Kimsuky Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en714
zh218
it30
ko18
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn392
us328
kr14
gb10
ki10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows28
Linux Kernel20
Fortinet FortiOS16
Campcodes Coffee Shop POS System12
Netgear SRX530810

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$10k-$25k$0-$1kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$2k-$5k$0-$1kProof-of-ConceptOfficial Fix0.840.00954CVE-2010-0966
3TikiWiki tiki-register.php input validation7.36.6$2k-$5k$0-$1kProof-of-ConceptOfficial Fix0.390.01009CVE-2006-6168
4WoltLab Burning Book addentry.php sql injection7.36.8$2k-$5k$0-$1kFunctionalUnavailable0.020.00804CVE-2006-5509
5DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$1k-$2k$0-$1kProof-of-ConceptNot Defined0.210.02733CVE-2007-1167
6MGB OpenSource Guestbook email.php sql injection7.37.3$2k-$5k$0-$1kHighUnavailable0.740.02462CVE-2007-0354
7phpBB usercp_register.php sql injection7.36.6$2k-$5k$0-$1kProof-of-ConceptOfficial Fix0.000.00800CVE-2005-3419
8V-EVA Press Release Script page.php sql injection7.37.1$2k-$5k$0-$1kHighUnavailable0.080.00187CVE-2010-5047
9Microsoft Windows Domain Name Service Privilege Escalation6.66.1$25k-$50k$10k-$25kUnprovenOfficial Fix0.030.01178CVE-2023-28223
10CodeIgniter Reverse Proxy getIPAddress data authenticity6.76.6$1k-$2k$0-$1kNot DefinedOfficial Fix0.020.00060CVE-2022-23556
11phpBB register_globals cross site scripting6.36.0$1k-$2k$0-$1kNot DefinedOfficial Fix0.000.02572CVE-2005-3417
12Rarlab WinRAR Expiration mshtml.dll injection5.65.1$2k-$5k$0-$1kProof-of-ConceptOfficial Fix0.030.00045CVE-2021-35052
13Grafana path traversal6.46.3$1k-$2k$0-$1kNot DefinedOfficial Fix0.020.97467CVE-2021-43798
14ASP-DEv XM Forum register.asp sql injection6.36.3$2k-$5k$0-$1kNot DefinedNot Defined0.030.00000
15phpMyAdmin ArbitraryServerRegexp Reuse 7pk security9.89.4$10k-$25k$0-$1kNot DefinedOfficial Fix0.050.00366CVE-2016-6629
16nginx request smuggling6.96.9$2k-$5k$0-$1kNot DefinedNot Defined2.010.00241CVE-2020-12440
17Fortinet FortiOS SSL VPN integer overflow8.78.5$2k-$5k$0-$1kNot DefinedOfficial Fix0.020.00261CVE-2021-26109
18lighttpd burl.c burl_normalize_2F_to_slash_fix integer overflow8.58.4$1k-$2k$0-$1kNot DefinedOfficial Fix0.040.86409CVE-2019-11072
19Ubiquiti EdgeMAX EdgeRouter Firmware Update channel accessible8.17.7$2k-$5k$0-$1kNot DefinedOfficial Fix0.000.00359CVE-2021-22909
20Synacor Zimbra Collaboration mboximport pathname traversal4.74.5$1k-$2k$0-$1kNot DefinedOfficial Fix0.000.96714CVE-2022-27925

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (69)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.61.59.53Kimsuky10/29/2023verifiedHigh
223.106.122.239Kimsuky03/22/2022verifiedHigh
323.236.181.108108.181.236.23.in-addr.arpaKimsukyRftRAT/Amadey12/08/2023verifiedHigh
427.102.102.70Kimsuky03/22/2022verifiedHigh
527.102.107.63KimsukyAppleSeed06/22/2021verifiedHigh
627.102.112.44Kimsuky03/22/2022verifiedHigh
727.102.112.58Kimsuky03/22/2022verifiedHigh
827.102.114.63Kimsuky03/22/2022verifiedHigh
927.102.114.79Kimsuky03/22/2022verifiedHigh
1027.102.114.89KimsukyAppleSeed06/22/2021verifiedHigh
1127.102.127.240Kimsuky03/22/2022verifiedHigh
1227.102.128.169Kimsuky03/22/2022verifiedHigh
1327.255.79.204Kimsuky03/22/2022verifiedHigh
1427.255.81.71Kimsuky03/22/2022verifiedHigh
15XX.XXX.XX.XXXXxxxxxx03/22/2022verifiedHigh
16XX.XXX.XX.XXXXxxxxxx03/22/2022verifiedHigh
17XX.XXX.XX.XXXXxxxxxx03/22/2022verifiedHigh
18XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxx-xxxxxxxx.xxXxxxxxx03/22/2022verifiedHigh
19XX.XXX.X.XXXxxxxxx12/29/2023verifiedHigh
20XX.XX.XXX.XXXXxxxxxxXxxxxxxxxx03/22/2022verifiedHigh
21XX.XX.XXX.XXXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
22XX.XX.XX.XXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
23XX.XX.XX.XXXxx.xx.xx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
24XX.XXX.XXX.XXXxxxxxxxx.xxxxx.xxxXxxxxxx12/29/2023verifiedHigh
25XX.XXX.XXX.XXXxxxxxxxx.xxxxx.xxxXxxxxxx03/28/2023verifiedHigh
26XX.XXX.XXX.XXXXxxxxxx03/28/2023verifiedHigh
27XX.XXX.XXX.XXXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
28XX.XX.X.XXXXxxxxxx03/28/2023verifiedHigh
29XX.XX.XXX.XXXXxxxxxx03/22/2022verifiedHigh
30XX.XX.XXX.XXXxxxxxxxxx.xxxxx.xxxXxxxxxx03/22/2022verifiedHigh
31XX.XXX.XXX.XXXxxxxxx03/28/2023verifiedHigh
32XX.XX.XXX.XXXXxxxxxx03/22/2022verifiedHigh
33XX.XXX.XX.XXXXxxxxxx03/22/2022verifiedHigh
34XX.XXX.XX.XXXXxxxxxx03/22/2022verifiedHigh
35XX.XXX.X.XXxxxxxxxxxxxx.xx.xxxXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
36XX.XX.XXX.XXXxxx-xxxx.xxxXxxxxxx03/28/2023verifiedHigh
37XX.XX.XXX.XXXxxx-xxxx.xxxXxxxxxx03/28/2023verifiedHigh
38XX.XX.XXX.XXxxxxxxxx.xxxXxxxxxx03/28/2023verifiedHigh
39XX.XX.XXX.XXxxxxxxx.xxxXxxxxxx03/28/2023verifiedHigh
40XX.XX.XXX.XXxxxxxxxx.xxxxXxxxxxx03/28/2023verifiedHigh
41XX.XX.XXX.XXXxxxxxxxxx.xxxXxxxxxx03/28/2023verifiedHigh
42XX.XX.XXX.XXXxxxxxxxx.xxxXxxxxxx03/28/2023verifiedHigh
43XX.XX.XXX.XXXxxxxxxxx.xxxxXxxxxxx03/28/2023verifiedHigh
44XX.XXX.XX.XXXxxxxxxx-xx-xxx-xx.xxxxxxx.xxxXxxxxxxXxxxxxxxxx03/22/2022verifiedHigh
45XXX.XXX.XXX.XXXXxxxxxx10/18/2022verifiedHigh
46XXX.XXX.XXX.XXXxxxxxx10/12/2022verifiedHigh
47XXX.XXX.XXX.XXxxxxx-xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx12/29/2023verifiedHigh
48XXX.XXX.XX.XXXXxxxxxx12/17/2020verifiedHigh
49XXX.XXX.XX.XXxxxxxxxxxx.xx.xxxxxxxxx.xxXxxxxxx12/29/2023verifiedHigh
50XXX.X.XXX.XXXXxxxxxx10/12/2022verifiedHigh
51XXX.XXX.XXX.XXXXxxxxxxXxxxxxxxxx03/22/2022verifiedHigh
52XXX.XXX.XXX.XXXXxxxxxx03/28/2023verifiedHigh
53XXX.XX.XXX.XXXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
54XXX.XXX.X.XXXXxxxxxx12/29/2023verifiedHigh
55XXX.XX.XXX.XXXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxx03/22/2022verifiedHigh
56XXX.X.XXX.XXxxxxxxxxxx-x.xxx-xxxxxxx.xxxXxxxxxx06/08/2023verifiedHigh
57XXX.XX.XXX.XXXxxx-xxx-xx-xxx.xxxxxxx-xxxXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
58XXX.XXX.XXX.XXXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxx08/10/2022verifiedHigh
59XXX.XXX.XX.XXXxxxxxx03/23/2022verifiedHigh
60XXX.XXX.XX.XXXXxxxxxx10/07/2022verifiedHigh
61XXX.XXX.XXX.XXXxxxxxx10/12/2022verifiedHigh
62XXX.XXX.XXX.XXXxxxxx-xxxxxxx.xxxxxxxxxxxx.xxxXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
63XXX.XXX.XX.XXXxxxxxxXxxxxx/xxxxxx12/08/2023verifiedHigh
64XXX.XX.XXX.XXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
65XXX.XX.XXX.XXXXxxxxxx03/22/2022verifiedHigh
66XXX.XX.XXX.XXXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
67XXX.XXX.XX.XXXxxxxxxXxxxxxxxxx03/22/2022verifiedHigh
68XXX.XXX.XXX.XXXxxxxxxXxxxxxxxx06/22/2021verifiedHigh
69XXX.XX.XXX.XXXXxxxxxx03/28/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94Argument InjectionpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CWE-264, CWE-266, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
26TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (373)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%PROGRAMDATA%\Netwrix Auditor\Logs\ActiveDirectory\predictiveHigh
2File/?/admin/snippet/addpredictiveHigh
3File/Admin/add-student.phppredictiveHigh
4File/admin/addemployee.phppredictiveHigh
5File/admin/categories/manage_category.phppredictiveHigh
6File/admin/categories/view_category.phppredictiveHigh
7File/admin/index.phppredictiveHigh
8File/admin/index2.htmlpredictiveHigh
9File/admin/inquiries/view_inquiry.phppredictiveHigh
10File/admin/manage_academic.phppredictiveHigh
11File/admin/orders/update_status.phppredictiveHigh
12File/admin/products/manage_product.phppredictiveHigh
13File/admin/products/view_product.phppredictiveHigh
14File/admin/reminders/manage_reminder.phppredictiveHigh
15File/admin/sales/manage_sale.phppredictiveHigh
16File/admin/sales/view_details.phppredictiveHigh
17File/admin/services/manage_service.phppredictiveHigh
18File/admin/user/manage_user.phppredictiveHigh
19File/api/predictiveLow
20File/api/uploadpredictiveMedium
21File/assets/something/services/AppModule.classpredictiveHigh
22File/bin/falsepredictiveMedium
23File/blogpredictiveLow
24File/cgi-bin/ExportLogs.shpredictiveHigh
25File/cgi-bin/luci/api/wirelesspredictiveHigh
26File/cgi-bin/webprocpredictiveHigh
27File/classes/Master.php?f=delete_inquirypredictiveHigh
28File/classes/Master.php?f=save_servicepredictiveHigh
29File/classes/Users.phppredictiveHigh
30File/debug/pprofpredictiveMedium
31File/editsettingspredictiveHigh
32File/etc/postfix/sender_loginpredictiveHigh
33File/exportpredictiveLow
34File/forgetpassword.phppredictiveHigh
35File/forum/away.phppredictiveHigh
36File/function/login.phppredictiveHigh
37File/hrm/controller/employee.phppredictiveHigh
38File/images/browserslide.jpgpredictiveHigh
39File/inc/HTTPClient.phppredictiveHigh
40File/includes/lib/get.phppredictiveHigh
41File/language/langpredictiveHigh
42File/lists/index.phppredictiveHigh
43File/loginpredictiveLow
44File/main?cmd=invalid_browserpredictiveHigh
45File/manager?action=getlogcatpredictiveHigh
46File/mgmt/tm/util/bashpredictiveHigh
47File/xxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
48File/xxxxxxx/xxxxx.xxxpredictiveHigh
49File/xxx/xxxxxx/xxxxx/xxxxxxx/xxxxxx/xxxxxxpredictiveHigh
50File/xxx_xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
51File/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
52File/xxxxxx/xxxxxxx/predictiveHigh
53File/xxxx/xxx/x.x/xxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
54File/xxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
55File/xxxx/xxxxx/predictiveMedium
56File/xxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
57File/xxxxxxx/xxxxxxpredictiveHigh
58File/xxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxxpredictiveHigh
59File/xxxxxx.xxxpredictiveMedium
60File/xxx/xxxxxxxxpredictiveHigh
61File/xxxxxxx/xxx/xxxxxxxxxx.xxxx?xxxxxx=xxxxxxxxxxpredictiveHigh
62File/xxxxxxpredictiveLow
63File/xxxx/xxxxxx.xxx?xxx=xpredictiveHigh
64File/xxx/xxx/xxxxxxpredictiveHigh
65File/xxx/xxx/xxxxxx/xxxxxxxxx_xxxx/predictiveHigh
66File/xxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx-xxxxxxxx/xxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxx/xxxxxxxxxxx.xxxpredictiveHigh
67Filexxxxxxx.xxxpredictiveMedium
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxxxx.xxxpredictiveMedium
70Filexxx/xxxxxxxxxx_xxxx_xxxxxx.xxxpredictiveHigh
71Filexxxxx.xxxpredictiveMedium
72Filexxxxx/xxxxxxxx-xxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxx/xxxxx/xxxxxxxxxxxxxxxx/xxxxpredictiveHigh
73Filexxxxx/xxxx.xxx?xxxxxx=xxxx_xxxxxxxxpredictiveHigh
74Filexxxxx/xxxxxxxx.xxxpredictiveHigh
75Filexxxxx/xxxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
76Filexxxxx/xxxxx.xxxpredictiveHigh
77Filexxxxx/xxxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
78Filexxxxx/xxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
79Filexxxxx/xxxxx.xxx?xxxxxx=xxx_xxxxpredictiveHigh
80Filexxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
82Filexxxx.xxx?xxxxxx=xxxxxx_xxxxxpredictiveHigh
83Filexxxx.xxx?xxxxxx=xxxxxx_xxxxxxxpredictiveHigh
84Filexxxx_xxxxxxx.xxxpredictiveHigh
85Filexxx.xxx/xxx/xxxxxxpredictiveHigh
86Filexxx/xxxxxxxx/xxxxxxpredictiveHigh
87Filexxx/xxxxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
88Filexxxxxx/xxxxxxxx.xxxxpredictiveHigh
89Filexxxxxxx.xxpredictiveMedium
90Filexxxxxxx_xxxxxxxxxxxx.xxxpredictiveHigh
91Filexxxx.xpredictiveLow
92Filexxx.xxxpredictiveLow
93Filexxxxxxxxxx.xxxpredictiveHigh
94Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
95Filexxx-xxx/xxxx-xxxpredictiveHigh
96Filexxxxxxxxxxxxxx.xxxpredictiveHigh
97Filexxxxxxxx/xxxx_xxx.xpredictiveHigh
98Filexxxxxx/xxxxxxxxxxx/xxxxxxx/xx_xxxxxxx_xxxxxx.xxxpredictiveHigh
99Filexxxxx/xxxxxxx.xxxpredictiveHigh
100Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxpredictiveHigh
101Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxpredictiveHigh
102Filexxxxxx/xxx.xpredictiveMedium
103Filexxxxxx/xxxx.xpredictiveHigh
104Filexxxx.xpredictiveLow
105Filexxxxxxxxxxx.xpredictiveHigh
106Filexxxxxxxxx.xxxpredictiveHigh
107Filexxxxxxxxxx.xxxpredictiveHigh
108Filex_xxxxxxpredictiveMedium
109Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
110Filexxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
111Filexxxx_xxxxx.xxxpredictiveHigh
112Filexxxxxxx.xxxpredictiveMedium
113Filexxxxxxx.xxxpredictiveMedium
114Filexxxxx.xxxpredictiveMedium
115Filexxxxxxx-xx-xxxxx.xxxpredictiveHigh
116Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xpredictiveHigh
117Filexxxxx.xxxpredictiveMedium
118Filexxx/xxxx/xxxx.xpredictiveHigh
119Filexxxx.xxxpredictiveMedium
120Filexxxx_xxxxxxxx.xxxpredictiveHigh
121Filexxxx_xxxxxxxx_xxxxxxxxx.xpredictiveHigh
122Filexxxxxx.xxxpredictiveMedium
123Filexxxx.xxxpredictiveMedium
124Filexxxx/xxxxxxxxxxxxxxxxpredictiveHigh
125Filexxxxx/xxxx.xxxpredictiveHigh
126Filexx/xx_xxxxx.xpredictiveHigh
127Filexx/xxxxx.xpredictiveMedium
128Filexxxxxxx.xxxpredictiveMedium
129Filexxxxxxx.xxxpredictiveMedium
130Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
131Filexxx.xxxpredictiveLow
132Filexxxxxxxxx.xxxxpredictiveHigh
133Filexxxx.xxxpredictiveMedium
134Filexxxxx_xxxx.xxxpredictiveHigh
135Filexxxx.xpredictiveLow
136Filexxxx_xxxx.xpredictiveMedium
137Filexx/xxx/xxx-xxxx.xpredictiveHigh
138Filexxx/xxxxxx.xxxpredictiveHigh
139Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
140Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
141Filexxxxx.xxxpredictiveMedium
142Filexxxxx.xxx?xxxx=xxxxxx_xxxxxxxxxxxxxpredictiveHigh
143Filexxxxxxxxx.xxxpredictiveHigh
144Filexxxxxxx_xx.xxxpredictiveHigh
145Filexxxx_xxx.xxxpredictiveMedium
146Filexxx/xxx_xxxxxxxxxx.xpredictiveHigh
147Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
148Filexxxxxx/xxxxxx.xpredictiveHigh
149Filexxxxxx/xxxxx.xpredictiveHigh
150Filexxx_xxx.xxpredictiveMedium
151Filexxxxxxx.xx.xpredictiveMedium
152Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
153Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
154Filexxxxx.xxxpredictiveMedium
155Filexxxxx.xxxxpredictiveMedium
156Filexxxxx.xxxpredictiveMedium
157Filexxxx/xxxxxxx.xpredictiveHigh
158Filexxxxxxx.xpredictiveMedium
159Filexxxx.xxxpredictiveMedium
160Filexxxx.xxxxxx.xxpredictiveHigh
161Filexxxxxx.xxxpredictiveMedium
162Filexxxx.xxxpredictiveMedium
163Filexxxxx/xxxxxxx/xpredictiveHigh
164Filexxxxxxxx.xxxpredictiveMedium
165Filexxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
166Filexxxxxx.xxxpredictiveMedium
167Filexxxxxxxx.xxxpredictiveMedium
168Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveHigh
169Filexxxx/xxxxxx.xxxpredictiveHigh
170Filexxxxxxxx.xxxpredictiveMedium
171Filexxxxxxx_xxxxxx.xxxpredictiveHigh
172Filexxxxxx/xxxx_xxxxxxxxx.xxxpredictiveHigh
173Filexxxxx.xxxpredictiveMedium
174Filexxxxxxxxxx.xxxpredictiveHigh
175Filexxxxxxxx-x.xxpredictiveHigh
176Filexxxxxxxx.xxxpredictiveMedium
177Filexxxxxxxx.xxxpredictiveMedium
178Filexxxxxxxxxxxx.xxxpredictiveHigh
179Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
180Filexxxx_xxx_xx.xpredictiveHigh
181Filexxxxxxxxxx.xxxx.xxxpredictiveHigh
182Filexxxxxxxx.xxxpredictiveMedium
183Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxxxxxxxx_xxxxxxx.xxxpredictiveHigh
184Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxx.xxxpredictiveHigh
185Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxxxxxxx_xxxx_xxxxx.xxxpredictiveHigh
186Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxxxxx.xxxpredictiveHigh
187Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxxx_xxxx.xxxpredictiveHigh
188Filexxxxxx.xxxpredictiveMedium
189Filexxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
190Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
191Filexxxxx.xxxpredictiveMedium
192Filexxxx.xxxpredictiveMedium
193Filexxxxxxx.xxxpredictiveMedium
194Filexxxxxx.xxxpredictiveMedium
195Filexxxxxxxx/xxxxx/xxxxxxx.xxxx?xxxxxxxxxx=xxxxxxxxxxxxxxxx/xxxxpredictiveHigh
196Filexxx/xxxx/xxxx/xxx.xxxxxxxx.xxxxxxx/xxxxxxx/xxx/xxxxxx.xxxxpredictiveHigh
197Filexxxxxxx_xxxxxxx.xxxpredictiveHigh
198Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
199Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveHigh
200Filexxx/xxx.xxpredictiveMedium
201Filexxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
202Filexxxx-xxxxxxxx.xxxpredictiveHigh
203FilexxxxxpredictiveLow
204Filexxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveHigh
205Filexxxxxx.xxxpredictiveMedium
206Filexxx.xxxpredictiveLow
207Filexxxxxx_xxxxxxxx.xxxpredictiveHigh
208Filexxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
209Filexxxxx.xxxxxx.xxxxxxxxx.xxxpredictiveHigh
210Filexxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
211Filexxxx_xxxxx.xxxpredictiveHigh
212Filexxxx_xxxx.xxxpredictiveHigh
213Filexxxxxxx/xxx/xxxxxxxpredictiveHigh
214Filexx-xxxxx/xxxxx.xxxpredictiveHigh
215Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
216Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
217Filexx-xxxxxxxxx.xxxpredictiveHigh
218FilexxxxxxxpredictiveLow
219File_xx_xxxxxpredictiveMedium
220Library/xxxxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
221Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
222Libraryxxxxxxxxx.xxxpredictiveHigh
223Libraryxxxxxxxxxxx.xxxpredictiveHigh
224Libraryxxxxx.xxxpredictiveMedium
225Libraryxxxxxx.xxxpredictiveMedium
226Libraryxxxxxxxx.xxxpredictiveMedium
227Libraryxxx/xxxxxxxxx.xxxpredictiveHigh
228LibraryxxxxxxpredictiveLow
229Libraryxxxxxxx/xxxx/xxxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
230Libraryxxxxxxxx.xxxpredictiveMedium
231Libraryxxxxxx.xxx.xxxxxx.xxxpredictiveHigh
232Libraryxxxxxx.xxxpredictiveMedium
233Libraryxxxxxxxxxxxxx.xxxpredictiveHigh
234Libraryxxxxxxxx.xxxpredictiveMedium
235Argument$_xxxxxx['xxxxxxx_xxx']predictiveHigh
236ArgumentxxxxpredictiveLow
237Argumentxxx_xxxpredictiveLow
238ArgumentxxxxxxxxxxxxxpredictiveHigh
239ArgumentxxxxxxxxxxxxpredictiveMedium
240Argumentxxxxxxxxxxxxxxxx.xxxxxxxxxxxpredictiveHigh
241ArgumentxxxxxxxxpredictiveMedium
242Argumentx/xpredictiveLow
243Argumentxxxxx_xxxxpredictiveMedium
244ArgumentxxxxxxxxpredictiveMedium
245ArgumentxxxxxpredictiveLow
246Argumentxxx_xxpredictiveLow
247Argumentxxx_xxpredictiveLow
248ArgumentxxxxxxxxxxxxxxxpredictiveHigh
249Argumentxxxxxxxxxx.xxxxxxxxxxxxxpredictiveHigh
250ArgumentxxxxxxxxxxpredictiveMedium
251ArgumentxxxxxpredictiveLow
252Argumentxxxxxxx_xxx/xxxxxpredictiveHigh
253ArgumentxxxxxxxxxxxpredictiveMedium
254ArgumentxxxxxxxxxxxpredictiveMedium
255Argumentxxxx.xxxxxxxxxxxxxpredictiveHigh
256Argumentxxxxxx/xxxxxxxpredictiveHigh
257ArgumentxxxpredictiveLow
258ArgumentxxxxxxxxxxxxxxxpredictiveHigh
259Argumentxxxx_xxxxxx_xxxxxxxxxpredictiveHigh
260Argumentxxx-xxxxpredictiveMedium
261Argumentxxx-xxpredictiveLow
262ArgumentxxxxxpredictiveLow
263ArgumentxxxxxpredictiveLow
264Argumentxx_xxxxx_xxpredictiveMedium
265Argumentxxxxx_xxxpredictiveMedium
266ArgumentxxxxxpredictiveLow
267Argumentxxxxxxx xxxxpredictiveMedium
268ArgumentxxxxpredictiveLow
269Argumentxxxx xxxxpredictiveMedium
270ArgumentxxxxxpredictiveLow
271ArgumentxxxxxxxxxpredictiveMedium
272Argumentxxxxxxxxx/xxxxxxpredictiveHigh
273Argumentxxxx_xxxxxxx_xxpredictiveHigh
274ArgumentxxxxxxxxpredictiveMedium
275ArgumentxxxxxxxpredictiveLow
276Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveHigh
277Argumentxx_x~xxpredictiveLow
278ArgumentxxxxpredictiveLow
279ArgumentxxxxxxxxpredictiveMedium
280Argumentxxxx_xxxxxpredictiveMedium
281ArgumentxxpredictiveLow
282ArgumentxxpredictiveLow
283Argumentxxxxx_xxxxpredictiveMedium
284ArgumentxxxpredictiveLow
285ArgumentxxxxxxpredictiveLow
286Argumentxxxxxxxxxxxxxx.xxxxxxxxxxxxxpredictiveHigh
287Argumentxxxx_xxx_xxxxxx/xxxx_xxx_xxxxxx/xxxx_xxx_xxxxxx/xxxx_xxx_xxxxxxpredictiveHigh
288ArgumentxxxxpredictiveLow
289ArgumentxxxxxxxxpredictiveMedium
290ArgumentxxxxpredictiveLow
291Argumentxxxx_xxxpredictiveMedium
292Argumentxxxxx_xxxxx_xxpredictiveHigh
293Argumentxxxxxxxxxx.xxxxxxxpredictiveHigh
294ArgumentxxxpredictiveLow
295Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
296ArgumentxxxpredictiveLow
297ArgumentxxxxxpredictiveLow
298ArgumentxxxxpredictiveLow
299Argumentxxx.xxxxxxxpredictiveMedium
300Argumentxxx.xxxxxxxpredictiveMedium
301ArgumentxxxxxxxpredictiveLow
302ArgumentxxxxxpredictiveLow
303Argumentxxxxx_xxxxpredictiveMedium
304ArgumentxxxxxxxpredictiveLow
305ArgumentxxxxpredictiveLow
306ArgumentxxxxxxxxpredictiveMedium
307ArgumentxxxxxxxxpredictiveMedium
308Argumentxxxxxxxx/xxxxxxxx-xxxxxxxpredictiveHigh
309ArgumentxxxxxxxxpredictiveMedium
310ArgumentxxxxxpredictiveLow
311ArgumentxxxpredictiveLow
312ArgumentxxxxxxxpredictiveLow
313Argumentxxxx_xxxxxpredictiveMedium
314ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
315ArgumentxxxxxxxxpredictiveMedium
316Argumentxxxxxxx_xxxxpredictiveMedium
317ArgumentxxxxxxxxpredictiveMedium
318Argumentxxxx_xxxx_xxxxpredictiveHigh
319ArgumentxxxxxxxxpredictiveMedium
320ArgumentxxxxxpredictiveLow
321Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictiveHigh
322ArgumentxxxxpredictiveLow
323ArgumentxxxxxxxpredictiveLow
324ArgumentxxxxxxpredictiveLow
325Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
326ArgumentxxxxxxxxxxpredictiveMedium
327ArgumentxxxxxxpredictiveLow
328ArgumentxxxxpredictiveLow
329Argumentxxxxxxxxx_xxxxxx_xxxpredictiveHigh
330Argumentxxxx_xxpredictiveLow
331Argumentxxxxxxxxxx.xxxxxxxxxxxpredictiveHigh
332Argumentxxxxxxxxxx.xxxxxxxxpredictiveHigh
333Argumentxxxxxxxxxx.xxxxxxpredictiveHigh
334ArgumentxxxxpredictiveLow
335ArgumentxxxpredictiveLow
336ArgumentxxxxxxxxpredictiveMedium
337ArgumentxxxxxxxxpredictiveMedium
338ArgumentxxxxxxxxxpredictiveMedium
339Argumentxxxxxx-xxxx-xxpredictiveHigh
340Argumentxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
341Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
342Argumentx_xxxxxxxxxxxxxxxxxx/x_xxxxxxxxxxxxxxxxxxxxxxx/x_xxxxxxxxxxxxxxxxxxxxpredictiveHigh
343Argumentx_xxxxxxxxpredictiveMedium
344ArgumentxxxxxpredictiveLow
345Argumentxxxxx_xxxxxxpredictiveMedium
346ArgumentxxxxxxpredictiveLow
347ArgumentxxxxxxxxxxxpredictiveMedium
348Argumentxx_xxpredictiveLow
349ArgumentxxxxxxxxpredictiveMedium
350Argumentxxxx.xxxx.xxxxpredictiveHigh
351ArgumentxxxxxxpredictiveLow
352ArgumentxxxxxxxxpredictiveMedium
353ArgumentxxxpredictiveLow
354ArgumentxxxpredictiveLow
355Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
356ArgumentxxxxxxxxpredictiveMedium
357ArgumentxxxxxxxxpredictiveMedium
358ArgumentxxxxxxxpredictiveLow
359Argumentxxx_xxx_xxxxxxxxpredictiveHigh
360ArgumentxxpredictiveLow
361ArgumentxxxxxxxxxxxpredictiveMedium
362ArgumentxxxxxpredictiveLow
363Argumentx-xxxxxxxxx-xxxpredictiveHigh
364Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
365Input Value..predictiveLow
366Input Value/%xxpredictiveLow
367Input Value<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
368Input Valuexxxx<xxx xxx="" xxxxxxx=xxxxx(x)>predictiveHigh
369Input Value\xxx\xxxpredictiveMedium
370Patternx|xx|x|xx|_|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|predictiveHigh
371Network PortxxxxpredictiveLow
372Network Portxxx/xx (xxxxxx)predictiveHigh
373Network Portxxx/xxx (xxxx)predictiveHigh

References (16)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!