PingPull Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (578)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en440
zh84
ru34
es6
de4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us218
cn168
ru78
hk62
gb18

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike29
PingPull18
TrickBot14
ISFB10
RedLine Stealer9

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined158
Operating System34
Content Management System32
WordPress Plugin22
Programming Language Software20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined186
Microsoft42
Apache24
Oracle20
Zoho ManageEngine12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
Apache HTTP Server12
Synology DiskStation Manager8
WordPress8
Microsoft Exchange Server8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined2.840.00000CVE-2020-12440
2OpenSSL bn_wexpand input validation10.09.0$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.040.01237CVE-2009-3245
3RoundCube sql injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00842CVE-2021-44026
4Synacor Zimbra Collaboration mboximport pathname traversal4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.96849CVE-2022-27925
5MikroTik RouterOS RADVD out-of-bounds write7.57.2$0-$5k$0-$5kNot DefinedNot Defined0.030.00000CVE-2023-32154
6Hitachi Vantara Pentaho Business Analytics Server unknown vulnerability8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00091CVE-2022-43939
7Adobe Commerce/Magento Open Source cross site scripting7.47.4$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00064CVE-2022-35698
8Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.400.00000
9Progress MOVEit Transfer sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00136CVE-2021-38159
10Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.340.00817CVE-2014-4078
11Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.97344CVE-2021-34473
12Twig code injection7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.02709CVE-2022-23614
13Telerik Progress UI for ASP.NET AJAX Telerik.Web.UI inadequate encryption8.58.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.060.10806CVE-2017-11317
14HP Router/Switch SNMP information disclosure3.73.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00285CVE-2012-3268
15phpBB viewtopic.php preg_replace file inclusion7.37.3$0-$5k$0-$5kHighNot Defined0.030.15236CVE-2005-2086
16Atlassian Bitbucket Data Center/Bitbucket Server Privilege Escalation8.38.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00097CVE-2023-22513
17Monsta FTP external reference8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.070.01444CVE-2020-14057
18Checkbox Survey CheckboxWeb.dll deserialization7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01174CVE-2021-27852
19Apache Struts ExceptionDelegator input validation8.88.4$5k-$25k$0-$5kHighOfficial Fix0.030.19624CVE-2012-0391
20REST API Authentication Plugin cross-site request forgery6.26.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00056CVE-2022-45073

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • PingPull

IOC - Indicator of Compromise (127)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
12.58.242.229242-58-2-229.hostinginside.comPingPull07/29/2022verifiedHigh
22.58.242.230242-58-2-230.hostinginside.comPingPull07/29/2022verifiedHigh
32.58.242.231242-58-2-231.hostinginside.comPingPull07/29/2022verifiedHigh
42.58.242.232242-58-2-232.hostinginside.comPingPull07/29/2022verifiedHigh
52.58.242.235242-58-2-235.hostinginside.comPingPull07/29/2022verifiedHigh
62.58.242.236242-58-2-236.hostinginside.comPingPull07/29/2022verifiedHigh
75.8.71.97goodluck23.jp.usGALLIUMPingPull06/22/2022verifiedHigh
85.181.25.55vps76.example.comGALLIUMPingPull06/22/2022verifiedHigh
95.188.33.237core3.icons8.comPingPull07/29/2022verifiedHigh
1037.61.229.104theodore974.example.comPingPull07/29/2022verifiedHigh
1137.61.229.106www.asterip.netPingPull07/29/2022verifiedHigh
1243.254.218.43PingPull07/29/2022verifiedHigh
1343.254.218.57PingPull07/29/2022verifiedHigh
1443.254.218.98PingPull07/29/2022verifiedHigh
1543.254.218.104PingPull07/29/2022verifiedHigh
1643.254.218.114PingPull07/29/2022verifiedHigh
1745.14.66.23045.14.66.230.static.xtom.comPingPull07/29/2022verifiedHigh
1845.76.113.16345.76.113.163.vultrusercontent.comPingPull07/29/2022verifiedHigh
1945.116.13.15345.116.13.153.static.xtom.hkPingPull07/29/2022verifiedHigh
2045.121.50.230PingPull07/29/2022verifiedHigh
2145.128.221.61PingPull07/29/2022verifiedHigh
2245.128.221.66PingPull07/29/2022verifiedHigh
2345.128.221.169PingPull07/29/2022verifiedHigh
2445.128.221.172PingPull07/29/2022verifiedHigh
2545.128.221.182PingPull07/29/2022verifiedHigh
2645.128.221.186PingPull07/29/2022verifiedHigh
27XX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
28XX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
29XX.XXX.XXX.XXXxx.xxx.xxx.xxx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
30XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
31XX.XXX.XXX.XXxx.xxx.xxx.xx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
32XX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
33XX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
34XX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
35XX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
36XX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
37XX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
38XX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
39XX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
40XX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
41XX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
42XX.XX.XX.XXxxxxxxx-x-xx.xxx-xXxxxxxxx07/29/2022verifiedHigh
43XX.XX.XXX.XXXxx-xx.xxxxx.xxXxxxxxxx07/29/2022verifiedHigh
44XX.XX.XXX.XXXxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
45XX.XX.XXX.XXxxxx.xxxXxxxxxxXxxxxxxx06/22/2022verifiedHigh
46XX.XX.XXX.XXXxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
47XX.XX.XXX.XXxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
48XX.XX.XXX.XXXxxxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
49XX.XX.XXX.XXXxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
50XX.XX.XXX.XXXxxxxxxxx.xxxxxxxXxxxxxxx07/29/2022verifiedHigh
51XX.XX.XXX.XXxxxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
52XX.XXX.XX.XXxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
53XX.XXX.XX.XXXxxxxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
54XX.XXX.XX.XXxxxx.xxXxxxxxxx07/29/2022verifiedHigh
55XX.XXX.XX.XXXxxxx.xxXxxxxxxx07/29/2022verifiedHigh
56XX.XXX.XX.XXXxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
57XX.XXX.XX.XXXxxxxxxxxx.xxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
58XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
59XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
60XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
61XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
62XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
63XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
64XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
65XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
66XXX.XX.XXX.XXXxxxx.xxxxxxx.xxXxxxxxxx07/29/2022verifiedHigh
67XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
68XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
69XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
70XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
71XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
72XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
73XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
74XXX.XX.XX.XXXxxxxxxx07/29/2022verifiedHigh
75XXX.XX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
76XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
77XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
78XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
79XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
80XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx-xx.xxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
81XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
82XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
83XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
84XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
85XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxx.xxXxxxxxxx07/29/2022verifiedHigh
86XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
87XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
88XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
89XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
90XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
91XXX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
92XXX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
93XXX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh
94XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
95XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
96XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
97XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
98XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxxxxxxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
99XXX.XXX.XXX.XXxxxx.xXxxxxxxx07/29/2022verifiedHigh
100XXX.XXX.XXX.XXXxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
101XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
102XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
103XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
104XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
105XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
106XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
107XXX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
108XXX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
109XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
110XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
111XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
112XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
113XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
114XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
115XXX.XXX.XX.XXxxx.xxx.xx.xx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
116XXX.XXX.XX.XXXxxx.xxx.xx.xxx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
117XXX.XXX.XXX.XXXxx-xxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
118XXX.XXX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
119XXX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
120XXX.XXX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
121XXX.XXX.XXX.XXXxxxx.xxXxxxxxxx07/29/2022verifiedHigh
122XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxxx.xxxx.xxxXxxxxxxx07/29/2022verifiedHigh
123XXX.XX.XXX.XXXXxxxxxxx07/29/2022verifiedHigh
124XXX.XX.XXX.XXxxxx.xxx.xx.xxx.xx.xxxxxxxxxxx.xxxXxxxxxxx07/29/2022verifiedHigh
125XXX.XX.XXX.XXXxxxxxxx07/29/2022verifiedHigh
126XXX.XXX.XX.XXXxxxxxxx07/29/2022verifiedHigh
127XXX.XXX.XX.XXXXxxxxxxx07/29/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Pathname TraversalpredictiveHigh
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxx Xxxxxxxxxxx Xxx Xxx XxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
14TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxxxxx XxxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
21TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (202)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/api/trackedEntityInstancespredictiveHigh
2File/card_scan.phppredictiveHigh
3File/cgi-bin/portalpredictiveHigh
4File/cgi-bin/wapopenpredictiveHigh
5File/cgi-bin/wlogin.cgipredictiveHigh
6File/cwc/loginpredictiveMedium
7File/downloadpredictiveMedium
8File/etc/quaggapredictiveMedium
9File/etc/shadowpredictiveMedium
10File/forms/doLoginpredictiveHigh
11File/h/calendarpredictiveMedium
12File/inc/extensions.phppredictiveHigh
13File/index.phppredictiveMedium
14File/Items/*/RemoteImages/DownloadpredictiveHigh
15File/members/view_member.phppredictiveHigh
16File/mhds/clinic/view_details.phppredictiveHigh
17File/mifs/c/i/reg/reg.htmlpredictiveHigh
18File/nova/bin/consolepredictiveHigh
19File/nova/bin/detnetpredictiveHigh
20File/out.phppredictiveMedium
21File/owa/auth/logon.aspxpredictiveHigh
22File/req_password_user.phppredictiveHigh
23File/rest/api/latest/projectvalidate/keypredictiveHigh
24File/xxx-xpredictiveLow
25File/xxxxxx/xxxxxxxxxxxxxx!xxxxxxx.xxxxpredictiveHigh
26File/xxxxxxx/xxxxxxpredictiveHigh
27File/xxxxxxxxxx/xxxxxxxx/xxxxxpredictiveHigh
28File/xxxxxxx/xxxxxxxxx/%xxxxx%/xxxxxpredictiveHigh
29File/xxxxxxx/predictiveMedium
30File/xxx/xxxx/xxx/xxxxx.xxxxpredictiveHigh
31File/xxx-xxx/xxx.xxxpredictiveHigh
32File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxx/predictiveHigh
33File/xx-xxxxpredictiveMedium
34Filexxxxxxx.xxxpredictiveMedium
35Filexxx.xxxpredictiveLow
36Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
37Filexxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxxpredictiveHigh
38Filexxx/xxxx/xxxx.xxx?xxxxxx=xxxxxx_xxxxxx_xxxxpredictiveHigh
39Filexxxx-xxxx.xpredictiveMedium
40Filexxxx.xxxpredictiveMedium
41Filexxxx/xxxx.xxxxpredictiveHigh
42Filexxxx_xx_xxxx.xxxpredictiveHigh
43Filexxx/xxx.xxxpredictiveMedium
44Filexxx-xxxx.xxxpredictiveMedium
45Filexxxxxxx.xxxpredictiveMedium
46Filexxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
47Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxx.xxxxxxxxx.xxxpredictiveHigh
48Filexxxx/xxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
49Filexxxxxx/xxxxxxx/xxx_xxx.xpredictiveHigh
50Filexxxxxx.xxxpredictiveMedium
51Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
52Filexxxx_xxxxx.xxxpredictiveHigh
53Filexxxxxx.xxxpredictiveMedium
54Filexxxxx.xxxpredictiveMedium
55Filexxxxxxxxxxx/xxxx-xxxxxx-xxxxxx.xxxpredictiveHigh
56Filexxx/xxxx/xxxx.xpredictiveHigh
57Filexxxxxxxxxx.xxxpredictiveHigh
58Filexxxxxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
60Filexxxxxxx.xxxpredictiveMedium
61Filexxxxxxxx-xxx/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxx.xxpredictiveHigh
62Filexxxxx.xxxxpredictiveMedium
63Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
64Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
65Filexxx/xxxxxx.xxxpredictiveHigh
66Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
67Filexxxxxxxx/xxxxxxx/xxxxx-xxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxxxx.xxxpredictiveMedium
70Filexxxxxxx/xxxx_xxxxxxxxxx.xxxpredictiveHigh
71Filexxxxxxxx/xx/xxxx.xxpredictiveHigh
72Filexxxxxxxxxxxxxx.xxxpredictiveHigh
73Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
74Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
75Filexxxxxxx/xxxx_xxx_xxxxx.xxxpredictiveHigh
76Filexxx/xxxxxxxxx/x_xxxxxx.xpredictiveHigh
77Filexxx/xxxxxpredictiveMedium
78Filexxx_xxxx.xxxpredictiveMedium
79Filexxxxx/_xxxxx.xxpredictiveHigh
80Filexxxx.xxxpredictiveMedium
81Filexxxxx.xxxpredictiveMedium
82Filexxxxxxx.xxxpredictiveMedium
83Filexxxxxxxxxx.xxpredictiveHigh
84Filexxxxx_xxxx.xpredictiveMedium
85Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
86Filexxxxx_xxxxx.xxxpredictiveHigh
87Filexxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
88Filexxxx.xxxpredictiveMedium
89Filexxxxxxxx.xxxpredictiveMedium
90Filexxxxxxxxxx.xxxpredictiveHigh
91Filexxxxxxxxxxxxxxx.xxxxpredictiveHigh
92Filexxxxxx_xxxxxx.xxxpredictiveHigh
93FilexxxxxxpredictiveLow
94Filexxxx_xxxxxx.xxxpredictiveHigh
95Filexxxxx/xxxxxxxxxxxx/xxxxxxx/xxx.xxxxpredictiveHigh
96Filexxxxxxxx/xxxxxxx-xxxxxxpredictiveHigh
97Filexxxx-xxxxx.xxxpredictiveHigh
98Filexxx.xpredictiveLow
99Filexxxxx_xxxxx.xxxpredictiveHigh
100Filexxxx.xxxpredictiveMedium
101Filexxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xxpredictiveHigh
102Filexxxxxx.xxxpredictiveMedium
103Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
104Filexxxxx/xxxxx.xxpredictiveHigh
105Filexxxxxxxxx.xxxpredictiveHigh
106Filexxxxxx/xxx.xxxpredictiveHigh
107Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
108Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
109Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
110Filexx-xxxx/xxx/xx/xxxxxxx/predictiveHigh
111Filexxxxxx.xxxpredictiveMedium
112Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
113Libraryxxxxxxxxxxx.xxxpredictiveHigh
114Libraryxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
115Libraryxxx/xxxxxx.xpredictiveMedium
116Libraryxxx/xxxxx_xxxxxx.xxxpredictiveHigh
117Libraryxxx/xxxx_xxxxxx/xxxxx.xxpredictiveHigh
118Libraryxxx/xxxxx/xxx/xxx_xx.xxpredictiveHigh
119LibraryxxxxpredictiveLow
120Libraryxxxx/xxx.xxxpredictiveMedium
121Libraryxxxxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
122Libraryxxx/xxx/xxxx/predictiveHigh
123Argumentxx/xxpredictiveLow
124ArgumentxxxxxpredictiveLow
125ArgumentxxxxxxxxxpredictiveMedium
126Argumentxxx_xx_xxxxpredictiveMedium
127ArgumentxxxxxxxxpredictiveMedium
128Argumentxxxxx_xxxxpredictiveMedium
129ArgumentxxxxxxxxxxxxpredictiveMedium
130ArgumentxxxxxxxxxxxxxxxpredictiveHigh
131ArgumentxxxpredictiveLow
132ArgumentxxxxxxxxxpredictiveMedium
133ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
134ArgumentxxxxpredictiveLow
135ArgumentxxxxxxxpredictiveLow
136ArgumentxxxxpredictiveLow
137ArgumentxxxxxpredictiveLow
138Argumentxxxxxxxx xxpredictiveMedium
139ArgumentxxxpredictiveLow
140ArgumentxxxxpredictiveLow
141ArgumentxxxxxxxxxxpredictiveMedium
142ArgumentxxxxxxxxpredictiveMedium
143ArgumentxxxxxpredictiveLow
144Argumentxx_xxpredictiveLow
145ArgumentxxxxpredictiveLow
146ArgumentxxxxpredictiveLow
147ArgumentxxpredictiveLow
148ArgumentxxxxxxxxpredictiveMedium
149ArgumentxxxxxxxxxpredictiveMedium
150Argumentxxxx xxxxxxxpredictiveMedium
151ArgumentxxxxpredictiveLow
152ArgumentxxxxpredictiveLow
153ArgumentxxxpredictiveLow
154Argumentxxxx/xxxxxx_xxxxpredictiveHigh
155ArgumentxxxxxxxxpredictiveMedium
156ArgumentxxxpredictiveLow
157ArgumentxxxxxxxpredictiveLow
158ArgumentxxxxxxxpredictiveLow
159ArgumentxxxxxpredictiveLow
160Argumentxxxxx_xxpredictiveMedium
161ArgumentxxxxpredictiveLow
162Argumentxxxxxx_xxpredictiveMedium
163ArgumentxxxxxxxxpredictiveMedium
164ArgumentxxxxpredictiveLow
165Argumentxxxx_xxxxxxpredictiveMedium
166ArgumentxxxxxxxpredictiveLow
167ArgumentxxxxxxxxxpredictiveMedium
168ArgumentxxxxxxpredictiveLow
169Argumentxxxxxx_xxxxpredictiveMedium
170ArgumentxxxxxxpredictiveLow
171ArgumentxxxxpredictiveLow
172ArgumentxxxxxxxxxxxpredictiveMedium
173Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
174ArgumentxxxxxxxxxpredictiveMedium
175ArgumentxxxxxxpredictiveLow
176Argumentxxxxxxxx[xxxx]predictiveHigh
177ArgumentxxxxxxxpredictiveLow
178ArgumentxxxpredictiveLow
179ArgumentxxxpredictiveLow
180Argumentxxxxx_xxxxpredictiveMedium
181ArgumentxxpredictiveLow
182ArgumentxxxxxxxxxpredictiveMedium
183Argumentxxxxxx_xxxxxpredictiveMedium
184ArgumentxxxpredictiveLow
185ArgumentxxxpredictiveLow
186ArgumentxxxxxxxxpredictiveMedium
187ArgumentxxxxxpredictiveLow
188ArgumentxxxxpredictiveLow
189ArgumentxxxxxxxxxxxxxpredictiveHigh
190Argumentx-xxxxxxxxx-xxxxxxpredictiveHigh
191Argumentx-xxxxxx-xxxxxxpredictiveHigh
192Argumentx-xxxx-xxxxxpredictiveMedium
193Argument_xxxxxxxpredictiveMedium
194Input Value.%xx.../.%xx.../predictiveHigh
195Input Value../predictiveLow
196Input Value../..predictiveLow
197Input Value//xxxxxxx.xxxpredictiveHigh
198Input Valuexxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]predictiveHigh
199Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
200Pattern|xx|xxx|xx xx xx xx|predictiveHigh
201Network Portxxx/xxx (xxxx)predictiveHigh
202Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!