Muhstik Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en820
fr72
de42
zh34
ru16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

FR: France624
US: USA174
CN: China50
BE: Belgium26
RU: Russia18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Muhstik26
Bashlite4
Tsunami3
Sliver2
Cobalt Strike2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined264
Operating System98
Web Browser50
Content Management System36
Smartphone Operating System22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined192
Microsoft116
Adobe66
Google50
Apache26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows68
Google Chrome40
Apple iOS14
Apache HTTP Server14
Microsoft Exchange Server12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Python callproc.c PyCArg_repr buffer overflow8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.038390.04CVE-2021-3177
2PuTTY Title denial of service4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002040.07CVE-2021-33500
3TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010751.56CVE-2006-6168
4Microsoft Windows Privilege Escalation8.87.7$100k and more$5k-$25kUnprovenOfficial Fix0.012580.00CVE-2021-28455
5Microsoft Windows Wireless Networking unknown vulnerability5.44.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.003520.00CVE-2020-24588
6LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.79
7Git Pull git.cmd access control6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000780.07CVE-2021-46101
8Autodesk Revit/Navisworks/Autodesk/AutoCAD PDFTron buffer overflow6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000650.00CVE-2021-40160
9PHPGurukul BP Monitoring Management System User Profile Update profile.php sql injection5.35.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.001300.00CVE-2023-1909
10Jelsoft vBulletin misc.php Remote Code Execution7.37.0$0-$5k$0-$5kHighOfficial Fix0.890640.00CVE-2005-0511
11Microsoft Visual Studio Remote Code Execution6.96.3$5k-$25k$0-$5kUnprovenOfficial Fix0.006730.04CVE-2022-29148
12Microsoft Visual Studio/.NET/.NET Core denial of service7.56.8$5k-$25k$0-$5kUnprovenOfficial Fix0.002240.03CVE-2022-29145
13Autodesk AutoCAD 2022 JT File Parser buffer overflow6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000760.00CVE-2022-25788
14Microsoft .NET/Visual Studio denial of service7.56.8$5k-$25k$0-$5kUnprovenOfficial Fix0.001240.03CVE-2022-24464
15HAProxy HTTP Header resource consumption5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.144540.07CVE-2022-0711
16VMware ESXi/Fusion/Workstation CD-ROM Device Emulation heap-based overflow7.16.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000770.04CVE-2021-22045
17TeamViewer TVS File Parser out-of-bounds7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002330.00CVE-2021-34858
18Autodesk Revit/Navisworks/Autodesk/AutoCAD PDFTron memory corruption6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000650.00CVE-2021-40161
19polkit pkexec access control8.38.2$0-$5k$0-$5kHighWorkaround0.001220.04CVE-2021-4034
20Vmware Tools/Remote Console/App Volumes openssl.cnf access control6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.04CVE-2021-21999

Campaigns (4)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (91)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.116.59.211Muhstik01/24/2022verifiedMedium
23.10.224.87ec2-3-10-224-87.eu-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedLow
35.19.4.15relay.zmk.spb.ruMuhstik02/09/2022verifiedMedium
410.3.6.0Muhstik01/23/2020verifiedVery Low
512.1.3.0Muhstik01/23/2020verifiedVery Low
618.228.7.109ec2-18-228-7-109.sa-east-1.compute.amazonaws.comMuhstikLog4Shell02/09/2022verifiedLow
734.66.229.152152.229.66.34.bc.googleusercontent.comMuhstik02/09/2022verifiedLow
834.221.40.237ec2-34-221-40-237.us-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedLow
935.160.222.182ec2-35-160-222-182.us-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedLow
1037.187.107.139ns326418.ip-37-187-107.euMuhstik02/09/2022verifiedMedium
1137.187.253.12ns347308.ip-37-187-253.euMuhstik02/09/2022verifiedMedium
1245.130.229.168MuhstikLog4Shell02/09/2022verifiedMedium
1346.29.160.149Muhstik02/09/2022verifiedMedium
1446.149.233.35host233-35.mgtelecom.ruMuhstik01/23/2020verifiedLow
1546.218.149.85reverse.completel.frMuhstik02/09/2022verifiedMedium
1647.135.208.145047-135-208-145.res.spectrum.comMuhstikCVE-2018-7600 / CVE-2017-1027108/29/2021verifiedMedium
1751.79.19.53ns566281.ip-51-79-19.netMuhstikCVE-2023-3324606/10/2024verifiedVery High
1851.254.219.134134.ip-51-254-219.euMuhstikCVE-2018-7600 / CVE-2017-1027108/29/2021verifiedMedium
1951.254.221.129129.ip-51-254-221.euMuhstik02/09/2022verifiedMedium
20XX.X.XXX.XXXxxx-xx-x-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
21XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
22XX.XX.XX.XXxxx-xx-xx-xx-xx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
23XX.XX.XX.XXXxxxxxxxxx.xx-xx-xx-xx.xxXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
24XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
25XX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
26XX.XXX.XX.XXXxxxxxxxx.xxx.xxxxxxxx.xxXxxxxxx02/09/2022verifiedMedium
27XX.XX.XXX.XXXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
28XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx01/23/2020verifiedVery Low
29XX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
30XX.XXX.XX.XXXxxx-xx-xxx-xx.xxxxxx.xxxxxxx.xxxx.xxxXxxxxxx02/09/2022verifiedMedium
31XX.XXX.XXX.XXxxxxxx-xx-xxx-xxx-xx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
32XX.XXX.XXX.XXXxxxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
33XX.XX.XX.XXXxxxxxxxx.xxxxxxxxx.xxXxxxxxx02/09/2022verifiedLow
34XX.XX.XX.XXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
35XX.XX.XX.XXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
36XX.XXX.XXX.XXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
37XX.XXX.XXX.XXXxxx.xxx.xxXxxxxxx02/09/2022verifiedMedium
38XX.XXX.XX.XXxxxxXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
39XX.XXX.XXX.XXxx.xxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
40XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxx.xxxxxxx.xxXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
41XXX.XXX.XX.XXXXxxxxxx02/09/2022verifiedMedium
42XXX.XXX.XXX.XXXXxxxxxx07/29/2022verifiedHigh
43XXX.XXX.XXX.XXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
44XXX.XXX.XX.XXXXxxxxxx01/24/2022verifiedMedium
45XXX.XX.XX.XXXxxxxxx02/09/2022verifiedMedium
46XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
47XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
48XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedLow
49XXX.XXX.XXX.XXXXxxxxxx01/23/2020verifiedLow
50XXX.XX.XX.XXXxxxxxx02/09/2022verifiedMedium
51XXX.XXX.XX.XXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
52XXX.XXX.XX.XXxxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
53XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
54XXX.XX.XXX.XXxx.xx-xxx-xx-xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
55XXX.XXX.XXX.XXxxx-xxx-xxx-xxx-xx.xxxxxxx.xxxxxxxx-xxx.xxxXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedHigh
56XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxxxxxxxxxxxx.xxxXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedHigh
57XXX.XX.XXX.XXXxxx-xxxxxxxx.xxx.xxx.xxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedLow
58XXX.XX.XXX.XXxx.xx-xxx-xx-xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
59XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedMedium
60XXX.XXX.XX.XXxx.xx-xxx-xxx-xx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
61XXX.XXX.XX.Xxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedVery Low
62XXX.XXX.XX.XXXxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedLow
63XXX.XXX.XXX.XXXxxx.xx-xxx-xxx-xxx.xxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
64XXX.XX.XX.XXxxx.xx.xx.xx.xxxxx.xxxXxxxxxx02/09/2022verifiedLow
65XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxxxx02/09/2022verifiedLow
66XXX.XXX.XX.XXxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
67XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedMedium
68XXX.XX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
69XXX.XX.XXX.XXXXxxxxxxXxxxxxxxx02/09/2022verifiedMedium
70XXX.XX.XX.XXXxxx-xxx-xxxxx.xx.xxxxxx.xx.xxXxxxxxx07/29/2022verifiedHigh
71XXX.XX.XXX.XXXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
72XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
73XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxx01/24/2022verifiedMedium
74XXX.XX.X.XXXXxxxxxx02/09/2022verifiedMedium
75XXX.XXX.XX.XXXXxxxxxxXxx-xxxx-xxxx08/29/2021verifiedMedium
76XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedMedium
77XXX.XX.XXX.XXXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
78XXX.XXX.XXX.XXXxxxxxxxxxx.xxxxxxxxxx.xx.xxXxxxxxx02/09/2022verifiedMedium
79XXX.X.XXX.XXXxxxxxx01/24/2022verifiedMedium
80XXX.XXX.XXX.XXXXxxxxxx01/24/2022verifiedMedium
81XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxx.xxxx.xxxxx.xxxXxxxxxx02/09/2022verifiedMedium
82XXX.XX.XXX.XXXxxxxxx01/23/2020verifiedLow
83XXX.XXX.XX.XXXXxxxxxx02/09/2022verifiedMedium
84XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedMedium
85XXX.XXX.XXX.XXXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
86XXX.XX.XX.XXXxxx.xx-xxx-xx-xx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedMedium
87XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedMedium
88XXX.XX.XXX.XXXxxxxxxXxx-xxxx-xxxxx06/10/2024verifiedVery High
89XXX.XXX.XXX.XXxxxxxx01/23/2020verifiedLow
90XXX.XXX.XXX.XXxxxx.xxxxx.xx.xxXxxxxxxXxxxxxxxx02/09/2022verifiedMedium
91XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxx.xxXxxxxxx02/09/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (24)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-24Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-137CWE-88, CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-CWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCAPEC-108CWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-120CWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
17TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
23TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
24TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (216)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/addbill.phppredictiveMedium
2File/admin/maintenance/view_designation.phppredictiveHigh
3File/ample/app/action/edit_product.phppredictiveHigh
4File/api/v2/open/rowsInfopredictiveHigh
5File/cms/classes/Master.php?f=delete_servicepredictiveHigh
6File/conf/predictiveLow
7File/config/api/v1/rebootpredictiveHigh
8File/controller/AdminController.phppredictiveHigh
9File/ecommerce/support_ticketpredictiveHigh
10File/etc/shadowpredictiveMedium
11File/forum/away.phppredictiveHigh
12File/friends/ajax_invitepredictiveHigh
13File/graphStatus/displayServiceStatus.phppredictiveHigh
14File/inc/HTTPClient.phppredictiveHigh
15File/include/makecvs.phppredictiveHigh
16File/index.phppredictiveMedium
17File/Items/*/RemoteImages/DownloadpredictiveHigh
18File/librarian/bookdetails.phppredictiveHigh
19File/login/index.phppredictiveHigh
20File/modules/profile/index.phppredictiveHigh
21File/oauth/idp/.well-known/openid-configurationpredictiveHigh
22File/preview.phppredictiveMedium
23File/proc/pid/syscallpredictiveHigh
24File/scas/admin/predictiveMedium
25File/xxxxxxx.xxxxxpredictiveHigh
26File/xxx/xxx_xxxx.xxpredictiveHigh
27File/xxxxxxpredictiveLow
28File/xxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
29File/xxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
30File/xxx/xxx/xxxxxxpredictiveHigh
31File/xxx-xxx/xxx.xxxpredictiveHigh
32Filexxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxx.xpredictiveLow
34Filexxxx/xxxxxxxxx.xxxpredictiveHigh
35Filexxxxx_xxxxxx.xxxpredictiveHigh
36Filexxx/xxxxxxxxxxx.xxxpredictiveHigh
37Filexxx/xxxxxxxxxxx/xxxxx.xxpredictiveHigh
38Filexxxx/xxx/xxx/xxxxxxx.xpredictiveHigh
39Filexxxxxxx.xxxxpredictiveMedium
40Filexxxxxxx.xxpredictiveMedium
41Filexxxxxx.xxxxpredictiveMedium
42Filexx_xxxxx_xxxxx.xxxpredictiveHigh
43Filexxxxxx.xpredictiveMedium
44Filexxx_xxxx_xxxxx.xpredictiveHigh
45Filex:\xxxxx\<xxxxxxxx>\xxxxxxx\xxxxxxxxxxxpredictiveHigh
46Filexxxxxxxx.xxxpredictiveMedium
47Filexxxxxxxxxxx.xxxpredictiveHigh
48Filexxxxx/xxxxxxxx-xxxxxxxxx/xxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
49Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
50Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
51Filexxxxxxx.xpredictiveMedium
52Filex_xxxxxxpredictiveMedium
53Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxx.xxxpredictiveMedium
55Filexxxxxxx.xxxxpredictiveMedium
56Filexxxxxxxxx.xxxpredictiveHigh
57Filexxx.xxxpredictiveLow
58Filexxxxx.xpredictiveLow
59Filexxxxxxxx.xxxpredictiveMedium
60Filexxxxxxx/xxx/xx/xx_xxxxx.xpredictiveHigh
61Filexxxxxx.xpredictiveMedium
62Filexxx/xxxx/xxxx.xpredictiveHigh
63Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
64Filexxxx.xxxpredictiveMedium
65Filexxxxxx_xxxx_xxxxx.xpredictiveHigh
66Filexxxxxxxxxxxx_xxxx.xxxpredictiveHigh
67Filexxx_xxxxxx.xxxpredictiveHigh
68Filexxx.xxxpredictiveLow
69Filexxxxxx/xxxxxxxxxxxxpredictiveHigh
70Filexxxx.xxxpredictiveMedium
71Filexxxxxxxxx.xxpredictiveMedium
72Filexxxxxxxxxx.xxxpredictiveHigh
73Filexxx/xxxx.xpredictiveMedium
74Filexxx/xxxxxx.xxxpredictiveHigh
75Filexxxxxxx.xxxpredictiveMedium
76Filexxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxx_xxxxxxxxxxxxx.xxxpredictiveHigh
77Filexxxxxxx/xxxxx/xxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
78Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveHigh
79Filexxxxx.xxxpredictiveMedium
80Filexxxxx.xxxpredictiveMedium
81Filexxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxx_xxxxxx.xxxpredictiveHigh
83Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
84Filexxx/xxxxx.xpredictiveMedium
85FilexxxxxxxpredictiveLow
86Filexxxxxxxxxx/xxx_xx.xpredictiveHigh
87Filexxxxx.xxxpredictiveMedium
88Filexxx.xxxpredictiveLow
89Filexxxx_xxxxx.xpredictiveMedium
90Filexxxx.xpredictiveLow
91Filexxxx.xxxpredictiveMedium
92Filexxxxx.xxxpredictiveMedium
93Filexxx/xxxxxx/xx_xxxxxx.xpredictiveHigh
94Filexxxxxx_xxxxxxxx_xxxxx.xxxpredictiveHigh
95Filexxxxxxx.xxxpredictiveMedium
96Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxxpredictiveHigh
97Filexxxx/xxxxxxxxx.xxxpredictiveHigh
98Filexxxxxxxxx.xxx.xxxpredictiveHigh
99Filexxxxxxxx.xxxpredictiveMedium
100Filexxxx-xxxx.xxxpredictiveHigh
101Filexxxxxxx.xxxpredictiveMedium
102Filexxxxx/xxx/xxxxxx_xxxxx/!xxxxxxxx?xxxxxxxxxx=xxxx-xxxxx-xx-xxxx.xxxxxxxx_xxxxxxxxxxxxxpredictiveHigh
103Filexxxx.xxxpredictiveMedium
104Filexxxxx.xxxpredictiveMedium
105Filexxxxxxxx.xxxpredictiveMedium
106Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
107Filexxxxxxxx.xxxpredictiveMedium
108Filexxxxxxxx.xpredictiveMedium
109Filexxxxxx.xxpredictiveMedium
110Filexxxxxx/xxxxx.xxxpredictiveHigh
111Filexxxxx.xxxpredictiveMedium
112Filexxxx.xxxpredictiveMedium
113Filexxxx.xxxpredictiveMedium
114Filexxxxxxx.xxxpredictiveMedium
115Filexxx/xxxxxxxx.xxpredictiveHigh
116Filexxx/xxxxxxx/xxxxxxx/xxxxxxxxx.xxpredictiveHigh
117Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
118Filexxxxxx_xxx.xxxpredictiveHigh
119Filexxxx-xxxxx.xxxpredictiveHigh
120Filexxxx-xxxxxxxx.xxxpredictiveHigh
121Filexxx-xxxxxxx.xpredictiveHigh
122Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
123Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
124Filexxxxxxx.xxxpredictiveMedium
125Filexxxxxx.xxxpredictiveMedium
126Filexx-xxxxx/xxxxx-xxx.xxx?xxxxxxx-xxxxxxxxpredictiveHigh
127Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
128Filexx-xxxxx.xxxpredictiveMedium
129File_xxxxxx/xxxxxxxx.xpredictiveHigh
130Library/xxx/xxx/xxxx.xxxpredictiveHigh
131Libraryx:/xxxxxxx xxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
132Libraryxxxxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
133Argument.xxx.x.x.x.x.x.xx.x.x.x.x.x.x.x.x.x.x.xpredictiveHigh
134Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
135Argumentxxxxxx_xxxxxxxxxxpredictiveHigh
136ArgumentxxxxxxxxpredictiveMedium
137ArgumentxxxxpredictiveLow
138ArgumentxxxpredictiveLow
139ArgumentxxxxxpredictiveLow
140Argumentxxxxx_xx_xxxpredictiveMedium
141ArgumentxxxxxxpredictiveLow
142Argumentxxxxxx_xxxxxxx[xxxx][xxxxxxx][]predictiveHigh
143Argumentxxx_xxxxxxxpredictiveMedium
144Argumentx_xxxxxx.xxxx_xxxxxpredictiveHigh
145Argumentxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
146ArgumentxxxxxxxpredictiveLow
147ArgumentxxxxxxxxxxpredictiveMedium
148ArgumentxxxxxxxxxxxxxxxpredictiveHigh
149ArgumentxxxxxpredictiveLow
150ArgumentxxxxxxxpredictiveLow
151Argumentxx_xxxxxxxpredictiveMedium
152ArgumentxxxxxxxpredictiveLow
153Argumentxxxx[xxxxxxx]predictiveHigh
154ArgumentxxxxxpredictiveLow
155ArgumentxxxxxxxxpredictiveMedium
156ArgumentxxxxpredictiveLow
157Argumentxxxx_xxxx/xxxxxxx_xxxxxxxxxxxpredictiveHigh
158ArgumentxxpredictiveLow
159ArgumentxxpredictiveLow
160ArgumentxxxxxxxxpredictiveMedium
161ArgumentxxxxxpredictiveLow
162ArgumentxxxxxpredictiveLow
163ArgumentxxxxxxpredictiveLow
164ArgumentxxxxxxpredictiveLow
165Argumentxxxxx[xxxxx][xx]predictiveHigh
166Argumentxxxxx_xxxxx.xxxxxxpredictiveHigh
167ArgumentxxxxxxpredictiveLow
168ArgumentxxxxxxxpredictiveLow
169Argumentxxxx/xxxxxpredictiveMedium
170Argumentxxxxxxx_xxpredictiveMedium
171ArgumentxxpredictiveLow
172ArgumentxxpredictiveLow
173ArgumentxxpredictiveLow
174ArgumentxxxxxxxpredictiveLow
175Argumentxxxxxx_xxpredictiveMedium
176ArgumentxxxxpredictiveLow
177ArgumentxxxxxxxxpredictiveMedium
178ArgumentxxxxxxxxxpredictiveMedium
179Argumentxxxxx_xxxx_xxxxpredictiveHigh
180ArgumentxxxxxxxxpredictiveMedium
181Argumentxxxxxxx xxxxxpredictiveHigh
182ArgumentxxxxxxxxxxpredictiveMedium
183ArgumentxxxxxxxpredictiveLow
184ArgumentxxxxxxxxpredictiveMedium
185ArgumentxxxxxxxxxxxpredictiveMedium
186ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
187Argumentxxxxxx_xxxxpredictiveMedium
188ArgumentxxxxxxpredictiveLow
189Argumentxxxxxxxxxxx_xxxxpredictiveHigh
190Argumentxxx-xxxxxxxpredictiveMedium
191Argumentxxxxx/xxxpredictiveMedium
192ArgumentxxxxpredictiveLow
193ArgumentxxxxxxxxpredictiveMedium
194Argumentxxxxx[xxxxxxx_xxxxx]predictiveHigh
195ArgumentxxxpredictiveLow
196ArgumentxxxxxpredictiveLow
197ArgumentxxxxxpredictiveLow
198ArgumentxxxpredictiveLow
199ArgumentxxxxpredictiveLow
200ArgumentxxxxxxpredictiveLow
201Argumentxxxxxxxx/xxxxpredictiveHigh
202Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveHigh
203ArgumentxxxxxpredictiveLow
204Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
205Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
206Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
207Input Value../predictiveLow
208Input Value//predictiveLow
209Input Value</xxxxxx >predictiveMedium
210Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
211Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
212Input Valuexxxx</xxxxx><xxxxxx>xxxxx("xxxx")</xxxxxx><xxxxx>predictiveHigh
213Network Portxxxxx xxx-xxxpredictiveHigh
214Network Portxxxxx xxx-xxx, xxxpredictiveHigh
215Network Portxxx/xxxx / xxx/xxxxpredictiveHigh
216Network Portxxx/xxxxxpredictiveMedium

References (12)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!