Johnnie Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en720
zh148
de34
es22
ru16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us344
cn258
es30
de26
ru18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows28
Qualcomm Snapdragon Auto16
Qualcomm Snapdragon Compute16
Qualcomm Snapdragon Industrial IOT16
Qualcomm Snapdragon Connectivity14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix10.000.01009CVE-2006-6168
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.790.00943CVE-2010-0966
3Pligg cloud.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.640.00000
4ALPACA improper authentication5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00110CVE-2021-3618
5Linux Kernel Pipe Dirty Pipe Privilege Escalation6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.07584CVE-2022-0847
6Google Chrome V8 type confusion6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00367CVE-2022-1232
7SolarWinds Network Performance Monitor deserialization9.89.8$0-$5k$0-$5kNot DefinedOfficial Fix0.080.69184CVE-2021-31474
8D-Link DIR-846 HNAP1 Privilege Escalation8.07.9$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00577CVE-2023-33735
9nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.260.00241CVE-2020-12440
10Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00246CVE-2014-8572
11MantisBT cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00482CVE-2014-9571
12MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.450.01302CVE-2007-0354
13jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00289CVE-2019-7550
14Apple Mac OS X Server Wiki Server cross site scripting4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.030.00263CVE-2009-2814
15Cisco ASA WebVPN Login Page logon.html cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.070.00192CVE-2014-2120
16D-Link DIR-860L/DIR-865L/DIR-868L soap.cgi os command injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.040.93644CVE-2018-6530
17Phpsugar PHP Melody page_manager.php cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00083CVE-2017-15648
18TP-Link TL-WR902AC dm_fillObjByStr stack-based overflow6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.010.00172CVE-2022-25074
19Netgear WN604/WN802Tv2/WNAP210/WNAP320/WNDAP350/WNDAP360 boardDataWW.php command injection9.89.4$25k-$100k$0-$5kProof-of-ConceptNot Defined0.030.97373CVE-2016-1555
20WASM3 poc.wasm heap-based overflow5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00048CVE-2022-28990

IOC - Indicator of Compromise (60)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
120.36.253.92Johnnie07/22/2021verifiedHigh
223.1.236.9a23-1-236-9.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
323.6.69.99a23-6-69-99.deploy.static.akamaitechnologies.comJohnnie07/22/2021verifiedHigh
423.46.150.48a23-46-150-48.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
523.46.150.72a23-46-150-72.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
623.105.131.235Johnnie07/22/2021verifiedHigh
723.218.140.208a23-218-140-208.deploy.static.akamaitechnologies.comJohnnie07/22/2021verifiedHigh
823.221.72.10a23-221-72-10.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
923.221.72.16a23-221-72-16.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
1023.221.72.27a23-221-72-27.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
1123.221.73.32a23-221-73-32.deploy.static.akamaitechnologies.comJohnnie06/19/2022verifiedHigh
1234.107.221.8282.221.107.34.bc.googleusercontent.comJohnnie07/22/2021verifiedMedium
13XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx07/22/2021verifiedMedium
14XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx07/22/2021verifiedMedium
15XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx07/22/2021verifiedMedium
16XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx07/22/2021verifiedMedium
17XX.XXX.XXX.XXXxxxxxx07/22/2021verifiedHigh
18XX.XX.XX.XXxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
19XX.XX.XX.XXXxxxxxxxxxx.xxxxxx.xxxXxxxxxx06/19/2022verifiedHigh
20XX.XX.XX.XXxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
21XX.XX.XX.XXxx.xx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
22XX.XX.XX.XXXXxxxxxx07/22/2021verifiedHigh
23XX.XXX.X.XXxxx-xx-xxx-x-xx.xxxxxx.xxx.xx.xxxXxxxxxx07/22/2021verifiedHigh
24XX.XX.XXX.Xxxxxxx-xx-xx-xxx-x.xxxxx.x.xxxxxxxxxx.xxxXxxxxxx07/23/2021verifiedHigh
25XX.XX.XXX.XXXxxxxxx-xx-xx-xxx-xxx.xxxxx.x.xxxxxxxxxx.xxxXxxxxxx07/22/2021verifiedHigh
26XXX.XX.XX.XXXxxxxxx06/19/2022verifiedHigh
27XXX.XX.XX.XXXXxxxxxx06/19/2022verifiedHigh
28XXX.XX.XX.XXXXxxxxxx07/23/2021verifiedHigh
29XXX.XX.XX.XXXxxxxxx07/23/2021verifiedHigh
30XXX.XXX.XXX.XXxxxxxxxxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx07/22/2021verifiedHigh
31XXX.XXX.XXX.XXXXxxxxxx07/22/2021verifiedHigh
32XXX.XX.XXX.Xxx-xxx-xx-xxx-x-xxx.xxxxxx.xxxXxxxxxx03/19/2022verifiedHigh
33XXX.XX.XXX.Xxx-xxx-xx-xxx-x-xxx.xxxxxx.xxxXxxxxxx03/19/2022verifiedHigh
34XXX.XX.XXX.Xxx-xxx-xx-xxx-x-xxx.xxxxxx.xxxXxxxxxx03/19/2022verifiedHigh
35XXX.XX.XXX.Xxx-xxx-xx-xxx-x-xxx.xxxxxx.xxxXxxxxxx03/19/2022verifiedHigh
36XXX.XX.XXX.Xxx-xxx-xx-xxx-x-xxx.xxxxxx.xxxXxxxxxx07/22/2021verifiedHigh
37XXX.XXX.XXX.XXxx-xxx-xxx-xxx.xxxxx.xxxxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
38XXX.XXX.XXX.XXXXxxxxxx07/23/2021verifiedHigh
39XXX.XXX.XXX.XXXXxxxxxx07/22/2021verifiedHigh
40XXX.XX.XXX.XXXxxxxxxxxxxx.xxxxxxxx.xxXxxxxxx07/22/2021verifiedHigh
41XXX.XX.XXX.XXXxxxxxx06/19/2022verifiedHigh
42XXX.XX.XXX.XXXXxxxxxx06/19/2022verifiedHigh
43XXX.XXX.XXX.XXXxxxxxx07/22/2021verifiedHigh
44XXX.XXX.XX.XXXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
45XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
46XXX.XX.XX.XXXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxxx04/08/2022verifiedHigh
47XXX.X.XXX.XXxxxxxx.xx.xxx.x.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxx07/23/2021verifiedHigh
48XXX.XX.XX.XXXxxx.xx.xx.xxx.xxxxxx.xxxx.xxx.xxx.xxXxxxxxx04/08/2022verifiedHigh
49XXX.XXX.XXX.XXXXxxxxxx04/08/2022verifiedHigh
50XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxx.xxxx.xxx.xxx.xxXxxxxxx07/23/2021verifiedHigh
51XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxx.xxxx.xxx.xxx.xxXxxxxxx04/08/2022verifiedHigh
52XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxx.xxxx.xxxXxxxxxx07/23/2021verifiedHigh
53XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx-xxx.xxxxxx.xxxXxxxxxx07/22/2021verifiedHigh
54XXX.XXX.XXX.XXxx-xxx-xxx-xxx.xx-xxx-xxxx.xxx.xxXxxxxxx04/08/2022verifiedHigh
55XXX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxx-xxx-xxxx.xxx.xxXxxxxxx04/08/2022verifiedHigh
56XXX.XX.XXX.XXxxx.xx.xxx.xx.xxxxxx.xxxx.xxx.xxx.xxXxxxxxx04/08/2022verifiedHigh
57XXX.XX.XX.XXXxxxxxx04/12/2022verifiedHigh
58XXX.XX.XXX.Xxx-xxx.xxxXxxxxxx07/22/2021verifiedHigh
59XXX.XX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx07/22/2021verifiedHigh
60XXX.XXX.XX.XXxxx-xx-xxxx.xxxxx.xxxXxxxxxx07/23/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Path TraversalpredictiveHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CWE-250, CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6T1078.001CWE-259Use of Hard-coded PasswordpredictiveHigh
7TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
13TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
14TXXXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
18TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
24TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
25TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
26TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (360)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/act/ActDao.xmlpredictiveHigh
3File/ajax.php?action=read_msgpredictiveHigh
4File/api/clusters/local/topics/{topic}/messagespredictiveHigh
5File/api/gen/clients/{language}predictiveHigh
6File/app/options.pypredictiveHigh
7File/bin/httpdpredictiveMedium
8File/category_view.phppredictiveHigh
9File/cgi-bin/wapopenpredictiveHigh
10File/ci_spms/admin/categorypredictiveHigh
11File/ci_spms/admin/search/searching/predictiveHigh
12File/classes/Master.php?f=delete_appointmentpredictiveHigh
13File/classes/Master.php?f=delete_trainpredictiveHigh
14File/concat?/%2557EB-INF/web.xmlpredictiveHigh
15File/Content/Template/root/reverse-shell.aspxpredictiveHigh
16File/ctcprotocol/ProtocolpredictiveHigh
17File/dashboard/menu-list.phppredictiveHigh
18File/data/removepredictiveMedium
19File/debug/pprofpredictiveMedium
20File/ebics-server/ebics.aspxpredictiveHigh
21File/etc/passwdpredictiveMedium
22File/ffos/classes/Master.php?f=save_categorypredictiveHigh
23File/forum/away.phppredictiveHigh
24File/getcfg.phppredictiveMedium
25File/goform/net\_Web\_get_valuepredictiveHigh
26File/goforms/rlminfopredictiveHigh
27File/GponForm/usb_restore_Form?script/predictiveHigh
28File/group1/uploapredictiveHigh
29File/hedwig.cgipredictiveMedium
30File/HNAP1predictiveLow
31File/HNAP1/SetClientInfopredictiveHigh
32File/Items/*/RemoteImages/DownloadpredictiveHigh
33File/menu.htmlpredictiveMedium
34File/MIME/INBOX-MM-1/predictiveHigh
35File/modules/profile/index.phppredictiveHigh
36File/nagiosxi/admin/banner_message-ajaxhelper.phppredictiveHigh
37File/navigate/navigate_download.phppredictiveHigh
38File/ocwbs/admin/?page=user/manage_userpredictiveHigh
39File/ofrs/admin/?page=user/manage_userpredictiveHigh
40File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveHigh
41File/out.phppredictiveMedium
42File/page.phppredictiveMedium
43File/xxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
44File/xxx_xxxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
45File/xxxxxxpredictiveLow
46File/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxx/predictiveHigh
47File/xxx/xxxxxx/xxxxxxxxpredictiveHigh
48File/xxxxxxxx-xxxx/xxxxxxxx_xxxx.xxxpredictiveHigh
49File/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
50File/xxxxxxxxx//../predictiveHigh
51File/xxxxxxx/xxxx_xxxxxxpredictiveHigh
52File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
53File/xxxxxxxxxxxxx/xxxpredictiveHigh
54File/xxxx.xxxpredictiveMedium
55File/xxxxxxxx-xxxx/xxx/xxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
56File/xxxxxx/predictiveMedium
57File/xxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
58File/xxxpredictiveLow
59File/xxxx.xxxpredictiveMedium
60File/xxxxxxx/predictiveMedium
61File/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
62File/xxxxxxxx_xxxxx/?x=xxxx_xxxxxxxpredictiveHigh
63File/xxxx/xxx/xxx.xxxxpredictiveHigh
64File/xxxx/?xxxx=xx_xxxxxxxxpredictiveHigh
65File/xx-xxxxpredictiveMedium
66Filexxx.xxxpredictiveLow
67Filexxxxxxx.xxxpredictiveMedium
68Filexxxxx/?xxxx=xxxxxxxpredictiveHigh
69Filexxxxx/xxx.xxxpredictiveHigh
70Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
71Filexxxxx/xx_xxxxxxxx.xxxpredictiveHigh
72Filexxxxx/xxxx-xxxxx.xxxpredictiveHigh
73Filexxxxx/xxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
74Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
76Filexxxxx/xxxxxxxx.xxxxpredictiveHigh
77Filexxxx_xxxxxxx.xxxpredictiveHigh
78Filexxx/xxx/xxxxxpredictiveHigh
79Filexxxxxxxxxxxxxx.xxxpredictiveHigh
80Filexxxx.xxx_xxxxx_xxxx_xxxx-xxxx.xxxpredictiveHigh
81Filexxxx/xxxxxpredictiveMedium
82Filexxxxxx.xxxxpredictiveMedium
83Filexxxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxx/xxxxxxxxxxx.xxxpredictiveHigh
84Filexxxx_xx.xxpredictiveMedium
85Filexxxxxxxxx.xxxpredictiveHigh
86Filexx_xxxx.xxxpredictiveMedium
87Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
88Filexxx.xxxxpredictiveMedium
89Filexxxxx.xxxpredictiveMedium
90Filexx.xxxxxx.xxxx.xxxx.xxxxxxx.xxxxpredictiveHigh
91Filexxxxxx/xxx.xpredictiveMedium
92Filexxxx_xxxxxxxx/xx.xxxpredictiveHigh
93Filexxxx_xxxx.xxxpredictiveHigh
94Filexxxxxxx.xxxxxxxx.xxxpredictiveHigh
95Filexxxx.xxpredictiveLow
96Filex_xxxxxxpredictiveMedium
97Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
98Filexx.xxxpredictiveLow
99Filexxxxxxxxxxxx.xxxpredictiveHigh
100Filexxxx_xxxx.xxxpredictiveHigh
101Filexxxxxxxx_xxxxx_xxxxxxxxx.xxxpredictiveHigh
102Filexxxxxxxx.xxxpredictiveMedium
103Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxxpredictiveHigh
104Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=xpredictiveHigh
105Filexxxxx.xxxpredictiveMedium
106Filexxxxxxx.xxxpredictiveMedium
107Filexxxx-xxxxx.xpredictiveMedium
108Filexxxx.xpredictiveLow
109Filexxxx.xxxpredictiveMedium
110Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
111Filexxxxxxxxxx.xxxpredictiveHigh
112Filexx_xxxx.xxxpredictiveMedium
113Filexxxxxxxxx.xxx.xxxpredictiveHigh
114Filexxxxxxxxxx.xxxpredictiveHigh
115Filexxxxx.xxxpredictiveMedium
116Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
117Filexxxx.xxxpredictiveMedium
118Filexxxxxxxx/xxxx_xxxxpredictiveHigh
119Filexxxxxxxx-xxx/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxx.xxpredictiveHigh
120Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
121Filexxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
122Filexxxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
123Filexxxx.xxxpredictiveMedium
124Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
125Filexxxx.xxpredictiveLow
126Filexxxxxxxxxxxxxx.xxxpredictiveHigh
127Filexxx/xxxxxx.xxxpredictiveHigh
128Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
129Filexxxxx.xxxxpredictiveMedium
130Filexxxxx.xxpredictiveMedium
131Filexxxxx.xxxpredictiveMedium
132Filexxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
133Filexxxxxxx.xpredictiveMedium
134Filexxxxxxxx/xx/xxxx_xxxxxx.xxpredictiveHigh
135Filexxxxx.xxxpredictiveMedium
136Filexxx.xpredictiveLow
137Filexxxx.xxxpredictiveMedium
138Filexxxx_xxxx.xxxpredictiveHigh
139Filexxx_xxxxxx_xxxxxx.xxpredictiveHigh
140Filexxxx.xpredictiveLow
141Filexxxxxx/xxxxxx/xxxxxx-xx.xpredictiveHigh
142Filexxxxxxxxxxxx/xxxxxx_xxxxx.xxpredictiveHigh
143Filexxxx/xxxxxxxx/xxxxxx_xxxxxxxx.xpredictiveHigh
144Filexxxxx.xxxpredictiveMedium
145Filexxxxx.xxxpredictiveMedium
146Filexxxxx/predictiveLow
147Filexxxxx_xxxpredictiveMedium
148Filexxxxx/xxxxxxxx/xxxxxxxx.xxpredictiveHigh
149Filexxx_xxxxx.xpredictiveMedium
150Filexxxxxx/xxxxxx.xxxpredictiveHigh
151Filexxxxxxxx.xxpredictiveMedium
152Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
153Filexxx_xx/xxx_xx_xxxxxx.xpredictiveHigh
154Filexxxxxxx.xxxpredictiveMedium
155Filexxxx_xxxx.xxxpredictiveHigh
156Filexxxxxxxxx.xxxpredictiveHigh
157Filexxxxxx.xxxpredictiveMedium
158Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
159Filexxxx_xxxxxxx.xxxpredictiveHigh
160Filexxx_xxxxxx.xxpredictiveHigh
161Filexxxxxxxxx.xxx.xxxpredictiveHigh
162Filexxx-xxxx\xxxxx\xxxxxx_xxxx\xxxxx.xxxpredictiveHigh
163Filexxx/xxxxxx_xxxx.xxxpredictiveHigh
164Filexxxxx/xxxxxxxx/xxx/xxx_xxxxx.xxxpredictiveHigh
165Filexxxxxxxx.xxxpredictiveMedium
166Filexxxxxxxxx.xxxpredictiveHigh
167Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
168Filexxxx.xxxpredictiveMedium
169Filexxxxxxxx.xxxpredictiveMedium
170Filexxxxxxxxxxxxxx.xxxpredictiveHigh
171Filexxxxx-xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
172Filexxxx.xxxpredictiveMedium
173Filexxxxx.xxxpredictiveMedium
174Filexxxxxxxxxx.xxxpredictiveHigh
175Filexxxxxxxx.xxxpredictiveMedium
176Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
177Filexxxxxx.xpredictiveMedium
178Filexxxxxx-xxxxxxx-xxxxx.xxxpredictiveHigh
179Filexxxxxx/xxxxxxxx.xxxpredictiveHigh
180Filexxxxx.xxxpredictiveMedium
181Filexxxxxxxxxxx.xxxpredictiveHigh
182Filexxxx.xxxpredictiveMedium
183Filexxxx.xxxpredictiveMedium
184Filexxxx/xxxxx.xxxpredictiveHigh
185Filexxxx/xxxx.xxxpredictiveHigh
186Filexxxx_xxxx.xxxpredictiveHigh
187Filexxxx.xxxpredictiveMedium
188Filexxxxxxx.xxxpredictiveMedium
189Filexx_xxxx/xxxx_xxxx.xpredictiveHigh
190Filexx_xxxx/xxxxxxxxxxxxxxxx.xpredictiveHigh
191Filexxx_xxxxx.xpredictiveMedium
192Filexxxxxxx.xxxpredictiveMedium
193Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
194Filexxxxxxxx.xxxpredictiveMedium
195Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
196Filexxxxxxx.xxxpredictiveMedium
197Filexxxx-xxxxx.xxxpredictiveHigh
198Filexxxx-xxxxxxxx.xxxpredictiveHigh
199Filexxxxx/xxxx_xxxxx.xpredictiveHigh
200Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
201FilexxxxxxxxxpredictiveMedium
202Filexxxxxxx_xxxxx.xxxpredictiveHigh
203Filexxxxxx.xxxpredictiveMedium
204Filexxxx.xxxxpredictiveMedium
205Filexxxxxxxxx.xxxpredictiveHigh
206Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
207Filexxxxx.xxxpredictiveMedium
208Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
209Filexxxx\xxxxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
210Filexxxxx.xpredictiveLow
211Filexxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
212Filexxxxx.xxxpredictiveMedium
213Filexxx/xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
214Filexxxxxx/xxx.xxxpredictiveHigh
215Filexxxxxxx-xxxx.xxxpredictiveHigh
216Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
217Filexxxxxx.xxxxpredictiveMedium
218File\xxxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
219File__xxxx_xxxxxxxx.xxxpredictiveHigh
220File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
221File~/xxxxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
222Libraryxxxx/xxx/xxxxxx.xxxpredictiveHigh
223Libraryxxxxx.xxxpredictiveMedium
224Libraryxxx/xxxx/xxxxxx.xxpredictiveHigh
225Libraryxxx/xxxxxxx.xxpredictiveHigh
226Libraryxxxxxxx/xxxxxxxx.xxxpredictiveHigh
227Libraryxxxxxxxx.xxxpredictiveMedium
228Libraryxxxxxxxx.xxxpredictiveMedium
229Libraryxxx/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxx.xxxxx.xxxpredictiveHigh
230Argument$_xxxxxx['xxx_xxxx']predictiveHigh
231Argument?xxxxxxpredictiveLow
232Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
233Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
234ArgumentxxxxxpredictiveLow
235Argumentxxxxx_xxxxxxxxpredictiveHigh
236ArgumentxxxpredictiveLow
237Argumentxxxx(xxxx_xxxx)predictiveHigh
238ArgumentxxxxxpredictiveLow
239ArgumentxxxxxxxxpredictiveMedium
240Argumentxxxxxxx_xxpredictiveMedium
241Argumentxxxxxxxxxx_xxxxpredictiveHigh
242ArgumentxxxpredictiveLow
243ArgumentxxxxxxxxxxpredictiveMedium
244ArgumentxxxxxxxxxxxxxxxpredictiveHigh
245Argumentxxxx_xxpredictiveLow
246ArgumentxxxxxxxpredictiveLow
247Argumentxxxxxxx-xxxxxxpredictiveHigh
248Argumentxxxxxxx-xxxxxxxx-xxxxxxpredictiveHigh
249Argumentxxxxx_xxpredictiveMedium
250ArgumentxxxxpredictiveLow
251Argumentxxxx_xxxxpredictiveMedium
252ArgumentxxxxxxxxxxxpredictiveMedium
253ArgumentxxxxpredictiveLow
254Argumentxxxx_xxxxxx=xxxxpredictiveHigh
255ArgumentxxxxxpredictiveLow
256ArgumentxxxxxxpredictiveLow
257ArgumentxxxxxxxxxxxxpredictiveMedium
258ArgumentxxxxxxpredictiveLow
259ArgumentxxxxpredictiveLow
260ArgumentxxxxxxxxxxpredictiveMedium
261ArgumentxxxxxxxxpredictiveMedium
262ArgumentxxxxxxxxpredictiveMedium
263ArgumentxxxxxxxxxxxxxxxpredictiveHigh
264ArgumentxxxxxpredictiveLow
265ArgumentxxxxpredictiveLow
266ArgumentxxxxpredictiveLow
267ArgumentxxxxxxxxxxxxxxpredictiveHigh
268ArgumentxxpredictiveLow
269ArgumentxxpredictiveLow
270Argumentxx/xxxxxpredictiveMedium
271Argumentxx_xxxxxxxxpredictiveMedium
272ArgumentxxxxxxxxpredictiveMedium
273ArgumentxxxpredictiveLow
274ArgumentxxxxxxpredictiveLow
275ArgumentxxxxpredictiveLow
276Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
277Argumentxxxxxxxx_xxxpredictiveMedium
278ArgumentxxxxpredictiveLow
279ArgumentxxxxxxxxxxpredictiveMedium
280ArgumentxxxxxxxxpredictiveMedium
281ArgumentxxxpredictiveLow
282ArgumentxxxpredictiveLow
283Argumentxxxx/xxxxxxxxxxxpredictiveHigh
284Argumentxxxxxxx/xxxxxxxpredictiveHigh
285ArgumentxxxxxxxxpredictiveMedium
286Argumentxx_xxpredictiveLow
287Argumentxxxxxx xxxxxxpredictiveHigh
288ArgumentxxxxxxxxpredictiveMedium
289ArgumentxxxxxxxxxxpredictiveMedium
290ArgumentxxxxpredictiveLow
291ArgumentxxxxxxpredictiveLow
292ArgumentxxxxxxpredictiveLow
293Argumentxxxxxxxx/xxxxxxpredictiveHigh
294Argumentxxxx_xxxxxpredictiveMedium
295ArgumentxxxpredictiveLow
296ArgumentxxxxxxxxpredictiveMedium
297ArgumentxxxxpredictiveLow
298ArgumentxxxxxxxxpredictiveMedium
299ArgumentxxxxxxxxxpredictiveMedium
300Argumentxxx_xxxxxx_xxxxpredictiveHigh
301ArgumentxxxxxxxxpredictiveMedium
302Argumentxxxxxxx xxxxxpredictiveHigh
303ArgumentxxxxxxpredictiveLow
304Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
305Argumentxxxxx_xxxxxxpredictiveMedium
306ArgumentxxxxxxxpredictiveLow
307ArgumentxxxxxxxxxxpredictiveMedium
308ArgumentxxxxxxxxxxxxxxpredictiveHigh
309ArgumentxxxxxxxxxxpredictiveMedium
310ArgumentxxxxxxpredictiveLow
311ArgumentxxxxxxxxxxxxxxxpredictiveHigh
312Argumentxxxxxx/xxxxxx/xxxpredictiveHigh
313ArgumentxxxxxxpredictiveLow
314Argumentxxxxxx_xxxxxxpredictiveHigh
315ArgumentxxxxxxxxxxpredictiveMedium
316ArgumentxxxxxxxpredictiveLow
317Argumentxxxxxxxx[xxxx xxxxxxx][xxxxxxxxxxxxxxxxxx]predictiveHigh
318ArgumentxxxxxxxxxxxpredictiveMedium
319Argumentxxxx_xxxxxpredictiveMedium
320ArgumentxxxxxxxpredictiveLow
321ArgumentxxxxxxxxpredictiveMedium
322ArgumentxxxxxxpredictiveLow
323ArgumentxxxpredictiveLow
324ArgumentxxxxxxxxpredictiveMedium
325ArgumentxxxpredictiveLow
326ArgumentxxxpredictiveLow
327ArgumentxxxxxpredictiveLow
328Argumentxxxxxxxxxx_xxxx_xxxxxxxpredictiveHigh
329Argumentxxxxxx/xxxxxxxx/xxxx/xxxpredictiveHigh
330Argumentxxxx_xx[]predictiveMedium
331ArgumentxxxpredictiveLow
332ArgumentxxxpredictiveLow
333ArgumentxxxxpredictiveLow
334Argumentxxxx-xxxxxpredictiveMedium
335ArgumentxxxxxxpredictiveLow
336ArgumentxxxxxxxxpredictiveMedium
337ArgumentxxxxxxxxxxxxpredictiveMedium
338ArgumentxxxpredictiveLow
339Argumentxxxxxxx_xxxxpredictiveMedium
340ArgumentxxxxxxxxpredictiveMedium
341Argumentx-xxxxxxxxx-xxxpredictiveHigh
342Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
343Argument_xxxx[_xxx_xxxx_xxxxpredictiveHigh
344Argument__xxxxxxxxxxxxxpredictiveHigh
345Argument__xxxxxxxxxpredictiveMedium
346Input Value"><xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
347Input Value'"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
348Input Value../predictiveLow
349Input Value../..predictiveLow
350Input Value../../../../xxxxxx/xxxxxx/xxxxxx/xxxxxx.xxxxxx-x.xxxpredictiveHigh
351Input Value../../../../xxxxx_xxxxx.xxxpredictiveHigh
352Input Valuexxx' xxx xxxxx(x) xxx 'xxxx'='xxxxpredictiveHigh
353Input Valuexxxxxxxxxxxxx/xxxxxxx_xxxxx.xxxx_xxxxxxpredictiveHigh
354Input Valuex=xpredictiveLow
355Pattern|xx xx xx|predictiveMedium
356Network PortxxxxxpredictiveLow
357Network Portxxx/xxxxpredictiveMedium
358Network Portxxx/xxxxxpredictiveMedium
359Network Portxxx/xxx (xxx)predictiveHigh
360Network Portxxx xxxxxx xxxxpredictiveHigh

References (8)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!