H0lyGh0st Analysis

IOB - Indicator of Behavior (1000)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en953
zh24
es7
fr4
ru3

Country

us533
vn346
cn46
gb16
ca8

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Apache Superset External URL redirect4.94.9$5k-$25k$5k-$25kNot DefinedNot Defined0.080.00954CVE-2021-28125
2superjson Authentication code injection7.37.2$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00885CVE-2022-23631
3Vmware Workspace ONE Access/Identity Manager Template injection9.88.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.93243CVE-2022-22954
4nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined2.700.00000CVE-2020-12440
5OpenBB read.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.270.00986CVE-2005-1612
6Microsoft Windows Remote Procedure Call Runtime Remote Code Execution9.88.9$100k and more$5k-$25kUnprovenOfficial Fix0.120.22240CVE-2022-26809
77-zip Extension access control [False-Positive]6.35.8Calculating$0-$5kNot DefinedNot Defined0.030.02737CVE-2022-29072
8Keycloak cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2021-20195
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.630.04187CVE-2010-0966
10Laravel PendingBroadcast.php __destruct deserialization6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.040.00000CVE-2022-31279
11Microsoft Windows Support Diagnostic Tool DogWalk Remote Code Execution8.17.7$25k-$100k$5k-$25kFunctionalOfficial Fix0.000.01528CVE-2022-34713
12ASUS RT-AC88U Download Master Title injection5.95.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.060.00885CVE-2020-29655
13Synacor Zimbra Collaboration Memcache Command injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.05736CVE-2022-27924
14WSO2 API Manager Management Console cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.04983CVE-2022-29548
15Microsoft Windows Server Service unrestricted upload8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.060.01150CVE-2022-30216
16OTRS index.pl login sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.04386CVE-2005-3893
17Laravel Image Upload ValidatesAttributes.php unrestricted upload5.55.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.12492CVE-2021-43617
18Rarlab UnRAR Unpack pathname traversal6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.050.73665CVE-2022-30333
19Synacor Zimbra Collaboration Suite Element Attribute injection5.55.1$0-$5k$0-$5kFunctionalOfficial Fix0.000.01018CVE-2022-24682
20lodash Template command injection4.74.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.04106CVE-2021-23337

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • H0lyGh0st

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
1127.0.0.1localhostH0lyGh0stverifiedHigh
2XXX.XX.XX.XXXXxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Pathname TraversalpredictiveHigh
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-88, CWE-94Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
11TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
13TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
14TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
23TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
24TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh
26TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (314)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin.php?page=batch_manager&mode=unitpredictiveHigh
2File/admin/users_add.phppredictiveHigh
3File/administration/settings_registration.phppredictiveHigh
4File/appConfig/userDB.jsonpredictiveHigh
5File/bd_genie_create_account.cgipredictiveHigh
6File/c/macho_reader.cpredictiveHigh
7File/cgi-bin/luci/api/authpredictiveHigh
8File/cgi-bin/luci/api/diagnosepredictiveHigh
9File/claire_blakepredictiveHigh
10File/CMD_ACCOUNT_ADMINpredictiveHigh
11File/debug/pprofpredictiveMedium
12File/defaultui/player/modern.htmlpredictiveHigh
13File/etc/config/image_signpredictiveHigh
14File/etc/groupspredictiveMedium
15File/etc/init0.d/S80telnetd.shpredictiveHigh
16File/etc/shadow.samplepredictiveHigh
17File/forum/away.phppredictiveHigh
18File/ghost/previewpredictiveHigh
19File/goform/aspFormpredictiveHigh
20File/goform/SetIpMacBindpredictiveHigh
21File/htdocs/utils/Files.phppredictiveHigh
22File/jfinal_cms/system/role/listpredictiveHigh
23File/librarian/edit_book_details.phppredictiveHigh
24File/Main_Login.asp?flag=1&productname=RT-AC88U&url=/downloadmaster/task.asppredictiveHigh
25File/master/index.phppredictiveHigh
26File/mgmt/tm/util/bashpredictiveHigh
27File/mkshop/Men/profile.phppredictiveHigh
28File/MTFWUpredictiveLow
29File/omps/sellerpredictiveMedium
30File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
31File/pages/faculty_sched.phppredictiveHigh
32File/pages/processlogin.phppredictiveHigh
33File/php/passport/index.phppredictiveHigh
34File/php_action/createUser.phppredictiveHigh
35File/replicationpredictiveMedium
36File/xxxxxxxxxxxxxxxxxxxpredictiveHigh
37File/xxxxx_xxxxxx/xxxxxx_xxxx.xxxpredictiveHigh
38File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
39File/xxxxxxx/xxxxxxxxxxxpredictiveHigh
40File/xxxxxxx/xxxxxxxxxxxxxpredictiveHigh
41File/xxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
42File/xxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
43File/xxxxxxxxpredictiveMedium
44File/xxxxx/xxxxx/xxxxxx-xxxxxxpredictiveHigh
45File/xxxxxxx/xxxxx-xxxxxx.xpredictiveHigh
46File/xxxx/xxx.xxxxxpredictiveHigh
47File/xxxxxxx/predictiveMedium
48File/xxxx-xxxxx/xxxxx/xxx.xxxxpredictiveHigh
49File/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
50File/xxx/xxx/xxxxxxpredictiveHigh
51File/xxxxxxx-xxxxxxxxxx/xxxxx/xxxxxx_xxxxxx_xxxxxxx_xxxxxxx.xxx?xxxxxxx_xx=xxpredictiveHigh
52File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
53File/xx-xxxxpredictiveMedium
54File?xxxxxxxx=xxxxxxpredictiveHigh
55Filexxxxx/?xxxx=xxxxxxxxpredictiveHigh
56Filexxxxx/xxxxxx.xxxxxxxxx_xxxxx.xxxpredictiveHigh
57Filexxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
58Filexxxxxxx.xxxpredictiveMedium
59Filexxx/xxxxx/xxxxxxx/xxxx-xxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
60Filexxxxxxxxxxxx/xxxxxxxxx/xxx/xxxxx.xxxpredictiveHigh
61Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
62Filexxxxx/xxxx_xxx.xpredictiveHigh
63Filexxxx.xxxpredictiveMedium
64Filexxxxxxx.xxxxpredictiveMedium
65Filexxxxxx/xxx.xpredictiveMedium
66Filexxxx.xpredictiveLow
67Filex:\xxxxxxx.xxxpredictiveHigh
68Filex:\xxxxxxxxxxpredictiveHigh
69Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveHigh
70Filexxxxxxxx.xxxpredictiveMedium
71Filexxx-xxx/xxxxxxx.xxpredictiveHigh
72Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
73Filexxx-xxx/xxxxx/xxxxx/xxxxx/xxx_xxxx/xxxx_xxxx/predictiveHigh
74Filexxxxxxxxx.xxxpredictiveHigh
75Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
76Filexxxxx.xxxxxxxxxxx.xxxx[x]=xxxpredictiveHigh
77Filexxxxxxxxxx/xxxxxxx.xxxxpredictiveHigh
78Filexxxxxxxx.xxx.xxxpredictiveHigh
79Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxx_xpredictiveHigh
80Filexxxxxx.xpredictiveMedium
81Filexxxxxxxxxxxxxxxxxxxxxxx.xpredictiveHigh
82Filexxxxxxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
83Filexxxxxx/xxxx/x_xxx.xpredictiveHigh
84Filex_xxxxxxpredictiveMedium
85Filexxxxxxxxxxxxxxxxxx.xxpredictiveHigh
86Filexxxxxx.xxxpredictiveMedium
87Filexxx.xxxpredictiveLow
88Filexxxx.xxxpredictiveMedium
89Filexxxxxxxx.xxxpredictiveMedium
90Filexxxxxxx/xxxxx/xxx-xxxx/xxxxxx.xpredictiveHigh
91Filexxxxxxx/xxxx/xxxxxxx.xpredictiveHigh
92Filexxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxx/xxxxx_xxxxxxx.xpredictiveHigh
93Filexxxxxxx/xxx/xxxxxxx.xpredictiveHigh
94Filex/xxxxxxx/xxxxx.xxxpredictiveHigh
95Filexxxx.xxxpredictiveMedium
96Filexxx/xxxxxxxx/xxxxx_xxxxxxxxx.xpredictiveHigh
97Filexxxxxxxxxx.xxxpredictiveHigh
98Filexxxx/xxxxx/xxx_xxxxx.xxxpredictiveHigh
99Filexxxx_xx.xxpredictiveMedium
100Filexxx_xxxxxx.xxpredictiveHigh
101Filexxxxx/xxxxx.xxpredictiveHigh
102Filexxxx.xpredictiveLow
103Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
104Filexxxxxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
105Filexxx/xxxxxx.xxxpredictiveHigh
106Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
107Filexxxxxxxx/xxx/xxx_xxxxxxx.xxxpredictiveHigh
108Filexxxxx.xxxpredictiveMedium
109Filexxxxx.xxpredictiveMedium
110Filexxxxx.xpredictiveLow
111Filexxxxxxxxx/xxxx/xxxxxx/xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
112Filexxxxxx/xxxxxx/xxxxx.xxxpredictiveHigh
113Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
114Filexxxxxxxx/xx/xxxx_xxxxxx.xxpredictiveHigh
115Filexx/xxxxxxx.xpredictiveMedium
116Filexx/xxxxxxx.xpredictiveMedium
117Filexxxxxxxxxx.xxxpredictiveHigh
118Filexxx.xxxpredictiveLow
119Filexxxxxxxxxx/xxxxxx_xxxxxxxx.xpredictiveHigh
120Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
121Filexxxxx.xxxpredictiveMedium
122Filexxxxx-xxxxxx-xxxxxx.xxxxpredictiveHigh
123Filexxxxx.xxxpredictiveMedium
124Filexxxxx.xxxpredictiveMedium
125Filexxxx_xxxxx.xxxpredictiveHigh
126Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
127Filexxxxxxx.xpredictiveMedium
128Filexx/xxxxx/xxxxxxx/xxxx.xxpredictiveHigh
129Filexxx/xxxx/xxxx.xpredictiveHigh
130Filexxx/xxxxxxxxx/xx_xxx_xxxxxx.xpredictiveHigh
131Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
132Filexxx/xxx/xxx_xxxxxxxxxx.xpredictiveHigh
133Filexxxx.xxxpredictiveMedium
134Filexxxxxxxx.xxxpredictiveMedium
135Filexxxx.xxxxxx.xxpredictiveHigh
136Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
137Filexxxxxxxx-xxx-xxxxx.xxx.xxxpredictiveHigh
138Filexxxxx-xxxxxxxxx.xxxpredictiveHigh
139Filexxxxxxx_xxxxxx.xxxpredictiveHigh
140Filexxxxxx-xxx.xpredictiveMedium
141Filexxxx.xxxpredictiveMedium
142Filexxxxxxxxx.xxxxpredictiveHigh
143Filexxxxx.xxxpredictiveMedium
144Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
145Filexxxxxx.xpredictiveMedium
146Filexxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
147Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
148Filexxxxxxx.xxxxxxxxxxx.xxx/xxxx/xxxxxxx/xxxxxx-xxxxxxxxpredictiveHigh
149Filexxxxxx.xxxpredictiveMedium
150Filexxxxxxxxxxxxx.xxxpredictiveHigh
151Filexxxxxx_xxxxxx.xxxpredictiveHigh
152Filexxxxx.xxxpredictiveMedium
153Filexxxxxxxxxxx.xxxpredictiveHigh
154Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
155Filexxxxxx.xxxpredictiveMedium
156Filexxx/xxxx_xxxxxxx.xxpredictiveHigh
157Filexxx/xxxx_xxxx.xxpredictiveHigh
158Filexxxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
159Filexxxxxxx.xpredictiveMedium
160Filexxxxxxxxx/xxxxxxxxxxpredictiveHigh
161Filexxxx.xxxpredictiveMedium
162Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
163Filexxxxxxxx.xxxxpredictiveHigh
164Filexxxxxxx.xxxpredictiveMedium
165Filexxxxxx.xxxpredictiveMedium
166Filexxxxx.xpredictiveLow
167Filexxxxxxx_xxxpredictiveMedium
168Filexxxxx/xxxxx.xxpredictiveHigh
169Filexxxx_xxx_xxx.xxxpredictiveHigh
170Filexxxxxxx/xxxxxxxx/xxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
171Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
172Filexx-xxxxxxx/xxxxxxx/xxxxx-xxxxxxxx-xxxx-xxx/xxxxx_xxxxx/xxxxxxxx/xxxxxxxxx/xx_xxx_xxxxx_xxxxxxxx.xxxxxxxx.xxxpredictiveHigh
173Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
174Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
175Filexx-xxxxxxxxx.xxxpredictiveHigh
176File~/xxxxxxxxxxxxx.xxxpredictiveHigh
177File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
178File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
179Library/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
180Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
181Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictiveHigh
182Libraryxxxxx.xxxpredictiveMedium
183Libraryxxxx.xxxpredictiveMedium
184Libraryxxx/xxxxx/xxxxxxxx.xxpredictiveHigh
185Libraryxxxxxx.xxxpredictiveMedium
186Libraryxxxxxxxxxxxxxx.xxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
187Libraryxxxxxxxxxx.xxxpredictiveHigh
188Libraryxxxxxxxxx.xxx/xxxxxx.xxx/xxxxx.xxx/xxxxxxxxxxx.xxxpredictiveHigh
189Libraryxxxxxx.xxxxx.xxxxxxxpredictiveHigh
190Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
191Argumentxxx_xxxxpredictiveMedium
192ArgumentxxxxxxxxpredictiveMedium
193ArgumentxxpredictiveLow
194Argumentxxx_xxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
195ArgumentxxxxxxxpredictiveLow
196ArgumentxxxxxxxxpredictiveMedium
197ArgumentxxxpredictiveLow
198ArgumentxxxxxxpredictiveLow
199Argumentxxxxxxxxxx_xxxxpredictiveHigh
200ArgumentxxxpredictiveLow
201ArgumentxxxxxxxxxxxxxxxpredictiveHigh
202ArgumentxxxxxpredictiveLow
203Argumentxxxxx.xxxxxxxxxxx.xxxx[x]=xxxpredictiveHigh
204ArgumentxxxxxxxxxxxxpredictiveMedium
205ArgumentxxxxxxxxxpredictiveMedium
206ArgumentxxxxxxxxxpredictiveMedium
207ArgumentxxxxxxpredictiveLow
208Argumentxxxxxxx-xxxxpredictiveMedium
209ArgumentxxxxxxxxxxpredictiveMedium
210ArgumentxxxxxpredictiveLow
211Argumentxxxxxx/xxxxxxxxxxpredictiveHigh
212ArgumentxxxxpredictiveLow
213ArgumentxxxxxxxxxpredictiveMedium
214ArgumentxxxxxxxxxxxxxpredictiveHigh
215Argumentxxxx/xxxx/xxxxxxxxxpredictiveHigh
216Argumentxxxxx xxxxpredictiveMedium
217ArgumentxxxxxxxxxxxpredictiveMedium
218ArgumentxxxxxxxpredictiveLow
219ArgumentxxxxpredictiveLow
220ArgumentxxxxxxxxpredictiveMedium
221ArgumentxxxxpredictiveLow
222ArgumentxxxxpredictiveLow
223ArgumentxxxxxxxxpredictiveMedium
224ArgumentxxpredictiveLow
225ArgumentxxxxxxxxxpredictiveMedium
226ArgumentxxpredictiveLow
227ArgumentxxxxxxpredictiveLow
228ArgumentxxxxpredictiveLow
229ArgumentxxxxpredictiveLow
230ArgumentxxxxxxxxpredictiveMedium
231Argumentxxxx_xxxxpredictiveMedium
232ArgumentxxxxpredictiveLow
233ArgumentxxxxxxpredictiveLow
234ArgumentxxxxxxxxxxxxxpredictiveHigh
235Argumentxxx_xxxxpredictiveMedium
236Argumentxxxxxxxxx/xxxxxxxxxpredictiveHigh
237Argumentxxx_xxxxpredictiveMedium
238ArgumentxxxxxxpredictiveLow
239ArgumentxxxxpredictiveLow
240ArgumentxxxxpredictiveLow
241ArgumentxxpredictiveLow
242ArgumentxxpredictiveLow
243ArgumentxxxxxxxpredictiveLow
244Argumentxxxxxxx/xxxxxxxxxpredictiveHigh
245ArgumentxxxxpredictiveLow
246ArgumentxxxxpredictiveLow
247ArgumentxxxxxxpredictiveLow
248ArgumentxxxxxxxxpredictiveMedium
249ArgumentxxxxxxxxpredictiveMedium
250ArgumentxxxxxxxxpredictiveMedium
251ArgumentxxxxxxxpredictiveLow
252ArgumentxxxxxxxxxxxxxpredictiveHigh
253ArgumentxxxpredictiveLow
254ArgumentxxxxxxxxxxpredictiveMedium
255ArgumentxxxxxxxxxxxxxpredictiveHigh
256ArgumentxxxxxxxxxxxxxpredictiveHigh
257ArgumentxxxxxxxxxxxpredictiveMedium
258ArgumentxxxxxpredictiveLow
259Argumentxxxxx_xxxxxxpredictiveMedium
260Argumentx_xxxxpredictiveLow
261Argumentxxxxxxx/xxxxxpredictiveHigh
262ArgumentxxxxxxxxpredictiveMedium
263Argumentxxxxxxxx_xxxxxxxpredictiveHigh
264ArgumentxxxxxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxpredictiveMedium
266Argumentxxxxxx_xxxxpredictiveMedium
267ArgumentxxxxxxxpredictiveLow
268ArgumentxxxxxxxxxxxxpredictiveMedium
269ArgumentxxxxxxxxxxxxpredictiveMedium
270ArgumentxxxxxxxxxxpredictiveMedium
271ArgumentxxxxxxxxxxxpredictiveMedium
272ArgumentxxxxxxpredictiveLow
273ArgumentxxxxxxxxpredictiveMedium
274Argumentxxxxxx_xxxx_xxxxpredictiveHigh
275ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
276Argumentxxxx_xxxxpredictiveMedium
277ArgumentxxxpredictiveLow
278ArgumentxxxxxxxxpredictiveMedium
279ArgumentxxxxxxxpredictiveLow
280ArgumentxxxxpredictiveLow
281Argumentxxxxxxx_xxxpredictiveMedium
282ArgumentxxxxxxpredictiveLow
283ArgumentxxxxxpredictiveLow
284ArgumentxxxxxxpredictiveLow
285ArgumentxxxxxxxxxxxxxpredictiveHigh
286ArgumentxxxpredictiveLow
287Argumentxx_xxpredictiveLow
288ArgumentxxxpredictiveLow
289ArgumentxxxpredictiveLow
290ArgumentxxxxxpredictiveLow
291ArgumentxxpredictiveLow
292ArgumentxxxpredictiveLow
293ArgumentxxxxxxxxpredictiveMedium
294ArgumentxxxxxxxpredictiveLow
295ArgumentxxxxpredictiveLow
296Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
297ArgumentxxxxxxxxpredictiveMedium
298Argumentxxxxxxxx/xxxxpredictiveHigh
299Argumentxxxx_xxpredictiveLow
300Argumentxxxx_xxxxpredictiveMedium
301ArgumentxxxxpredictiveLow
302Argumentx-xxxxxxxxx-xxxpredictiveHigh
303Argument_xxx_xxxxxxx_xxxx_xxxxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxx_xxxxpredictiveHigh
304Argument_xxx_xxxxxxxxxxx_predictiveHigh
305Input Value' xx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x)-- xxxxpredictiveHigh
306Input Value..predictiveLow
307Input Value/%xxpredictiveLow
308Input ValuexxxxpredictiveLow
309Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
310Input ValuexxxxxpredictiveLow
311Input Valuexxxx<xxx xxx="" xxxxxxx=xxxxx(x)>predictiveHigh
312Patternxxxxxxxxxxxxx|xx| xxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
313Pattern|xx|/predictiveLow
314Network Portxxx/xxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!