H0lyGh0st Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en934
ru26
zh12
de8
ja8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us364
cn308
vn250
ru34
ie14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows36
Google Android22
Linux Kernel12
Mozilla Firefox12
Moodle12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix5.560.00936CVE-2020-15906
2AWStats Config awstats.pl Privilege Escalation5.04.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.00000
3PHP phpinfo cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.050.02101CVE-2007-1287
4DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.710.00943CVE-2010-0966
5TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix10.000.01009CVE-2006-6168
6Microsoft Windows win32k.sys xxxMenuWindowProc denial of service5.55.0$5k-$25k$0-$5kProof-of-ConceptUnavailable0.030.00000
7Apple CUPS Interface cross site scripting4.34.1$5k-$25k$0-$5kHighOfficial Fix0.020.00864CVE-2014-2856
8Apache Superset External URL redirect4.94.9$5k-$25k$0-$5kNot DefinedNot Defined0.030.00436CVE-2021-28125
9LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable5.110.00000
10MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.490.01302CVE-2007-0354
11Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.640.00000
12Ivanti Secure Access Client config8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00043CVE-2023-35080
13Oracle PeopleSoft Enterprise PeopleTools Integration Broker access control6.55.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.050.00799CVE-2017-3548
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.260.00241CVE-2020-12440
15AWStats awstats.pl privileges management7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00000
16Pirelli DRG A115 v3 ADSL Router DNS privileges management7.36.6$0-$5k$0-$5kFunctionalWorkaround0.020.00000
17NotificationX Plugin SQL Statement sql injection5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.02414CVE-2022-0349
18Minio Environment Variable information disclosure6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.94322CVE-2023-28432

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • H0lyGh0st

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1127.0.0.1localhostH0lyGh0st10/10/2022verifiedHigh
2XXX.XX.XX.XXXXxx-xxxxXxxxxxxxx07/15/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22, CWE-24, CWE-29Path TraversalpredictiveHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CWE-94, CWE-1321Argument InjectionpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
23TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (330)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File$HOME/.terminfopredictiveHigh
2File/admin/predictiveLow
3File/admin/admin_user.phppredictiveHigh
4File/admin/category/savepredictiveHigh
5File/admin/list_ipAddressPolicy.phppredictiveHigh
6File/admin/subject.phppredictiveHigh
7File/auth/auth.php?user=1predictiveHigh
8File/boaform/device_reset.cgipredictiveHigh
9File/cgi-bin/cstecgi.cgipredictiveHigh
10File/cgi-bin/cstecgi.cgi?action=loginpredictiveHigh
11File/cgi-bin/cstecgi.cgi?action=login&flag=1predictiveHigh
12File/cgi-bin/wlogin.cgipredictiveHigh
13File/cgi/cpaddons_report.plpredictiveHigh
14File/common/dict/listpredictiveHigh
15File/debug/pprofpredictiveMedium
16File/DXR.axdpredictiveMedium
17File/forum/away.phppredictiveHigh
18File/goform/goform_get_cmd_processpredictiveHigh
19File/HNAP1/predictiveLow
20File/importexport.phppredictiveHigh
21File/install/predictiveMedium
22File/Interface/DevManage/VM.phppredictiveHigh
23File/main/doctype.phppredictiveHigh
24File/main/webservices/additional_webservices.phppredictiveHigh
25File/mcpredictiveLow
26File/mgmt/predictiveLow
27File/net/bluetooth/rfcomm/core.CpredictiveHigh
28File/oauth/idp/.well-known/openid-configurationpredictiveHigh
29File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
30File/pdfpredictiveLow
31File/preview.phppredictiveMedium
32File/register.phppredictiveHigh
33File/remote/put_filepredictiveHigh
34File/server-statuspredictiveHigh
35File/setting/NTPSyncWithHostpredictiveHigh
36File/spip.phppredictiveMedium
37File/squashfs-root/etc_ro/custom.confpredictiveHigh
38File/xxx/x-xxxxxx/xxxxxxx/xxxxxx/xxxx/xxxxxxx.xpredictiveHigh
39File/xxxxxxxx/xxxxxx-xxxxxxx.xxxpredictiveHigh
40File/xxxxxx-xxxxxxxx-xxxx/predictiveHigh
41File/xxxxxxx/xxxx.xxxpredictiveHigh
42File/xxxxxxxx/xxx.xxxpredictiveHigh
43File/xxx/xxx/xxxx-xx/xxpredictiveHigh
44File/xxx/xxx/xxxx/xxxx-xxx-xxxxxxxxpredictiveHigh
45File/xxx/xxxxxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxxx/xxxx/xxxxxx.xxxxpredictiveHigh
48Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
49Filexxxxxxx.xxxpredictiveMedium
50Filexxx.xxxpredictiveLow
51Filexxxxx.xxxpredictiveMedium
52Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
53Filexxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxx/xxxxxxx/xxxxxxx_xxxx_xxxx.xxxpredictiveHigh
55Filexxxxx/xxxx/xxxxxx/xxxxxxx/xxxxxx/xxxx_xxxxxxxxxx.xxxpredictiveHigh
56Filexxxxxxx.xxxpredictiveMedium
57Filexxxxx_xxxxxx.xxxpredictiveHigh
58Filexxx/xxxx.xxpredictiveMedium
59Filexxx/xxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
60Filexxx/xxxxxxx/xxxxxxxxxxx_xxxxxx.xxpredictiveHigh
61Filexxxx/xxx/xxxxxx/xxx-xxxxxx.xpredictiveHigh
62Filexxxxxxx.xpredictiveMedium
63Filexxxxxxxx.xxxxpredictiveHigh
64Filexxxxxxxxxxxxxxxx.xxxxpredictiveHigh
65Filexxx-xxxxxxx-xxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxx/xxxxxxxxxx.xxxxpredictiveHigh
66Filexxxxxxx.xxpredictiveMedium
67Filexxxxxxx/xxxxx/xxxx/predictiveHigh
68Filexxx/xxxxxpredictiveMedium
69Filexxxxxx.xpredictiveMedium
70Filexxxxx/xxx-xxxxxx.xpredictiveHigh
71Filexxxxxxx/xxxxxxx/xxxxxxx.xxxx?xxxxpredictiveHigh
72Filexxxx.xpredictiveLow
73Filexxx-xxx/xxxxxxx_xxxxxxxxpredictiveHigh
74Filexxx-xxx/xxxxx/xxxxx/xxxxx/xxx_xxxx/xxxx_xxxx/predictiveHigh
75Filexxxxxxxx/xxxxxxxxxxx/xxxxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
76Filexxxxx.xxxpredictiveMedium
77Filexxx.xxx?xxx=xxxxx_xxxxpredictiveHigh
78Filexxxxxx/xxx.xpredictiveMedium
79Filexxxxxx/xxx.xpredictiveMedium
80Filexxxxx-xxxxxxx.xxxpredictiveHigh
81Filexxxxxx.xxxpredictiveMedium
82Filexxxxxx.xxxpredictiveMedium
83Filexxxxxx/x.xpredictiveMedium
84Filexxxx/xxxxxx.xxxxpredictiveHigh
85Filexxxxxxxx.xxxpredictiveMedium
86Filexxxxxxx.xxxpredictiveMedium
87Filexxxxxxx.xxxpredictiveMedium
88Filexxxxx.xxxpredictiveMedium
89Filexxxxxxxxxxxxxxxx-xxx/xxx/xxxx/xxxx/xxx/xxxxxx/xxxxxxxxxxxxxxxx/xxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
90Filexxxxxxx/xxx/xxx/xxx_xxxxxx.xpredictiveHigh
91Filexxxxxxx/xxxx/xxxxxx/xxx.xpredictiveHigh
92Filexxxxxxx/xxxxx/xxxxx/xxxxxx-xxx.xpredictiveHigh
93Filexxxxx.xxxpredictiveMedium
94Filexxxxx_xx.xxpredictiveMedium
95Filexxxxxxx.xpredictiveMedium
96Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
97Filexxxx.xxxpredictiveMedium
98Filexxxxxx/xxxxx/xxxx.xxxxxxxx.xxxpredictiveHigh
99Filexxxxxxxxxx.xxxpredictiveHigh
100Filexx-xxxxxxx/xxxxxxxpredictiveHigh
101Filexxxxxx/xxxxxxxxxxxxxpredictiveHigh
102Filexxxx.xxxpredictiveMedium
103Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
104Filexxxxxxxxx.xxxpredictiveHigh
105Filexxxx.xxxpredictiveMedium
106Filexxxx.xpredictiveLow
107Filexxxx_xxxx.xpredictiveMedium
108Filexxxxxx_xxxxxxx.xxxxpredictiveHigh
109Filexxx/xxxxxx.xxxpredictiveHigh
110Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
111Filexxxxx.xxxpredictiveMedium
112Filexxxxx.xxxpredictiveMedium
113Filexxxxx.xxx?x=xxxx://predictiveHigh
114Filexxxxxxxx.xxxpredictiveMedium
115Filexxxxxxx.xpredictiveMedium
116Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
117Filexxxxxxxxxxxxx.xxxpredictiveHigh
118Filexxxxx.xpredictiveLow
119Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
120Filexxx/xxxxxx.xxxpredictiveHigh
121Filexxxx.xpredictiveLow
122Filexxxxxxxxxx/xxxxxxxxxxxxx.xpredictiveHigh
123Filexxxxxxx.xxpredictiveMedium
124Filexxxxx.xxxpredictiveMedium
125Filexxxxxxxxxx/xx.xpredictiveHigh
126Filexxxx.xxxpredictiveMedium
127Filexxxxxxxxxxxx.xxxpredictiveHigh
128Filexxxxxxxx.xxxpredictiveMedium
129Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxx.xxxpredictiveMedium
131Filexxxxx.xxx.xxxpredictiveHigh
132Filexxx_xxxxx.xxxx/xxx_xxxxxxxx.xxxxpredictiveHigh
133Filexxx/xxxxxxxxx/xxx_xxxxxxxxx.xpredictiveHigh
134Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
135Filexxxxxx.xxxpredictiveMedium
136Filexxx_xxxx.xxxpredictiveMedium
137Filexxx/xx/xxx/xxxxxxxxxxpredictiveHigh
138Filexx/xxxxxxx/xxxxxxxx/xxx-xxxxxx.xpredictiveHigh
139Filexx/xxxxxxx/xxxxxxxx/xxx.xpredictiveHigh
140Filexxxxx.xxxpredictiveMedium
141Filexxxxxxxx-xxxxxxxx.xxxpredictiveHigh
142Filexxxxxxxxxxx.xxxxpredictiveHigh
143Filexxxxxxx.xxxpredictiveMedium
144Filexxxxxxx-xxxxxx.xxxpredictiveHigh
145Filexxxxxx/xxxxxxxxxx/xxx/xxxx.xxxpredictiveHigh
146Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
147Filexxxxxxx.xxxpredictiveMedium
148Filexxx.xxxxx.xxxpredictiveHigh
149Filexxxxx.xxxpredictiveMedium
150Filexxxxx.xxxpredictiveMedium
151Filexxxxxxxx.xxxpredictiveMedium
152Filexxxxxxxxxx.xxxpredictiveHigh
153Filexxxxxxxxxxxx.xxxpredictiveHigh
154Filexxxxxxx.xxpredictiveMedium
155Filexxx.xxxpredictiveLow
156Filexx_xxx.xxpredictiveMedium
157Filexxxxxx.xxpredictiveMedium
158Filexxxxxx.xxxpredictiveMedium
159Filexxxxxx-xxxxx.xxxpredictiveHigh
160Filexxxxxx_xxxxxxxxx.xxxpredictiveHigh
161Filexxxx_xxxxxxx.xxxpredictiveHigh
162Filexx_xxxxx_xxxx.xxxpredictiveHigh
163Filexxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
164Filexxx.xxxxpredictiveMedium
165Filexxx/xxxx/xxxx/xx/xxxxx/xxxxx/xxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
166Filexxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
167Filexxxxxxxx.xxxpredictiveMedium
168Filexxx_xxxxxxx.xpredictiveHigh
169Filexxxx-xxxxx.xxxpredictiveHigh
170Filexxxx-xxxxxxxx.xxxpredictiveHigh
171Filexxxxx/xxxxx/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
172Filexxxxx_xxx_xxxxxxx.xxxpredictiveHigh
173Filexxxxx.xxxpredictiveMedium
174Filexxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
175Filexxxxxx/xxxxx.xxx/xxxx/xxxxpredictiveHigh
176Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
177Filexxxx_xxxxx.xxxpredictiveHigh
178Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
179Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
180Filexx/xxxxxxxxx/xxpredictiveHigh
181Filexxxxxx.xxxpredictiveMedium
182Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveHigh
183Filexxxxxx\xxxxxx\xxxxxxxxx-xxxxxx-xxxxxxx\xxx\xxxxxxx\xxxxxxxxxxxxx.xxxpredictiveHigh
184Filexxxxx.xxxpredictiveMedium
185Filexxxxxx.xxxpredictiveMedium
186Filexxxxxx.xxxpredictiveMedium
187Filexxxxxx.xxxpredictiveMedium
188Filexx.xxxxxx/xxxxxxx/predictiveHigh
189Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
190Filexx-xxxxxxx/xxxxxxx/xxxx-xx-xxxx/predictiveHigh
191Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
192Filexx/xx/xxxxxpredictiveMedium
193Filexxxx.xxpredictiveLow
194File\xx_xxxx\xxx\xxxxxxxx\xxxxxxxx_xxxxxxx.xxpredictiveHigh
195Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
196Libraryxx/xxx/xxxx_xxxxxx.xxxpredictiveHigh
197Libraryx:/xxxxxxx xxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
198Libraryxxxxxxxx.xxxpredictiveMedium
199Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictiveHigh
200Libraryxxxxxxx.xxxpredictiveMedium
201Libraryxxxxxx_xxxxxxxx.xxxpredictiveHigh
202Libraryxxxxxxx-xxxxxx.xxxpredictiveHigh
203Libraryxxx/xxxx.xpredictiveMedium
204Libraryxxx/xxxxxxx.xpredictiveHigh
205Libraryxxx/xx/xxxxx/xxxxxxxxxx/xxxx.xxpredictiveHigh
206Libraryxxx/xxx.xpredictiveMedium
207Libraryxxxxxx.xxxpredictiveMedium
208Libraryxxxxx.xxxpredictiveMedium
209Libraryxxxxxx.xxx.xxx.xxxpredictiveHigh
210Libraryxxxxxxx.xxxpredictiveMedium
211Libraryxxxxxx.xxxpredictiveMedium
212Argumentxx/xxpredictiveLow
213ArgumentxxxxxxpredictiveLow
214ArgumentxxxxxpredictiveLow
215ArgumentxxxxxxxxxxxxxpredictiveHigh
216ArgumentxxxxxxxxxxxxxxpredictiveHigh
217ArgumentxxxxxxxxpredictiveMedium
218Argumentxxxx_xxxpredictiveMedium
219ArgumentxxxxxpredictiveLow
220ArgumentxxxxxxpredictiveLow
221ArgumentxxxxxxxpredictiveLow
222ArgumentxxxxxxxxxxpredictiveMedium
223ArgumentxxxpredictiveLow
224Argumentxxx_xxxxpredictiveMedium
225ArgumentxxxxxxxpredictiveLow
226Argumentxxxxxxx xxxx/xxxxxxxxxxxpredictiveHigh
227ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
228ArgumentxxxxxxxxxxpredictiveMedium
229ArgumentxxxxxpredictiveLow
230Argumentxxxxxxxxx_xxxxxx/xxxxxxxxx_xxxxxxpredictiveHigh
231ArgumentxxxxpredictiveLow
232ArgumentxxxxxxxxxpredictiveMedium
233ArgumentxxxxxxxpredictiveLow
234ArgumentxxxxxxpredictiveLow
235ArgumentxxxxxxxxxxxxpredictiveMedium
236ArgumentxxxpredictiveLow
237ArgumentxxxxpredictiveLow
238ArgumentxxxxpredictiveLow
239ArgumentxxxxxxxxpredictiveMedium
240Argumentxxxxxxxx/xxxxxxx/xxxxxpredictiveHigh
241Argumentxxxx_xxxxxxpredictiveMedium
242ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
243Argumentxxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveHigh
244Argumentxx_xxxxpredictiveLow
245Argumentxxxxx.xxxxxxxxx/xxxxx.xxxxxxxxxxpredictiveHigh
246ArgumentxxxxxxxpredictiveLow
247ArgumentxxxxxpredictiveLow
248Argumentxxxxxxxxx/xxxxxxpredictiveHigh
249Argumentxx=xxxxxx)predictiveMedium
250ArgumentxxxxpredictiveLow
251ArgumentxxxxxxxpredictiveLow
252ArgumentxxxxpredictiveLow
253Argumentxxxx_xxxxpredictiveMedium
254ArgumentxxxxpredictiveLow
255ArgumentxxpredictiveLow
256ArgumentxxpredictiveLow
257ArgumentxxxxxxxxxpredictiveMedium
258ArgumentxxxpredictiveLow
259ArgumentxxxxxxxpredictiveLow
260ArgumentxxxxxxxxxxxxxxpredictiveHigh
261ArgumentxxxxxxxpredictiveLow
262ArgumentxxxxpredictiveLow
263Argumentxxxx_xxxxpredictiveMedium
264ArgumentxxxxxxxpredictiveLow
265ArgumentxxxxxxxxxpredictiveMedium
266Argumentxxx_xxxxxxx_xxxpredictiveHigh
267ArgumentxxxxxxxxxpredictiveMedium
268Argumentxxxxx_xxxxxx_xxx/xxxxx_xxxx_xxxxxxxxpredictiveHigh
269ArgumentxxxxxxxxxpredictiveMedium
270Argumentxxxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxpredictiveHigh
271Argumentxxx_xxxpredictiveLow
272ArgumentxxxxxxxxxpredictiveMedium
273Argumentxx_xxpredictiveLow
274ArgumentxxpredictiveLow
275Argumentxxxxxx/xxxxx/xxxxpredictiveHigh
276ArgumentxxpredictiveLow
277Argumentxxxx/xxxxxx/xxxx_xx/xxxxxxxx_xxpredictiveHigh
278ArgumentxxxxxxxxpredictiveMedium
279Argumentxxxxx_xxxx_xxxxpredictiveHigh
280Argumentxxxx_xxxx_xxxxpredictiveHigh
281Argumentxxx/xxxxpredictiveMedium
282ArgumentxxxxxxxxxxxxxxxpredictiveHigh
283ArgumentxxxxxxxxxxxxpredictiveMedium
284Argumentxxxx_xxxpredictiveMedium
285ArgumentxxxxxxpredictiveLow
286ArgumentxxxxxxxxxxpredictiveMedium
287Argumentxxxxxxxx_xxxxxx_xxxxxpredictiveHigh
288Argumentxxxx_xxxxpredictiveMedium
289Argumentxxxxxx_xxpredictiveMedium
290ArgumentxxxxxxxxxpredictiveMedium
291ArgumentxxxpredictiveLow
292ArgumentxxxxxxxxxxxpredictiveMedium
293Argumentxxxxxxxx_xxxxxxx_xxxxxxx/xxxxxxxx_xxxxxx_xxxxxxxpredictiveHigh
294Argumentxxxx_xxpredictiveLow
295Argumentxxxxxxx[]predictiveMedium
296Argumentxxx_xxxxxpredictiveMedium
297ArgumentxxxxxxpredictiveLow
298ArgumentxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
299Argumentxxxxxxxx/xxxxpredictiveHigh
300ArgumentxxxxxxxxxxxxxxxpredictiveHigh
301Argumentxxxxxxxxxx_xxxx_xxxxxxpredictiveHigh
302ArgumentxxpredictiveLow
303ArgumentxxxxxxpredictiveLow
304ArgumentxxxpredictiveLow
305ArgumentxxxxxxxxpredictiveMedium
306ArgumentxxxxxxxxpredictiveMedium
307Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
308ArgumentxxxxxxxxxpredictiveMedium
309Argumentxxx_xxxxpredictiveMedium
310ArgumentxxxxpredictiveLow
311ArgumentxxpredictiveLow
312ArgumentxxxpredictiveLow
313Argumentx-xxxxxxxxx-xxxpredictiveHigh
314Argumentx-xxxxxxxxx-xxxxpredictiveHigh
315ArgumentxxxpredictiveLow
316ArgumentxxxxpredictiveLow
317Input Value"><xxxxxx xxx="xxxxx://xx.xxx/xxxxxxxxxx"></xxxxxx>predictiveHigh
318Input Value%xxpredictiveLow
319Input Value%xxxxxxxx%xxxxxxx%xxxxxxxx.xxxxxxxxxxxx%xxxxx,%xxxxx,%xxxxx%xx%xx%xx/xxxxxx%xxpredictiveHigh
320Input Value../../../xxx/xxxxxxpredictiveHigh
321Input Value/%xxpredictiveLow
322Input Valuex%xx"()%xx%xx<xxx><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
323Input Value<xxxxxx>xxxxx('xxxxxxxx.xxxxxx='+xxxxxxxx.xxxxxx)</xxxxxx>.xxxxxpredictiveHigh
324Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
325Input Value<xxxxx/xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
326Input ValuexxxxxxpredictiveLow
327Input Value\xpredictiveLow
328Pattern|xx|predictiveLow
329Network Portxxx/xxx (xxx)predictiveHigh
330Network Portxxx xxxxxx xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!