Mekotio Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en788
es166
zh18
de16
fr6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us898
cn30
gb8
ir6
wf6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Mekotio23
Cobalt Strike7
Mirai5
RedLine Stealer4
AsyncRAT3

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined288
Smartphone Operating System90
Operating System78
Content Management System62
Image Processing Software32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined348
Apple86
Google62
Oracle50
Microsoft44

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Android56
Apple macOS40
Apple iOS28
Microsoft Windows24
Oracle E-Business Suite20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Philip Chinery Guestbook HTML Field guestbook.pl cross site scripting6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.03091CVE-2002-0730
2Carbonize Lazarus Guestbook template.class.php file inclusion9.88.8$0-$5kCalculatingProof-of-ConceptOfficial Fix0.000.04617CVE-2007-1486
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
4SPIP filtres.php encoder_contexte_ajax code injection9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00582CVE-2016-3154
5OpenCart Program Extension Upload Temporary unrestricted upload6.76.7$0-$5kCalculatingNot DefinedNot Defined0.000.00081CVE-2018-11494
6Myupb UPB cross site scripting4.34.3$0-$5k$0-$5kHighUnavailable0.000.00297CVE-2008-6727
7VeronaLabs wp-statistics Plugin API Endpoint Blind sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00250CVE-2019-13275
8OpenCart cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
9Palo Alto PAN-OS Web Interface race condition3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00068CVE-2023-0008
10RoundCube Webmail Email Message rcube_string_replacer.php linkref_addindex cross site scripting3.53.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00612CVE-2020-35730
11FreePBX Operator Panel Module index_inc.php information disclosure5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00082CVE-2019-11407
12DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.530.00943CVE-2010-0966
13SPIP spip_login.php3 cross site scripting4.34.1$0-$5kCalculatingProof-of-ConceptNot Defined0.000.00587CVE-2005-4494
14Rocklobster Contact Form 7 unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.85054CVE-2020-35489
15S-Cms cross-site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00130CVE-2018-19332
16Peplink Balance Cookie admin.cgi sql injection8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.01457CVE-2017-8835
17SOYAL AR-727H/AR-829Ev5 CGI Program improper authentication7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00276CVE-2019-6451
18Innovaphone PBX observable response discrepancy3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00043CVE-2024-24720
19Atlassian Confluence Data Center cross site scripting6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00043CVE-2024-21678
20FusionPBX contact_times.php Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00084CVE-2019-16974

IOC - Indicator of Compromise (82)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
14.240.84.251Mekotio05/08/2023verifiedHigh
25.181.156.865-181-156-86.mivocloud.comMekotio12/08/2023verifiedHigh
313.66.15.167Mekotio02/10/2022verifiedHigh
415.228.13.156ec2-15-228-13-156.sa-east-1.compute.amazonaws.comMekotio05/12/2023verifiedMedium
515.228.16.45ec2-15-228-16-45.sa-east-1.compute.amazonaws.comMekotio08/06/2023verifiedMedium
615.228.46.182ec2-15-228-46-182.sa-east-1.compute.amazonaws.comMekotio01/14/2023verifiedMedium
715.229.1.40ec2-15-229-1-40.sa-east-1.compute.amazonaws.comMekotio12/20/2023verifiedMedium
815.229.26.142ec2-15-229-26-142.sa-east-1.compute.amazonaws.comMekotio02/17/2023verifiedMedium
918.118.78.11ec2-18-118-78-11.us-east-2.compute.amazonaws.comMekotio05/20/2023verifiedMedium
1018.223.102.186ec2-18-223-102-186.us-east-2.compute.amazonaws.comMekotio05/12/2023verifiedMedium
1118.231.161.239ec2-18-231-161-239.sa-east-1.compute.amazonaws.comMekotio05/12/2023verifiedMedium
1220.5.65.48Mekotio04/28/2023verifiedHigh
1320.25.181.202Mekotio05/12/2023verifiedHigh
1420.38.37.160Mekotio08/06/2023verifiedHigh
1520.121.119.89Mekotio05/20/2023verifiedHigh
1620.206.121.1Mekotio02/10/2022verifiedHigh
1720.239.166.4Mekotio05/08/2023verifiedHigh
18XX.XXX.XX.XXXxxxxxx09/19/2023verifiedHigh
19XX.XXX.XX.XXXXxxxxxx03/08/2023verifiedHigh
20XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxxxxxxx.xxxXxxxxxx05/12/2023verifiedHigh
21XX.XXX.XXX.XXXXxxxxxx12/08/2023verifiedHigh
22XX.XXX.XXX.XXXXxxxxxx09/23/2023verifiedHigh
23XX.XX.XXX.XXXxxx.xxx.xx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx11/10/2023verifiedMedium
24XX.XXX.X.XXXxxx.x.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx03/26/2024verifiedMedium
25XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx09/19/2023verifiedMedium
26XX.XXX.XXX.XXXxxxxxx06/22/2023verifiedHigh
27XX.XXX.XXX.XXXxxxxxx.xxxxxx-xxx-xxxxxx.xxXxxxxxx05/08/2023verifiedHigh
28XX.XXX.XXX.XXXxxx-xxx-xxx-xx.xxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxx12/03/2022verifiedHigh
29XX.XXX.XXX.XXXxxxxxxxx.xxxxxx-xxxx-xxxxx.xxxxxxXxxxxxx02/09/2023verifiedHigh
30XX.XXX.XXX.XXXXxxxxxx12/03/2022verifiedHigh
31XX.XX.XX.XXXXxxxxxx12/20/2023verifiedHigh
32XX.XX.XX.XXXXxxxxxx05/12/2023verifiedHigh
33XX.XX.XXX.XXXxxxxxx02/10/2022verifiedHigh
34XX.XX.X.Xx.xx.xx.x.x.xxxxxxx.xxxxxxxx.xxxXxxxxxx04/04/2023verifiedHigh
35XX.XX.XX.XXXxx-xx-xx-xxx.xxxxxxxxxxx.xxxXxxxxxx12/08/2023verifiedHigh
36XX.XX.XXX.XXXxxxxxx08/06/2023verifiedHigh
37XX.XX.XXX.XXxxxxxxxxx.xxxxx.xxx.xxXxxxxxx02/08/2023verifiedHigh
38XX.XXX.XXX.XXXXxxxxxx05/12/2023verifiedHigh
39XX.XXX.XX.XXXxx-xxx-xx-xxx.xxxxxxxxxxx.xxxXxxxxxx05/12/2023verifiedHigh
40XX.XXX.XXX.XXxxxxxx04/28/2023verifiedHigh
41XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx05/12/2023verifiedMedium
42XX.XX.XXX.XXXxxx-xxx-xx-xx.xxxxxxx-xxxXxxxxxx02/08/2023verifiedHigh
43XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxx09/19/2023verifiedHigh
44XX.XXX.XXX.XXXxxx.xxx.xxx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxx12/08/2023verifiedHigh
45XX.XX.XXX.XXxxxxxx.xxxxxxx.xxxxXxxxxxx05/08/2023verifiedHigh
46XX.XX.XXX.XXxxxxxxxxx.xxxxx.xxx.xxXxxxxxx02/08/2023verifiedHigh
47XX.XX.XXX.XXxxxxxxxxx.xxxxx.xxx.xxXxxxxxx01/24/2023verifiedHigh
48XX.XXX.XX.XXxxxxxxx.xxxxxxxxxxx.xxxXxxxxxx12/08/2023verifiedHigh
49XXX.XX.XXX.XXXXxxxxxx12/20/2023verifiedHigh
50XXX.XX.XXX.XXXXxxxxxx05/12/2023verifiedHigh
51XXX.XX.XXX.XXXXxxxxxx02/16/2023verifiedHigh
52XXX.XX.XXX.XXXxxxxxx02/16/2023verifiedHigh
53XXX.XXX.XX.XXXXxxxxxx05/12/2023verifiedHigh
54XXX.XXX.XX.XXXxxxxxx01/06/2023verifiedHigh
55XXX.XXX.XXX.XXXxxxxxx07/05/2023verifiedHigh
56XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx12/08/2023verifiedHigh
57XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx08/06/2023verifiedHigh
58XXX.XX.XXX.XXXXxxxxxx12/08/2023verifiedHigh
59XXX.X.XX.XXXxxxxxx10/28/2023verifiedHigh
60XXX.X.XX.XXXxxxxxx10/28/2023verifiedHigh
61XXX.XX.XXX.XXXxxxxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxx07/05/2023verifiedHigh
62XXX.XXX.X.XXXxxxxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxx05/20/2023verifiedHigh
63XXX.XX.XX.XXXXxxxxxx08/07/2023verifiedHigh
64XXX.XXX.XX.XXXxxxxxx01/10/2023verifiedHigh
65XXX.XXX.XX.XXXXxxxxxx12/08/2023verifiedHigh
66XXX.XX.XXX.XXxxx-xx-xxx-xx.xxxxxxxxxxx.xxxXxxxxxx05/12/2023verifiedHigh
67XXX.XX.XXX.Xxxxxxxxxx.xxxxx-xxxxxxxxxx.xxxxxxxxxXxxxxxx12/08/2023verifiedHigh
68XXX.XXX.XX.XXXxxxxxx01/24/2023verifiedHigh
69XXX.XXX.XX.XXXxxxxxx08/06/2023verifiedHigh
70XXX.XXX.XX.XXXxxxxxx12/03/2022verifiedHigh
71XXX.XXX.XX.XXXxxxxxxxx.xxxxxxxxx-xxxxx.xxxxxxXxxxxxx01/24/2023verifiedHigh
72XXX.XXX.XX.XXXxxxx.xxxxxx.xxXxxxxxx12/03/2022verifiedHigh
73XXX.XXX.XX.XXXxxxxx.xxxxx-xxxx.xxxxXxxxxxx01/24/2023verifiedHigh
74XXX.XXX.XX.XXXxxxxxx.xxxXxxxxxx01/24/2023verifiedHigh
75XXX.XXX.XX.XXXxxx.xxxxxxxxxx.xxXxxxxxx01/10/2023verifiedHigh
76XXX.XXX.XX.XXXxxxxx.xxxxxx-xxxxxxx.xxxXxxxxxx03/08/2023verifiedHigh
77XXX.XXX.XX.XXxxxxxxxxxxxxx.xxxXxxxxxx04/28/2023verifiedHigh
78XXX.XXX.XX.XXXxxxxxxx.xxxXxxxxxx04/28/2023verifiedHigh
79XXX.XXX.XX.XXXxxxxxxxx.xxxxx.xxxxXxxxxxx02/17/2023verifiedHigh
80XXX.XXX.XX.XXXXxxxxxx05/08/2023verifiedHigh
81XXX.XXX.XXX.XXXXxxxxxx05/12/2023verifiedHigh
82XXX.X.XXX.XXXxxxxxx.xxxx.xxxXxxxxxx12/08/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22, CWE-23, CWE-37Path TraversalpredictiveHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CWE-94Argument InjectionpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCWE-XX, CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
20TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (344)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File..\WWWRoot\CustomPages\aspshell.asppredictiveHigh
2File/account/details.phppredictiveHigh
3File/admin/predictiveLow
4File/admin/ajax.php?action=save_windowpredictiveHigh
5File/admin/general/change-langpredictiveHigh
6File/admin/grouppredictiveMedium
7File/admin/launch_time.phppredictiveHigh
8File/admin/moduleinterface.phppredictiveHigh
9File/admin/payment.phppredictiveHigh
10File/artist-display.phppredictiveHigh
11File/BRS_netgear_success.htmlpredictiveHigh
12File/controllers/MgrDiagnosticTools.phppredictiveHigh
13File/czarnews/cn_users.phppredictiveHigh
14File/designer/add/layoutpredictiveHigh
15File/dev/zeropredictiveMedium
16File/etc/waipasspredictiveMedium
17File/index.phppredictiveMedium
18File/manager/index.phppredictiveHigh
19File/message/ajax/send/predictiveHigh
20File/mgmt/tm/util/bashpredictiveHigh
21File/myAccountpredictiveMedium
22File/real-estate-script/search_property.phppredictiveHigh
23File/recordings/index.phppredictiveHigh
24File/roomtype-details.phppredictiveHigh
25File/search.phppredictiveMedium
26File/searchJob.phppredictiveHigh
27File/secure/QueryComponent!Default.jspapredictiveHigh
28File/see_more_details.phppredictiveHigh
29File/StartingPage/link_req_2.phppredictiveHigh
30File/storage.htmlpredictiveHigh
31File/tools/required/files/importers/imageeditorpredictiveHigh
32File/uncpath/predictiveMedium
33File/uploads/tags.phppredictiveHigh
34File/userman/inbox.phppredictiveHigh
35File/UserSelfServiceSettings.jsppredictiveHigh
36File/usr/local/contego/scripts/hostname.shpredictiveHigh
37File/var/run/docker.sockpredictiveHigh
38File/video-sharing-script/watch-video.phppredictiveHigh
39File/vmi/manager/engine/management/commands/apns_worker.pypredictiveHigh
40File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxx/predictiveHigh
41Filexxx/xxxx/xxxxx.xxxxxxx.xxxpredictiveHigh
42Filexxxxxxx.xxxpredictiveMedium
43Filexxxxx/xxxx.xxx?xxxx=xxxxxx&xxxxxx=xxxpredictiveHigh
44Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
45Filexxxxx/xxxxxxxxxxx.xxxpredictiveHigh
46Filexxxxx/xxxx#/xxxxxx/predictiveHigh
47Filexxxxx/xxxxxxxx.xxxpredictiveHigh
48Filexxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxxpredictiveHigh
49Filexxx/xxxxx/xxxxxxxxx.xxxpredictiveHigh
50Filexxx/xxxxxx/xxxxxx.xxpredictiveHigh
51Filexxx/xxxxxxxx_xxxxx/xxxxx_xxx.xxxpredictiveHigh
52Filexxx\xxxxxxxx\xxxxxxx_xxxxx.xxxpredictiveHigh
53Filexxxx/xxx/xxx/xxx.xpredictiveHigh
54Filexxxxxxx_xxxx_xxxxxxx_xxxxxx_xxx.xpredictiveHigh
55Filexxxx_xxxxx_xxx_xxxxx.xpredictiveHigh
56Filexxxxx/xxxxx.xpredictiveHigh
57Filexxxxxx.xxxxxxx.xxxpredictiveHigh
58Filexxxxxxxxx.xpredictiveMedium
59Filexxxxxxxx.xxxpredictiveMedium
60Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxx:xxxpredictiveHigh
61Filexxxxxxxxxxx.xxxpredictiveHigh
62Filexxxxxx_xx.xpredictiveMedium
63Filexxxxxx/xxxxx-xxx_xxxxxxxx.xxxpredictiveHigh
64Filexxxxx_xxxxxxxx.xpredictiveHigh
65Filexxx-xxx/predictiveMedium
66Filexxx-xxx/xxx.xxxpredictiveHigh
67Filexxx-xxx/xxxxx/xxxxx.xxxpredictiveHigh
68Filexxx-xxx/xxxxx.xxxpredictiveHigh
69Filexxxxxx/xxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
70Filexxxxxx/xxx.xpredictiveMedium
71Filexxxxxx/xxx.xpredictiveMedium
72Filexxxxxx/xxx.xpredictiveMedium
73Filexxxxxx/xxx.xpredictiveMedium
74Filexxxxxx/xxxx.xpredictiveHigh
75Filexxxxx.xpredictiveLow
76Filexxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/predictiveHigh
77Filexxxxxxxx_xxx.xxxpredictiveHigh
78Filexxxxxx.xxpredictiveMedium
79Filexxxxxx/xx/xxxxx_xxxx.xpredictiveHigh
80Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxx/xxxxx-xxxxxxx.xxpredictiveHigh
82Filexxxxxxxxx.xpredictiveMedium
83Filexxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
84Filexxxxxxxxx.xxxpredictiveHigh
85Filexxxxxxx/xxxx/xxxxxx_xxxxxxx.xpredictiveHigh
86Filexxxxxxx/xxx/xxx/xxx/xxx_xxx.xpredictiveHigh
87Filexxxxxxx/xxxxx/xxx/xxx-xxx-xx/xxx_xxx_xxxx.xpredictiveHigh
88Filexxxxxxx/xxxxx/xxxxx/xxxx-xxxxx.xpredictiveHigh
89Filexxxxxxx/xxxxx/xxxxx/xxxxxxxx-xxxx.xpredictiveHigh
90Filexxxxxxx/xxx/xxxxxxxxxx/xxxxx.xpredictiveHigh
91Filexxxxx_xxxx.xpredictiveMedium
92Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
93Filexxxxxxxx.xpredictiveMedium
94Filexxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
95Filexxxx/xxxxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
96Filexxxx/xxxxxxxxxx/xxxx-xxx.xpredictiveHigh
97Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xpredictiveHigh
98Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xpredictiveHigh
99Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xpredictiveHigh
100Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xpredictiveHigh
101Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xpredictiveHigh
102FilexxxxxxxxxpredictiveMedium
103Filexxx/xxxx/xxxx.xpredictiveHigh
104Filexxx/xxxx/xxxx.xpredictiveHigh
105Filexxxxxxx.xpredictiveMedium
106Filexxxxxxxx.xpredictiveMedium
107Filexxxx.xpredictiveLow
108Filexxxx/xxxxxx.xpredictiveHigh
109Filexxxxxxxxxxxxx.xxxpredictiveHigh
110Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
111Filexx/xxxxxx/xxxxxx.xpredictiveHigh
112Filexx/xx-xx.xpredictiveMedium
113Filexx_xx.xpredictiveLow
114Filexxxxxxx.xxxpredictiveMedium
115Filexxxx.xxpredictiveLow
116Filexxx/xxx/xxxxxxxxx.xpredictiveHigh
117Filexxxxx/xxxx/xxxxxxpredictiveHigh
118Filexxxxxxxxx.xxpredictiveMedium
119Filexxxx.xpredictiveLow
120Filexxxx/.xxxxxxxxxxxxxxxpredictiveHigh
121Filexxxx/xxxx/xxxxxxx/xxxxxxxx.xxxxpredictiveHigh
122Filexxxx/xxxxxxx.xxxpredictiveHigh
123Filexxxxx-xxxxxx.xpredictiveHigh
124Filexx/xxxxxxx/xxxxxx-xxx.xpredictiveHigh
125Filexxxxxxxxxxxxxx.xxxpredictiveHigh
126Filexxxxxxxx.xxxpredictiveMedium
127Filexxxxxx-xxxx.xpredictiveHigh
128Filexxx/xxxxxx.xxxpredictiveHigh
129Filexxx/xx/xxxx/xxxx.xxxxx.xxxpredictiveHigh
130Filexxxxxxx/xxxxxxxxx_xxxxxxx.xxx.xxxpredictiveHigh
131Filexxxxx.xxxxpredictiveMedium
132Filexxxxx.xxxpredictiveMedium
133Filexxxxx-xxx.xpredictiveMedium
134Filexxxxxxx/xxxxx.xxxpredictiveHigh
135Filexxxxx.xxxxxxx.xxxpredictiveHigh
136Filexxxxx-xxxx/xxxxxx/xx/xx-xxxxx.xpredictiveHigh
137Filexxx_xxxxx.xpredictiveMedium
138Filexxxxxxxxxxxxxx.xxxpredictiveHigh
139Filexx/xx/xxxxxxxxxxxxxxx.xxpredictiveHigh
140Filexxxxxx.xpredictiveMedium
141Filexxxxx.xpredictiveLow
142Filexxxxxxxx-xxxxxxxxxx-xxxxxxx/xxxxxxxxxxxpredictiveHigh
143Filexxxxxx.xxxpredictiveMedium
144Filexxxxxx/xxxxxxxx.xxpredictiveHigh
145Filexxxxxxxxxx/xxx.xpredictiveHigh
146Filexxxxxxxxx/xxx/xxx_xxx.xpredictiveHigh
147Filexxxxxxxxxx/xxxxx_xxx.xpredictiveHigh
148Filexxxxxxx/xxxx/xxxxx.xxxxx.xxxpredictiveHigh
149Filexxxxxxx/xx.xpredictiveMedium
150Filexxxxx.xxxxpredictiveMedium
151Filexxx-xxxxx/xxx/xxxxxxx.xpredictiveHigh
152Filexxx/xxx_xxxx_xxx.xpredictiveHigh
153Filexxxxxx/xxxxxx.xpredictiveHigh
154Filexxxxxxxxxx/xxxxx-xxxxxxxx.xpredictiveHigh
155Filexxxxxx/xxxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
156Filexxxxxx.xpredictiveMedium
157Filexxxxxxxxx.xxxpredictiveHigh
158Filexxxxxxx/xxxx/xxxx/xxxxxxxxxxxxx/xxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
159Filexxxxxxx/xxxxxxxxxxx/xxxxxx.xxxxxx.xxxpredictiveHigh
160Filexxxx_xxxxxxxxxxx_xxxx.xxxpredictiveHigh
161Filexxxx-xxxx.xpredictiveMedium
162Filexxxxxxxxxxx.xxxxpredictiveHigh
163Filexxx/xxxxxxxxx/xxxxx_xxxx.xpredictiveHigh
164Filexxx/xxxx/xxxxxx.xpredictiveHigh
165Filexxxxxx_xxx.xpredictiveMedium
166Filexxxx.xx-xxxxxx/xxxxx.xxxpredictiveHigh
167Filexxx_xxxxx_xx_xxxxxxxxx/xxpredictiveHigh
168Filexxxxxxxx.xxxpredictiveMedium
169Filexxxx.xpredictiveLow
170Filexxxxx.xxxpredictiveMedium
171Filexxxxx.xpredictiveLow
172Filexxxx_xxx_xxxxxxx.xpredictiveHigh
173Filexxxxxxxx.xxxpredictiveMedium
174Filexxxxxxxxxxxx.xxxpredictiveHigh
175Filexxxx.xxxpredictiveMedium
176Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
177Filexxxxx-xxx.xpredictiveMedium
178Filexxxxx-xxxxx.xpredictiveHigh
179Filexxxxx-xxx.xpredictiveMedium
180Filexxxxx-xxxxxx.xpredictiveHigh
181Filexxxxx-xxxxxxx.xpredictiveHigh
182Filexxxxx-xxx.xpredictiveMedium
183Filexxxxx-xxxxxx.xpredictiveHigh
184Filexxxxx/xxxxxxxxxxx/xxxxxxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
185Filexxxxx/xxxxxxxx.xpredictiveHigh
186Filexxxxxxx/xxxxx/xxxx/##/xxxxx/predictiveHigh
187Filexxxx.xxxpredictiveMedium
188Filexxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
189Filexxxxxxxx.xxxpredictiveMedium
190Filexxxxxxx.xpredictiveMedium
191Filexxxxx.xxxpredictiveMedium
192Filexxxxx.xxxpredictiveMedium
193Filexxxxxxxxxx.xxxpredictiveHigh
194Filexxxxxxxx.xpredictiveMedium
195Filexxxxxxxxxxxx.xxpredictiveHigh
196Filexxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
197Filexxxxxxx/xxxxx/xxxx-xxx/xxxxxx.xpredictiveHigh
198Filexxxxxxxxxxx.xxxpredictiveHigh
199Filexxxxx.xxxxxxpredictiveMedium
200Filexxxx_xxxxx.xxxxpredictiveHigh
201Filexxx/xxxxxxxxxx.xpredictiveHigh
202Filexxxxxxxx.xpredictiveMedium
203Filexxx_xxxx.xpredictiveMedium
204Filexxxxxxxxxxx.xxxpredictiveHigh
205Filexxx.xpredictiveLow
206Filexxxxxxxx.xxxxx.xxxpredictiveHigh
207Filexxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxxpredictiveHigh
208Filexxx_xxx.xpredictiveMedium
209Filexxxx-xxxxxxxx.xxxpredictiveHigh
210Filexxxxx/xxxxxxpredictiveMedium
211Filexxxxxxxx/xxxxxxx.xpredictiveHigh
212Filexxxxxxxxxx.xxxpredictiveHigh
213Filexxx/xxx.xxxxx.xxxpredictiveHigh
214Filexx_xxxxx.xxxpredictiveMedium
215Filexxxxxx.xxxpredictiveMedium
216Filexxxxxx.xxxpredictiveMedium
217Filexxxxxxxxxxxx.xxxpredictiveHigh
218Filexxxx_xxxx_xxxxxxx.xxxpredictiveHigh
219Filexxxx_xxxxx.xxxpredictiveHigh
220Filexxxx.xpredictiveLow
221Filexxxxxxxxxxx.xxxxpredictiveHigh
222Filexxxxx/xxx.xxxpredictiveHigh
223Filexxxx.xpredictiveLow
224Filexxxxxx/xxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
225Filexxxxxxxxx.xxxxxpredictiveHigh
226Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
227Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx-xxxxx.xxxpredictiveHigh
228Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
229Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
230Filexxxxxxxxxxx.xxxpredictiveHigh
231Libraryxxx/xxxxxx.xpredictiveMedium
232Libraryxxx/xxx-xxxxx.xpredictiveHigh
233Libraryxxx/xxx.xpredictiveMedium
234Libraryxxx/xxxxxx.xxpredictiveHigh
235Libraryxxx/xxx.xpredictiveMedium
236Libraryxxxxxxx.xxxpredictiveMedium
237Libraryxxxxxxxx.xxxpredictiveMedium
238Libraryxxxxxxx\xxxxx\xxxxxxx_xxxxxx.xxxpredictiveHigh
239Libraryxxxxxxxx.xxxpredictiveMedium
240Libraryxxxxxx.xxxpredictiveMedium
241Argument$xxxx->xxxxx->xxxxxxxxxxxxxx)predictiveHigh
242Argument$_xxxxxx['xxxxxxx_xxx']predictiveHigh
243ArgumentxxxpredictiveLow
244ArgumentxxxxxxxxxpredictiveMedium
245ArgumentxxxxxpredictiveLow
246ArgumentxxxxxxpredictiveLow
247ArgumentxxxxxxxxpredictiveMedium
248ArgumentxxxxxpredictiveLow
249ArgumentxxxxxxxxxxxxxpredictiveHigh
250Argumentxxxxxxx/xxxxxxxxpredictiveHigh
251ArgumentxxxxxxpredictiveLow
252ArgumentxxxpredictiveLow
253Argumentxxxxxxxx/xxxx/xxx/xxxxxxxxxxx/xxxxxpredictiveHigh
254Argumentxxx_xxpredictiveLow
255ArgumentxxxxxxxxxxxxxpredictiveHigh
256Argumentxxx_xxxxxxxxx_xxxxpredictiveHigh
257ArgumentxxxxpredictiveLow
258ArgumentxxxxxxxxxpredictiveMedium
259ArgumentxxxxxxpredictiveLow
260Argumentxxxxxxx/xxxxxxx/xxxxxxx_xxxxxxxxxx/xxxxxxx_xxxxxx/xxxxxxxx/xxxx_xxxxxpredictiveHigh
261ArgumentxxxxxpredictiveLow
262ArgumentxxxxxxpredictiveLow
263Argumentxxx_xxxxxxxxxpredictiveHigh
264ArgumentxxxpredictiveLow
265ArgumentxxxpredictiveLow
266ArgumentxxpredictiveLow
267ArgumentxxxxxpredictiveLow
268ArgumentxxxxxxxpredictiveLow
269ArgumentxxxxpredictiveLow
270ArgumentxxxxxxxxpredictiveMedium
271ArgumentxxxxxxpredictiveLow
272Argumentxxx_xxxpredictiveLow
273Argumentxx_xxxx [xx][x]/xx_xxxx [xx][x]/xx_xxxx [xx][x]/xx_xxxx [xx][x]/xxxxxpredictiveHigh
274Argumentxxxxxx_xxxxxx/xxx_xxxxxxpredictiveHigh
275Argumentxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveHigh
276ArgumentxxpredictiveLow
277ArgumentxxxxxxpredictiveLow
278Argumentxxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxxpredictiveHigh
279Argumentxxxx_xxpredictiveLow
280ArgumentxxpredictiveLow
281Argumentxx_xxxxxxxxxx.xxxxxxxpredictiveHigh
282Argumentxxxxx/xxxxxxpredictiveMedium
283ArgumentxxxxxpredictiveLow
284ArgumentxxxxxxxxxpredictiveMedium
285Argumentxx_xxxxxxxxxxxpredictiveHigh
286ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
287ArgumentxxxxpredictiveLow
288Argumentxxxx/xxxxxxxxxxxpredictiveHigh
289Argumentxxxx/xxxxx/xxxxxxxxpredictiveHigh
290ArgumentxxxxpredictiveLow
291ArgumentxxxxxpredictiveLow
292Argumentxxxxxxxx/xxxpredictiveMedium
293ArgumentxxxxpredictiveLow
294ArgumentxxxxxxxxpredictiveMedium
295Argumentxxx_xxxpredictiveLow
296ArgumentxxxxxxxxxpredictiveMedium
297Argumentxxxxxxx-xxx-xxxpredictiveHigh
298Argumentxxxxxxxx_xxxpredictiveMedium
299ArgumentxxxxxxxxxpredictiveMedium
300ArgumentxxxxxxpredictiveLow
301ArgumentxxxxxxxxpredictiveMedium
302ArgumentxxxxxxxxpredictiveMedium
303Argumentxxxxxxxx_xxxpredictiveMedium
304ArgumentxxxxxxxxxpredictiveMedium
305ArgumentxxpredictiveLow
306Argumentxxx_xxxpredictiveLow
307Argumentx/xpredictiveLow
308ArgumentxxxxxxpredictiveLow
309ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
310ArgumentxxxxxxxxxxxxxpredictiveHigh
311ArgumentxxxxpredictiveLow
312Argumentxxx_xxxxxpredictiveMedium
313Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
314ArgumentxxxxxxxxpredictiveMedium
315ArgumentxxxxpredictiveLow
316ArgumentxxxxxxxxxxxxpredictiveMedium
317ArgumentxxxpredictiveLow
318ArgumentxxxxpredictiveLow
319ArgumentxxxxpredictiveLow
320ArgumentxxxpredictiveLow
321ArgumentxxxpredictiveLow
322ArgumentxxxxxxxxpredictiveMedium
323Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
324Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
325Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
326Argumentxxx_xxxpredictiveLow
327ArgumentxxxxxpredictiveLow
328ArgumentxxxxpredictiveLow
329Argumentxxxxx/xxxxxxpredictiveMedium
330ArgumentxxxxxpredictiveLow
331Argument_xxxxxxpredictiveLow
332Input Value'>[xxx]predictiveLow
333Input Value'xx''='predictiveLow
334Input Value../predictiveLow
335Input Value/xxxxxx/..%xxpredictiveHigh
336Input ValuexxxxxpredictiveLow
337Input ValuexxxxxxxxpredictiveMedium
338Input Value<xxxxxxxxx>xxxpredictiveHigh
339Input Valuex" || xxxx_xxxxxxx_xx_xxxxxxx || "predictiveHigh
340Input Valuexxxxx%xx'xx''='predictiveHigh
341Input ValuexxxxpredictiveLow
342Pattern|xx|xx|xx|predictiveMedium
343Network Portxxx/xxxxpredictiveMedium
344Network PortxxxpredictiveLow

References (25)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!