PsiXBot Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en786
zh78
es76
de20
ru12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us378
cn198
es76
ru58
io28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows26
Linux Kernel12
Google Android12
GitLab10
Apple iOS10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1KENT-WEB Clip Board cross site scripting4.34.3$0-$5kCalculatingNot DefinedNot Defined0.010.01136CVE-2014-7258
2Simple Machines Forum Access Restriction PersonalMessage.php MessageSearch2 access control8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2018-10305
3Discuz! admin.php cross site scripting3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2018-19464
4Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
5Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.610.25090CVE-2017-0055
6PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.780.01213CVE-2015-4134
74xem VatCtrl Class ActiveX Control VATDecoder.dll memory corruption10.09.7$0-$5k$0-$5kFunctionalUnavailable0.010.42881CVE-2008-4771
8Flat PHP Board path traversal3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
9ViArt CMS forums.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.02945CVE-2009-4547
10nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined5.480.00000CVE-2020-12440
11LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable1.880.00000
12Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.330.29797CVE-2014-4078
13Magento Search Module sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2021-21024
14DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.590.04187CVE-2010-0966
15Simple Machines Forum insufficiently protected credentials6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.090.00885CVE-2019-12490
16Property Listing Script property_view.php Time sql injection6.35.8$0-$5k$0-$5kNot DefinedNot Defined0.030.00000
17MongoDB SysV Init Script Kill input validation3.73.5$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2019-2389
18Linux Kernel af_alg.c af_alg_release use after free6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.040.01104CVE-2019-8912
19Servisnet Tessa app.js information disclosure4.34.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.01018CVE-2022-22833
20Progress MOVEit Transfer sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01055CVE-2021-38159

IOC - Indicator of Compromise (69)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
12.15.835.1PsiXBotverifiedHigh
25.135.183.146freya.stelas.dePsiXBotverifiedHigh
35.154.191.67PsiXBotverifiedHigh
414.42.81.85PsiXBotverifiedHigh
531.3.135.232mirror.tillo.chPsiXBotverifiedHigh
631.148.220.69PsiXBotverifiedHigh
731.171.251.118ch.ns.mon0.liPsiXBotverifiedHigh
837.44.212.194PsiXBotverifiedHigh
937.44.213.26PsiXBotverifiedHigh
1037.44.213.27PsiXBotverifiedHigh
1137.44.213.98PsiXBotverifiedHigh
1237.44.213.187PsiXBotverifiedHigh
1337.44.213.188PsiXBotverifiedHigh
1437.44.213.189PsiXBotverifiedHigh
15XX.XX.XX.XXXxxxxxxverifiedHigh
16XX.XXX.XXX.XXxx.xx-xx-xxx-xxx.xxXxxxxxxverifiedHigh
17XX.XXX.XX.XXxxx-xxxxxxxx.xxx.xxx.xxxXxxxxxxverifiedHigh
18XX.XXX.XXX.XXXxxxxxxx.xxxx.xxxxxx.xxxXxxxxxxverifiedHigh
19XX.XX.XXX.XXXxxx.xxx.xx.xx.xxxxx.xx.xx.xxxxxxx.xxxxxxx.xxx.xxXxxxxxxverifiedHigh
20XX.XXX.XXX.XXXxxxxxxverifiedHigh
21XX.X.XXX.XXXxxx.xxx.xxxxxx.xxxXxxxxxxverifiedHigh
22XX.XXX.XX.XXxxxxxxxxxx.xxxxx.xxXxxxxxxverifiedHigh
23XX.XX.XXX.XXXxxxxxxverifiedHigh
24XX.XXX.XXX.XXxxxxx-x_xxxx-xx-xxx-xxx-xx.xxx.xxxxxx.xxxXxxxxxxverifiedHigh
25XX.XXX.XX.XXXxxxxx.xxxxxxxXxxxxxxverifiedHigh
26XX.XX.XXX.Xxx-xx-xxx-x.xxxxxxxxx.xxxxxxx.xxXxxxxxxverifiedHigh
27XXX.XXX.XX.XXXXxxxxxxverifiedHigh
28XXX.XXX.XXX.XXXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxverifiedHigh
29XXX.XX.XX.Xxxxxxxxx.xxxxxxxxx.xxx.xxXxxxxxxverifiedHigh
30XXX.XX.XX.XXXXxxxxxxverifiedHigh
31XXX.XX.XX.XXXXxxxxxxverifiedHigh
32XXX.XXX.XX.XXxxxxxxx.xxxXxxxxxxverifiedHigh
33XXX.XXX.XX.XXXXxxxxxxverifiedHigh
34XXX.XX.XX.XXXXxxxxxxverifiedHigh
35XXX.XX.XXX.XXXXxxxxxxverifiedHigh
36XXX.X.XXX.XXXxxx.xxxxx.xxxXxxxxxxverifiedHigh
37XXX.X.XXX.XXxxx-xx-xxx-xx.xxxxx.xxXxxxxxxverifiedHigh
38XXX.XX.XX.Xxxxxxx.x.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxverifiedHigh
39XXX.XX.XXX.XXxxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxverifiedHigh
40XXX.XX.XXX.Xxxxxxx.x.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxverifiedHigh
41XXX.XX.XXX.XXXXxxxxxxverifiedHigh
42XXX.XXX.XX.XXXxxxxxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
43XXX.XX.XXX.XXXxxxxxxxx.xxxxxxxxx.xxx.xxXxxxxxxverifiedHigh
44XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxverifiedHigh
45XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
46XXX.XXX.X.XXXXxxxxxxverifiedHigh
47XXX.XX.XXX.Xxxxxxx-xx.xxxxxxxxxxx.xxXxxxxxxverifiedHigh
48XXX.XX.XXX.XXxxxx.xxxxxxxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
49XXX.XX.XXX.XXXxxxx.xxxxx-xxxxxx.xxxxXxxxxxxverifiedHigh
50XXX.XX.XXX.XXXxxx.xxxx.xxxXxxxxxxverifiedHigh
51XXX.XX.XXX.XXXxxxxxxx-xxxxxxxxx.xxXxxxxxxverifiedHigh
52XXX.XX.XXX.XXXXxxxxxxverifiedHigh
53XXX.XX.XXX.XXXxxxxxxverifiedHigh
54XXX.XX.XXX.XXXxxxx.xxxx-xxxx.xxxXxxxxxxverifiedHigh
55XXX.XXX.XXX.XXxxxxxxxxx.xxxxxxxxx.xxxxXxxxxxxverifiedHigh
56XXX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxxverifiedHigh
57XXX.XX.XX.XXXxxxxx.xx-xxx-xx-xx.xxxXxxxxxxverifiedHigh
58XXX.XX.XXX.XXXXxxxxxxverifiedHigh
59XXX.XX.XXX.XXXxxxxxxverifiedHigh
60XXX.XXX.XXX.XXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxverifiedHigh
61XXX.XXX.XXX.XXxxxxxxxxxxx.xxxxxx.xxxXxxxxxxverifiedHigh
62XXX.XXX.XXX.XXXxx-xx-xxx.xxxxxx.xxxXxxxxxxverifiedHigh
63XXX.XXX.XXX.XXXxxxxxxx.xxXxxxxxxverifiedHigh
64XXX.XXX.XXX.XXxxx.xxxxxx.xxxXxxxxxxverifiedHigh
65XXX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxverifiedHigh
66XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxxxxxx.xxXxxxxxxverifiedHigh
67XXX.XXX.XX.XXXxxxxxxxxx.xxXxxxxxxverifiedHigh
68XXX.XX.XXX.XXXxxx-xxx-xx-xxx.xxxxxxxxx.xxx.xxxxxXxxxxxxverifiedHigh
69XXX.XXX.XX.XXXxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Pathname TraversalpredictiveHigh
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
14TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
18TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveHigh
19TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
23TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
24TXXXXCWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (406)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/news/news_ok.phppredictiveHigh
2File/api/plugin/uninstallpredictiveHigh
3File/bcms/admin/?page=user/listpredictiveHigh
4File/bin/boapredictiveMedium
5File/card_scan.phppredictiveHigh
6File/cgi-bin/wlogin.cgipredictiveHigh
7File/config/getuserpredictiveHigh
8File/cwc/loginpredictiveMedium
9File/de/cgi/dfs_guest/predictiveHigh
10File/debug/pprofpredictiveMedium
11File/downloadpredictiveMedium
12File/etc/gsissh/sshd_configpredictiveHigh
13File/etc/passwdpredictiveMedium
14File/etc/puppetlabs/puppetserver/conf.d/ca.confpredictiveHigh
15File/etc/quaggapredictiveMedium
16File/etc/quantum/quantum.confpredictiveHigh
17File/etc/shadowpredictiveMedium
18File/forum/away.phppredictiveHigh
19File/getcfg.phppredictiveMedium
20File/goform/telnetpredictiveHigh
21File/goform/WanParameterSettingpredictiveHigh
22File/h/calendarpredictiveMedium
23File/hrm/employeeadd.phppredictiveHigh
24File/inc/extensions.phppredictiveHigh
25File/include/makecvs.phppredictiveHigh
26File/js/app.jspredictiveMedium
27File/mgmt/tm/util/bashpredictiveHigh
28File/modules/profile/index.phppredictiveHigh
29File/modules/tasks/summary.inc.phppredictiveHigh
30File/monitoringpredictiveMedium
31File/nova/bin/consolepredictiveHigh
32File/nova/bin/detnetpredictiveHigh
33File/out.phppredictiveMedium
34File/payu/icpcheckout/predictiveHigh
35File/php-sms/classes/Master.php?f=save_quotepredictiveHigh
36File/property-list/property_view.phppredictiveHigh
37File/public/login.htmpredictiveHigh
38File/req_password_user.phppredictiveHigh
39File/rest/project-templates/1.0/createsharedpredictiveHigh
40File/rom-0predictiveLow
41File/secure/QueryComponent!Default.jspapredictiveHigh
42File/trx_addons/v2/get/sc_layoutpredictiveHigh
43File/uncpath/predictiveMedium
44File/usr/local/WowzaStreamingEngine/bin/predictiveHigh
45File/usr/syno/etc/mount.confpredictiveHigh
46File/var/WEB-GUI/cgi-bin/telnet.cgipredictiveHigh
47File/WEB-INF/web.xmlpredictiveHigh
48File/xx-xxxxpredictiveMedium
49File/_xxxxpredictiveLow
50Filexxx.xxxpredictiveLow
51Filex-x-xxxxxxx.xxxpredictiveHigh
52Filexxxxxxxx/xxxxxx/xxxx_xxxxxx.xpredictiveHigh
53FilexxxxxxxxxxxxxxxxxxxxpredictiveHigh
54Filexxxxxxx.xxxpredictiveMedium
55Filexxx_x_xxxxxx.xxxpredictiveHigh
56Filexxxxx.xxxxpredictiveMedium
57Filexxxxx.xxxpredictiveMedium
58Filexxxxx/?xxxx=xxxxxx_xxxxpredictiveHigh
59Filexxxxx/xxxxxxx.xxxpredictiveHigh
60Filexxxx_xxxxx.xxxpredictiveHigh
61Filexxxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
62Filexxxxxxxx/xxxx.xxxpredictiveHigh
63Filexxxx.xxpredictiveLow
64Filexxx/xxxxxx.xxpredictiveHigh
65Filexxxx-xxxx.xpredictiveMedium
66Filexxxx.xxxpredictiveMedium
67Filexxxxxxx.xxxxpredictiveMedium
68Filexxxxx/xxxx_xxx.xpredictiveHigh
69Filexxxx/xxxxxxxxx.xxxpredictiveHigh
70Filexx_xxxxxx.xxxpredictiveHigh
71Filexxxxx.xxxpredictiveMedium
72Filexxxxxx/xxxxxx.xxx.xxxpredictiveHigh
73Filexxxxxxxx_xxxxxxxxxxx.xxxpredictiveHigh
74Filexxx_xxxx.xxxpredictiveMedium
75Filexxxxxxxxxx.xxxpredictiveHigh
76Filexxxxxxxx_xxxx.xxxpredictiveHigh
77Filexxx-xxx/xxxxxxpredictiveHigh
78Filexxxxx.xxxxxxxxx_xxxx.xxxpredictiveHigh
79Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
80Filexxx.xxxpredictiveLow
81Filexxx.xxx?xxx=xxxxx_xxxxpredictiveHigh
82Filexxx/xxx.xpredictiveMedium
83Filexxx.xxxxxxx.xxxpredictiveHigh
84Filexxxxxxx.xxxpredictiveMedium
85Filexxxxxx.xxxpredictiveMedium
86Filexxxx_xxxx.xxxpredictiveHigh
87Filexxxxxxxxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
88Filexxxx/xxx/xxxx.xxpredictiveHigh
89Filexxxxxx/xx_xxx.xpredictiveHigh
90Filexxxxxx.xxxpredictiveMedium
91Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
92Filexxxxxxxx.xxxpredictiveMedium
93Filexxxxxxxx.xpredictiveMedium
94Filexxxxxxx.xxxpredictiveMedium
95Filexxxxxxx/xx/xxxxx.xxxpredictiveHigh
96Filexxxxxxxx.xxxpredictiveMedium
97Filexxxxxxxx_xxx.xxxpredictiveHigh
98Filexxxxxxx/xxx/x_xxx.xpredictiveHigh
99Filexxxxxxx/xxx/xx/xx.xpredictiveHigh
100Filexxxx.xxxpredictiveMedium
101Filexxxxxxxx.xxxpredictiveMedium
102Filexxxxx.xxxpredictiveMedium
103Filexxxxxxxxx.xxxpredictiveHigh
104Filexxxx.xxxpredictiveMedium
105Filexxx/xxxx/xxxxxxxx/xxxxxxxx_xxxx.xpredictiveHigh
106Filexxxxxxx.xxxpredictiveMedium
107Filexxxxxxx.xpredictiveMedium
108Filexxxxx.xxxpredictiveMedium
109Filexxxxx.xxxpredictiveMedium
110Filexxxxx.xxx?xxx=xxxx&xxxxxx=xxxxxxxxxpredictiveHigh
111Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
112Filexxxxxx.xxxpredictiveMedium
113Filexx/xx_xxxxx.xpredictiveHigh
114Filexxxxxxxx.xxxpredictiveMedium
115Filexxxxxxx.xxxpredictiveMedium
116Filexxxxx.xxxpredictiveMedium
117Filexxxxxxx.xxxpredictiveMedium
118Filexxxx.xxxpredictiveMedium
119Filexxxxxxxx-xxx/xxxxxx/xxxxxxxx/xxxxxxxx/xxxxx.xxpredictiveHigh
120Filexxxxx_xxxxx.xxxpredictiveHigh
121Filexxxxxxxxx.xxxxx.xxxpredictiveHigh
122Filexxxx.xxxpredictiveMedium
123Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
124Filexx/xxx/xxxxx.xpredictiveHigh
125Filexxx/xxxxxx.xxxpredictiveHigh
126Filexxx/xxxxxx.xxxpredictiveHigh
127Filexxx/xxxxxxxxxx.xxx.xxxpredictiveHigh
128Filexxxxxxx/xxxxx.xxxxxxx_xxxxxx.xxxpredictiveHigh
129Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
130Filexxxxxxxx/xxxxxxx/xxxxx-xxx.xxxpredictiveHigh
131Filexxxxx.xpredictiveLow
132Filexxxxx.xxxpredictiveMedium
133Filexxxxx.xxx?xxx=xxxxx&xx=xxxxxx&xx=xxpredictiveHigh
134Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
135FilexxxpredictiveLow
136Filexxxxxx/xxxxxx/xxxx.xpredictiveHigh
137Filexxxxxx/xxxxx/xxxx.xpredictiveHigh
138Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
139Filexxxxxxx/xxxxxxxxx.xxxpredictiveHigh
140Filexxxxxxx/xxxxx/xx/xxxxxx/xxxxx.xxxxx.xxxpredictiveHigh
141Filexxxxx.xxxpredictiveMedium
142Filexxxx.xxxpredictiveMedium
143Filexxxxxxxxxx/xxxxxxx-xxxxxx.xpredictiveHigh
144Filexxxxxx.xxxpredictiveMedium
145Filexxxxxx.xxx?xxxxxx=xxxxxxxxxxxxpredictiveHigh
146Filexxxxxxx.xxxpredictiveMedium
147Filexxx_xxx.xxxpredictiveMedium
148Filexxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
149Filexxxxxxx/xxxxxxxxxxx/xxxxxxxx.xxxpredictiveHigh
150Filexxx_xxxxx.xxxpredictiveHigh
151Filexxxxxxx/xxxx_xxx_xxxxx.xxxpredictiveHigh
152Filexxx/xxxx/xxxxxxx.xpredictiveHigh
153Filexxxx.xxxpredictiveMedium
154Filexxxxxxxxxx.xxxpredictiveHigh
155Filexxxxxxxx.xxxpredictiveMedium
156Filexxxx_xxxx.xxxpredictiveHigh
157Filexxx_xxxx_xxx_xxxxxxxxxx.xpredictiveHigh
158Filexxxxxxxx.xxxpredictiveMedium
159Filexxxxxxxxxxx/xxxx_xxxxxxx_xx_xxx.xpredictiveHigh
160Filexxxxx/_xxxxx.xxpredictiveHigh
161Filexxxxxxxxxx.xxpredictiveHigh
162Filexxxx/xxxxxxxx_xxxx.xxxpredictiveHigh
163Filexxxxxxxxxxxx.xxxpredictiveHigh
164Filexxxxxxxx.xxxpredictiveMedium
165Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
166Filexxxx.xxxpredictiveMedium
167Filexxxxxxx/xxxxxxxxxxxxx/xxxxx-xxxx.xxxpredictiveHigh
168Filexxxxxxx/xxx.xpredictiveHigh
169Filexxxxxxxxx.xxxpredictiveHigh
170Filexxxxxxxxxxxxx.xxxpredictiveHigh
171Filexxxxxxx_xxxx.xxxpredictiveHigh
172Filexxxxxxx.xxxpredictiveMedium
173Filexxxxxxxxxx.xxpredictiveHigh
174Filexxxxx_xxxx.xpredictiveMedium
175Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
176Filexxx/xxxxxxxx-xxxxx.xpredictiveHigh
177Filexxxxx_xxxxx.xxxpredictiveHigh
178Filexxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
179Filexxxxx.xxxpredictiveMedium
180Filexxxxxxxx.xxxpredictiveMedium
181Filexxxxxxxxxx.xxxpredictiveHigh
182Filexxxxxxxx.xxxpredictiveMedium
183Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
184Filexxxxxx.xxxpredictiveMedium
185Filexxx.xxxpredictiveLow
186Filexxxx_xxxxxx.xxxpredictiveHigh
187Filexxx/xxxxxx-xxxxxxx-xxxxxxxx.xxxpredictiveHigh
188Filexxxxxxxxxx.xxxpredictiveHigh
189Filexxxxxx.xxxpredictiveMedium
190Filexxxxxx.xxxxpredictiveMedium
191Filexxxxxx_xxxxxx.xxxpredictiveHigh
192Filexxxxxx.xxxpredictiveMedium
193Filexxxxxxxx-xxxxxx_xxxxx.xxxpredictiveHigh
194Filexxxxxxxx.xxx.xxxpredictiveHigh
195Filexxxx.xxxpredictiveMedium
196Filexxxxxx.xxxpredictiveMedium
197Filexxxxxxxxxxxxxxxx.xxpredictiveHigh
198Filexxxxx.xxxpredictiveMedium
199Filexxxxxx.xxxpredictiveMedium
200Filexxxxxxx/xxxxxxx/xxxxxxxxxxxxxxx/xxxxx_xx_xxxxxx.xxxpredictiveHigh
201Filexxxxxxx/xxxxxxx/xxxxxxxxxxxxxxx/xxxxx_xx_xxxxxx.xxxpredictiveHigh
202Filexxxxxxx/xxxxxxx/xxxxxxxxxxxxxxx/xxxxx_xx_xxxxxxx.xxxpredictiveHigh
203Filexxxxxxxxxxx.xxxpredictiveHigh
204Filexxxx.xxxpredictiveMedium
205Filexxxxxxx.xxxpredictiveMedium
206Filexxxx/xxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
207Filexxxx-xxxxxxxxx.xxxpredictiveHigh
208Filexxxxx_xxxxx.xxxpredictiveHigh
209Filexxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
210Filexxxx.xxx.xxxpredictiveMedium
211Filexxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xxpredictiveHigh
212Filexxxxxx.xxxpredictiveMedium
213Filexxxxxxx/xxxxx/xx.xxxpredictiveHigh
214Filexxxxxx_xxxxxxxx.xxxpredictiveHigh
215Filexxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
216Filexxxxxxxx_xxxx.xxxpredictiveHigh
217Filexxxxxxxxxxxxx.xxxpredictiveHigh
218Filexxxxx.xxxxpredictiveMedium
219Filexxxx.xxxpredictiveMedium
220Filexxxxxxx.xxxpredictiveMedium
221Filexxxxxxxxxx.xxxpredictiveHigh
222Filexxxxxxxxxxx.xxxpredictiveHigh
223Filexxxxxxxx.xxxpredictiveMedium
224Filexx-xxxxx/xxxx-xxx.xxxpredictiveHigh
225Filexx-xxxxx-xxxxxx.xxxpredictiveHigh
226Filexx-xxxxxxx/xxxxxxxpredictiveHigh
227Filexx-xxxx/xxx/xx/xxxxxxx/predictiveHigh
228Filexx-xxxxxxx.xxxpredictiveHigh
229Filexxxxxx.xxxpredictiveMedium
230Filexx/xxx.xxxpredictiveMedium
231Filexxxxxxx/xxxxx.xxxpredictiveHigh
232Filexxxx.xxxpredictiveMedium
233File_xxxxxx.xxxpredictiveMedium
234File~/xxxxxxx-xxxxxx-xx.xxxpredictiveHigh
235File~/xxxxx-xxxxxxxx.xxxpredictiveHigh
236Library/xxx/xx.xx.xxxxxpredictiveHigh
237Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
238Libraryxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
239Libraryxxxxxxx.xxxpredictiveMedium
240Libraryxxx/xxxxxxxx.xxxpredictiveHigh
241Libraryxxx/xxxxxxxxx.xxxpredictiveHigh
242Libraryxxx/xxxxx_xxxxxx.xxxpredictiveHigh
243Libraryxxxxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
244Libraryxxxxxx.xxxpredictiveMedium
245Libraryxxx/xxxxxxxxx/xxxxxx.xxpredictiveHigh
246Libraryxxxxxxxx.xxxpredictiveMedium
247Libraryxxxxxxxx.xxxpredictiveMedium
248Libraryxxxx/xxxpredictiveMedium
249Libraryxxxxxxxx.xxxpredictiveMedium
250Libraryxxxxxxxxxx.xxxpredictiveHigh
251Libraryxxxxxxx.xxxpredictiveMedium
252Libraryxxxxxxxx.xxxpredictiveMedium
253Argument-xpredictiveLow
254Argumentxx/xxpredictiveLow
255Argumentxxxxxx-xxxxxxxxpredictiveHigh
256Argumentxx_xxpredictiveLow
257ArgumentxxxxxpredictiveLow
258ArgumentxxxxxxxpredictiveLow
259ArgumentxxxxxpredictiveLow
260Argumentxxx_xx_xxxxpredictiveMedium
261ArgumentxxxxpredictiveLow
262Argumentxxxxxx_xxxxpredictiveMedium
263ArgumentxxxxxxxxxxxxxxpredictiveHigh
264ArgumentxxxxxxxxpredictiveMedium
265ArgumentxxpredictiveLow
266ArgumentxxxpredictiveLow
267Argumentxxxxx_xxxxpredictiveMedium
268ArgumentxxxxxxxxxxxxpredictiveMedium
269Argumentxxxx_xxpredictiveLow
270ArgumentxxxpredictiveLow
271ArgumentxxxxxxxxxxpredictiveMedium
272ArgumentxxxxxxxpredictiveLow
273ArgumentxxxpredictiveLow
274ArgumentxxxpredictiveLow
275ArgumentxxxxxxxxxxxxxpredictiveHigh
276ArgumentxxxxxxxpredictiveLow
277Argumentxxxxxxx xxxxxxpredictiveHigh
278ArgumentxxxxxxxpredictiveLow
279Argumentxxxxxx_xxpredictiveMedium
280Argumentxxxx_xxxxxpredictiveMedium
281ArgumentxxpredictiveLow
282ArgumentxxxxxxxxxxxxpredictiveMedium
283ArgumentxxxxxxxpredictiveLow
284ArgumentxxxpredictiveLow
285ArgumentxxxxpredictiveLow
286ArgumentxxxxpredictiveLow
287Argumentxxxxxxxxx/xxx-xxxxxxpredictiveHigh
288ArgumentxxxxpredictiveLow
289ArgumentxxxxxxxxpredictiveMedium
290ArgumentxxxxxpredictiveLow
291ArgumentxxxxxpredictiveLow
292Argumentxxxxxxxx xxpredictiveMedium
293ArgumentxxxxxpredictiveLow
294Argumentxxxxx_xxpredictiveMedium
295ArgumentxxxpredictiveLow
296ArgumentxxxxpredictiveLow
297ArgumentxxxxpredictiveLow
298ArgumentxxxxxxxxpredictiveMedium
299ArgumentxxxxxpredictiveLow
300Argumentxxxxx_xxpredictiveMedium
301ArgumentxxxxxxxxxxxxxxxpredictiveHigh
302ArgumentxxxxxxxpredictiveLow
303ArgumentxxxxxpredictiveLow
304ArgumentxxxxxxxxxpredictiveMedium
305Argumentxxxxxxxx xxxx/xxxxxxxx xxxxxxxx/xxxxxxxx xxxxxxx xx/xxxxxxx/xxxxpredictiveHigh
306Argumentxxxx_xxxxxxpredictiveMedium
307Argumentxxxx_xxxxxxxpredictiveMedium
308ArgumentxxpredictiveLow
309ArgumentxxpredictiveLow
310Argumentxx_xxxpredictiveLow
311ArgumentxxxxxxxpredictiveLow
312ArgumentxxxxxxxxxxpredictiveMedium
313ArgumentxxxpredictiveLow
314Argumentxxxx/xxxxxx_xxxxpredictiveHigh
315ArgumentxxxxpredictiveLow
316ArgumentxxxxxxxxpredictiveMedium
317Argumentxx_xxxxxxxpredictiveMedium
318ArgumentxxxpredictiveLow
319ArgumentxxxxpredictiveLow
320ArgumentxxxxxxxxxpredictiveMedium
321Argumentxxxxx_xxxxpredictiveMedium
322Argumentxx_xxxxxxpredictiveMedium
323ArgumentxxxxxxxxpredictiveMedium
324ArgumentxxxpredictiveLow
325Argumentx_xxxxpredictiveLow
326Argumentx-xxxpredictiveLow
327ArgumentxxxxpredictiveLow
328ArgumentxxxxxxxxxxpredictiveMedium
329Argumentxxxx_xxpredictiveLow
330ArgumentxxxpredictiveLow
331ArgumentxxxxxxxpredictiveLow
332ArgumentxxxxxxxpredictiveLow
333Argumentxxxxx_xxxxpredictiveMedium
334ArgumentxxxxpredictiveLow
335ArgumentxxxxxxxxxpredictiveMedium
336ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
337ArgumentxxxxxxxxpredictiveMedium
338ArgumentxxxxpredictiveLow
339Argumentxxxx_xxxxpredictiveMedium
340Argumentxxxx_xx_xxxxpredictiveMedium
341Argumentxxx_xxxxpredictiveMedium
342Argumentxxxxxx_xxxxxxxxxxxpredictiveHigh
343ArgumentxxxxxxxpredictiveLow
344Argumentxxxxxxxx_xxxxxpredictiveHigh
345ArgumentxxxxxxxpredictiveLow
346ArgumentxxxxxxxpredictiveLow
347ArgumentxxxxxpredictiveLow
348Argumentxxxxxxx_xxpredictiveMedium
349ArgumentxxxxxxpredictiveLow
350ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
351ArgumentxxxpredictiveLow
352ArgumentxxxxxpredictiveLow
353Argumentxxxxxxxx_xxxpredictiveMedium
354Argumentxxxxxx[xxxxxx][xxxxxxxxx]predictiveHigh
355ArgumentxxxpredictiveLow
356Argumentxxxxxx_xxxxpredictiveMedium
357ArgumentxxxxxxpredictiveLow
358ArgumentxxpredictiveLow
359Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
360ArgumentxxxxxxpredictiveLow
361Argumentxxxxxx_xxpredictiveMedium
362ArgumentxxxxxxxxpredictiveMedium
363ArgumentxxxxxxxxxxxxxxxpredictiveHigh
364Argumentxxxxxxxxx_xxxxxx_xxxpredictiveHigh
365ArgumentxxxxpredictiveLow
366ArgumentxxxxxxpredictiveLow
367Argumentxxxx_xxxxpredictiveMedium
368ArgumentxxxxxxxxxpredictiveMedium
369ArgumentxxxxxxxxpredictiveMedium
370ArgumentxxxxxpredictiveLow
371ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
372ArgumentxxxxxxxxxpredictiveMedium
373ArgumentxxxxxxpredictiveLow
374ArgumentxxxxxxxxxxxxxxpredictiveHigh
375ArgumentxxxpredictiveLow
376Argumentxxxxx_xxxxpredictiveMedium
377Argumentxxx/xxxxxxxxxx$$.xxxpredictiveHigh
378ArgumentxxxxxpredictiveLow
379ArgumentxxxpredictiveLow
380ArgumentxxxpredictiveLow
381ArgumentxxxxpredictiveLow
382ArgumentxxxxpredictiveLow
383ArgumentxxxxxxxxpredictiveMedium
384ArgumentxxxxxxxxpredictiveMedium
385ArgumentxxxxpredictiveLow
386ArgumentxxxxxxxxxxpredictiveMedium
387ArgumentxxxxxxxxxpredictiveMedium
388Argumentxxxxxx_xxpredictiveMedium
389Argumentx-xxxxxxxxx-xxxpredictiveHigh
390Argumentx-xxxxxx-xxxxxxpredictiveHigh
391ArgumentxxxxpredictiveLow
392Argument_xxx[xxxxxxxx]predictiveHigh
393Argument_xxxxxpredictiveLow
394Input Value.%xx.../.%xx.../predictiveHigh
395Input Value../predictiveLow
396Input Valuexxx' xxx xxxxx(x) xxx 'xxxx'='xxxxpredictiveHigh
397Input Value</xx><xxx xxx="" xxxxxxx="xxxxx(x)"><xx>xpredictiveHigh
398Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%xx%xx%xxxxx%xxx=%xxxpredictiveHigh
399Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
400Pattern/xxxxxxxxx/predictiveMedium
401Patternxxxxxxxx.xxxxpredictiveHigh
402Pattern|xx|xxx|xx xx xx xx|predictiveHigh
403Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
404Network Portxxx/xxxx (xxx)predictiveHigh
405Network Portxxx/xxxxxpredictiveMedium
406Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!