Muhstik Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en858
fr114
zh10
es4
ru4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

fr750
us88
cn20
es6
jp6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Muhstik32
Cobalt Strike3
Sliver2
Bashlite2
Tsunami2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined262
Operating System92
Web Browser34
Programming Language Software30
Office Suite Software30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined206
Microsoft150
Adobe56
Google34
Oracle26

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows70
Microsoft Office26
Google Chrome20
Microsoft Visual Studio14
Apple iOS14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Python callproc.c PyCArg_repr buffer overflow8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.04038CVE-2021-3177
2PuTTY Title denial of service4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.00204CVE-2021-33500
3Microsoft Windows Privilege Escalation8.87.7$100k and more$5k-$25kUnprovenOfficial Fix0.000.01258CVE-2021-28455
4Microsoft Windows Wireless Networking unknown vulnerability5.44.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.040.00214CVE-2020-24588
5Git Pull git.cmd access control6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00078CVE-2021-46101
6Autodesk Revit/Navisworks/Autodesk/AutoCAD PDFTron buffer overflow6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00065CVE-2021-40160
7Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
8Microsoft Visual Studio Remote Code Execution6.96.3$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00236CVE-2022-29148
9Microsoft Visual Studio/.NET/.NET Core denial of service7.56.8$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00246CVE-2022-29145
10Autodesk AutoCAD 2022 JT File Parser buffer overflow6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00076CVE-2022-25788
11Microsoft .NET/Visual Studio denial of service7.56.8$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00149CVE-2022-24464
12HAProxy HTTP Header resource consumption5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.10750CVE-2022-0711
13VMware ESXi/Fusion/Workstation CD-ROM Device Emulation heap-based overflow7.16.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00077CVE-2021-22045
14TeamViewer TVS File Parser out-of-bounds7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00186CVE-2021-34858
15Autodesk Revit/Navisworks/Autodesk/AutoCAD PDFTron memory corruption6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00065CVE-2021-40161
16polkit pkexec access control8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.030.00046CVE-2021-4034
17Vmware Tools/Remote Console/App Volumes openssl.cnf access control6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00045CVE-2021-21999
18Grafana AngularJS Rendering cross site scripting5.85.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.96194CVE-2021-41174
19Adobe Creative Cloud Desktop Application temp file3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00076CVE-2021-28633
20SAP Commerce Cloud virtualjdbc extension code injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00287CVE-2019-0344

Campaigns (3)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (79)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.116.59.211Muhstik01/24/2022verifiedHigh
23.10.224.87ec2-3-10-224-87.eu-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedMedium
35.19.4.15relay.zmk.spb.ruMuhstik02/09/2022verifiedHigh
410.3.6.0Muhstik01/23/2020verifiedHigh
512.1.3.0Muhstik01/23/2020verifiedHigh
618.228.7.109ec2-18-228-7-109.sa-east-1.compute.amazonaws.comMuhstikLog4Shell02/09/2022verifiedMedium
734.66.229.152152.229.66.34.bc.googleusercontent.comMuhstik02/09/2022verifiedMedium
834.221.40.237ec2-34-221-40-237.us-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedMedium
935.160.222.182ec2-35-160-222-182.us-west-2.compute.amazonaws.comMuhstik02/09/2022verifiedMedium
1037.187.107.139ns326418.ip-37-187-107.euMuhstik02/09/2022verifiedHigh
1137.187.253.12ns347308.ip-37-187-253.euMuhstik02/09/2022verifiedHigh
1245.130.229.168MuhstikLog4Shell02/09/2022verifiedHigh
1346.29.160.149Muhstik02/09/2022verifiedHigh
1446.149.233.35host233-35.mgtelecom.ruMuhstik01/23/2020verifiedHigh
1546.218.149.85reverse.completel.frMuhstik02/09/2022verifiedHigh
1647.135.208.145047-135-208-145.res.spectrum.comMuhstikCVE-2018-7600 / CVE-2017-1027108/29/2021verifiedHigh
17XX.XXX.XXX.XXXxxx.xx-xx-xxx-xxx.xxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
18XX.XXX.XXX.XXXxxx.xx-xx-xxx-xxx.xxXxxxxxx02/09/2022verifiedHigh
19XX.X.XXX.XXXxxx-xx-x-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
20XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
21XX.XX.XX.XXxxx-xx-xx-xx-xx.xx-xxxxxxxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
22XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
23XX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
24XX.XXX.XX.XXXxxxxxxxx.xxx.xxxxxxxx.xxXxxxxxx02/09/2022verifiedHigh
25XX.XX.XXX.XXXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
26XX.XX.XXX.XXXxx.xx.xxx.xxx.xxxxxx.xxxxxxxxxxxx.xxxXxxxxxx01/23/2020verifiedHigh
27XX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
28XX.XXX.XX.XXXxxx-xx-xxx-xx.xxxxxx.xxxxxxx.xxxx.xxxXxxxxxx02/09/2022verifiedHigh
29XX.XXX.XXX.XXxxxxxx-xx-xxx-xxx-xx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
30XX.XXX.XXX.XXXxxxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
31XX.XX.XX.XXXxxxxxxxx.xxxxxxxxx.xxXxxxxxx02/09/2022verifiedHigh
32XX.XXX.XXX.XXXxxx.xxx.xxXxxxxxx02/09/2022verifiedHigh
33XX.XXX.XXX.XXxx.xxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
34XXX.XXX.XX.XXXXxxxxxx02/09/2022verifiedHigh
35XXX.XXX.XXX.XXXXxxxxxx07/29/2022verifiedHigh
36XXX.XXX.XXX.XXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
37XXX.XXX.XX.XXXXxxxxxx01/24/2022verifiedHigh
38XXX.XX.XX.XXXxxxxxx02/09/2022verifiedHigh
39XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
40XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
41XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedMedium
42XXX.XXX.XXX.XXXXxxxxxx01/23/2020verifiedHigh
43XXX.XX.XX.XXXxxxxxx02/09/2022verifiedHigh
44XXX.XXX.XX.XXxxxxxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
45XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
46XXX.XX.XXX.XXxx.xx-xxx-xx-xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
47XXX.XX.XXX.XXXxxx-xxxxxxxx.xxx.xxx.xxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
48XXX.XX.XXX.XXxx.xx-xxx-xx-xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
49XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedHigh
50XXX.XXX.XX.XXxx.xx-xxx-xxx-xx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
51XXX.XXX.XX.Xxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
52XXX.XXX.XX.XXXxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
53XXX.XXX.XXX.XXXxxx.xx-xxx-xxx-xxx.xxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
54XXX.XX.XX.XXxxx.xx.xx.xx.xxxxx.xxxXxxxxxx02/09/2022verifiedMedium
55XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxxxx02/09/2022verifiedMedium
56XXX.XXX.XX.XXxxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
57XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedHigh
58XXX.XX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
59XXX.XX.XXX.XXXXxxxxxxXxxxxxxxx02/09/2022verifiedHigh
60XXX.XX.XX.XXXxxx-xxx-xxxxx.xx.xxxxxx.xx.xxXxxxxxx07/29/2022verifiedHigh
61XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
62XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxx01/24/2022verifiedHigh
63XXX.XX.X.XXXXxxxxxx02/09/2022verifiedHigh
64XXX.XXX.XX.XXXXxxxxxxXxx-xxxx-xxxx08/29/2021verifiedHigh
65XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedHigh
66XXX.XX.XXX.XXXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxxx02/09/2022verifiedHigh
67XXX.XXX.XXX.XXXxxxxxxxxxx.xxxxxxxxxx.xx.xxXxxxxxx02/09/2022verifiedHigh
68XXX.X.XXX.XXXxxxxxx01/24/2022verifiedHigh
69XXX.XXX.XXX.XXXXxxxxxx01/24/2022verifiedHigh
70XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxx.xxxx.xxxxx.xxxXxxxxxx02/09/2022verifiedHigh
71XXX.XX.XXX.XXXxxxxxx01/23/2020verifiedHigh
72XXX.XXX.XX.XXXXxxxxxx02/09/2022verifiedHigh
73XXX.XXX.XXX.XXXXxxxxxx02/09/2022verifiedHigh
74XXX.XXX.XXX.XXXXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
75XXX.XX.XX.XXXxxx.xx-xxx-xx-xx.xxxXxxxxxxXxx-xxxx-xxxx / Xxx-xxxx-xxxxx08/29/2021verifiedHigh
76XXX.XX.XX.XXXXxxxxxx02/09/2022verifiedHigh
77XXX.XXX.XXX.XXxxxxxx01/23/2020verifiedHigh
78XXX.XXX.XXX.XXxxxx.xxxxx.xx.xxXxxxxxxXxxxxxxxx02/09/2022verifiedHigh
79XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxx.xxXxxxxxx02/09/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24Path TraversalpredictiveHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CWE-94Argument InjectionpredictiveHigh
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxx-xxx Xxxx Xxxxxxx XxxxpredictiveHigh
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
13TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
14TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (199)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.ssh/authorized_keyspredictiveHigh
2File/addbill.phppredictiveMedium
3File/adminlogin.asppredictiveHigh
4File/ample/app/action/edit_product.phppredictiveHigh
5File/conf/predictiveLow
6File/controller/AdminController.phppredictiveHigh
7File/deviceIPpredictiveMedium
8File/etc/shadowpredictiveMedium
9File/firewall/policy/predictiveHigh
10File/friends/ajax_invitepredictiveHigh
11File/getcfg.phppredictiveMedium
12File/graphStatus/displayServiceStatus.phppredictiveHigh
13File/index.php/admin/tag/add.htmlpredictiveHigh
14File/Items/*/RemoteImages/DownloadpredictiveHigh
15File/proc/pid/syscallpredictiveHigh
16File/rom-0predictiveLow
17File/scas/admin/predictiveMedium
18File/servlet.gupldpredictiveHigh
19File/sql/sql_type.ccpredictiveHigh
20File/statuspredictiveLow
21File/tmppredictiveLow
22File/tools/developerConsoleOperations.jsppredictiveHigh
23File/xxxxxxx/predictiveMedium
24File/xxx/xxx/xxxxxxpredictiveHigh
25File/xxx-xxx/xxx.xxxpredictiveHigh
26Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
27Filexxxxx/xxxxx_xxxxxx.xxxpredictiveHigh
28Filexxx.xpredictiveLow
29Filexxxx/xxxxxxxxx.xxxpredictiveHigh
30Filexxx/xxxxxxxxxxx/xxxxx.xxpredictiveHigh
31Filexxx/xxxxxxxx/xxxx-xxxx.xxxpredictiveHigh
32Filexxxx-xxxx.xpredictiveMedium
33Filexxxxxxx.xxpredictiveMedium
34Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
35Filexxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
36Filexxxxxx.xpredictiveMedium
37Filexxx_xxxx_xxxxx.xpredictiveHigh
38Filexxxxxxxxxxx_xxxxxx.xxxpredictiveHigh
39Filexxxxx/xxxxxxxx-xxxxxxxxx/xxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
40Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
41Filexxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxx/xxxx.xxx/predictiveHigh
42Filexxxxxxx.xpredictiveMedium
43Filexxxxxxxxx.xpredictiveMedium
44Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxx.xxxpredictiveMedium
46Filexxxxxxx.xxxpredictiveMedium
47Filexxxxxxxxx.xxxpredictiveHigh
48Filexxxxx.xxxpredictiveMedium
49Filexxxx_xxx.xxxpredictiveMedium
50Filexxxxxxxx-xxxxxxxx.xxxpredictiveHigh
51Filexxxxxxx/xxxxx/xxx/xxxxxx/xxxxxx-xxxxx.xpredictiveHigh
52Filexxxxxxx/xxx/xx/xx_xxxxx.xpredictiveHigh
53Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxx_xxxx_xxxxx.xpredictiveHigh
55Filexxxxxxxxxxxx_xxxx.xxxpredictiveHigh
56Filexxx_xxxxxx.xxxpredictiveHigh
57Filexxx.xxxpredictiveLow
58Filexxxxxx.xxxpredictiveMedium
59Filexxxx/xxxx/xxxxxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
60Filexxxx_xxxx.xpredictiveMedium
61Filexxxx.xpredictiveLow
62Filexxx/xxxxxx.xxxpredictiveHigh
63Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
64Filexxxxxxx.xxxpredictiveMedium
65Filexxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxx_xxxxxxxxxxxxx.xxxpredictiveHigh
66Filexxxxxxx/xxxxx/xxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
67Filexxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxxx.xxx/xxxxxxxxxxxxx/xxxpredictiveHigh
70Filexxxxx.xxx?xxx=xxxxxx&xxxx=xxxxxx&xx=xxxxxpredictiveHigh
71Filexxxxxx.xpredictiveMedium
72Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
73FilexxxxxxxpredictiveLow
74Filexxxxxxxxxx/xxx_xx.xpredictiveHigh
75Filexxx.xxxpredictiveLow
76Filexxxxx.xxxpredictiveMedium
77Filexxxxx_xx.xxxxpredictiveHigh
78Filexxxx_xxxxx.xpredictiveMedium
79Filexxxx.xpredictiveLow
80Filexxxxxxx.xxxpredictiveMedium
81Filexxx_xxxxx.xpredictiveMedium
82Filexxx_xxxxx.xxxpredictiveHigh
83Filexxx_xxxxx_xxxx.xpredictiveHigh
84Filexxxxx.xxxpredictiveMedium
85Filexxx/xxxx/xxx_xxx.xpredictiveHigh
86Filexxx/xxxxxx/xx_xxxxxx.xpredictiveHigh
87Filexxx.xxxpredictiveLow
88Filexxxxxxx.xxxpredictiveMedium
89Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxxpredictiveHigh
90Filexxxxxxxx.xxxpredictiveMedium
91Filexxxx/xxxxxxxxx.xxxpredictiveHigh
92Filexxxxxxx.xxxpredictiveMedium
93Filexxxxxxx/xxxxxx.xxxxxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
94Filexxxxxxxx.xxxpredictiveMedium
95Filexxxxxx.xxx?xxx=xxxxxxxx&xx=xxxxxxxpredictiveHigh
96Filexxxx-xxxx.xxxpredictiveHigh
97Filexxxxxxxxxx.xxxpredictiveHigh
98Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxpredictiveHigh
99Filexxxxx/xxx/xxxxxx_xxxxx/!xxxxxxxx?xxxxxxxxxx=xxxx-xxxxx-xx-xxxx.xxxxxxxx_xxxxxxxxxxxxxpredictiveHigh
100Filexxxx.xxxpredictiveMedium
101Filexxxxx-xxxx/xxxxx-xxxxx-xxxx.xxxpredictiveHigh
102Filexxxxxxxx.xxxpredictiveMedium
103Filexxxxxxx.xxpredictiveMedium
104Filexxxxxxxx.xpredictiveMedium
105Filexxxxxx.xxpredictiveMedium
106Filexxxxxxxx/xxxxxxxxxxxx/xxxxxxx/xxxxx.xxxxxxxxxxx.xxxpredictiveHigh
107Filexxxxxxx_xxxx.xxxpredictiveHigh
108Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
109Filexxxxxxx.xxpredictiveMedium
110Filexxxxxxx.xxxpredictiveMedium
111Filexxxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
112Filexxxx-xxxxxxxx.xxxpredictiveHigh
113Filexxx-xxxxxxx.xpredictiveHigh
114Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
115Filexxxxxx.xxxpredictiveMedium
116Filexxxxx/xxxxxxxx.xpredictiveHigh
117Filexxxxxx.xxxpredictiveMedium
118Filexx-xxxxx/xxxxx-xxx.xxx?xxxxxxx-xxxxxxxxpredictiveHigh
119Filexx-xxxxxxx/xxxxxxx/xxxxxxxx-xxxxxxxxxx/xx-xxx-xxxpredictiveHigh
120File_xxxxxx/xxxxxxxx.xpredictiveHigh
121Libraryxxxxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
122Libraryxxxxxx.xxxxxxx.xxxxxxxpredictiveHigh
123Argument.xxx.x.x.x.x.x.xx.x.x.x.x.x.x.x.x.x.x.xpredictiveHigh
124ArgumentxxxxxxxpredictiveLow
125ArgumentxxxxpredictiveLow
126Argumentxxxxxx_xxxxxxxxxxpredictiveHigh
127ArgumentxxxxxxxxpredictiveMedium
128ArgumentxxxxxxxpredictiveLow
129ArgumentxxxxxxxxxpredictiveMedium
130ArgumentxxxxxxpredictiveLow
131Argumentxxx_xxxxxxxpredictiveMedium
132Argumentx_xxxxxx.xxxx_xxxxxpredictiveHigh
133ArgumentxxxxxxxxxxxxxxxpredictiveHigh
134ArgumentxxxxpredictiveLow
135ArgumentxxxxpredictiveLow
136Argumentxxxxxxxxxxxxxx($xxx)predictiveHigh
137ArgumentxxxxxpredictiveLow
138ArgumentxxxxxxxxpredictiveMedium
139Argumentxxxx_xxxx/xxxxxxx_xxxxxxxxxxxpredictiveHigh
140Argumentxxxx_xxxxxxpredictiveMedium
141ArgumentxxpredictiveLow
142Argumentxx/xxxxxxpredictiveMedium
143ArgumentxxxxxxxxpredictiveMedium
144ArgumentxxxxxpredictiveLow
145ArgumentxxxxxxxxxxxxxpredictiveHigh
146ArgumentxxxxxpredictiveLow
147ArgumentxxpredictiveLow
148ArgumentxxxxxxpredictiveLow
149Argumentxxxxx[xxxxx][xx]predictiveHigh
150ArgumentxxxpredictiveLow
151ArgumentxxxxxxpredictiveLow
152Argumentxxxxx_xxxxpredictiveMedium
153ArgumentxxxpredictiveLow
154ArgumentxxxxxxpredictiveLow
155ArgumentxxpredictiveLow
156ArgumentxxxxxxxpredictiveLow
157Argumentxxxxxx_xxpredictiveMedium
158ArgumentxxxxpredictiveLow
159ArgumentxxxxxxxxpredictiveMedium
160ArgumentxxxxxxxxpredictiveMedium
161Argumentxxx_xxxxpredictiveMedium
162Argumentxxxxxxx xxxxxpredictiveHigh
163ArgumentxxxxxxxxxxpredictiveMedium
164Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
165ArgumentxxxxxpredictiveLow
166ArgumentxxxxxxxpredictiveLow
167ArgumentxxxxxxxxpredictiveMedium
168ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
169Argumentxxxxxxxxxxx_xxxxpredictiveHigh
170Argumentxxx_xxxxxx_x_xxx_xxxxxpredictiveHigh
171ArgumentxxxxxxxxpredictiveMedium
172Argumentxxx-xxxxxxxpredictiveMedium
173Argumentxxxx xxxxpredictiveMedium
174Argumentxxxx_xxxxxxpredictiveMedium
175Argumentxxxxx/xxxpredictiveMedium
176ArgumentxxxxpredictiveLow
177Argumentxxxxx[xxxxxxx_xxxxx]predictiveHigh
178ArgumentxxxpredictiveLow
179ArgumentxxxxxpredictiveLow
180ArgumentxxxxxpredictiveLow
181ArgumentxxxxpredictiveLow
182Argumentxxxx/xxxxxxxxpredictiveHigh
183Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
184Argumentx-xxxxxxxxx-xxxpredictiveHigh
185ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
186Argument_xxxxxxxpredictiveMedium
187Input Value"><xxxx xxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
188Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
189Input Value'xx''='predictiveLow
190Input Value../predictiveLow
191Input Value</xxxxxx >predictiveMedium
192Input ValuexxxxxxxxpredictiveMedium
193Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
194Input Valuexxxx</xxxxx><xxxxxx>xxxxx("xxxx")</xxxxxx><xxxxx>predictiveHigh
195Network Portxxxxx xxx-xxx, xxxpredictiveHigh
196Network Portxxx/xxxx (xxx)predictiveHigh
197Network Portxxx/xxxxpredictiveMedium
198Network Portxxx/xxxxxpredictiveMedium
199Network Portxxx xxxxxx xxxxpredictiveHigh

References (11)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!