RagnarLocker Analysis

IOB - Indicator of Behavior (693)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en584
pl28
es14
zh14
fr12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us448
de46
cn26
ru22
au14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress12
Apache HTTP Server10
Microsoft Windows10
PEPPERL+FUCHS WirelessHART-Gateway6
Joomla CMS6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix4.720.00936CVE-2020-15906
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.380.00943CVE-2010-0966
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
4Phorum register.php cross site scripting6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01601CVE-2007-0769
5Biometric Shift Employee Management System index.php cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00057CVE-2017-17995
6AlstraSoft AskMe Pro register.php cross site scripting3.53.5$0-$5kCalculatingNot DefinedNot Defined0.000.00000
7Void Contact Form 7 Widget for Elementor Page Builder Plugin void_cf7_opt_in_user_data_track cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00062CVE-2022-47166
8Trend Micro HouseCall for Home Networks Library uncontrolled search path6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00045CVE-2021-32466
9SSReader Ultra Star Reader ActiveX Control pdg2.dll Register memory corruption10.09.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.05274CVE-2007-5892
10PHP mysqli_real_escape_string integer overflow8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00932CVE-2017-9120
11Moreover.com Cached Feed.cgi Script cached_feed.cgi path traversal5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.01256CVE-2000-0906
12cpCommerce register.php cross site scripting4.34.2$0-$5kCalculatingHighUnavailable0.000.00661CVE-2007-2968
13The Address Book register.php privileges management7.36.4$0-$5k$0-$5kUnprovenUnavailable0.000.01741CVE-2006-4580
14PsychoStats register.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
15Phorum register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00184CVE-2004-2110
16baserCMS Management System unrestricted upload8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01375CVE-2023-25654
17MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.750.01302CVE-2007-0354
18SmartDataSoft SmartBlog archive.php sql injection7.37.0$0-$5kCalculatingNot DefinedOfficial Fix0.030.02819CVE-2021-37538
19Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.050.01194CVE-2004-1386
20Woltlab Burning Board register.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00957CVE-2007-1443

IOC - Indicator of Compromise (32)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.45.65.52RagnarLocker03/08/2022verifiedHigh
223.106.122.192RagnarLocker03/08/2022verifiedHigh
323.227.202.7223-227-202-72.static.hvvc.usRagnarLocker03/08/2022verifiedHigh
437.120.238.107RagnarLocker03/08/2022verifiedHigh
545.63.89.25045.63.89.250.vultr.comRagnarLocker03/08/2022verifiedMedium
645.90.59.131unallocated.layer6.netRagnarLocker03/08/2022verifiedHigh
745.91.93.75mnbbim4.uniteq.xyzRagnarLocker03/08/2022verifiedHigh
8XX.XXX.XX.Xxxxxxxxx.xx.xxxxxxxXxxxxxxxxxxx03/08/2022verifiedHigh
9XX.XXX.XXX.XXXXxxxxxxxxxxx03/08/2022verifiedHigh
10XX.XX.XX.XXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
11XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
12XX.XXX.XXX.XXxx-xxx-xxx-xx-xxxxxx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
13XX.XXX.XXX.XXxxx.xxxxxxx.xx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
14XX.XX.XX.XXXxxxxxxxxxxx03/08/2022verifiedHigh
15XX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
16XXX.XX.XXX.XXXxxxx-xxx-xx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
17XXX.XX.XXX.XXXxxxx-xxx-xx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
18XXX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
19XXX.XX.XXX.XXxxxx.xx-xxx-xx-xxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
20XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedMedium
21XXX.XX.XXX.Xxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
22XXX.XX.XX.XXxxxxxx.xx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
23XXX.XX.XXX.XXxxx.xxx.xxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
24XXX.XXX.XXX.XXxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
25XXX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxxx.xxxxXxxxxxxxxxxx03/08/2022verifiedHigh
26XXX.XXX.XXX.XXXXxxxxxxxxxxx03/08/2022verifiedHigh
27XXX.XX.XX.XXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
28XXX.XX.XX.XXxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
29XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxx-xxxXxxxxxxxxxxx03/08/2022verifiedHigh
30XXX.XX.XX.XXxxx-xx-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
31XXX.XX.XXX.XXXxxx-xx-xxx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
32XXX.XX.XX.XXXxxxxxx-xxxxxxx.xxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (291)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/adminlogin.asppredictiveHigh
3File/app/index/controller/Common.phppredictiveHigh
4File/category_view.phppredictiveHigh
5File/dipam/athlete-profile.phppredictiveHigh
6File/forum/away.phppredictiveHigh
7File/goform/delAdpredictiveHigh
8File/HNAP1predictiveLow
9File/mc-admin/post.php?state=delete&deletepredictiveHigh
10File/mkshop/Men/profile.phppredictiveHigh
11File/pharmacy-sales-and-inventory-system/manage_user.phppredictiveHigh
12File/php-jms/review_se_result.phppredictiveHigh
13File/public/login.htmpredictiveHigh
14File/Side.phppredictiveMedium
15File/spip.phppredictiveMedium
16File/student/bookdetails.phppredictiveHigh
17File/textpattern/index.phppredictiveHigh
18File/user/profilepredictiveHigh
19File/usr/ucb/mailpredictiveHigh
20File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
21Fileaccount.asppredictiveMedium
22Fileadclick.phppredictiveMedium
23Fileaddmember.phppredictiveHigh
24Fileaddtocart.asppredictiveHigh
25Fileaddtomylist.asppredictiveHigh
26Fileadmin.phppredictiveMedium
27Fileadmin.x-shop.phppredictiveHigh
28Fileadmin/auth.phppredictiveHigh
29Fileadmin/import/class-import-settings.phppredictiveHigh
30Fileadmin/sqlpatch.phppredictiveHigh
31FileadminAttachments.phppredictiveHigh
32FileadminBoards.phppredictiveHigh
33Fileadmincp/auth/checklogin.phppredictiveHigh
34Fileadminlogin.asppredictiveHigh
35FileadminPolls.phppredictiveHigh
36Fileadmin_feature.phppredictiveHigh
37Fileaj.htmlpredictiveLow
38Filexxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
39Filexx_xxxxxxxxxx.xxxpredictiveHigh
40Filexxx_xxx.xxxpredictiveMedium
41Filexxxxxxxxxxx/xxxxx/xxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxx.xxxpredictiveLow
44Filexxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
45Filexxxxxxxxxxxxx.xxpredictiveHigh
46Filexxxxxxx.xxpredictiveMedium
47Filexx_xxxxx_xxxxx.xxxpredictiveHigh
48Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveHigh
49Filexxxxxx_xxxx.xxxpredictiveHigh
50Filexxxx_xxxxxxx.xxxpredictiveHigh
51Filexxx.xxxpredictiveLow
52Filexxxxxxxx.xxxpredictiveMedium
53Filexxx-xxx/xxxxxxx.xxpredictiveHigh
54Filexxx-xxx/xxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
55Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveHigh
56Filexxx-xxx/xxxxxx/xxxxx.xxpredictiveHigh
57Filexxxxx.xxxxx.xxxpredictiveHigh
58Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
60Filexxxx/xxxx/xxx.xxxxxxx.xxxxxxx/xxxxxx_xxxxx/xxx.xxxpredictiveHigh
61Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
62Filexxx.xxxpredictiveLow
63Filexxxxxxx.xxxpredictiveMedium
64Filexxxxxx.xxxpredictiveMedium
65Filexxxxxxxx.xxxpredictiveMedium
66Filexxxx-xxxxxxx.xxxpredictiveHigh
67Filexxxxxxxx.xxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxxx.xxxpredictiveMedium
70Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
71Filexxxx.xpredictiveLow
72Filexxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHigh
73Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
74Filexxxxx.xxxpredictiveMedium
75Filexxxx/xxxx.xxpredictiveMedium
76Filexxxxxxxxx_xxx_xxxx.xxxpredictiveHigh
77Filexxxx.xxxpredictiveMedium
78Filexxxx.xxxpredictiveMedium
79Filexxxxxxxxx.xxxpredictiveHigh
80Filexxxxxxxx.xxxpredictiveMedium
81Filexxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxx.xxxpredictiveHigh
83Filexxx/xxxxxx.xxxpredictiveHigh
84Filexxx/xxxxxxxxx.xxx.xxxpredictiveHigh
85Filexxx/xxxxxxx/xxxxxxxxxxxxx/xxxxx.xxxpredictiveHigh
86Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
87Filexxxxxxx/xxxxxxx/xxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
88Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
89Filexxxxxxxx/xxxx.xxxpredictiveHigh
90Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveHigh
91Filexxxxxxxx/xxxxxx/xxxxxx.xxxpredictiveHigh
92Filexxxxx.xxxpredictiveMedium
93Filexxxxxxx.xxx.xxxpredictiveHigh
94Filexx.xxxpredictiveLow
95Filexxxx.xxxpredictiveMedium
96Filexxxxx/xxxxx.xxxpredictiveHigh
97Filexxxx.xxxpredictiveMedium
98Filexxxx/x/xxxxxx.xpredictiveHigh
99Filexxxxx.xxxpredictiveMedium
100Filexxx_xxxxxxxx.xxxpredictiveHigh
101Filexxxx.xpredictiveLow
102Filexxxxxxx.xxxpredictiveMedium
103Filexxx.xxxpredictiveLow
104Filexx_xxxx.xpredictiveMedium
105Filexxxxxxxx.xxxpredictiveMedium
106Filexxxxxxx/xxx/xxxxx.xxxpredictiveHigh
107Filexxxxxx_xx.xxxpredictiveHigh
108Filexxx_xxxx_xxxxx.xpredictiveHigh
109Filexxxxxxxxx.xxpredictiveMedium
110Filexxxx.xxxpredictiveMedium
111Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
112Filexxxxxxxxx.xxx.xxxpredictiveHigh
113FilexxxpredictiveLow
114Filexxxxxxx.xxxpredictiveMedium
115Filexxx.xpredictiveLow
116Filexxxxxxxx.xxpredictiveMedium
117Filexxxxx/xxxxxxx.xpredictiveHigh
118Filexxxxx-xxxxx.xpredictiveHigh
119Filexxxxxxx.xxxpredictiveMedium
120Filexxxx.xxxpredictiveMedium
121Filexxxxx.xxxpredictiveMedium
122Filexxxxxxxxxx.xxxpredictiveHigh
123Filexxxxxxxx.xxxpredictiveMedium
124Filexxxxxxxx.xxxpredictiveMedium
125Filexxxxxxxx.xxpredictiveMedium
126Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
127Filexxxxxxxxxx.xxxx.xxxpredictiveHigh
128Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
130Filexxxxxx.xxxpredictiveMedium
131Filexxxxxx.xxxpredictiveMedium
132Filexxxxxx_xxxx.xxxpredictiveHigh
133Filexxxxxx/xxxxxxxx.xxxpredictiveHigh
134Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
135Filexxxx.xxxpredictiveMedium
136Filexxxx/xxxx.xxxpredictiveHigh
137Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
138Filexxxxxxxxxxx.xxxpredictiveHigh
139Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
140Filexxxxxxxxxxx.xxxpredictiveHigh
141Filexxxx_xxxxxxxx.xxx/xxxx_xxxx.xxxpredictiveHigh
142Filexxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
143Filexxxxxxxxx/xxxxxxxxxxpredictiveHigh
144Filexxxxxx/predictiveLow
145Filexxxx-xxxxxxxx.xxxpredictiveHigh
146Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
147Filexxxx-xxxxx.xxxpredictiveHigh
148Filexxxx-xxxxxxxx.xxxpredictiveHigh
149Filexxxx.xxxpredictiveMedium
150Filexxxxxxxx-x.xpredictiveMedium
151Filexxxxxx.xxxpredictiveMedium
152Filexxxxxx.xxxpredictiveMedium
153Filexxx.xxxpredictiveLow
154Filexxxxx/xxxxxxxx.xxxpredictiveHigh
155Filexxxx/xxxxxx.xxxxpredictiveHigh
156Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
157Filexxxxxxxxx.xpredictiveMedium
158Filexxxx.xxxpredictiveMedium
159Filexxxx/xxxxxxxx.xxxpredictiveHigh
160Filexxxx_xxx.xxxpredictiveMedium
161Filexxx/xxx/xxxx/xxxxx.xxxpredictiveHigh
162Filexxx/xxxxx/xxxxx.xxxpredictiveHigh
163Filexxxxxxx.xxxpredictiveMedium
164Filexx-xxxxxxxx-xxxx.xxxpredictiveHigh
165Filexx-xxxxxx.xxxpredictiveHigh
166Filexx-xxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
167Filexx-xxxxxxxx.xxxpredictiveHigh
168Filexxx/xxxx/xx/xxxxxxx.xxxpredictiveHigh
169Filexxxxxxxxxxxx.xxxpredictiveHigh
170FilexxxxxxxpredictiveLow
171File~/xxx/xxxxxxxxx/xxxx/xxxx/xxxxxx.xxxpredictiveHigh
172File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
173Libraryxxxxx/xxxxxxxxx/xxxxx.xxxxxxxxx.xxxpredictiveHigh
174Libraryxxxxxxxxxxx.xxxpredictiveHigh
175Libraryxxxxxxxx.xxxpredictiveMedium
176Libraryxxxx.xxx.xxxpredictiveMedium
177Libraryxxxx.xxxpredictiveMedium
178Libraryxxxxx_xxx.xxxpredictiveHigh
179Libraryxxxxxxx.xxxpredictiveMedium
180Argument$_xxxxxx['xxx_xxxx']predictiveHigh
181ArgumentxxxxxxpredictiveLow
182ArgumentxxxxxxxpredictiveLow
183ArgumentxxxxxxpredictiveLow
184ArgumentxxxxxxxxpredictiveMedium
185Argumentxxxx_xxxpredictiveMedium
186Argumentxxxxxxxxx xx xxxxxxxpredictiveHigh
187ArgumentxxxxpredictiveLow
188Argumentxxxx_xxx_xxxxpredictiveHigh
189ArgumentxxxpredictiveLow
190Argumentxxxxxxxx/xxxxxxpredictiveHigh
191Argumentxxxxxxxx_xxpredictiveMedium
192Argumentxxx_xxpredictiveLow
193ArgumentxxxxxxxxxxpredictiveMedium
194ArgumentxxxxxxxpredictiveLow
195ArgumentxxxxxxpredictiveLow
196ArgumentxxxxxxxxxxpredictiveMedium
197Argumentxxxxxx[xxx_xxxx_xxxx]predictiveHigh
198ArgumentxxxxxxxpredictiveLow
199ArgumentxxxxxxxxpredictiveMedium
200ArgumentxxxxxxpredictiveLow
201ArgumentxxxxxxxpredictiveLow
202Argumentxxxxxxx_xxxx_xxxxpredictiveHigh
203Argumentxxxxxx_xxxxx_xxxxpredictiveHigh
204ArgumentxxxxxxxxpredictiveMedium
205ArgumentxxxxpredictiveLow
206ArgumentxxxpredictiveLow
207ArgumentxxxxxpredictiveLow
208Argumentxxxxx_xxxxxx/xxxxpredictiveHigh
209ArgumentxxxxxxxxxxxpredictiveMedium
210Argumentxx_xxxxx_xxpredictiveMedium
211Argumentxxxxx_xxxx_xxxxpredictiveHigh
212ArgumentxxxxxpredictiveLow
213Argumentxxxxx_xxxxxxxxxxxpredictiveHigh
214Argumentxx_xxxxxxxpredictiveMedium
215ArgumentxxxxxxxpredictiveLow
216ArgumentxxxxxxpredictiveLow
217Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveHigh
218Argumentxxxx[xxxxxxx]predictiveHigh
219Argumentxxxx_xxxxxpredictiveMedium
220Argumentxxxx_xxxxxxxpredictiveMedium
221ArgumentxxpredictiveLow
222ArgumentxxpredictiveLow
223ArgumentxxpredictiveLow
224ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
225ArgumentxxxxxxxxxpredictiveMedium
226Argumentxxxxxxx_xxxxpredictiveMedium
227ArgumentxxxxxxxxxpredictiveMedium
228ArgumentxxxxpredictiveLow
229ArgumentxxxxxxpredictiveLow
230ArgumentxxxxpredictiveLow
231Argumentxxxx_xxxxpredictiveMedium
232Argumentxxxx_xxxxpredictiveMedium
233ArgumentxxxxxxxpredictiveLow
234ArgumentxxxxpredictiveLow
235ArgumentxxxxxxxxxxxxxxpredictiveHigh
236ArgumentxxxxxxxxxxxxxpredictiveHigh
237Argumentxxx_xxxx_xxxxpredictiveHigh
238Argumentxxxxxxxxx_xxpredictiveMedium
239ArgumentxxxxxxxxpredictiveMedium
240Argumentxx_xxxxxxxxpredictiveMedium
241ArgumentxxxxpredictiveLow
242Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
243Argumentxxxxxxx_xxxxpredictiveMedium
244ArgumentxxxxpredictiveLow
245ArgumentxxxxpredictiveLow
246Argumentxxxxxx_xxxxxx[xxxxxx_xxxx]predictiveHigh
247ArgumentxxxxxpredictiveLow
248Argumentxx_xxxxxxxxxxxpredictiveHigh
249ArgumentxxxxpredictiveLow
250Argumentxxxx_xxxxpredictiveMedium
251Argumentxxxx_xx_xx_xxxpredictiveHigh
252ArgumentxxxxxxxxxpredictiveMedium
253Argumentxxxxx_xxxx_xxxxpredictiveHigh
254ArgumentxxxxxxxpredictiveLow
255ArgumentxxxxxpredictiveLow
256Argumentxxxxxxxxxx[x]predictiveHigh
257Argumentxx_xxxxpredictiveLow
258Argumentxxxxxxx_xxxxxxxpredictiveHigh
259Argumentxxxxx_xxxxxxpredictiveMedium
260Argumentxxxxxxxxxxxx_xxxxxxxxxpredictiveHigh
261ArgumentxxxxxxxxxxxpredictiveMedium
262ArgumentxxxxxxxxxxxxpredictiveMedium
263ArgumentxxxxxxxxxxpredictiveMedium
264Argumentxxxx_xxxxpredictiveMedium
265Argumentxxxxxxxxxx_xxxxpredictiveHigh
266ArgumentxxxxxpredictiveLow
267ArgumentxxxxxxxxxxpredictiveMedium
268ArgumentxxxxxxxxxxxxpredictiveMedium
269ArgumentxxxpredictiveLow
270Argumentxxxxxxxxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxpredictiveHigh
271ArgumentxxxpredictiveLow
272ArgumentxxxxpredictiveLow
273Argumentxxxx_xx[]predictiveMedium
274ArgumentxxxpredictiveLow
275Argumentxxxx-xxxxxpredictiveMedium
276ArgumentxxxxxxxxpredictiveMedium
277Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
278Argumentxxxx_xxxxxpredictiveMedium
279Argumentxxxx_xxxxxpredictiveMedium
280Argumentxxxxx_xxxpredictiveMedium
281ArgumentxxxxpredictiveLow
282Argument_xxx_xxxxxxx_xxxxx_xxxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxx_xxxxxpredictiveHigh
283Argument__xxxxxxxxxpredictiveMedium
284Input Value'xx''='predictiveLow
285Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxx+xxxxxx+x,x,xxxx,xxx,x,x+xxxx+xxx_xxxxx+xxxxx+xx=x--+predictiveHigh
286Input Value<xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
287Input Value\xxx../../../../xxx/xxxxxxpredictiveHigh
288Pattern() {predictiveLow
289Patternxxxxxxx-xxxx|xx| xxxx/xxxxpredictiveHigh
290Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
291Pattern|xx xx xx xx|predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!