxxxx.xxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
62XX.XXX.XX.XXXxx.xxx.xx.xxx.xxxxxx.xxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
63XX.XXX.XX.XXXxx.xxx.xx.xxx.xxxxxx.xxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
64XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
65XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
66XXX.XXX.XXX.XXxxxxxxxx12/24/2020verifiedHigh
67XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
68XXX.XXX.XX.XXxxxxxxxx12/24/2020verifiedHigh
69XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
70XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
71XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
72XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
73XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
74XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
75XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
76XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
77XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
78XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
79XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
80XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
81XXX.XX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
82XXX.XX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
83XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
84XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
85XXX.XXX.XX.XXXxxx-xxx-xxx-xx-xxx.xxxxxxx.xxxxxxxx-xxx.xxxXxxxxxxxx12/24/2020verifiedHigh
86XXX.XX.XXX.XXXxxx.xxx.xx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxxxx12/24/2020verifiedHigh
87XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
88XXX.XXX.XX.XXxx-xx-xxx.xxx.xxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
89XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
90XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
91XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
92XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
93XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
94XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
95XXX.XXX.XX.XXxxxxxxxx12/24/2020verifiedHigh
96XXX.XX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
97XXX.XX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
98XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
99XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
100XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
101XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
102XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
103XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
104XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
105XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
106XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
107XXX.XX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
108XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
109XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
110XXX.XX.XXX.XXXxxx.xxxxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
111XXX.XXX.XXX.XXxxxxxxxxx.xx-xxx-xxx-xxx.xxXxxxxxxxx12/24/2020verifiedHigh
112XXX.X.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
113XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
114XXX.XX.XX.XXXxxxxxxxx.xx-xxx-xx-xx.xxxXxxxxxxxx12/24/2020verifiedHigh
115XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
116XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
117XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
118XXX.XXX.X.XXXxxx-xxx-x-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxxxx12/24/2020verifiedHigh
119XXX.XXX.X.XXXxxxxxxxx12/24/2020verifiedHigh
120XXX.XX.XXX.XXXxxxxxxxxxx.xxxxxx.xxxXxxxxxxxx12/24/2020verifiedHigh
121XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
122XXX.XX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
123XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
124XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
125XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
126XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
127XXX.XXX.XX.XXXxxx.xx.xxx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxxxx12/24/2020verifiedHigh
128XXX.XXX.XX.XXXxxx.xx.xxx.xxx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxxxx12/24/2020verifiedHigh
129XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
130XXX.XXX.XXX.XXXxxxxxxxx12/24/2020verifiedHigh
131XXX.XXX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
132XXX.XX.XXX.XXXXxxxxxxxx12/24/2020verifiedHigh
133XXX.XXX.XX.XXxxxxxxxx12/24/2020verifiedHigh
134XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
135XXX.XXX.XX.XXxxxxxxxx12/24/2020verifiedHigh
136XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
137XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh
138XXX.XXX.XX.XXXXxxxxxxxx12/24/2020verifiedHigh
139XXX.XXX.XX.XXXxxxxxxxx12/24/2020verifiedHigh

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Path TraversalpredictiveHigh
2T1055CWE-74InjectionpredictiveHigh
3T1059CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CWE-250, CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
23TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
24TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (363)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/act/ActDao.xmlpredictiveHigh
3File/ajax.php?action=read_msgpredictiveHigh
4File/api/predictiveLow
5File/api/admin/system/store/order/listpredictiveHigh
6File/api/clusters/local/topics/{topic}/messagespredictiveHigh
7File/api/gen/clients/{language}predictiveHigh
8File/app/options.pypredictiveHigh
9File/bin/httpdpredictiveMedium
10File/cgi-bin/wapopenpredictiveHigh
11File/ci_spms/admin/categorypredictiveHigh
12File/ci_spms/admin/search/searching/predictiveHigh
13File/classes/Master.php?f=delete_appointmentpredictiveHigh
14File/classes/Master.php?f=delete_trainpredictiveHigh
15File/concat?/%2557EB-INF/web.xmlpredictiveHigh
16File/Content/Template/root/reverse-shell.aspxpredictiveHigh
17File/csms/?page=contact_uspredictiveHigh
18File/ctcprotocol/ProtocolpredictiveHigh
19File/dashboard/menu-list.phppredictiveHigh
20File/data/removepredictiveMedium
21File/ebics-server/ebics.aspxpredictiveHigh
22File/ffos/classes/Master.php?f=save_categorypredictiveHigh
23File/forum/away.phppredictiveHigh
24File/goform/net\_Web\_get_valuepredictiveHigh
25File/goforms/rlminfopredictiveHigh
26File/GponForm/usb_restore_Form?script/predictiveHigh
27File/group1/uploapredictiveHigh
28File/hedwig.cgipredictiveMedium
29File/HNAP1predictiveLow
30File/HNAP1/SetClientInfopredictiveHigh
31File/Items/*/RemoteImages/DownloadpredictiveHigh
32File/management/api/rcx_management/global_config_querypredictiveHigh
33File/menu.htmlpredictiveMedium
34File/modules/profile/index.phppredictiveHigh
35File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
36File/navigate/navigate_download.phppredictiveHigh
37File/ocwbs/admin/?page=user/manage_userpredictiveHigh
38File/ofrs/admin/?page=user/manage_userpredictiveHigh
39File/out.phppredictiveMedium
40File/php_action/fetchSelectedUser.phppredictiveHigh
41File/pluginpredictiveLow
42File/property-list/property_view.phppredictiveHigh
43File/ptms/classes/Users.phppredictiveHigh
44File/xxxxxxxxx//../predictiveHigh
45File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
46File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
47File/xxxx.xxxpredictiveMedium
48File/xxxxxxxx-xxxx/xxx/xxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
49File/xxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
50File/xxxpredictiveLow
51File/xxxxxxx/predictiveMedium
52File/xxxxxxpredictiveLow
53File/xxxxxxxx_xxxxx/?x=xxxx_xxxxxxxpredictiveHigh
54File/xxxx/?xxxx=xx_xxxxxxxxpredictiveHigh
55File/xx-xxxxpredictiveMedium
56Filexxx.xxxpredictiveLow
57Filexxxxxxx.xxxpredictiveMedium
58Filexxxxx/?xxxx=xxxxxxxpredictiveHigh
59Filexxxxx/xxxxx.xxxpredictiveHigh
60Filexxxxx/xxx.xxxpredictiveHigh
61Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
62Filexxxxx/xx_xxxxxxxx.xxxpredictiveHigh
63Filexxxxx/xxxx-xxxxx.xxxpredictiveHigh
64Filexxxxx/xxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
65Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
66Filexxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
67Filexxxxx/xxxxxxxx.xxxxpredictiveHigh
68Filexxxxx_xxxxxxx.xxxxpredictiveHigh
69Filexxxx/xxxxxxxxx.xxxpredictiveHigh
70Filexxxx_xxxxxxx.xxxpredictiveHigh
71Filexxx/xxx/xxxxxpredictiveHigh
72Filexxxxxxxxxxxxxx.xxxpredictiveHigh
73Filexxxx.xxx_xxxxx_xxxx_xxxx-xxxx.xxxpredictiveHigh
74Filexxxx/xxxxxpredictiveMedium
75Filexxxxxx.xxxxpredictiveMedium
76Filexxxxxxx/xxxxx/xxxxxxxxpredictiveHigh
77Filexxxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxx.xxxpredictiveMedium
79Filexxxxxxx.xxxpredictiveMedium
80Filexxxx_xxx.xxxpredictiveMedium
81Filexxxxxxxxx.xxxpredictiveHigh
82Filexx_xxxx.xxxpredictiveMedium
83Filexxxxx.xxxpredictiveMedium
84Filexx.xxxxxx.xxxx.xxxx.xxxxxxx.xxxxpredictiveHigh
85Filexxxxxx/xxx.xpredictiveMedium
86Filexxxx_xxxxxxxx/xx.xxxpredictiveHigh
87Filexxx_xxxxxxx_xxxxxxxxx_xxxxxxxxx_xxxxxxxxxxxxxx.xxxpredictiveHigh
88Filexxxx_xxxx.xxxpredictiveHigh
89Filexxxxxxx.xxxxxxxx.xxxpredictiveHigh
90Filexxxx.xxpredictiveLow
91Filexxx-xxx/xxxxxxxxxxxxx.xxxpredictiveHigh
92Filex_xxxxxxpredictiveMedium
93Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
94Filexx.xxxpredictiveLow
95Filexxxxxxxxxxxx.xxxpredictiveHigh
96Filexxxxxxxxxxxxx/xxxxxx/xxxx.xxxpredictiveHigh
97Filexxxx_xxxx.xxxpredictiveHigh
98Filexxxxxxxx_xxxxx_xxxxxxxxx.xxxpredictiveHigh
99Filexxxx-xxxxxxx.xxxpredictiveHigh
100Filexxxxxxxx.xxxpredictiveMedium
101Filexxxxx.xxxpredictiveMedium
102Filexxxxxxx-xxxxxxx/xxxx/xxxxxx/xxxxxxxx/xxx/xxxxxxxxx/xxxxxx.xxpredictiveHigh
103Filexxxxxxx.xxxpredictiveMedium
104Filexxxx-xxxxx.xpredictiveMedium
105Filexxxx.xpredictiveLow
106Filexxxx.xxxpredictiveMedium
107Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
108Filexx_xxxx.xxxpredictiveMedium
109Filexxxxxxxxx.xxx.xxxpredictiveHigh
110Filexxxxxxxxxx.xxxpredictiveHigh
111Filexxxxx.xxxpredictiveMedium
112Filexxxxxx.xxxpredictiveMedium
113Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
114Filexxxx.xxxpredictiveMedium
115Filexxxxxxxx/xxxx_xxxxpredictiveHigh
116Filexxxxxxxxx.xxxpredictiveHigh
117Filexxxxxxxxx.xxpredictiveMedium
118Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
119Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
120Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
121Filexxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
122Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
123Filexxxx.xxpredictiveLow
124Filexxxxxxxxxxxxxx.xxxpredictiveHigh
125Filexxx/xxxxxx.xxxpredictiveHigh
126Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
127Filexxxxx.xxxxpredictiveMedium
128Filexxxxx.xxpredictiveMedium
129Filexxxxx.xxxpredictiveMedium
130Filexxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
131Filexxxxxxx.xpredictiveMedium
132Filexxxxxxxx/xx/xxxx_xxxxxx.xxpredictiveHigh
133Filexxxxx.xxxpredictiveMedium
134Filexxx.xpredictiveLow
135Filexxxx.xxxpredictiveMedium
136Filexxxx_xxxx.xxxpredictiveHigh
137Filexxx_xxxxxx_xxxxxx.xxpredictiveHigh
138Filexxxx.xpredictiveLow
139Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictiveHigh
140Filexxxxxx.xpredictiveMedium
141Filexxxxxxxxxxxx/xxxxxx_xxxxx.xxpredictiveHigh
142Filexxxx/xxxxxxxx/xxxxxx_xxxxxxxx.xpredictiveHigh
143Filexxxxx.xxxpredictiveMedium
144Filexxxxx.xxxpredictiveMedium
145Filexxxxx/predictiveLow
146Filexxxxx_xxxpredictiveMedium
147Filexxxxx/xxxxxxxx/xxxxxxxx.xxpredictiveHigh
148Filexxx_xxxxx.xpredictiveMedium
149Filexxxxxx/xxxxxx.xxxpredictiveHigh
150Filexxxxxxxx.xxpredictiveMedium
151Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
152Filexxx_xx/xxx_xx_xxxxxx.xpredictiveHigh
153Filexxxxxxx.xxxpredictiveMedium
154Filexxxxxx.xxxpredictiveMedium
155Filexxxx_xxxx.xxxpredictiveHigh
156Filexxxxxxxxx.xxxpredictiveHigh
157Filexxxxxx.xxxpredictiveMedium
158Filexxx_xxxxxxxx.xpredictiveHigh
159Filexxx_xxxx.xxxpredictiveMedium
160Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
161Filexxxx_xxxxxxx.xxxpredictiveHigh
162Filexxx_xxxxxx.xxpredictiveHigh
163Filexxxxxxxxx.xxx.xxxpredictiveHigh
164Filexxx/xxxxxx_xxxx.xxxpredictiveHigh
165Filexxxxx/xxxxxxxx/xxx/xxx_xxxxx.xxxpredictiveHigh
166Filexxxxxxxx.xxxpredictiveMedium
167Filexxxxxxxxx.xxxpredictiveHigh
168Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
169Filexxxx.xxxpredictiveMedium
170Filexxxxxxxx.xxxpredictiveMedium
171Filexxxxxxxxxxxxxx.xxxpredictiveHigh
172Filexxxxx-xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
173Filexxxx.xxxpredictiveMedium
174Filexxxxx.xxxpredictiveMedium
175Filexxxxxxxxxx.xxxpredictiveHigh
176Filexxxxxxxx.xxxpredictiveMedium
177Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
178Filexxxxxxxx_xxxx.xxxpredictiveHigh
179Filexxxxxx.xpredictiveMedium
180Filexxxxxx/xxxxxxxx.xxxpredictiveHigh
181Filexxxx.xxxpredictiveMedium
182Filexxxx.xxxpredictiveMedium
183Filexxxx/xxxxx.xxxpredictiveHigh
184Filexxxx/xxxx.xxxpredictiveHigh
185Filexxxx_xxxx.xxxpredictiveHigh
186Filexxxxxxx.xxxpredictiveMedium
187Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
188Filexx_xxxx/xxxxxxxxxxxxxxxx.xpredictiveHigh
189Filexxx_xxxxx.xpredictiveMedium
190Filexxxxxxx.xxxpredictiveMedium
191Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
192Filexxxxxxxx.xxxpredictiveMedium
193Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
194Filexxxxxxx.xxxpredictiveMedium
195Filexxxx-xxxxx.xxxpredictiveHigh
196Filexxxx-xxxxxxxx.xxxpredictiveHigh
197Filexxxxx/xxxx_xxxxx.xpredictiveHigh
198Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
199FilexxxxxxxxxpredictiveMedium
200Filexxx.xxxpredictiveLow
201Filexxxxxxx_xxxxx.xxxpredictiveHigh
202Filexxxx.xxxxpredictiveMedium
203Filexxxxxxxxx.xxxpredictiveHigh
204Filexxxxx.xxxpredictiveMedium
205Filexxxx\xxxxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
206Filexxxxx.xpredictiveLow
207Filexxxxxxxxx.xxpredictiveMedium
208Filexxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
209Filexxxxx.xxxpredictiveMedium
210Filexxx.xxxpredictiveLow
211Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
212Filexxxxxxx-xxxx.xxxpredictiveHigh
213Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
214Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
215Filexxxxxx.xxxxpredictiveMedium
216File\xxxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
217File\xxxxxxx\xxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
218File~/xxx-xxx-xxxxxx.xxxpredictiveHigh
219File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
220File~/xxxxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
221Library/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxxx.xxxxx.xxxpredictiveHigh
222Libraryx:/xxxxxxx xxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
223Libraryxxxx/xxx/xxxxxx.xxxpredictiveHigh
224Libraryxxxxx.xxxpredictiveMedium
225Libraryxxx/xxxxxxx.xxpredictiveHigh
226Libraryxxx/xxxxxxx.xxpredictiveHigh
227Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHigh
228Libraryxxxxxxxxxx.xxxpredictiveHigh
229Libraryxxx/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxx.xxxxx.xxxpredictiveHigh
230Libraryxxxxxx.xxxpredictiveMedium
231Argument$_xxxxxx['xxx_xxxx']predictiveHigh
232Argument?xxxxxxpredictiveLow
233Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
234ArgumentxxxxxpredictiveLow
235Argumentxxxxx_xxxpredictiveMedium
236Argumentxxxxx_xxxxxxxxpredictiveHigh
237ArgumentxxxpredictiveLow
238Argumentxxxx(xxxx_xxxx)predictiveHigh
239ArgumentxxxxxpredictiveLow
240ArgumentxxxxxxxxpredictiveMedium
241ArgumentxxxxxxpredictiveLow
242Argumentxxxxxxx_xxpredictiveMedium
243Argumentxxxxxxxxxx_xxxxpredictiveHigh
244ArgumentxxxpredictiveLow
245ArgumentxxxxxxxxxxpredictiveMedium
246Argumentxxxx_xxpredictiveLow
247ArgumentxxxxxxxpredictiveLow
248Argumentxxxxxx/xxxxxxxpredictiveHigh
249ArgumentxxxxxxxpredictiveLow
250Argumentxxxxxxx-xxxxxxpredictiveHigh
251Argumentxxxxxxx-xxxxxxxx-xxxxxxpredictiveHigh
252Argumentxxxxx_xxpredictiveMedium
253ArgumentxxxpredictiveLow
254ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
255ArgumentxxxxpredictiveLow
256Argumentxxxx_xxxxpredictiveMedium
257ArgumentxxxxxxxxxxxpredictiveMedium
258ArgumentxxxxpredictiveLow
259Argumentxxxx xx xxxxxxxpredictiveHigh
260Argumentxxxx_xxxxxx=xxxxpredictiveHigh
261Argumentxxx_xxxxpredictiveMedium
262ArgumentxxxxxxxpredictiveLow
263ArgumentxxxxxpredictiveLow
264ArgumentxxxxxxpredictiveLow
265ArgumentxxxxpredictiveLow
266ArgumentxxxxxxxxxxpredictiveMedium
267ArgumentxxxxxxxxpredictiveMedium
268ArgumentxxxxxxxxxxxxxxxpredictiveHigh
269ArgumentxxxxxpredictiveLow
270ArgumentxxxxpredictiveLow
271ArgumentxxxxpredictiveLow
272Argumentxxx-xxx-xxxxpredictiveMedium
273ArgumentxxxxxxxxxxxxxxpredictiveHigh
274ArgumentxxpredictiveLow
275ArgumentxxpredictiveLow
276Argumentxx/xxxxxpredictiveMedium
277Argumentxx_xxxxxxxxpredictiveMedium
278ArgumentxxxxxxxxpredictiveMedium
279ArgumentxxxxxxpredictiveLow
280ArgumentxxxxxxxxpredictiveMedium
281ArgumentxxxxpredictiveLow
282Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
283ArgumentxxxxpredictiveLow
284ArgumentxxxxxxxxxxpredictiveMedium
285ArgumentxxxxxxxxxxpredictiveMedium
286ArgumentxxxxxxxxpredictiveMedium
287ArgumentxxxpredictiveLow
288ArgumentxxxpredictiveLow
289ArgumentxxxxpredictiveLow
290Argumentxxxx/xxxxxxxxxxxpredictiveHigh
291Argumentxxxxxxx/xxxxxxxpredictiveHigh
292ArgumentxxxxxxxxpredictiveMedium
293Argumentxx_xxpredictiveLow
294Argumentxxxxxx xxxxxxpredictiveHigh
295ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
296ArgumentxxxxxxxxxxpredictiveMedium
297ArgumentxxxxpredictiveLow
298ArgumentxxxxxxpredictiveLow
299ArgumentxxxxxxpredictiveLow
300Argumentxxxxxxxx/xxxxxxpredictiveHigh
301Argumentxxxx_xxxxxpredictiveMedium
302ArgumentxxxpredictiveLow
303ArgumentxxxxpredictiveLow
304ArgumentxxxxxxxxpredictiveMedium
305ArgumentxxxxxxxxxpredictiveMedium
306Argumentxxx_xxxxxx_xxxxpredictiveHigh
307ArgumentxxxxxxxxpredictiveMedium
308Argumentxxxxxxx xxxxxpredictiveHigh
309ArgumentxxxxxxpredictiveLow
310Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
311Argumentxxxxx_xxxxxxpredictiveMedium
312ArgumentxxxxxxxpredictiveLow
313ArgumentxxxxxxxxxxpredictiveMedium
314ArgumentxxxxxxxxxxxxxxpredictiveHigh
315ArgumentxxxxxxxxxxpredictiveMedium
316ArgumentxxxxxxpredictiveLow
317ArgumentxxxxxxxxxxxxxxxpredictiveHigh
318Argumentxxxxxx/xxxxxx/xxxpredictiveHigh
319ArgumentxxxxxxpredictiveLow
320Argumentxxxxxx_xxxxxxpredictiveHigh
321ArgumentxxxxxxxxxxpredictiveMedium
322ArgumentxxxxxxxpredictiveLow
323Argumentxxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]predictiveHigh
324Argumentxxxx_xxxxxpredictiveMedium
325ArgumentxxxxxxxpredictiveLow
326ArgumentxxxxxxxxpredictiveMedium
327ArgumentxxxxxxpredictiveLow
328ArgumentxxxpredictiveLow
329ArgumentxxxpredictiveLow
330ArgumentxxxpredictiveLow
331ArgumentxxxxxpredictiveLow
332Argumentxxxxxx/xxxxxxxx/xxxx/xxxpredictiveHigh
333Argumentxxxx_xx[]predictiveMedium
334ArgumentxxxpredictiveLow
335ArgumentxxxpredictiveLow
336ArgumentxxxxpredictiveLow
337Argumentxxxx-xxxxxpredictiveMedium
338ArgumentxxxxxxpredictiveLow
339ArgumentxxxxxxxxpredictiveMedium
340ArgumentxxxxxxxxxxxxpredictiveMedium
341ArgumentxxxpredictiveLow
342Argumentxxxxxxx_xxxxpredictiveMedium
343ArgumentxxxxxxxxpredictiveMedium
344Argumentx-xxxxxxxxx-xxxpredictiveHigh
345Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
346Argument_xxxx[_xxx_xxxx_xxxxpredictiveHigh
347Argument__xxxxxxxxxxxxxpredictiveHigh
348Argument__xxxxxxxxxpredictiveMedium
349Input Value"><xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
350Input Value%xxxxxxxx{}%predictiveMedium
351Input Value'"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
352Input Value../predictiveLow
353Input Value../..predictiveLow
354Input Value../../../../xxxxxx/xxxxxx/xxxxxx/xxxxxx.xxxxxx-x.xxxpredictiveHigh
355Input Valuex\"><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
356Input Valuexxx' xxx xxxxx(x) xxx 'xxxx'='xxxxpredictiveHigh
357Input Value<xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
358Input Valuex=xpredictiveLow
359Pattern|xx xx xx|predictiveMedium
360Network PortxxxxxpredictiveLow
361Network Portxxx/xxxxpredictiveMedium
362Network Portxxx/xxxxxpredictiveMedium
363Network Portxxx/xxx (xxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!