GuLoader Analysisinfo

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en766
zh120
de32
es24
ru14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
Qualcomm Snapdragon Mobile14
Microsoft Office14
Qualcomm Snapdragon Consumer IOT12
Qualcomm Snapdragon Industrial IOT12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.021470.00CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.021950.46CVE-2010-0966
3WooCommerce Stock Manager Plugin Nonce import-export.php cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.002310.00CVE-2021-34619
4Promosi-web ardguest ardguest.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001600.00CVE-2009-3668
5Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009361.53CVE-2020-15906
6DameWare Mini Remote Control User ID lstrcpyA memory corruption5.65.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.744760.03CVE-2005-2842
7Avast Antivirus Self-Defense Driver wsc_proxy.exe access control4.74.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.05CVE-2021-45337
8LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000000.42
9TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010750.78CVE-2006-6168
10Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.52
11Myupb UPB cross site scripting4.34.3$0-$5k$0-$5kHighUnavailable0.002970.04CVE-2008-6727
12Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.04CVE-2009-4889
13Microsoft Windows ATI Radeon Kernel Mode Driver denial of service6.55.7$25k-$100k$0-$5kProof-of-ConceptUnavailable0.096320.00CVE-2007-1763
14Adobe ColdFusion access control7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.003440.03CVE-2023-26347
15SPIP spip.php cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001320.59CVE-2022-28959
16Oracle GlassFish Server Java Server Faces path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.510160.04CVE-2013-3827
177-Zip Zstandard Decompression integer underflow6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.07CVE-2024-11477
18EyouCMS Backend login.php deserialization4.74.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.07CVE-2024-3431
19KOHA MARC search.pl cross site scripting4.14.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000600.06CVE-2023-5025
20Nonghyup Smart Card X.509 Certificate cryptographic issues6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000490.00CVE-2014-5799

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • GuLoader

IOC - Indicator of Compromise (37)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.2.75.164GuLoader10/05/2022verifiedMedium
25.8.8.100GuLoader09/14/2023verifiedHigh
35.255.110.224GuLoader03/18/2024verifiedVery High
423.254.227.202client-23-254-227-202.hostwindsdns.comGuLoader10/19/2023verifiedHigh
523.254.227.205client-23-254-227-205.hostwindsdns.comGuLoader10/19/2023verifiedHigh
623.254.227.214pornytop.comGuLoader10/19/2023verifiedHigh
734.138.169.88.169.138.34.bc.googleusercontent.comGuLoader03/18/2024verifiedHigh
837.0.8.96GuLoader10/05/2022verifiedMedium
9XX.XXX.XXX.XXxxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxxx10/20/2023verifiedHigh
10XX.XXX.XX.XXxxxxxx-xx.xxxxxxxxx.xxxXxxxxxxx03/18/2024verifiedHigh
11XX.XXX.XX.XXXxxxxxx-xx.xxxxxxxxx.xxxXxxxxxxx03/18/2024verifiedHigh
12XX.XXX.XXX.XXXXxxxxxxx03/18/2024verifiedVery High
13XX.XX.XXX.XXXxxx-xxx-xx-xx-.xxxxxxx-xxxXxxxxxxx10/05/2022verifiedMedium
14XX.XX.XXX.XXXxxxxxxx09/14/2023verifiedHigh
15XX.XX.XXX.XXxxxxx.xx-xxx.xxxxXxxxxxxx09/22/2024verifiedVery High
16XX.XXX.XX.XXXXxxxxxxXxxxxxxx11/15/2024verifiedVery High
17XXX.XX.XX.XXXxxxxxxx.xxxxx.xxXxxxxxxx12/14/2023verifiedVery High
18XXX.XXX.XXX.XXXXxxxxxxx10/05/2022verifiedMedium
19XXX.XXX.XX.XXxxx-xxx-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx10/05/2022verifiedMedium
20XXX.XXX.XXX.XXXxxxxxxx09/14/2023verifiedHigh
21XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxxxx.xxxxxxxx-xxx.xxxXxxxxxxx03/18/2024verifiedHigh
22XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxxx.xxXxxxxxxXxxxxxxx11/15/2024verifiedVery High
23XXX.XX.XX.XXXxxxxxxx10/05/2022verifiedMedium
24XXX.XXX.XXX.XXXXxxxxxxx03/18/2024verifiedVery High
25XXX.XX.XXX.XXXXxxxxxxx03/18/2024verifiedVery High
26XXX.XXX.XX.XXXxxxxxxx09/14/2023verifiedHigh
27XXX.XXX.XXX.Xxxxxxxxxxxxxxxxxx.xxXxxxxxxXxxxxxxx11/15/2024verifiedVery High
28XXX.X.XXX.XXXxxx-x-xxx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxx10/05/2022verifiedMedium
29XXX.XXX.XX.XXXXxxxxxxx10/05/2022verifiedMedium
30XXX.XX.XXX.XXXxxxxxx.xxXxxxxxxx10/07/2024verifiedVery High
31XXX.XX.XXX.XXXXxxxxxxx06/30/2023verifiedHigh
32XXX.XX.XXX.XXXxxx.xxx.xx.xxx.xx-xxxx.xxxxXxxxxxxx03/18/2024verifiedVery High
33XXX.XX.XXX.XXXXxxxxxxx03/18/2024verifiedVery High
34XXX.XXX.XX.XXXXxxxxxxx09/14/2023verifiedHigh
35XXX.XXX.XXX.XXXXxxxxxxx10/05/2022verifiedMedium
36XXX.XXX.XXX.XXXXxxxxxxx10/07/2024verifiedVery High
37XXX.XX.XXX.XXXxxxxxxx10/19/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-24Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-XXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-XCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCAPEC-XXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
17TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx XxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (464)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/admin/ajax.phppredictiveHigh
3File/admin/ajax.php?action=save_windowpredictiveHigh
4File/admin/dl_sendmail.phppredictiveHigh
5File/admin/file_manager/exportpredictiveHigh
6File/admin/index2.htmlpredictiveHigh
7File/adminPage/conf/reloadpredictiveHigh
8File/admin_giant/add_team_member.phppredictiveHigh
9File/ajax.php?action=delete_deductionspredictiveHigh
10File/api/baskets/{name}predictiveHigh
11File/api/cron/settings/setJob/predictiveHigh
12File/api/v2/cli/commandspredictiveHigh
13File/api2/html/predictiveMedium
14File/cgi-bin/cstecgi.cgipredictiveHigh
15File/cgi-bin/koha/catalogue/search.plpredictiveHigh
16File/cgi/get_param.cgipredictiveHigh
17File/common/download_agent_installer.phppredictiveHigh
18File/common/info.cgipredictiveHigh
19File/common/run_cross_report.phppredictiveHigh
20File/controllers/add_user.phppredictiveHigh
21File/dashboard/add-portfolio.phppredictiveHigh
22File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictiveHigh
23File/DXR.axdpredictiveMedium
24File/EXCU_SHELLpredictiveMedium
25File/forum/away.phppredictiveHigh
26File/get_getnetworkconf.cgipredictiveHigh
27File/ghost/previewpredictiveHigh
28File/goform/addressNatpredictiveHigh
29File/goform/NatStaticSettingpredictiveHigh
30File/goform/setmacpredictiveHigh
31File/index/ajax/langpredictiveHigh
32File/integrations.jsonpredictiveHigh
33File/jerry-core/ecma/base/ecma-helpers-conversion.cpredictiveHigh
34File/lists/admin/predictiveHigh
35File/log/decodmail.phppredictiveHigh
36File/loginpredictiveLow
37File/login.php?m=admin&c=Field&a=channel_editpredictiveHigh
38File/log_proxypredictiveMedium
39File/mailcleaner.php/getStatspredictiveHigh
40File/mfsNotice/pagepredictiveHigh
41File/my_photo_gallery/image.phppredictiveHigh
42File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
43File/novel/bookSetting/listpredictiveHigh
44File/novel/userFeedback/listpredictiveHigh
45File/nssys/common/filehandlepredictiveHigh
46File/opt/IBM/es/lib/libffq.cryptionjni.sopredictiveHigh
47File/opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.defpredictiveHigh
48File/owa/auth/logon.aspxpredictiveHigh
49File/php-sms/admin/?page=services/manage_servicepredictiveHigh
50File/phppath/phppredictiveMedium
51File/register.phppredictiveHigh
52File/sdm-ws-rest/preconfigurationpredictiveHigh
53File/services/details.asppredictiveHigh
54File/settingspredictiveMedium
55File/spip.phppredictiveMedium
56File/xxxx/xxxpredictiveMedium
57File/xxxxxxx/xxx/xxxxxxxxxx.xxxx?xxxxxx=xxxxxxxxxxpredictiveHigh
58File/xxxxxxx/predictiveMedium
59File/xxxxxxxxxx/x.xxxxxxpredictiveHigh
60File/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
61File/xxxxxxxxxxx-xxxxx-xxxxxxx/xxxxx/xxxxx/xxxxx/xxxxxx-xxxxxx.xxxpredictiveHigh
62File/xx-xxxxx/xxxxxxx.xxxpredictiveHigh
63File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
64File/x_xxxxxx_xxxxxxxx_xxxxxxx/xxxxx/xxxxxx/xxxx?x=x.x.x-x-xxxxxxxpredictiveHigh
65File/xx/xxxxx.xxxpredictiveHigh
66Filexxxxxxx.xxxpredictiveMedium
67Filexxxxxxxxxx.xxxpredictiveHigh
68Filexxx_xxxxxxx.xxxpredictiveHigh
69Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
70Filexxxxx.xxxpredictiveMedium
71Filexxxxx.xxx?xxx=xxxx&xxx=xxxpredictiveHigh
72Filexxxxx/xxxxx.xxxpredictiveHigh
73Filexxxxx/xxxxx_xxxxx.xxxpredictiveHigh
74Filexxxxx/xxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxxx.xxxpredictiveHigh
76Filexxxxx/xxxxx.xxxpredictiveHigh
77Filexxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
79Filexxxxxx/xxxxxx.xxpredictiveHigh
80Filexxx\xxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
81Filexxxxxx.xxxpredictiveMedium
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxxxxxxxxxx.xxxpredictiveHigh
84Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
85Filexxxxxxxxxxx/xxxx/$xxxx_xxpredictiveHigh
86Filexxxxxxxxxxxx_xx_xxxxx_xxxxxxxx.xxxpredictiveHigh
87Filexxx/xxxxxxxx_xxx_xxx_xxxx_xxxxx_xxxxxxx.xxpredictiveHigh
88Filexxxxxxx.xxpredictiveMedium
89Filexxxxxxx/xxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
90Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
91Filexxxx_xxxxxxxxxxx.xxxpredictiveHigh
92Filexxx/xxxxx/xxxxx.xpredictiveHigh
93Filexxxxxx/xxxxx-xxx_xxxxxxxx.xxxpredictiveHigh
94Filexxxx.xxxpredictiveMedium
95Filexxxxx.xxxpredictiveMedium
96Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveHigh
97Filexxx_xx_xxxxxx_xx.xxpredictiveHigh
98Filex:\xxxxxxpredictiveMedium
99Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxx\xxx\xxxxxx.xxxpredictiveHigh
100Filexxx_xxxxx.xxxpredictiveHigh
101Filexxxx_xxxxxxx.xxxpredictiveHigh
102Filexxxxxxxxx.xxxxpredictiveHigh
103Filexxxxxxxx.xxxpredictiveMedium
104Filexxx-xxx/xxxxxxx.xxpredictiveHigh
105Filexxx-xxx/xxxxx/xxxxx.xxxpredictiveHigh
106Filexxxxxxxxx.xxxpredictiveHigh
107Filexxxxx.xxxpredictiveMedium
108Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveHigh
109Filexxxxx-xxxxxxx.xxxpredictiveHigh
110Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
111Filexxx_xxxxxxxpredictiveMedium
112Filexxxxxxxxxx\xxxx.xxxpredictiveHigh
113Filexxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
114Filexxxxxxxxxxx.xxxpredictiveHigh
115Filexxxxxxxxx.xxpredictiveMedium
116Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
117Filexxxxxxx.xxxxx.xxxpredictiveHigh
118Filexxxxxx.xxxpredictiveMedium
119FilexxxxpredictiveLow
120Filexxxxxxxx.xxxpredictiveMedium
121Filexxxxxxxxxxxxx.xxxpredictiveHigh
122Filexxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
123Filexxxxxxx/xxx/xxxxxxxx/xx.xpredictiveHigh
124Filexxxxx.xpredictiveLow
125Filexxxx-xxxxxx.xxxpredictiveHigh
126Filexxxxx-xxxxxx/xxxxxxx/xxxxx/xxxxxxxxxxxxx/xxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
127Filexxxx.xxxpredictiveMedium
128Filexxxx/xxxxxxx.xpredictiveHigh
129Filexxxxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
130Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
131Filexxxx_xxxxxx.xxxpredictiveHigh
132Filexxxx_xxxxx.xpredictiveMedium
133Filexx-xxxxxxx/xxxxxxxxxxxx/xxxxxx/xxxxx.xxxxxxxxxxxx.xxxx.xxxpredictiveHigh
134Filexxxxxxx.xxxpredictiveMedium
135Filexxxx.xxxpredictiveMedium
136Filexxxxx.xxxpredictiveMedium
137Filexxxxxxx.xxxpredictiveMedium
138Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
139Filexx-xxxxxxx/xxxxxxxpredictiveHigh
140Filexxxxxx/xxxxx_xxxx_xxxxxxxpredictiveHigh
141Filexxxx.xxxpredictiveMedium
142Filexxxxx_xxxxxxxx.xxxpredictiveHigh
143Filexxxxx_xxxxxxxxx_xxxxxx.xxxpredictiveHigh
144Filexxxxx_xxxx.xxxpredictiveHigh
145Filexxxxxxxxxxxxx.xxxpredictiveHigh
146Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
147Filexxxxxxxxx.xxxpredictiveHigh
148Filexxxxxxxxxxxxx.xxxpredictiveHigh
149Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
150Filexx/xxxxxxx/xxxxxx-xxx-xx.xpredictiveHigh
151Filexxx/xxxxxx.xxxpredictiveHigh
152Filexxxxxxx/xxxx/xxxxxxxx.xxx.xxxpredictiveHigh
153Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
154Filexxxxxxxx/xxxxxx.xxxpredictiveHigh
155Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
156Filexxxxx.xxxxpredictiveMedium
157Filexxxxx.xxxpredictiveMedium
158Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
159Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
160Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
161Filexxxx.xxx.xxxpredictiveMedium
162Filexxxx_xxxx.xxxpredictiveHigh
163Filexxxx_xxxxxxx.xxxpredictiveHigh
164Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictiveHigh
165Filexxxxxx/xxxxxx.xpredictiveHigh
166Filexxxxxxx.xxxxx/xxx_xxxxxx.xxxpredictiveHigh
167Filexxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
168Filexxx.xxxpredictiveLow
169Filexxxxx.xxxpredictiveMedium
170Filexxxxx.xxxxpredictiveMedium
171Filexxxxx.xxxpredictiveMedium
172Filexxxxx.xxxpredictiveMedium
173Filexxx/xxxxpredictiveMedium
174Filexxxxxx/xxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
175Filexxxx.xxxxpredictiveMedium
176Filexxxxxxx.xxxpredictiveMedium
177Filexxxxxxxxxxxxxxxx.xpredictiveHigh
178Filexxxxxx/xxxxx.xxxpredictiveHigh
179Filexxxxxx/xxxxxx_xxxxx.xxx?xxxxxx=xxxxpredictiveHigh
180Filexx_xxxx.xpredictiveMedium
181Filexxxxxxx.xxxpredictiveMedium
182Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx.xxxpredictiveHigh
183Filexxxxxxx/xxxxx.xpredictiveHigh
184Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveHigh
185Filexxxxxxx_xxxx.xxxpredictiveHigh
186Filexxxx_xxxxxx.xxxpredictiveHigh
187Filexxxxxxxxx/xxxxx.xxxpredictiveHigh
188Filexxxxx.xxxpredictiveMedium
189Filexxxxxx.xxxpredictiveMedium
190Filexxxxx.xxxpredictiveMedium
191Filexx_xx.xpredictiveLow
192Filexxx/xxx/predictiveMedium
193Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
194Filexxxxx.xxxpredictiveMedium
195Filexxxxxx.xpredictiveMedium
196Filexxxxxxx.xxxpredictiveMedium
197Filexxxxxxx.xxxpredictiveMedium
198Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxx=xxxxxxxxxxpredictiveHigh
199Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
200Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
201Filexxxx.xxxpredictiveMedium
202Filexxxxxxxx.xxxpredictiveMedium
203Filexxxxxxx.xxxpredictiveMedium
204Filexxx/xxx.xxxpredictiveMedium
205Filexxxxxxxx.xxxpredictiveMedium
206Filexxxxx.xxxpredictiveMedium
207Filexxxxx.xxxpredictiveMedium
208Filexxxxxxxxxx.xxxpredictiveHigh
209Filexxxxxxxx-x.xxpredictiveHigh
210Filexxxxxxxx.xxxpredictiveMedium
211Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
212Filexxxxxxxx.xpredictiveMedium
213Filexx_xxxx.xpredictiveMedium
214Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
215Filexxxx_xxxxxxx.xpredictiveHigh
216Filexxxx_xxxx_xxxxxx.xxxpredictiveHigh
217Filexxxxxxx.xpredictiveMedium
218Filexxxxx.xxxpredictiveMedium
219Filexxxx.xxxpredictiveMedium
220Filexxxxxxx.xxxpredictiveMedium
221Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
222Filexxxx_xxxxxxx.xxxpredictiveHigh
223Filexxxx_xxx.xxxpredictiveMedium
224Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
225Filexxxxx.xxxpredictiveMedium
226Filexxxx_xxxxx.xxxxpredictiveHigh
227Filexxxxxxx.xxxpredictiveMedium
228Filexxx/xxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
229Filexxx/xxxxxxx/xxx_xxx/xxxxxx/xxxxxxxxx.xpredictiveHigh
230Filexxx/xx_xxx.xpredictiveMedium
231Filexxxxxxx.xxxpredictiveMedium
232Filexxxxxxxxxx_xxxx.xxxpredictiveHigh
233Filexxxxxxx.xxpredictiveMedium
234Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
235Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
236Filexxx/xxxx/xxxxpredictiveHigh
237Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
238Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
239Filexxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
240Filexxxx_xxxxxx.xxpredictiveHigh
241Filexxxx-xxxxxxxx.xxxpredictiveHigh
242Filexxxx-xxxxx.xxxpredictiveHigh
243Filexxxx-xxxxxxxx.xxxpredictiveHigh
244Filexxxxxxx.xpredictiveMedium
245Filexxxxx/xxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
246Filexxxxx.xxxpredictiveMedium
247Filexxxxxx_xxxxx.xxxpredictiveHigh
248Filexxxxxx.xxxpredictiveMedium
249Filexxxx/xxxxxxxx.xxxpredictiveHigh
250Filexxxxxx.xxxpredictiveMedium
251Filexxxxxxx.xxxxpredictiveMedium
252Filexxxxxxx-xxxxx.xxxpredictiveHigh
253Filexxxx_xxxxx.xxxpredictiveHigh
254Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
255Filexxx/xxx/xxx-xxx/xxxx.xxxpredictiveHigh
256Filexxxxxxxxxx/xxxxxxxxxx-xxxxx.xxxpredictiveHigh
257Filexxxx.xxxpredictiveMedium
258Filexxxxxxxx.xxxpredictiveMedium
259Filexxxx_xxx_xxx.xxxpredictiveHigh
260Filexxxx_xxxxxxx.xxxpredictiveHigh
261Filexxx/xx/xxxxxxx_xxxxx_xxxx_xxxx.xxpredictiveHigh
262Filexxxxxx.xxxpredictiveMedium
263Filexxxxx.xxxpredictiveMedium
264Filexxx/xxxxxx-xxxxxxx.xxxpredictiveHigh
265Filexxxxxxx/xxxxxxxxx/xxx/xxxxxxx.xpredictiveHigh
266Filexx-xxxxx/xxxx.xxx?xxxx_xxxx=xxxxx&xxxx=xxxxxx-xxxxxxx-xxxxxxxpredictiveHigh
267Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
268Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
269Filexx-xxxxxxxx/xxxxx.xxxpredictiveHigh
270Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
271Filexx-xxxxx.xxxpredictiveMedium
272Filexxx_xxxxx.xxxpredictiveHigh
273Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
274Filexxxx.xxxpredictiveMedium
275Filexxxxxxxxxxx.xxxpredictiveHigh
276FilexxxxxxxpredictiveLow
277File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveHigh
278File~/xxx/xxxxxxxxx/xxxx/xxxx/xxxxxx.xxxpredictiveHigh
279File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
280Libraryxxxxxx.xxxpredictiveMedium
281Libraryxxxxxxxxxxxxxx.xxxpredictiveHigh
282Libraryxxxx.xxxpredictiveMedium
283Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveHigh
284Libraryxxx/xxxx/xxxxxx.xxpredictiveHigh
285Libraryxxx/xxxxxxxx/xxxxxxx_xxxxxxxx.xxpredictiveHigh
286Libraryxxx/xxxxxxxxxx/xxxxx/xxxxxx.xxxpredictiveHigh
287Libraryxxx/xx/xxx.xxpredictiveHigh
288LibraryxxxxxxxxxpredictiveMedium
289Libraryxxxxxx.xxxpredictiveMedium
290Libraryxxxxxxxx.xxxpredictiveMedium
291Libraryxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxx.xpredictiveHigh
292Libraryxxxxxxxx.xxxpredictiveMedium
293Libraryxxx/xxx/xx/xxx/xxxxxx.xxxxxxxxxxx.xxpredictiveHigh
294Libraryxxx/xxx/predictiveMedium
295Libraryxxxxxxxx.xxxpredictiveMedium
296Libraryxx_xxxx.x/xxx_xxxx.x/xx_xxx.xpredictiveHigh
297Libraryxxxxx.xxxpredictiveMedium
298Libraryxxxxxxx.xxxpredictiveMedium
299Libraryxxxxxx.xxxpredictiveMedium
300Libraryxxxxx.xxxpredictiveMedium
301Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
302Argumentxxx_xxxx_xxxxxpredictiveHigh
303Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
304ArgumentxxxxxpredictiveLow
305Argumentxxxxx/xxxpredictiveMedium
306Argumentxxx_xxxpredictiveLow
307ArgumentxxxxxxxpredictiveLow
308ArgumentxxxxpredictiveLow
309ArgumentxxxxxpredictiveLow
310Argumentxxx_xxxxx_xxxxpredictiveHigh
311ArgumentxxxxxxxxxpredictiveMedium
312ArgumentxxxxxxpredictiveLow
313ArgumentxxxxpredictiveLow
314ArgumentxxxxxxxxpredictiveMedium
315ArgumentxxxxxpredictiveLow
316ArgumentxxxxxxpredictiveLow
317Argumentxxxxx xxxxxxx xxxx xxxxpredictiveHigh
318Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveHigh
319Argumentxxxxx_xxxxpredictiveMedium
320Argumentxxxx_xxx_xxxxpredictiveHigh
321ArgumentxxxpredictiveLow
322ArgumentxxxxxxxxxxpredictiveMedium
323ArgumentxxxxxpredictiveLow
324Argumentxxx_xxpredictiveLow
325Argumentxxxxxxx_xxpredictiveMedium
326ArgumentxxxxxxxxxpredictiveMedium
327Argumentxxxxxx_xxxpredictiveMedium
328ArgumentxxxpredictiveLow
329ArgumentxxxxxxxxxxxxxxxpredictiveHigh
330Argumentxxxx_xxpredictiveLow
331ArgumentxxxxxxpredictiveLow
332ArgumentxxxxxpredictiveLow
333Argumentxxx_x_xxxpredictiveMedium
334Argumentxxxx_xxxxx_xxxxxxxxxx_xxxxx_xxxxpredictiveHigh
335ArgumentxxxxxxxxxxpredictiveMedium
336ArgumentxxxxpredictiveLow
337ArgumentxxxxpredictiveLow
338ArgumentxxxxxxxxxxxxxxxpredictiveHigh
339ArgumentxxxpredictiveLow
340ArgumentxxxxxpredictiveLow
341ArgumentxxxxxxxpredictiveLow
342Argumentxxxxxxxxx_xxxxxxpredictiveHigh
343ArgumentxxxxxxxxxxxxxxpredictiveHigh
344ArgumentxxxxxxxxxpredictiveMedium
345ArgumentxxxxxxxpredictiveLow
346Argumentxx_xxxxxxxpredictiveMedium
347ArgumentxxxxpredictiveLow
348ArgumentxxxxxxxxpredictiveMedium
349ArgumentxxxxxpredictiveLow
350Argumentxxxxxx_xxxxxpredictiveMedium
351ArgumentxxxpredictiveLow
352Argumentxxxxxxxxx/xxxxxxpredictiveHigh
353ArgumentxxxxxxpredictiveLow
354Argumentxxxx_xxpredictiveLow
355Argumentxx_xxpredictiveLow
356Argumentxxxxxxx[xxxxxxx]predictiveHigh
357ArgumentxxxxxpredictiveLow
358Argumentxxxxx_xxxxxxxx_xxxxx_xx/xxxxx_xxxxxxxx_xxpredictiveHigh
359ArgumentxxxxxxxpredictiveLow
360Argumentxxxxx_xxpredictiveMedium
361ArgumentxxxxxxpredictiveLow
362ArgumentxxxxxxxpredictiveLow
363ArgumentxxxxxpredictiveLow
364ArgumentxxxxpredictiveLow
365Argumentxxxx/xxxxxxpredictiveMedium
366Argumentxxxx_xxxxpredictiveMedium
367ArgumentxxpredictiveLow
368ArgumentxxpredictiveLow
369ArgumentxxxpredictiveLow
370ArgumentxxxxxxpredictiveLow
371ArgumentxxxxxxpredictiveLow
372ArgumentxxxxxpredictiveLow
373ArgumentxxxpredictiveLow
374Argumentxxxxxxx_xxxxpredictiveMedium
375Argumentxxxx_xxpredictiveLow
376ArgumentxxxpredictiveLow
377ArgumentxxxxpredictiveLow
378Argumentxx_xxxxxxxpredictiveMedium
379ArgumentxxxxxxpredictiveLow
380Argumentxxxx_xxx_xxxxxxxx_xxxpredictiveHigh
381ArgumentxxxxxpredictiveLow
382Argumentxxxxxxx_xxxpredictiveMedium
383Argumentxxx/xxxpredictiveLow
384ArgumentxxxxpredictiveLow
385ArgumentxxxxxxpredictiveLow
386ArgumentxxxxpredictiveLow
387Argumentxxx xxxxxxxx/xxxxxxx xxxxxxxxpredictiveHigh
388ArgumentxxxxxxxxpredictiveMedium
389Argumentxxx_xxxxpredictiveMedium
390ArgumentxxpredictiveLow
391Argumentxxxxx xxxxxxpredictiveMedium
392Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
393ArgumentxxxxxpredictiveLow
394ArgumentxxxxxxxpredictiveLow
395ArgumentxxxxxxxpredictiveLow
396ArgumentxxxxpredictiveLow
397ArgumentxxxxxpredictiveLow
398ArgumentxxxxxxxxpredictiveMedium
399ArgumentxxxxxxxxpredictiveMedium
400ArgumentxxxxpredictiveLow
401Argumentxxxxxx_xxxxxxpredictiveHigh
402ArgumentxxxxxxxxxxpredictiveMedium
403ArgumentxxxxxxxpredictiveLow
404Argumentxxxxxxxx_xxpredictiveMedium
405ArgumentxxxxxxxxpredictiveMedium
406Argumentxxxxxx_xxxxpredictiveMedium
407Argumentxxx_xxxpredictiveLow
408ArgumentxxxxxxxxxxpredictiveMedium
409Argumentxxx_xxxpredictiveLow
410Argumentxxxxxx_xxxxxpredictiveMedium
411Argumentxxxxxxx_xxpredictiveMedium
412ArgumentxxxxxpredictiveLow
413ArgumentxxxpredictiveLow
414Argumentxxx_xxxxpredictiveMedium
415Argumentxxxxxxxx[xxxx]predictiveHigh
416Argumentxxxx_xxxxpredictiveMedium
417ArgumentxxxxpredictiveLow
418ArgumentxxxxxxpredictiveLow
419Argumentxxxxxx[]predictiveMedium
420ArgumentxxxxxxxxxxpredictiveMedium
421ArgumentxxxxxxpredictiveLow
422ArgumentxxxxxxxpredictiveLow
423ArgumentxxxxxxxxxxxxpredictiveMedium
424ArgumentxxxxxxxpredictiveLow
425ArgumentxxxpredictiveLow
426Argumentxxxxxx_xxxxxxxpredictiveHigh
427ArgumentxxxpredictiveLow
428ArgumentxxxxxpredictiveLow
429ArgumentxxxxpredictiveLow
430Argumentxxxx_xxpredictiveLow
431ArgumentxxxxxpredictiveLow
432ArgumentxxxpredictiveLow
433Argumentxxxx.xxxxxpredictiveMedium
434ArgumentxxxxxxpredictiveLow
435ArgumentxxxxxxpredictiveLow
436ArgumentxxxxxxpredictiveLow
437ArgumentxxxxxxxxpredictiveMedium
438Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
439Argumentxxxxx/xxxxpredictiveMedium
440Argumentxxxx_xx[]predictiveMedium
441ArgumentxxxxxpredictiveLow
442ArgumentxxxxpredictiveLow
443Argumentxxxxxxx/xxx/xxxpredictiveHigh
444Argumentxxxx->xxxxxxxpredictiveHigh
445Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
446Argument\xxx\predictiveLow
447Argument\xxxx\xxxxpredictiveMedium
448Argument_xxx_xxxxxxxxxxx_predictiveHigh
449Input Value%xx%xx%xxxxx%xxxxx%xx%xxxxxx.xxx%xx%xxxxxxxxx%xxxxxxxxxxxx%xxxxxxx('xxx')%xxpredictiveHigh
450Input Value-xpredictiveLow
451Input Value../predictiveLow
452Input Valuex xxxxx xxx xxxxxx xxxx,xxxx,xxxx,xxxx,xxxxxx(xxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxx)--predictiveHigh
453Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
454Input Valuexxxxxxxxx' xxx 'x'='xpredictiveHigh
455Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
456Input ValuexxxxpredictiveLow
457Input Valuexxx.xxx[xxxxx]predictiveHigh
458Pattern|xx xx xx xx|predictiveHigh
459Network PortxxxxxpredictiveLow
460Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
461Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh
462Network Portxxx/xxxpredictiveLow
463Network Portxxx/xxxxpredictiveMedium
464Network Portxxx xxxxxx xxxxpredictiveHigh

References (17)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!