NetWire Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en	778
es	81
fr	44
pl	33
de	31

Country

us	598
ru	59
gb	34
cn	22
de	21

Actors

NetWire	77
Zusy	48
Conti	37
Upatre	9
RATicate	8

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.05	CVE-2007-1192
2	JForum Login input validation	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2012-5338
3	Genymotion Desktop Clipboard information disclosure	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-27549
4	WordPress WP_Query sql injection	6.3	6.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.46	CVE-2022-21661
5	PHPGurukul Hospital Management System dashboard.php access control	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.03	CVE-2020-35745
6	Genetechsolutions Pie-Register wp-login.php cross site scripting	4.3	4.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2013-4954
7	Microsoft IIS IP/Domain Restriction access control	6.5	5.7	$25k-$100k	$0-$5k	Unproven	Official Fix	0.71	CVE-2014-4078
8	Microsoft IIS cross site scripting	5.2	4.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.53	CVE-2017-0055
9	Apple M1 Register s3_5_c15_c10_1 M1RACLES access control	8.8	8.8	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.03	CVE-2021-30747
10	Kirona Dynamic Resource Scheduling REGISTER.cmd information disclosure	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03	CVE-2019-17503
11	nginx request smuggling	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	1.60	CVE-2020-12440
12	Linux Foundation Xen EFLAGS Register SYSENTER input validation	6.2	5.9	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	CVE-2013-1917
13	D-Link DIR-865L register_send.php improper authentication	7.5	7.1	$5k-$25k	$5k-$25k	Proof-of-Concept	Not Defined	0.00	CVE-2013-3096
14	Email Subscribers / Newsletters sql injection	8.3	7.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2019-20361
15	WordPress sql injection	6.8	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.46	CVE-2022-21664
16	Online Store Registration Form sent_register.php cross site scripting	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.05	CVE-2019-8290
17	Linux Kernel feat.c __feat_register_sp resource consumption	4.4	4.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.07	CVE-2019-20096
18	Host Web Server phpinfo.php phpinfo information disclosure	5.3	5.2	$5k-$25k	$0-$5k	Not Defined	Workaround	0.11
19	Plesk Obsidian Reflected cross site scripting	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.29	CVE-2020-11583
20	Phplinkdirectory PHP Link Directory conf_users_edit.php cross-site request forgery	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.21	CVE-2011-0643

Campaigns (1)

These are the campaigns that can be associated with the actor:

Phishing

IOC - Indicator of Compromise (44)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Confidence
1	23.254.202.192	hwsrv-738718.hostwindsdns.com	NetWire		High
2	37.0.11.206		NetWire		High
3	37.46.150.139		NetWire		High
4	37.139.64.106		NetWire		High
5	45.144.225.219		NetWire		High
6	79.134.225.52		NetWire		High
7	89.249.74.213		NetWire		High
8	94.103.80.254	v702647.hosted-by-vdsina.ru	NetWire		High
9	103.150.8.54		NetWire		High
10	XXX.XX.XX.XX		Xxxxxxx		High
11	XXX.XX.XXX.XX		Xxxxxxx		High
12	XXX.XXX.XX.XX		Xxxxxxx	Xxxxxxxx	High
13	XXX.XXX.XXX.XX	xxxxxx	Xxxxxxx		High
14	XXX.XX.XXX.XX	xxxx.xx-xxx-xx-xxx.xxx	Xxxxxxx		High
15	XXX.XX.XXX.XXX	xxx.xx.xxx.xxx.xxxxxx.xxxxxxxxx.xxx	Xxxxxxx		High
16	XXX.XXX.XXX.XXX		Xxxxxxx		High
17	XXX.XXX.XXX.XXX		Xxxxxxx		High
18	XXX.XXX.XXX.XXX		Xxxxxxx		High
19	XXX.XXX.XXX.XXX		Xxxxxxx		High
20	XXX.XXX.XXX.XXX		Xxxxxxx		High
21	XXX.XXX.XXX.X	xxxxx.xxxxxxxxxx.xxx	Xxxxxxx		High
22	XXX.XX.XXX.XXX		Xxxxxxx		High
23	XXX.XX.XXX.XXX		Xxxxxxx		High
24	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxx		High
25	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxx		High
26	XXX.XXX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxx		High
27	XXX.XXX.XX.XXX	xxx.xxx.xx.xxx.xxxxxx.xxxxxxxx.xxx	Xxxxxxx		High
28	XXX.XXX.XX.XX		Xxxxxxx	Xxxxxxxx	High
29	XXX.XXX.XX.XX		Xxxxxxx		High
30	XXX.XXX.XXX.XXX		Xxxxxxx		High
31	XXX.XXX.XX.XXX	xx-xxxx.xxxxxxxxx.xxx	Xxxxxxx		High
32	XXX.XXX.XX.XXX	xx-xxxx.xxxxxxxxx.xxx	Xxxxxxx		High
33	XXX.XXX.X.XXX	xxxxxxxx.xxxxxxx.xxx	Xxxxxxx		High
34	XXX.XXX.XXX.XXX	xx-xxxx-xxxx.xxxx.xxx	Xxxxxxx		High
35	XXX.XXX.XX.XX	xxxxxxxx.xxxx.xxx	Xxxxxxx		High
36	XXX.XXX.XX.XX	xxxxxxxx.xxxx.xxx	Xxxxxxx		High
37	XXX.XXX.XXX.XX	xxxx.xxxxxxxxxx.xxx	Xxxxxxx		High
38	XXX.X.XX.XXX		Xxxxxxx		High
39	XXX.X.XX.XXX		Xxxxxxx		High
40	XXX.XX.XXX.XXX		Xxxxxxx		High
41	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxx		High
42	XXX.XX.XXX.XX	xx-xx-xxx.xxxxx.xxx	Xxxxxxx		High
43	XXX.XX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxx		High
44	XXX.XXX.XXX.XXX	xxx.xxx.xxxx.xx	Xxxxxxx		High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilities	Access Vector	Confidence
1	T1059.007	CWE-79, CWE-80	Cross Site Scripting	High
2	T1068	CWE-264, CWE-284	Execution with Unnecessary Privileges	High
3	T1110.001	CWE-798	Improper Restriction of Excessive Authentication Attempts	High
4	TXXXX	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	High
5	TXXXX	CWE-XXX	Xxxxxxxxxx Xxxxxx	High
6	TXXXX	CWE-XXX	Xxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx Xxxxx	High
7	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	High
8	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxx Xx Xxxxxxxxxxx	High
9	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	High
10	TXXXX	CWE-XXX	Xxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxx	High
11	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	High
12	TXXXX	CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	High

IOA - Indicator of Attack (339)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Confidence
1	File	%PROGRAMDATA%\Razer\Synapse3\Service\bin	High
2	File	/../../conf/template/uhttpd.json	High
3	File	/admin/contenttemp	High
4	File	/admin/modules/system/custom_field.php	High
5	File	/admin/web_config.php	High
6	File	/api/crontab	Medium
7	File	/bin/boa	Medium
8	File	/cgi-bin/qcmap_auth	High
9	File	/cgi-bin/wapopen	High
10	File	/cgi-mod/lookup.cgi	High
11	File	/cms/print.php	High
12	File	/DataHandler/AM/AM_Handler.ashx	High
13	File	/dev/dri/card1	High
14	File	/etc/sudoers	Medium
15	File	/export	Low
16	File	/forum/away.php	High
17	File	/iissamples	Medium
18	File	/index.php	Medium
19	File	/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events	High
20	File	/login	Low
21	File	/osm/REGISTER.cmd	High
22	File	/product.php	Medium
23	File	/public/plugins/	High
24	File	/rom-0	Low
25	File	/servlet/webacc	High
26	File	/uncpath/	Medium
27	File	/usr/bin/pkexec	High
28	File	/usr/sbin/suexec	High
29	File	/webconsole/Controller	High
30	File	/webman/info.cgi	High
31	File	/wp-admin/admin-ajax.php	High
32	File	14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi	High
33	File	AAclAuthz.java	High
34	File	ABuffer.cpp	Medium
35	File	ActionsAndOperations	High
36	File	adclick.php	Medium
37	File	admin.php	Medium
38	File	admin.php?page=languages	High
39	File	admin/conf_users_edit.php	High
40	File	xxxxx/xxxxxxxxx.xxx	High
41	File	xxxxxxxxxx.xxx	High
42	File	xxxxxxxxxxxx/xxxxx/xxxx/	High
43	File	xxxxx\xx\xxxxx.xxx	High
44	File	xxxxxxxx_xxxxxxxx_xxxxxxx.xxx	High
45	File	xxxxxxx/xxxxxx/xxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxx.xxx	High
46	File	xxxxxxxxx.xxx	High
47	File	xxxx.xxx?xxxx=../xxxxx-xxxxx/xxxxxxxx&xxxx=xxxxxx-xxxxx	High
48	File	xxxxxxxxxxxxxxxx.xxxx	High
49	File	xxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxx	High
50	File	xxx/xxxxxxxxx/xxxxxxx/xxxxxx-xxxxxx.xxx	High
51	File	xxx:.xxx	Medium
52	File	xxxx-xxxx.x	Medium
53	File	xxxxxxx/xxxxxxxxx/xxxxxxxx.xx	High
54	File	xxx_xxxxxxx.x	High
55	File	xxxxxxxx.xxx	Medium
56	File	xxxxxxxx_xxx.xxx.xxx	High
57	File	xxxxx.xxx	Medium
58	File	xxxxxxx/xxxxxxx/xxxxxxx.xxxx?xxxx	High
59	File	xxxx_xx.xx	Medium
60	File	xxxxxxxxxxxxxxxxxx.xxx	High
61	File	xxxxxx.xxx	Medium
62	File	xxxxxx/xxxxx/xxxxx.xxx	High
63	File	xxxxxxxx.xxx	Medium
64	File	xxxxxxxx_xxxx.xxx	High
65	File	xxx/xxxxxxx.xx	High
66	File	xxxxxxxxx.xxx	High
67	File	xxxxx/xxxxxxx.xxx	High
68	File	xxxxx.xxx	Medium
69	File	xxx.xxx	Low
70	File	xxxxxxxxxx/xxxxxxx.xxxx	High
71	File	xxxxxxxxxxxxxxx.xxx	High
72	File	xxxxxx/xxxxxxxxx.x	High
73	File	xxxxxxxx/xxxx	High
74	File	xxxxxx/xxxx.xxx	High
75	File	xxxxxxxxxx/xxxx.xxx	High
76	File	xxxxxxxxx.xxx.xxx	High
77	File	xx.xxx	Low
78	File	xxxxx/xxxxx.xxx	High
79	File	xxxx/xxxxxxxxxxxxxxx.xxx	High
80	File	xxxx_xxxxx.xxx	High
81	File	xxxxxxx.xxx	Medium
82	File	xxxxxx_xxxxxxx.xxx	High
83	File	xxxxxxx.xx	Medium
84	File	xxx_xxxxx.xxx	High
85	File	xxxxxxx/xxxxxxxxx/xxx_xxxxx.x	High
86	File	xxxxxxx/xxxx/xxxx/xxxx_xxxxxxxxxx.x	High
87	File	xxxxxxx/xxx/xxxx/xxxx.x	High
88	File	xxxxxxx/xxx/xxx/xxxx_xxx.x	High
89	File	xxxxxxx-xxxxxxx/xxxx/xxxxxx/xxxxxxxx/xxx/xxxxxxxxx/xxxxxx.xx	High
90	File	xxxxxxxx.xx	Medium
91	File	xxx/xxxx/xxxx.x	High
92	File	xxxxxxx.xxx	Medium
93	File	xx/xx-xx.x	Medium
94	File	xxxxxxxxx_xxx_xxxx.xxx	High
95	File	xxxx.xxx	Medium
96	File	xxxx_xxxxxx.xxx	High
97	File	xxxx/xxxxxxx.x	High
98	File	xxxx/xxxx/xxxxxx/xxxxxxxxxxxxxxxxx.xxxx	High
99	File	xxx/xxxx.x	Medium
100	File	xxxxxxxx/xxx_xxxxxxxxxx.xxx	High
101	File	xxxxxxxx/xxxx_xxxxxxxx/xxxxxxxx_xxxxxxx.xxx	High
102	File	xxxxxxxx/xxxxxx.xxx	High
103	File	xxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxx	High
104	File	xxxxx.xxx	Medium
105	File	xxxxx.xxxx	Medium
106	File	xxxxx.xxx	Medium
107	File	xxxxx.xxx?xxx=xxxx&xxx=xxxxxxxx	High
108	File	xxxxxxxx?xxxxxxxxxxxxx	High
109	File	xxxxxxxx/xx/xxxx.xx	High
110	File	xxxxxxxx/xxxxx.x	High
111	File	xxxx_xxxx.xxx	High
112	File	xxxxxxxx.x	Medium
113	File	xxx.xxx	Low
114	File	xxxxxx/xxxx/xxxxxxx/xxx/xxxxxxx-xxxxx.x	High
115	File	xxxxxx/xxxx/xxxxxxx/xxxx/xxx/xxxxxxx/xxxx.x	High
116	File	xxxxxx/xxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxx/xxxxxx.x	High
117	File	xxxxxxxxxx/xxxxxx.x	High
118	File	xxxxxxxxxx/xxxx.x	High
119	File	xxxxx/xxxxxxxx.x	High
120	File	xxxxxx.xx	Medium
121	File	xxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxx	High
122	File	xxxx/xxxxxxx/xxxxxxxxx_xxxxxx.xx	High
123	File	xxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxx	High
124	File	xxxxx.xxx	Medium
125	File	xxxxx.xxxx	Medium
126	File	xxxxxxxxx.x	Medium
127	File	xxxx.xxxx	Medium
128	File	xxx.xxx	Low
129	File	xxxxxxx.xxx	Medium
130	File	xxxxxxx/xxx/xxx_xxxxxxx.x	High
131	File	xxxxxxx-xxxxxxx.xxx	High
132	File	xxx/xxxxxxxxx/xxxx.x	High
133	File	xxx/xxxx/xxx-xxxxx.x	High
134	File	xxx/xxxx/xxxx.x	High
135	File	xxx/xxxx/xxxxxx.x	High
136	File	xxx/xxx_xxxxx/xx_xxxxx.x	High
137	File	xxx_xxxx_xxx_xxxxxxxxxx.x	High
138	File	xxx-xxxx-xxx	Medium
139	File	xxx_xxxx.xxx	Medium
140	File	xxxxxxx.xxx	Medium
141	File	xxx_xx.x	Medium
142	File	xxxxxxxxxxxxxxxxxxxxxxxx.xxxx	High
143	File	xxxxxxxxxxx_xxx.xx	High
144	File	xxxxxxx.xxx	Medium
145	File	xxxxxxx/xxxxxxxxx_xxx/xxxxx/xxxxx.xxx	High
146	File	xxxx.xxx	Medium
147	File	xxxxxxx.xxx	Medium
148	File	xxxxxxx_xxxxxxx.xxx	High
149	File	xxxxxxx_xxxx.xxx	High
150	File	xxxxxxxxxxxx.xxxx	High
151	File	xxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]	High
152	File	xxxxx.xxx	Medium
153	File	xxxxx-xxxx/xxxxx-xxxxx-xxxx.xxx	High
154	File	xxxxxxxx.xxx	Medium
155	File	xxxxxxxx.xx	Medium
156	File	xxxxxxxx_xxxx.xxx	High
157	File	xxxxxxx.xxx	Medium
158	File	xxxxxx/xxxxx/xxxxx.x	High
159	File	xxxxxxxxxx.xxxx.xxx	High
160	File	xx_xxx.xx	Medium
161	File	xxxxxx_xxxx.xxx	High
162	File	xxxx.xxx	Medium
163	File	xxxxxx.xx	Medium
164	File	xxxxxx.xxx	Medium
165	File	xxxxxx.xxx	Medium
166	File	xxxxxx/xxxxxxxx.xxx	High
167	File	xxxx_xxxxxxxx.xxx	High
168	File	xxxx-xxxxxx.x	High
169	File	xxxxxxxx_xxxx.xxx	High
170	File	xxxx_xxxxxxx_xxxxxxxx.xxx	High
171	File	xxxx-xxx.xxx	Medium
172	File	xxxxxxx.xxx	Medium
173	File	xxxxxxx/xxxx/xxxx.xxx.xxx	High
174	File	xxxxxx_xxxxxx.xxx	High
175	File	xxxx.xxx	Medium
176	File	xxxxxx-xxxxxxxxxx-xxxxx\xxxxxxxxx\xxxxx-xxx.xxx	High
177	File	xxx/xxxx.x	Medium
178	File	xxxxxxx.xxx.xx.xxxxxxxxxxx.xxx	High
179	File	xxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxx	High
180	File	xxxxxx/xxxxx/xxxxx/xxxxx.xxxx	High
181	File	xxxx-xxxxxxxx.xxx	High
182	File	xxxx-xxxx_xxxx_xxxxxxx.xxx	High
183	File	xx_xxxxx.xxx	Medium
184	File	xxxxxx.xxx	Medium
185	File	xxxxxx/xxxxx/xxxxx/xxxxxxx/xxxxxx.xxx	High
186	File	xxxxxxxx.xxx	Medium
187	File	xxxx/xxxxxxx/xxxxxxxxxxxxxxxxxxx.xxx	High
188	File	xxxx/xxxxxxxx.xxx	High
189	File	xxxxx/xxxxxxxx.xxx	High
190	File	xxxx/xxx/xxxx-xxxxx.xxx	High
191	File	xxxx/xxxxxxxx/xxxxxxxx.xxxx	High
192	File	xxxx.xxx	Medium
193	File	xxxxxxxx.xxx	Medium
194	File	xx-xxxxx/xxxxx-xxxx.xxx	High
195	File	xx-xxxxx/xxxxx.xxx	High
196	File	xx-xxxxx/xxxxxxx-xxxxxxx.xxx	High
197	File	xx-xxxxx/xxxxx-xxxxxx.xxx	High
198	File	xx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxx	High
199	File	xx-xxxxxxxx/xxxx.xxx	High
200	File	xx-xxxxx.xxx	Medium
201	File	xx-xxxxxxxx.xxx	High
202	File	xx-xxxxxxxxxxxx.xxx	High
203	File	xx-xxxx-xxxxxx-xxxxxx.xxx	High
204	File	xx-xxxxxxxxx.xxx	High
205	File	xxx/xxxxxxxx/xxxxxxxx.xxx	High
206	File	xxxxxxxxxxxxxxx.xxx	High
207	File	~/xxxxxx-xxxxx-xxxxxxx.xxx	High
208	File	~/xxxx-xxxxxxxxxxx.xxx	High
209	Library	xxxxxxxxxxxxxxxxx.xxx	High
210	Library	xxx/xxxx_xxxxxx/xxxxx.xx	High
211	Library	xxxxx.xxx	Medium
212	Library	xxxx.xxx	Medium
213	Library	xxxxxxxx.xxx	Medium
214	Argument	xxxxx	Low
215	Argument	xxxxxxx	Low
216	Argument	xxxxxx-xxxxxxxx	High
217	Argument	xxx_xxxx	Medium
218	Argument	xxxxxx	Low
219	Argument	xxxxxxx	Low
220	Argument	xxx	Low
221	Argument	xxxxx	Low
222	Argument	xxxx_xxxx	Medium
223	Argument	xxxxxx_xxxx	Medium
224	Argument	xxx	Low
225	Argument	xxxxx	Low
226	Argument	xxx_xx	Low
227	Argument	xxxx_xxxxx	Medium
228	Argument	xxx	Low
229	Argument	xxx	Low
230	Argument	xx_xxxxxxx	Medium
231	Argument	xxxx_xx	Low
232	Argument	xxxx	Low
233	Argument	xxxxxxx	Low
234	Argument	xxxxxxx_xx	Medium
235	Argument	xxxx/xxxx	Medium
236	Argument	xxxx_xxxx	Medium
237	Argument	xxxx_xxx	Medium
238	Argument	xxxxxx	Low
239	Argument	xxxxxx_xx	Medium
240	Argument	xxx_xxxx/xxx_xxxxxxx	High
241	Argument	xxx	Low
242	Argument	xxxxx	Low
243	Argument	xxxxxxx=xxxxxxxx	High
244	Argument	xxxx	Low
245	Argument	xxxxxxxxxx	Medium
246	Argument	xxxxxxx	Low
247	Argument	xxxxxxxxxxxxxx	High
248	Argument	xx	Low
249	Argument	xxxx	Low
250	Argument	xxxx	Low
251	Argument	xxxx/xxxxxx/xxx	High
252	Argument	xx	Low
253	Argument	xxxxx xxxx	Medium
254	Argument	xxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxx	High
255	Argument	xx	Low
256	Argument	xxxx.xxxxxxx	Medium
257	Argument	xxxxxx	Low
258	Argument	xxxx_xx	Low
259	Argument	xxxxxxx	Low
260	Argument	xxxx	Low
261	Argument	xxxxxxxx	Medium
262	Argument	xxxxxxxxx	Medium
263	Argument	xxxxxx_xx	Medium
264	Argument	xxxxx	Low
265	Argument	xxx=x/xxxxxx=x.	High
266	Argument	xxxxxxxx	Medium
267	Argument	xxxxxxxxx_xxxxxxxx_xxxx	High
268	Argument	xxx	Low
269	Argument	xxxxx	Low
270	Argument	xxxx	Low
271	Argument	xxxx	Low
272	Argument	xx_xxx	Low
273	Argument	xx	Low
274	Argument	xxx_xxxxxx	Medium
275	Argument	xxxxxxx	Low
276	Argument	xxxxxxxxxxxxxx	High
277	Argument	xxxxxx	Low
278	Argument	xxxx/xxxxxxxx	High
279	Argument	xxxxx	Low
280	Argument	xxxxxxxxxxxx	Medium
281	Argument	xxxxxx	Low
282	Argument	xxxxxxxx	Medium
283	Argument	xxxxxxxx	Medium
284	Argument	xxxx	Low
285	Argument	xxxxxxx	Low
286	Argument	xxxxx_xxxx_xxxx	High
287	Argument	xxxxxxxx-xxxxx	High
288	Argument	xxxx_xx	Low
289	Argument	xxx	Low
290	Argument	xxxxxxxx	Medium
291	Argument	xxxxxxx	Low
292	Argument	xxxxxxxxxx	Medium
293	Argument	xxxxxxxxx	Medium
294	Argument	xxxx_xxx	Medium
295	Argument	xxx	Low
296	Argument	xxxxxx/xxxxxx_xxxxxx	High
297	Argument	xxxxxxxxx	Medium
298	Argument	xxxxxxxxxxxx	Medium
299	Argument	xxxxxxxxx	Medium
300	Argument	xxx	Low
301	Argument	xxxx_xx	Low
302	Argument	xxxxxx	Low
303	Argument	xx_xx	Low
304	Argument	xxxx xxxxx	Medium
305	Argument	xxx	Low
306	Argument	xxxxx	Low
307	Argument	xxxxx	Low
308	Argument	xxx	Low
309	Argument	xxxx	Low
310	Argument	xxx	Low
311	Argument	xxx	Low
312	Argument	xxxx	Low
313	Argument	xxxxxx	Low
314	Argument	xxxxxx	Low
315	Argument	xxxxxx	Low
316	Argument	xxxxxx	Low
317	Argument	xxxxxxxxx/xxxxxxxx	High
318	Argument	xxxxxxxx	Medium
319	Argument	xxxx_xxxxx	Medium
320	Argument	xxx[xxxx_xx]	Medium
321	Argument	xxxx/xx/xxxx/xxx	High
322	Argument	xxx_xxxxxx_xxxxxxx	High
323	Argument	xxxxxxxxx_xxxx	High
324	Argument	xx_xxxxxxxxxxxx_xxxx	High
325	Argument	x-xxxx	Low
326	Argument	xxxxxxxxxxxxxxxxxxxx	High
327	Argument	xxxxxx	Low
328	Argument	xxxxxx	Low
329	Argument	_xxxxxx[xxxx_xxxx]	High
330	Argument	_xxx_xxxxxxxxxxx_	High
331	Input Value	.%xx.../.%xx.../	High
332	Input Value	../	Low
333	Input Value	../..	Low
334	Input Value	xxxxxx	Low
335	Pattern	xxxxxxxxxxx	Medium
336	Network Port	xxxx	Low
337	Network Port	xxxx xxxx	Medium
338	Network Port	xxx/xxxx (xx-xxx)	High
339	Network Port	xxx xxxxxx xxxx	High

References (12)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!