NSA Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en904
es24
de22
it12
fr12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us498
gb188
cn88
gr66
ru28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows52
Apple Mac OS X34
WordPress26
Apache HTTP Server24
Google Android22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined5.800.00000CVE-2020-12440
3Microsoft Windows SMB input validation7.77.1$25k-$100k$0-$5kHighOfficial Fix0.260.96089CVE-2017-0144
4Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.410.25090CVE-2017-0055
5Microsoft Word/Office/Outlook RTF Document memory corruption10.09.6$25k-$100k$0-$5kHighOfficial Fix0.020.90601CVE-2014-1761
6SourceCodester Library Management System index.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00885CVE-2022-2492
7Bitrix Site Manager Vote Module Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.150.01156CVE-2022-27228
8Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.670.29797CVE-2014-4078
9Bram Korsten Note editor.php Reflected cross site scripting5.25.0$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2017-9289
10Maran PHP Shop prod.php sql injection7.37.3$0-$5kCalculatingHighUnavailable0.010.00986CVE-2008-4879
11DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.610.04187CVE-2010-0966
12Cisco IOS NTP Interface Queue input validation7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.080.01136CVE-2016-1478
13Peplink Balance Cookie admin.cgi sql injection8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.33212CVE-2017-8835
14vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.260.01136CVE-2015-1419
15Citrix Netscaler SD-WAN Session ID Cookie input validation9.89.4$5k-$25k$0-$5kHighOfficial Fix0.020.08944CVE-2017-6316
16X2Engine X2CRM File Upload ProfileController.php actionUploadPhoto unrestricted upload7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.04695CVE-2014-2664
17Microsoft Windows improper authentication6.56.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.000.03884CVE-2004-0540
18Elegant Themes Bloom Plugin privileges management7.57.2$0-$5kCalculatingNot DefinedOfficial Fix0.010.00885CVE-2016-11003
19PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.360.01213CVE-2015-4134
20ProFTPD mod_sftp/mod_sftp_pam kbdint.c resp_count numeric error7.57.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.040.01319CVE-2013-4359

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • BOUNDLESS INFORMANT

IOC - Indicator of Compromise (31)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
131.6.17.94NSABOUNDLESS INFORMANTverifiedHigh
237.72.168.8484.168.72.37.static.swiftway.netNSABOUNDLESS INFORMANTverifiedHigh
337.130.229.100uk.serverNSABOUNDLESS INFORMANTverifiedHigh
437.130.229.101uk.serverNSABOUNDLESS INFORMANTverifiedHigh
537.220.10.28h37-220-10-28.host.redstation.co.ukNSABOUNDLESS INFORMANTverifiedHigh
650.115.118.140sfaaa.netNSABOUNDLESS INFORMANTverifiedHigh
750.115.119.172327377ac.setaptr.netNSABOUNDLESS INFORMANTverifiedHigh
8XX.X.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
9XX.XX.XX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
10XX.XX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
11XX.XX.XXX.XXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
12XX.XXX.XX.XXxxxxxx.xx-xxxxxxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
13XX.XX.XX.XXXxxx-xx-xx-xxx.xxxx.xxxxxxxxxx.xx.xxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
14XX.XX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
15XX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
16XX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
17XX.XXX.XXX.XXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
18XX.XXX.XX.XXxx.xxxx.xxxxxxxxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
19XXX.XXX.XX.XXXxxxxxxxx-xxxxxx.xxxxxxxxxxxxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
20XXX.XXX.XX.XXXxxxxxxxx.xx.xxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
21XXX.XXX.XX.XXxx.xx.xxx.xxx.xxxxxxxxxx.xxx.xxxxxxxxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
22XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxxxxxx.xxxXxxXxxxxxxxx XxxxxxxxxverifiedHigh
23XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
24XXX.XXX.XXX.XXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
25XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
26XXX.XXX.XXX.XXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
27XXX.XXX.XXX.XXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
28XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
29XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
30XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh
31XXX.XXX.XXX.XXXXxxXxxxxxxxx XxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (429)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.procmailrcpredictiveMedium
2File/.ssh/authorized_keys2predictiveHigh
3File/about.phppredictiveMedium
4File/admin-ajax.php?action=eps_redirect_savepredictiveHigh
5File/admin.phppredictiveMedium
6File/admin/predictiveLow
7File/Admin/add-student.phppredictiveHigh
8File/admin/api/theme-edit/predictiveHigh
9File/admin/photo.phppredictiveHigh
10File/anony/mjpg.cgipredictiveHigh
11File/apply.cgipredictiveMedium
12File/authpredictiveLow
13File/catcompany.phppredictiveHigh
14File/cms/category/listpredictiveHigh
15File/dashboard/view-chair-list.phppredictiveHigh
16File/Default/BdpredictiveMedium
17File/ebics-server/ebics.aspxpredictiveHigh
18File/egroupware/index.phppredictiveHigh
19File/etc/hostspredictiveMedium
20File/filemanager/upload.phppredictiveHigh
21File/GponForm/device_Form?script/predictiveHigh
22File/GponForm/fsetup_FormpredictiveHigh
23File/GponForm/usb_restore_Form?script/predictiveHigh
24File/hrm/employeeview.phppredictiveHigh
25File/html/device-idpredictiveHigh
26File/includes/decorators/global-translations.jsppredictiveHigh
27File/index.phppredictiveMedium
28File/product_list.phppredictiveHigh
29File/secure/QueryComponent!Default.jspapredictiveHigh
30File/see_more_details.phppredictiveHigh
31File/server-statuspredictiveHigh
32File/setSystemAdminpredictiveHigh
33File/uncpath/predictiveMedium
34File/usr/local/WowzaStreamingEngine/bin/predictiveHigh
35File/WEB-INF/web.xmlpredictiveHigh
36Filea2dp_aac_decoder.ccpredictiveHigh
37Fileactbar3.ocxpredictiveMedium
38Fileadclick.phppredictiveMedium
39Fileaddentry.phppredictiveMedium
40Fileadmin.phppredictiveMedium
41Fileadmin/executar_login.phppredictiveHigh
42Fileadmin/mcart_xls_import.phppredictiveHigh
43Fileadmin/setting.phppredictiveHigh
44Fileadmin/src/containers/InputModalStepperProvider/index.jspredictiveHigh
45Fileadmin/users/addpredictiveHigh
46Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
47Fileadmin_ranks.phppredictiveHigh
48Fileajax-actions.phppredictiveHigh
49FileajaxRequest/methodCall.dopredictiveHigh
50Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
51Filexxxxxxx.xxxpredictiveMedium
52Filexxxxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
53Filexxxxx.xxxpredictiveMedium
54Filexxxx.xxx.xxxpredictiveMedium
55Filexxxx.xxpredictiveLow
56Filexxxxx-xxx.xpredictiveMedium
57Filexxxxxxx.xxxxpredictiveMedium
58Filexxxxxxx.xxpredictiveMedium
59Filexxxxxx.xpredictiveMedium
60Filexxxxxxxxx.xxxpredictiveHigh
61Filexxxxx.xxxpredictiveMedium
62Filexxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxxx.xxxpredictiveMedium
64Filexxx_xxxx.xxpredictiveMedium
65Filexxxx.xpredictiveLow
66Filexxxxxxxx.xxxpredictiveMedium
67Filexxxx.xxxpredictiveMedium
68Filexxxxxxxx.xxxpredictiveMedium
69Filexxx-xxx/xxxxxxxxxxxx.xxx/xxxxxxxxxxxxpredictiveHigh
70Filexxx-xxx/xxxxx/xxxxx.xxxpredictiveHigh
71Filexxxxx-xxxxxxxxx-xxxxxxxxxx-xxxxxxx-xxxx-xxxxx.xxxpredictiveHigh
72Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
73Filexxx.xxxpredictiveLow
74Filexxx-xxx/xxxxxxxxx/xxxx/xxxxxxxx.xxxxpredictiveHigh
75Filexxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
76Filexxxx/xxxxx.xxxxpredictiveHigh
77Filexxxxxx.xxxpredictiveMedium
78Filexxxxxxxxxxxx.xxxxpredictiveHigh
79Filexxxxxxx.xxxpredictiveMedium
80Filexxxxxxx.xxxpredictiveMedium
81Filexxxxx.xxxpredictiveMedium
82Filexxxxxxxx.xxxpredictiveMedium
83Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
84Filexxxxxxx.xxx/xxxxxxxxx.xxxpredictiveHigh
85Filexxxxxx.xxxpredictiveMedium
86Filexxxxxx.xxxpredictiveMedium
87Filexxxxxxxxx.xxxpredictiveHigh
88Filexxxxxxxxx.xxxpredictiveHigh
89Filexxxxxxxx.xxxpredictiveMedium
90Filexxxxxxxx_xxxxxx.xxxxpredictiveHigh
91Filexxxxxxx/xxxx/xxxx/xxxx.xpredictiveHigh
92Filexxxxxxx/xxxx/xxxxxx_xxxxxxx.xpredictiveHigh
93Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
94Filexxxxx.xxxpredictiveMedium
95Filexxxxxxx.xxxpredictiveMedium
96Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
97Filexxxxxxx.xxxpredictiveMedium
98Filexxxx_xxx_xxx.xxxpredictiveHigh
99Filexxxxx.xxxpredictiveMedium
100Filexxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx.xxpredictiveHigh
101Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxxx.xpredictiveHigh
102Filexxxxxx.xxxpredictiveMedium
103Filexxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHigh
104Filexxx/xxxxxxxx/xxxx_xxxxx_xxxxxxx.xpredictiveHigh
105Filexxx/xxxxxxxx/xxx.xpredictiveHigh
106Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xxpredictiveHigh
107Filexxx/xxxx/xxxx.xpredictiveHigh
108Filexxx.xxxpredictiveLow
109Filexxxx.xxxpredictiveMedium
110Filexxxxxxxxxxxx.xxxpredictiveHigh
111Filexxxxxxx.xxxpredictiveMedium
112Filexxxxx.xxxpredictiveMedium
113Filexxxxx.xxxpredictiveMedium
114Filexxxxxxx.xxxpredictiveMedium
115Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
116Filexxxxxxxxx/xxxx-xxxxxxx-xxx.xxxpredictiveHigh
117Filexxxxxxx.xxxpredictiveMedium
118Filexxxxx.xxxpredictiveMedium
119Filexxxxxxx.xxpredictiveMedium
120Filexx.xxxpredictiveLow
121Filexxxxxx/xxxxx_xxxx_xxxxxxxpredictiveHigh
122Filexxxx.xxxpredictiveMedium
123Filexxxx_xxxxxx.xpredictiveHigh
124Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
125Filexxxxxx.xxxpredictiveMedium
126Filexxxxxxxxxxxxx/xxx/xxx/xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
127Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
128Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
130Filexxxx_xxxx.xpredictiveMedium
131Filexx/xxx/xxx-xxxx.xpredictiveHigh
132Filexxxxxx_xxxxx_xxxxxx.xpredictiveHigh
133Filexxx/xxxxxx.xxxpredictiveHigh
134Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
135Filexxxxxxxx/xxxx/xxxxx-xxxxx.xxxpredictiveHigh
136Filexxxxxxxx/xxxxx.xxx.xxxpredictiveHigh
137Filexxxxx.xxx.xxxpredictiveHigh
138Filexxxxx.xxpredictiveMedium
139Filexxxxx.xxxpredictiveMedium
140Filexxxxxxx.xxxpredictiveMedium
141Filexxxxxxxxxxx-xxxxxxx-xxxx.xxxx.xxxpredictiveHigh
142Filexxxxxxxxx.xxxpredictiveHigh
143Filexxxxxxxxxx.xxxpredictiveHigh
144Filexxxxxx.xpredictiveMedium
145Filexxxxxxxxxx/xxx/xxxxxx_xxxx.xxxpredictiveHigh
146Filexxx/xxxxxx/xxxx_xx.xxpredictiveHigh
147Filexxxxxxxxxx/xxxx.xpredictiveHigh
148Filexxxxxxxxxx/xxxxx.xpredictiveHigh
149Filexxxxxxxxxx/xxxx.xpredictiveHigh
150Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
151Filexxxxxx-xxx.xxpredictiveHigh
152Filexxx\xxxxxxx\xxxxxxxxxxxx\xxxxxxxxxxx_xxxx_xxxxx.xxxpredictiveHigh
153Filexxxxxx.xpredictiveMedium
154Filexxxxx_xxx.xxxpredictiveHigh
155Filexxxx/xxxxx.xxxpredictiveHigh
156Filexxxx.xxxpredictiveMedium
157Filexxxxxxxxxxxx.xxxpredictiveHigh
158Filexxxxxxxx/xxxx?xxxxxx=xxpredictiveHigh
159Filexxxxxxxxx.xxxpredictiveHigh
160Filexxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
161Filexxx_xxxxx.xpredictiveMedium
162Filexxx_xxx_xxxxxx.xpredictiveHigh
163Filexxx_xxxxx_xxxx.xpredictiveHigh
164Filexxxxx.xxxpredictiveMedium
165Filexxx/xxxxxx/xx_xxxxxx.xpredictiveHigh
166Filexxxx.xxxxpredictiveMedium
167Filexxxxxxxx/xxxxxxxx.xxxpredictiveHigh
168Filexxxx_xxxxxx.xxxpredictiveHigh
169Filexxxx.xxxxxx.xxpredictiveHigh
170Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
171Filexxxxxxx.xxxpredictiveMedium
172Filexxxx-xxxxxx\xx\xxxxxx.xxxpredictiveHigh
173Filexxxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxx/xxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
174Filexxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxx/xxxxxxx_xxxxx.xxxxpredictiveHigh
175Filexxx.xxxxxxxxxx.xxxpredictiveHigh
176Filexxxxx.xxxx.xxxpredictiveHigh
177Filexxxxxxxx.xxxxxpredictiveHigh
178Filexxxxxxxxxxxxxx.xxxpredictiveHigh
179Filexxx.xxxpredictiveLow
180Filexxxx.xxxpredictiveMedium
181Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
182Filexxxxxxx/xxx/xxxxx/xxxxx.xxxxxx.xxxpredictiveHigh
183Filexxxxxxxx.xxxxx.xxxpredictiveHigh
184Filexxxxx_xxx.xxxpredictiveHigh
185Filexxxxx_xxxxxx.xxxpredictiveHigh
186Filexxxxxxx/xxxxxxx.xpredictiveHigh
187Filexxxxxxx.xxxpredictiveMedium
188Filexxxxxxxx.xxpredictiveMedium
189Filexxxxx.xpredictiveLow
190Filexxxx.xxxpredictiveMedium
191Filexxxxxxxx.xxxpredictiveMedium
192Filexxxxxxxxxx.xxxpredictiveHigh
193Filexxxxxxx_xxxx.xxxpredictiveHigh
194Filexxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
195Filexxxxxxxx.xpredictiveMedium
196Filexxxx_xxxx.xxxpredictiveHigh
197Filexxxxxxxx.xxxpredictiveMedium
198Filexxxxx/xx/xxxxxxxxx/predictiveHigh
199Filexxxxxxxx.xxxpredictiveMedium
200Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
201Filexxxxxxx.xpredictiveMedium
202Filexxxxxxxxx/xxxxx/xxxxxxxx/xxxx.xxxx.xxxpredictiveHigh
203Filexxxxxx.xxxpredictiveMedium
204Filexxxxxx_xxxx.xxxpredictiveHigh
205Filexxx.xxxpredictiveLow
206Filexxxx.xxxpredictiveMedium
207Filexxxx_xxxx_xxxxpredictiveHigh
208Filexxxxx/xxxxx.xxxpredictiveHigh
209Filexxxx.xxxpredictiveMedium
210Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
211Filexxxxxxxxxxxxxx.xxxpredictiveHigh
212Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
213Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
214Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
215Filexxxx.xxxpredictiveMedium
216Filexxxxxxxxx/xxxx/xxxxxxxxxxxxxxxx.xpredictiveHigh
217Filexxxxxxxxxxxxxx.xxxpredictiveHigh
218Filexxxxxxxxxx.xpredictiveMedium
219Filexxxxxx.xpredictiveMedium
220Filexxxxxxxxxxx.xxxpredictiveHigh
221Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
222Filexxxxxxxxx.xxxpredictiveHigh
223Filexxxxxx.xxxpredictiveMedium
224Filexxxxxxxxx.xxxpredictiveHigh
225Filexxxxxxx.xxxpredictiveMedium
226Filexxxx-xxxxxxxx.xxxpredictiveHigh
227Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
228Filexxxxx.xxxpredictiveMedium
229Filexxxxxxxxx.xxxpredictiveHigh
230Filexxxxxx.xxxpredictiveMedium
231Filexxxxxxxxxxxx/xxxxxx_xxxxxx.xxxpredictiveHigh
232Filexxx/xxx/xxx-xxx/xxxx.xxxpredictiveHigh
233Filexxxxxxx.xxxpredictiveMedium
234Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
235Filexxx_xxxx.xxxxpredictiveHigh
236Filexxxxxxx.xxxpredictiveMedium
237Filexxxxxxx.xxxpredictiveMedium
238Filexxxxx-xxxx/xxx/xxxx/xxxx/xxx/xxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxxpredictiveHigh
239Filexxxxxxx.xxxpredictiveMedium
240Filexxx.xxxpredictiveLow
241Filexx-xxxxx/xxxxx.xxxpredictiveHigh
242Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx-xxxxx.xxxpredictiveHigh
243Filexx-xxxxx/xxxx.xxxpredictiveHigh
244Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
245Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
246Filexx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxxpredictiveHigh
247Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
248Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
249Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
250Filexx-xxxxx.xxxpredictiveMedium
251Filexxx/xxxx_xxxxxx.xxxpredictiveHigh
252Filexxx.xxxpredictiveLow
253File__xxxx_xxxxxxxx.xxxpredictiveHigh
254File~/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
255File~/xxxxxx-xxxxxxx-xxxxxxx.xxxpredictiveHigh
256Library/xxx/xxxxx/xxxxxxxxx.xxpredictiveHigh
257Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
258Libraryxxxxxx.xxxpredictiveMedium
259Libraryxxxxx.xxxpredictiveMedium
260Libraryxxxxx.xxxpredictiveMedium
261Libraryxxxx.xxxpredictiveMedium
262Libraryxxxxxx.xxxpredictiveMedium
263Libraryxxx/xx/xx.xxxpredictiveHigh
264LibraryxxxxxxxxxxxxxxxxxpredictiveHigh
265Libraryxxxxxxxxxx/xxxxxx_xxxxxxxxx.xpredictiveHigh
266Libraryxxxxxxxx.xxxpredictiveMedium
267Libraryxxxxxxxxxxxxxxxx.xxxpredictiveHigh
268Libraryxxxxxxxxxxxxxx.xxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
269Libraryxxxxxx-xx/xxx/xxx-xxxxxx-xxxxx-xx.xxxpredictiveHigh
270Libraryxx/xxx.xxx.xxxpredictiveHigh
271Libraryxxxxxx.xxxpredictiveMedium
272Libraryxxx/xxxxxxx.xxxxxx.xxx/xxx/xxxxxxxxxxxxx.xxpredictiveHigh
273Libraryxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
274Libraryxxxxxx.xxxpredictiveMedium
275Libraryxxxxxxx.xxx/xxxxxx.xxxpredictiveHigh
276Argument$xxxxpredictiveLow
277Argument$_xxxxxx['xxx_xxxx']predictiveHigh
278ArgumentxxxxxxxpredictiveLow
279ArgumentxxxxxxxpredictiveLow
280ArgumentxxxxxpredictiveLow
281ArgumentxxxxxpredictiveLow
282ArgumentxxxxxxxxxpredictiveMedium
283ArgumentxxxxxxxxxxxxxxpredictiveHigh
284ArgumentxxxxxxxpredictiveLow
285ArgumentxxxxxxxxpredictiveMedium
286ArgumentxxxxxpredictiveLow
287ArgumentxxxxxxpredictiveLow
288Argumentxxxxx_xxxxpredictiveMedium
289Argumentxxx_xxxpredictiveLow
290Argumentxxxxxxxxxx_xxxxpredictiveHigh
291ArgumentxxxpredictiveLow
292ArgumentxxxxxxxxxpredictiveMedium
293ArgumentxxxxxpredictiveLow
294Argumentxxx_xxpredictiveLow
295ArgumentxxxpredictiveLow
296ArgumentxxxpredictiveLow
297ArgumentxxxxxxpredictiveLow
298Argumentxxxxxxxxxxxx/xxxxxxxpredictiveHigh
299ArgumentxxxxxxxpredictiveLow
300ArgumentxxxxxxxxxxpredictiveMedium
301ArgumentxxxxxxpredictiveLow
302Argumentxxxxxx_xxpredictiveMedium
303ArgumentxxxxpredictiveLow
304ArgumentxxxxxxxxxxxpredictiveMedium
305ArgumentxxxxxxxxxpredictiveMedium
306ArgumentxxxxxxxxxxxxpredictiveMedium
307Argumentxxx_xxxxpredictiveMedium
308Argumentxxxxxx xx xxxx xxxpredictiveHigh
309ArgumentxxxxpredictiveLow
310ArgumentxxxxxpredictiveLow
311Argumentxx_xxpredictiveLow
312ArgumentxxxxpredictiveLow
313ArgumentxxxxxxxxpredictiveMedium
314ArgumentxxxxxxxxpredictiveMedium
315ArgumentxxxxxpredictiveLow
316Argumentxxxxxxxxx/xxxxxxxxpredictiveHigh
317Argumentxxxx_xxxxxx[xxxxx]predictiveHigh
318ArgumentxxxxxxxpredictiveLow
319ArgumentxxxxpredictiveLow
320ArgumentxxxxxxxxpredictiveMedium
321ArgumentxxxxxxxpredictiveLow
322ArgumentxxxxpredictiveLow
323Argumentx_xxxxxxxxxxpredictiveMedium
324Argumentxxx_xxxxpredictiveMedium
325Argumentxxxxxx_xxxx_xxxpredictiveHigh
326Argumentxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
327ArgumentxxxxpredictiveLow
328ArgumentxxxxpredictiveLow
329Argumentxxxx/xxxxxxxpredictiveMedium
330ArgumentxxxxxxxxpredictiveMedium
331ArgumentxxxxpredictiveLow
332Argumentxxxx_xxpredictiveLow
333Argumentxxxx_xxxxxpredictiveMedium
334ArgumentxxpredictiveLow
335ArgumentxxpredictiveLow
336ArgumentxxxxxxxxxxpredictiveMedium
337ArgumentxxxxxxxpredictiveLow
338ArgumentxxxxxxxxxpredictiveMedium
339ArgumentxxxxxpredictiveLow
340Argumentxxxxxxx_xxxxpredictiveMedium
341Argumentxxxxxxx_xxxxpredictiveMedium
342ArgumentxxxxxxpredictiveLow
343Argumentxxxx_xxpredictiveLow
344ArgumentxxxxxpredictiveLow
345Argumentxx_xxxpredictiveLow
346ArgumentxxxpredictiveLow
347ArgumentxxxxxxxxpredictiveMedium
348Argumentxxxx_xxpredictiveLow
349Argumentxxx_xxxxxx[xxxxxxx_xxxpredictiveHigh
350Argumentxxxxxxx/xxxxxx_xxpredictiveHigh
351ArgumentxxxxxpredictiveLow
352ArgumentxxxpredictiveLow
353Argumentxxx_xxxxpredictiveMedium
354Argumentx_xxxxxx_xxxxx_xxxxpredictiveHigh
355ArgumentxxxxpredictiveLow
356Argumentxxxx_xxxxpredictiveMedium
357ArgumentxxxpredictiveLow
358ArgumentxxpredictiveLow
359Argumentxxxxxxx/xxxx/xxxxxxxxpredictiveHigh
360ArgumentxxxxxxxpredictiveLow
361Argumentx_xxpredictiveLow
362ArgumentxxxxxxxxpredictiveMedium
363Argumentxxxx_xxxxpredictiveMedium
364ArgumentxxxxxxxxxxxxxpredictiveHigh
365Argumentxx_xxxxpredictiveLow
366Argumentxxxx_xxx_xx/xxxx_xxx_xxxx/xxxx_xxx_xx/xxx_xxxx_xxxxpredictiveHigh
367ArgumentxxxxpredictiveLow
368Argumentxxxxxxxx_xxpredictiveMedium
369Argumentxxxxxxxxx_predictiveMedium
370ArgumentxxxxxxxxpredictiveMedium
371ArgumentxxxxxxxxpredictiveMedium
372Argumentxxxx xxxxxpredictiveMedium
373Argumentxxxxxx_xxpredictiveMedium
374ArgumentxxxxxxxxpredictiveMedium
375ArgumentxxxxxxpredictiveLow
376ArgumentxxxxxxpredictiveLow
377ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
378ArgumentxxxxxxpredictiveLow
379Argumentxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
380ArgumentxxxxxxxpredictiveLow
381ArgumentxxxxxxxpredictiveLow
382ArgumentxxxpredictiveLow
383Argumentxxx_xxxxpredictiveMedium
384Argumentxxxx_xxx_xxxxpredictiveHigh
385ArgumentxxxxpredictiveLow
386Argumentxxxx.xxx/xxxx.xxxpredictiveHigh
387ArgumentxxxxxxxxpredictiveMedium
388ArgumentxxxpredictiveLow
389ArgumentxxxxpredictiveLow
390ArgumentxxxxxxpredictiveLow
391Argumentxxxxxxxxxx[xxxx]predictiveHigh
392Argumentxxxxx_xxpredictiveMedium
393ArgumentxxxxxpredictiveLow
394ArgumentxxxxxpredictiveLow
395ArgumentxxxxxpredictiveLow
396ArgumentxxxxpredictiveLow
397Argumentxxxx_xxpredictiveLow
398Argumentxx_xxxx_xxxpredictiveMedium
399ArgumentxxxpredictiveLow
400ArgumentxxxxpredictiveLow
401ArgumentxxxxxxxxpredictiveMedium
402ArgumentxxxxxxxxpredictiveMedium
403Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
404Argumentxxxx_xxpredictiveLow
405ArgumentxxxxxxxxxxxxpredictiveMedium
406Argumentxxx_xxxxxx_xxxxxxx_xx_xxxpredictiveHigh
407Argument\xxx\predictiveLow
408Argument\xxxxxx\predictiveMedium
409Argument_xxxxxxxpredictiveMedium
410Argument__xxxxxxpredictiveMedium
411Input Value"><xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
412Input Value'xx''='predictiveLow
413Input Value../predictiveLow
414Input Value/%xxpredictiveLow
415Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
416Input Value</xxxxx><xxx xxx=xx xxxxxxx=xxxxx(x)>predictiveHigh
417Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
418Input ValuexxxxxxxxpredictiveMedium
419PatternxxpredictiveLow
420Patternx|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|.|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|predictiveHigh
421PatternxxxxxxxxxxxxxpredictiveHigh
422Pattern|xx|xx|xx|predictiveMedium
423Pattern|xx|predictiveLow
424Network Portxxx/xxxpredictiveLow
425Network Portxxx/xxxxpredictiveMedium
426Network Portxxx/xxxxpredictiveMedium
427Network Portxxx/xxx (xxx)predictiveHigh
428Network Portxxx/xxx (xxxx)predictiveHigh
429Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!