Orchard Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (856)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en772
zh24
de18
fr14
es10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us606
cn38
ir6
ru2
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Orchard4
Cobalt Strike3
BumbleBee3
Mirai3
Bashlite3

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined272
WordPress Plugin46
Web Browser28
Operating System26
Content Management System24

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined204
Google40
Microsoft30
IBM20
Cisco12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome22
Microsoft Windows20
Google Android12
Qualcomm Snapdragon Auto8
Qualcomm Snapdragon Compute8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.800.00943CVE-2010-0966
3jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.200.00289CVE-2019-7550
4jforum cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00118CVE-2012-5337
5JForum Login input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.060.00151CVE-2012-5338
6MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.850.01302CVE-2007-0354
7School Club Application System cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00072CVE-2022-1288
8Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.400.00000
9LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.830.00000
10Cute Http File Server Search cross site scripting4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00075CVE-2023-4118
11Joomla CMS sql injection7.37.0$5k-$25k$0-$5kHighOfficial Fix0.030.97564CVE-2015-7297
12Xintian Smart Table Integrated Management System AddUpdateRole.aspx sql injection6.96.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.150.00077CVE-2023-4712
13Microsoft Windows Server Service unrestricted upload8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.71469CVE-2022-30216
14Kamailio SIP Message build_res_buf_from_sip_req input validation8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.83213CVE-2018-14767
15HTC One/Sense Mail Client certificate validation4.84.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.150.00133CVE-2013-10001
16Samsung Smartphone RPMB ldfw buffer overflow5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00044CVE-2022-23431
17Apache HTTP Server mod_lua Multipart Parser r:parsebody out-of-bounds write8.58.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.08808CVE-2021-44790
18OpenBSD OpenSSH X11 Forwarding 7pk security9.89.1$25k-$100k$0-$5kUnprovenOfficial Fix0.030.00365CVE-2016-1908
19Linux Foundation Xen EFLAGS Register SYSENTER input validation6.25.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00062CVE-2013-1917
20phpPgAds adclick.php unknown vulnerability5.35.3$0-$5k$0-$5kNot DefinedNot Defined1.240.00317CVE-2005-3791

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.61.185.36Orchard08/05/2022verifiedHigh
245.61.185.231Orchard08/05/2022verifiedHigh
3XX.XX.XXX.XXXxxxxxx08/05/2022verifiedHigh
4XX.XX.XXX.XXxxxxxx08/06/2022verifiedHigh
5XX.XX.XXX.XXXXxxxxxx08/05/2022verifiedHigh
6XXX.XXX.XXX.XXXXxxxxxx08/05/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24Path TraversalpredictiveHigh
2T1040CWE-294, CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
13TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
14TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
18TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
26TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (231)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin.php/news/admin/lists/zhuanpredictiveHigh
2File/admin/bookings/view_details.phppredictiveHigh
3File/admin/edit.phppredictiveHigh
4File/admin/maintenance/view_designation.phppredictiveHigh
5File/admin/profile/save_profilepredictiveHigh
6File/admin/reports.phppredictiveHigh
7File/api/v1/chat.getThreadsListpredictiveHigh
8File/App_Resource/UEditor/server/upload.aspxpredictiveHigh
9File/bin/shpredictiveLow
10File/cgi-bin/luci/api/diagnosepredictiveHigh
11File/cgi-bin/R19.9/easy1350.plpredictiveHigh
12File/classes/conf/db.properties&config=filemanager.config.jspredictiveHigh
13File/coders/palm.cpredictiveHigh
14File/collection/allpredictiveHigh
15File/dcim/rack/predictiveMedium
16File/EditEventTypes.phppredictiveHigh
17File/endpoint/add-user.phppredictiveHigh
18File/etc/groupspredictiveMedium
19File/file/upload/1predictiveHigh
20File/formSetPortTrpredictiveHigh
21File/forum/away.phppredictiveHigh
22File/general/system/interface/theme_set/save_image.phppredictiveHigh
23File/goform/wlanPrimaryNetworkpredictiveHigh
24File/index.php?module=help_pages/pages&entities_id=24predictiveHigh
25File/index.php?zone=settingspredictiveHigh
26File/it-IT/splunkd/__raw/services/get_snapshotpredictiveHigh
27File/nova/bin/userpredictiveHigh
28File/xxxxx-xxxxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
29File/xxxxx/xxx/.xxxx-xxxxx/xxxxxx-xxxxxxxxxxxxxpredictiveHigh
30File/xxxxx-xxxx-xxxxxxx/predictiveHigh
31File/xxxxxx/xxxxx/xxxxxxx/xxxxxx.xxxxpredictiveHigh
32File/xxxxxxxx/xxxpredictiveHigh
33File/xxxx/xxx/x/xxxxxxpredictiveHigh
34File/xxxx/xxxxx/predictiveMedium
35File/xxx/xxx/xxx/xxx_xxxxxx.xpredictiveHigh
36File/xxxxxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
37File/xxxxxx/xxxxxxx.xxpredictiveHigh
38File/xxxpredictiveLow
39File/xxxxxxx/predictiveMedium
40File/xxxxxxpredictiveLow
41File/xxxxxxxpredictiveMedium
42File/xxx/xxxx/xxxxxpredictiveHigh
43File/xxxxxxxx_xxxxx/xxxxxxx/xxxxxx.xxx?x=xxxxxx_xxxxxxxxpredictiveHigh
44Filexxx/xxxx_xxxx.xxxpredictiveHigh
45Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
46Filexxxxxxx.xxxpredictiveMedium
47Filexxx_xxxxxxx.xxxpredictiveHigh
48Filexxxxx.xxx?xxxx=xxxx-xxxxxpredictiveHigh
49Filexxxxx/xxxxxxxxxxxxx/xxxxxx.xxxpredictiveHigh
50Filexxxxx/xxxxx.xxxpredictiveHigh
51Filexxxxx_xxxxxxx.xxxpredictiveHigh
52Filexxxx/xxxxxxxxx.xxxpredictiveHigh
53Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxxxxxx.xxxpredictiveHigh
55Filexxx/xxxxxx/xxxx.xxpredictiveHigh
56Filexxx\xxxxxx\xxxxxxxxxx\xxxxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveHigh
57Filex/xx/xxxxx/xxxxxxxx.xpredictiveHigh
58Filex:\xxxxxxx xxxxx (xxx)\xxxxxxxxxxxxx\xxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxxxx.xxxpredictiveHigh
61Filexxxxxx.xxxpredictiveMedium
62Filexxxxxxx/xxxxx-xxx-xxxxxxxx.xxxpredictiveHigh
63Filexxx.xxxxxxx.xxxxxx.xxx.xxxxxxxxxxxxx.xxxxpredictiveHigh
64Filexxxxxxx_xxx.xxxpredictiveHigh
65Filexxxxxxxxxxx.xpredictiveHigh
66Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
67Filexxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
68Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
69Filexxxx_xxx.xxxpredictiveMedium
70Filexxxx/xxxxx.xxpredictiveHigh
71Filexxxxxxxxxxx.xxxpredictiveHigh
72Filexxxxxxx/xxx/xxxx/xxxx.xpredictiveHigh
73Filexxxxx.xxxpredictiveMedium
74Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
75Filexxxx.xxxpredictiveMedium
76Filexxxxxxxx/xxxx.xxpredictiveHigh
77Filexxxx_xxxxxxx.xpredictiveHigh
78Filexxx.xxxpredictiveLow
79Filexxxx.xxxpredictiveMedium
80Filexxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxxxxxxxxxx.xxxpredictiveHigh
83Filexxx/xxxxxx.xxxpredictiveHigh
84Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
85Filexxx/xxxxxxx/xxxxxxxxxxxxx/xxxxx.xxxpredictiveHigh
86Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
87Filexxxxx.xxxpredictiveMedium
88Filexxxxxx/xxxxxx/xxx_x.xxxpredictiveHigh
89Filexx_xxxxx.xxxpredictiveMedium
90Filexxx/xxx_xxxxxxx_xx.xpredictiveHigh
91Filexxx/xxxxxxx/xxxx/xxxxxxx_xxxx.xxpredictiveHigh
92Filexxx/xxxxxxxxxx/xxxxxxx/xxxxxxx_xxxxxxxxx.xxpredictiveHigh
93Filexxxxxxxxxxxx.xxpredictiveHigh
94Filexxxxxxxxxxxxxx.xxxpredictiveHigh
95Filexxxxxxxxxxxxxxxx.xpredictiveHigh
96Filexxxxxxx.xxxxxxx.xxxpredictiveHigh
97Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxx_xxxxxxx.xxxpredictiveHigh
98Filexxxxxxxx.xxxpredictiveMedium
99Filexxx_xxxx.xxxpredictiveMedium
100Filexxxxxxx.xxxxpredictiveMedium
101Filexxxxx/xxxxxxxxxxx/xxxxxxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
102Filexxxxxxx/x/x?xxxx=x&xxxxx=x&predictiveHigh
103Filexxxxxxxxx.xxxpredictiveHigh
104Filexxxxx.xxxpredictiveMedium
105Filexxxxx.xxxpredictiveMedium
106Filexxxxxxxxxx.xxxpredictiveHigh
107Filexxxxxxxx.xxxpredictiveMedium
108Filexxxxxxxx.xxx?xxxx=xxxxxxxxxxxpredictiveHigh
109Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
110Filexxxxxx.xpredictiveMedium
111Filexxxx_xxxxxx.xxxpredictiveHigh
112Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveHigh
113Filexxx.xxxxx/xxxxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
114Filexxxxxxxxxx/xxxx_xxxxxxxxxx.xpredictiveHigh
115Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxxxxxxxx_xxxxxxx.xxxpredictiveHigh
116Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxxxxx.xxxpredictiveHigh
117Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
118Filexxxx.xxxpredictiveMedium
119Filexxxxxxxxxxxxx.xxpredictiveHigh
120Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
121Filexxxx-xxxxx.xxxpredictiveHigh
122Filexxxx/xxxxxxxxxxxxxxxx.xxpredictiveHigh
123Filexxxxxx_xxxxxxxxxxxxx_xxxx.xxxpredictiveHigh
124Filexxxxxx.xpredictiveMedium
125Filexxx-xxxxx.xxxpredictiveHigh
126Filexxxxxx/xxxxxxxxxxx/xxxx_xxxxxx.xxxpredictiveHigh
127Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
128Filexx-xxxxxxxxxxx.xxxpredictiveHigh
129Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
130Filexx-xxxxxxxx.xxxpredictiveHigh
131File\xxxxx\xxxxxxxxx_xxxx.xxxpredictiveHigh
132File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
133File~/xxxxxxxx/xxxxxxxx/xxxxxx/xxxx/xxxx/xxxxxxxx.xxxpredictiveHigh
134File~/xxx-xxx-xxxx.xxxpredictiveHigh
135File~/xxxxpredictiveLow
136Library/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxxx.xxxxx.xxxpredictiveHigh
137Libraryxx_xxxxxx.xxxpredictiveHigh
138Libraryxxxxxx.xxxpredictiveMedium
139Libraryxxxxxxxxxxxxxx.xxxpredictiveHigh
140Libraryxxxxxx.xxpredictiveMedium
141Libraryxxxxxxxxxxxxxxx.xxxpredictiveHigh
142Libraryxxxxxxx.xxxpredictiveMedium
143Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
144ArgumentxxxxxxpredictiveLow
145Argumentxxx xxxxxxxxpredictiveMedium
146Argumentxxxxxxxxxxxxxxxx.xxxxxxxxxxxpredictiveHigh
147ArgumentxxxxxxxxpredictiveMedium
148ArgumentxxxxxxxxpredictiveMedium
149Argumentxxxxx_xxxxxxxxxxxpredictiveHigh
150Argumentxxxxxxx_xxxxxx_xxxxx[x]predictiveHigh
151Argumentxxxxxxx-xxxxxpredictiveHigh
152ArgumentxxxxxpredictiveLow
153ArgumentxxxxxxxxpredictiveMedium
154ArgumentxxxxxxxpredictiveLow
155Argumentxxxxxxxxxxx_xxx_xxxxpredictiveHigh
156Argumentxxxxxxx/xxxxxxx/xxxxxxx_xxxxxxxxxx/xxxxxxx_xxxxxx/xxxxxxxx/xxxx_xxxxxpredictiveHigh
157ArgumentxxxxxxxpredictiveLow
158Argumentxxxxxxx_xxxx_xxxxpredictiveHigh
159ArgumentxxpredictiveLow
160ArgumentxxxxxxxxpredictiveMedium
161ArgumentxxxxxxxpredictiveLow
162Argumentx-xxxxpredictiveLow
163Argumentxx_xxxxpredictiveLow
164ArgumentxxxxxxpredictiveLow
165Argumentxxx_xxxx_xxxxpredictiveHigh
166ArgumentxxxxpredictiveLow
167Argumentxxxx/xxxxxpredictiveMedium
168Argumentxxxxxx_xxxpredictiveMedium
169Argumentxxxxx_xxxxpredictiveMedium
170Argumentxxxxx xxxxxxxpredictiveHigh
171ArgumentxxxxxxxxxpredictiveMedium
172ArgumentxxpredictiveLow
173Argumentxxxx_xxxxxpredictiveMedium
174ArgumentxxxxxxxxpredictiveMedium
175ArgumentxxpredictiveLow
176Argumentxx/xxxxpredictiveLow
177Argumentxxxxx_xxxxpredictiveMedium
178ArgumentxxxpredictiveLow
179ArgumentxxxxxxxxpredictiveMedium
180ArgumentxxpredictiveLow
181Argumentxxxxxxxxxxxxxx.xxxxxxxxxxxxxpredictiveHigh
182ArgumentxxxxxxpredictiveLow
183Argumentxxxxxxx_xxpredictiveMedium
184ArgumentxxxxxxxxxxxxxxpredictiveHigh
185ArgumentxxxxxxpredictiveLow
186ArgumentxxxxxxxxxxpredictiveMedium
187Argumentxxxxxx xxx xxxxxx(x)predictiveHigh
188ArgumentxxxxpredictiveLow
189ArgumentxxxxpredictiveLow
190ArgumentxxxxxxxxpredictiveMedium
191ArgumentxxpredictiveLow
192ArgumentxxxxxxxpredictiveLow
193ArgumentxxxxxxxpredictiveLow
194ArgumentxxxxpredictiveLow
195ArgumentxxxxxxxxpredictiveMedium
196Argumentxxxxxxx_xxxxpredictiveMedium
197ArgumentxxxxxxxxpredictiveMedium
198Argumentxxxx-xxxxxxxpredictiveMedium
199ArgumentxxxxxpredictiveLow
200Argumentxx-xxxxxxpredictiveMedium
201Argumentxxxxxxxxxxxx_xxxxxxxxxpredictiveHigh
202ArgumentxxxxxxxxpredictiveMedium
203ArgumentxxxxxxxxxxpredictiveMedium
204ArgumentxxxxxxxpredictiveLow
205Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
206ArgumentxxxxxxxxpredictiveMedium
207ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
208ArgumentxxxxxxpredictiveLow
209Argumentxxxx_xxxxpredictiveMedium
210Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
211ArgumentxxxpredictiveLow
212ArgumentxxxpredictiveLow
213Argumentxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
214ArgumentxxxxpredictiveLow
215ArgumentxxxxxpredictiveLow
216ArgumentxxpredictiveLow
217ArgumentxxxxpredictiveLow
218ArgumentxxxxxpredictiveLow
219ArgumentxxxxxxxxxxxpredictiveMedium
220ArgumentxxxpredictiveLow
221ArgumentxxxpredictiveLow
222Argumentxxxx_xxxxxpredictiveMedium
223Argumentxx_xxxxpredictiveLow
224Argument[xxxx]=xxxxx.xxxpredictiveHigh
225Argument主题predictiveLow
226Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
227Input Value<xxxxxxxx>\xpredictiveMedium
228Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
229Input Value><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
230Input Valuexxx://xxxxxx/xxxx=xxxxxxx.xxxxxx-xxxxxx/xxxxxxxx=xxxxx_xxxxxpredictiveHigh
231Network Portxxx/xxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!