RagnarLocker Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (695)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en574
pl36
ja14
de14
es12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us442
de58
au22
ru22
cn20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

RagnarLocker27
Cobalt Strike9
RedLine Stealer6
SideWinder5
Raccoon3

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined212
Content Management System48
Operating System28
Web Server12
Forum Software12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined172
Microsoft40
Oracle12
Cisco10
SourceCodester8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
WordPress12
Pearlinger Products6
Apache HTTP Server4
SSReader Ultra Star Reader4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009361.81CVE-2020-15906
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.58CVE-2010-0966
3Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
4Phorum register.php cross site scripting6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.016010.02CVE-2007-0769
5Biometric Shift Employee Management System index.php cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000570.00CVE-2017-17995
6AlstraSoft AskMe Pro register.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.00
7Void Contact Form 7 Widget for Elementor Page Builder Plugin void_cf7_opt_in_user_data_track cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000630.00CVE-2022-47166
8Trend Micro HouseCall for Home Networks Library uncontrolled search path6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000450.00CVE-2021-32466
9SSReader Ultra Star Reader ActiveX Control pdg2.dll Register memory corruption10.09.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.070570.03CVE-2007-5892
10PHP mysqli_real_escape_string integer overflow8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.009320.04CVE-2017-9120
11Moreover.com Cached Feed.cgi Script cached_feed.cgi path traversal5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.012560.00CVE-2000-0906
12cpCommerce register.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.006410.03CVE-2007-2968
13The Address Book register.php privileges management7.36.4$0-$5k$0-$5kUnprovenUnavailable0.017410.00CVE-2006-4580
14PsychoStats register.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.02
15Phorum register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001840.02CVE-2004-2110
16baserCMS Management System unrestricted upload8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.013750.00CVE-2023-25654
17MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.61CVE-2007-0354
18SmartDataSoft SmartBlog archive.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.026230.03CVE-2021-37538
19Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011940.03CVE-2004-1386
20Woltlab Burning Board register.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.009570.00CVE-2007-1443

IOC - Indicator of Compromise (32)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.45.65.52RagnarLocker03/08/2022verifiedHigh
223.106.122.192RagnarLocker03/08/2022verifiedHigh
323.227.202.7223-227-202-72.static.hvvc.usRagnarLocker03/08/2022verifiedHigh
437.120.238.107RagnarLocker03/08/2022verifiedHigh
545.63.89.25045.63.89.250.vultr.comRagnarLocker03/08/2022verifiedMedium
645.90.59.131unallocated.layer6.netRagnarLocker03/08/2022verifiedHigh
745.91.93.75mnbbim4.uniteq.xyzRagnarLocker03/08/2022verifiedHigh
8XX.XXX.XX.Xxxxxxxxx.xx.xxxxxxxXxxxxxxxxxxx03/08/2022verifiedHigh
9XX.XXX.XXX.XXXXxxxxxxxxxxx03/08/2022verifiedHigh
10XX.XX.XX.XXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
11XX.XX.XXX.XXXxxxxxx.xxx.xxx.xx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
12XX.XXX.XXX.XXxx-xxx-xxx-xx-xxxxxx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
13XX.XXX.XXX.XXxxx.xxxxxxx.xx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
14XX.XX.XX.XXXxxxxxxxxxxx03/08/2022verifiedHigh
15XX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
16XXX.XX.XXX.XXXxxxx-xxx-xx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
17XXX.XX.XXX.XXXxxxx-xxx-xx-xxx-xxx.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
18XXX.XXX.XXX.XXxxxxxx.xx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
19XXX.XX.XXX.XXxxxx.xx-xxx-xx-xxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
20XXX.XX.XXX.XXXxxx.xx.xxx.xxx.xxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedMedium
21XXX.XX.XXX.Xxxxxx.xxxxxxxxxxx.xxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
22XXX.XX.XX.XXxxxxxx.xx.xx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh
23XXX.XX.XXX.XXxxx.xxx.xxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
24XXX.XXX.XXX.XXxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
25XXX.XXX.XXX.XXXxxxxxxxxx.xxxxxxxxx.xxxxXxxxxxxxxxxx03/08/2022verifiedHigh
26XXX.XXX.XXX.XXXXxxxxxxxxxxx03/08/2022verifiedHigh
27XXX.XX.XX.XXxxxxxxxx.xxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
28XXX.XX.XX.XXxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
29XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxxxxxx-xxxXxxxxxxxxxxx03/08/2022verifiedHigh
30XXX.XX.XX.XXxxx-xx-xx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
31XXX.XX.XXX.XXXxxx-xx-xxx-xxx-xxxx.xxxxxxxxxxxx.xxxXxxxxxxxxxxx03/08/2022verifiedHigh
32XXX.XX.XX.XXXxxxxxx-xxxxxxx.xxxxx.xxXxxxxxxxxxxx03/08/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22Path TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CWE-88, CWE-94Argument InjectionpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxx Xx Xxx Xxxxxxx Xx X Xxxxxxxx XxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
21TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (293)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/+CSCOE+/logon.htmlpredictiveHigh
2File/adminlogin.asppredictiveHigh
3File/app/index/controller/Common.phppredictiveHigh
4File/category_view.phppredictiveHigh
5File/dipam/athlete-profile.phppredictiveHigh
6File/forum/away.phppredictiveHigh
7File/goform/delAdpredictiveHigh
8File/HNAP1predictiveLow
9File/mc-admin/post.php?state=delete&deletepredictiveHigh
10File/mkshop/Men/profile.phppredictiveHigh
11File/pharmacy-sales-and-inventory-system/manage_user.phppredictiveHigh
12File/php-jms/review_se_result.phppredictiveHigh
13File/public/login.htmpredictiveHigh
14File/Side.phppredictiveMedium
15File/spip.phppredictiveMedium
16File/student/bookdetails.phppredictiveHigh
17File/textpattern/index.phppredictiveHigh
18File/user/profilepredictiveHigh
19File/usr/ucb/mailpredictiveHigh
20File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
21Fileaccount.asppredictiveMedium
22Fileadclick.phppredictiveMedium
23Fileaddmember.phppredictiveHigh
24Fileaddtocart.asppredictiveHigh
25Fileaddtomylist.asppredictiveHigh
26Fileadmin.phppredictiveMedium
27Fileadmin.x-shop.phppredictiveHigh
28Fileadmin/auth.phppredictiveHigh
29Fileadmin/import/class-import-settings.phppredictiveHigh
30Fileadmin/sqlpatch.phppredictiveHigh
31FileadminAttachments.phppredictiveHigh
32FileadminBoards.phppredictiveHigh
33Fileadmincp/auth/checklogin.phppredictiveHigh
34Fileadminlogin.asppredictiveHigh
35FileadminPolls.phppredictiveHigh
36Fileadmin_feature.phppredictiveHigh
37Fileaj.htmlpredictiveLow
38Filexxxx/xxxxxxxxxxxxxx.xxxpredictiveHigh
39Filexx_xxxxxxxxxx.xxxpredictiveHigh
40Filexxx_xxx.xxxpredictiveMedium
41Filexxxxxxxxxxx/xxxxx/xxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
42Filexxxxxxxx.xxxpredictiveMedium
43Filexxx.xxxpredictiveLow
44Filexxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveHigh
45Filexxxxxxxxxxxxx.xxpredictiveHigh
46Filexxxxxxx.xxpredictiveMedium
47Filexx_xxxxx_xxxxx.xxxpredictiveHigh
48Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveHigh
49Filexxxxxx_xxxx.xxxpredictiveHigh
50Filexxxx_xxxxxxx.xxxpredictiveHigh
51Filexxx.xxxpredictiveLow
52Filexxxxxxxx.xxxpredictiveMedium
53Filexxx-xxx/xxxxxxx.xxpredictiveHigh
54Filexxx-xxx/xxxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
55Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveHigh
56Filexxx-xxx/xxxxxx/xxxxx.xxpredictiveHigh
57Filexxxxx.xxxxx.xxxpredictiveHigh
58Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
60Filexxxx/xxxx/xxx.xxxxxxx.xxxxxxx/xxxxxx_xxxxx/xxx.xxxpredictiveHigh
61Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
62Filexxx.xxxpredictiveLow
63Filexxxxxxx.xxxpredictiveMedium
64Filexxxxxx.xxxpredictiveMedium
65Filexxxxxxxx.xxxpredictiveMedium
66Filexxxx-xxxxxxx.xxxpredictiveHigh
67Filexxxxxxxx.xxx.xxxpredictiveHigh
68Filexxxxx.xxxpredictiveMedium
69Filexxxxx.xxxpredictiveMedium
70Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
71Filexxxx.xpredictiveLow
72Filexxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHigh
73Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
74Filexxxxx.xxxpredictiveMedium
75Filexxxx/xxxx.xxpredictiveMedium
76Filexxxxxxxxx_xxx_xxxx.xxxpredictiveHigh
77Filexxxx.xxxpredictiveMedium
78Filexxxx.xxxpredictiveMedium
79Filexxxxxxxxx.xxxpredictiveHigh
80Filexxxxxxxx.xxxpredictiveMedium
81Filexxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxx.xxxpredictiveHigh
83Filexxx/xxxxxx.xxxpredictiveHigh
84Filexxx/xxxxxxxxx.xxx.xxxpredictiveHigh
85Filexxx/xxxxxxx/xxxxxxxxxxxxx/xxxxx.xxxpredictiveHigh
86Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
87Filexxxxxxx/xxxxxxx/xxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
88Filexxxxxxx/xxxxxx/xxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
89Filexxxxxxxx/xxxx.xxxpredictiveHigh
90Filexxxxxxxx/xxxxxxxxxxxx.xxx.xxxpredictiveHigh
91Filexxxxxxxx/xxxxxx/xxxxxx.xxxpredictiveHigh
92Filexxxxx.xxxpredictiveMedium
93Filexxxxx.xxx#xxxxxxx_xxpredictiveHigh
94Filexxxxxxx.xxx.xxxpredictiveHigh
95Filexx.xxxpredictiveLow
96Filexxxx.xxxpredictiveMedium
97Filexxxxx/xxxxx.xxxpredictiveHigh
98Filexxxx.xxxpredictiveMedium
99Filexxxx/x/xxxxxx.xpredictiveHigh
100Filexxxxx.xxxpredictiveMedium
101Filexxx_xxxxxxxx.xxxpredictiveHigh
102Filexxxx.xpredictiveLow
103Filexxxxxxx.xxxpredictiveMedium
104Filexxx.xxxpredictiveLow
105Filexx_xxxx.xpredictiveMedium
106Filexxxxxxxx.xxxpredictiveMedium
107Filexxxxxxx/xxx/xxxxx.xxxpredictiveHigh
108Filexxxxxx_xx.xxxpredictiveHigh
109Filexxx_xxxx_xxxxx.xpredictiveHigh
110Filexxxxxxxxx.xxpredictiveMedium
111Filexxxx.xxxpredictiveMedium
112Filexxxxx.xxxx_xxxx.xxxpredictiveHigh
113Filexxxxxxxxx.xxx.xxxpredictiveHigh
114FilexxxpredictiveLow
115Filexxxxxxx.xxxpredictiveMedium
116Filexxx.xpredictiveLow
117Filexxxxxxxx.xxpredictiveMedium
118Filexxxxx/xxxxxxx.xpredictiveHigh
119Filexxxxx-xxxxx.xpredictiveHigh
120Filexxxxxxx.xxxpredictiveMedium
121Filexxxx.xxxpredictiveMedium
122Filexxxxx.xxxpredictiveMedium
123Filexxxxxxxxxx.xxxpredictiveHigh
124Filexxxxxxxx.xxxpredictiveMedium
125Filexxxxxxxx.xxxpredictiveMedium
126Filexxxxxxxx.xxpredictiveMedium
127Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
128Filexxxxxxxxxx.xxxx.xxxpredictiveHigh
129Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxxx_xxxxxx_xxxxxxxx.xxxpredictiveHigh
131Filexxxxxx.xxxpredictiveMedium
132Filexxxxxx.xxxpredictiveMedium
133Filexxxxxx_xxxx.xxxpredictiveHigh
134Filexxxxxx/xxxxxxxx.xxxpredictiveHigh
135Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
136Filexxxx.xxxpredictiveMedium
137Filexxxx/xxxx.xxxpredictiveHigh
138Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
139Filexxxxxxxxxxx.xxxpredictiveHigh
140Filexxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxxpredictiveHigh
141Filexxxxxxxxxxx.xxxpredictiveHigh
142Filexxxx_xxxxxxxx.xxx/xxxx_xxxx.xxxpredictiveHigh
143Filexxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
144Filexxxxxxxxx/xxxxxxxxxxpredictiveHigh
145Filexxxxxx/predictiveLow
146Filexxxx-xxxxxxxx.xxxpredictiveHigh
147Filexxxx-xxxx_xxxx_xxxxxxx.xxxpredictiveHigh
148Filexxxx-xxxxx.xxxpredictiveHigh
149Filexxxx-xxxxxxxx.xxxpredictiveHigh
150Filexxxx.xxxpredictiveMedium
151Filexxxxxxxx-x.xpredictiveMedium
152Filexxxxxx.xxxpredictiveMedium
153Filexxxxxx.xxxpredictiveMedium
154Filexxx.xxxpredictiveLow
155Filexxxxx/xxxxxxxx.xxxpredictiveHigh
156Filexxxx/xxxxxx.xxxxpredictiveHigh
157Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
158Filexxxxxxxxx.xpredictiveMedium
159Filexxxx.xxxpredictiveMedium
160Filexxxx/xxxxxxxx.xxxpredictiveHigh
161Filexxxx_xxx.xxxpredictiveMedium
162Filexxx/xxx/xxxx/xxxxx.xxxpredictiveHigh
163Filexxx/xxxxx/xxxxx.xxxpredictiveHigh
164Filexxxxxxx.xxxpredictiveMedium
165Filexx-xxxxxxxx-xxxx.xxxpredictiveHigh
166Filexx-xxxxxx.xxxpredictiveHigh
167Filexx-xxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
168Filexx-xxxxxxxx.xxxpredictiveHigh
169Filexxx/xxxx/xx/xxxxxxx.xxxpredictiveHigh
170Filexxxxxxxxxxxx.xxxpredictiveHigh
171FilexxxxxxxpredictiveLow
172File~/xxx/xxxxxxxxx/xxxx/xxxx/xxxxxx.xxxpredictiveHigh
173File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxx.xxxpredictiveHigh
174Libraryxxxxx/xxxxxxxxx/xxxxx.xxxxxxxxx.xxxpredictiveHigh
175Libraryxxxxxxxxxxx.xxxpredictiveHigh
176Libraryxxxxxxxx.xxxpredictiveMedium
177Libraryxxxx.xxx.xxxpredictiveMedium
178Libraryxxxx.xxxpredictiveMedium
179Libraryxxxxx_xxx.xxxpredictiveHigh
180Libraryxxxxxxx.xxxpredictiveMedium
181Argument$_xxxxxx['xxx_xxxx']predictiveHigh
182ArgumentxxxxxxpredictiveLow
183ArgumentxxxxxxxpredictiveLow
184ArgumentxxxxxxpredictiveLow
185ArgumentxxxxxxxxpredictiveMedium
186Argumentxxxx_xxxpredictiveMedium
187Argumentxxxxxxxxx xx xxxxxxxpredictiveHigh
188ArgumentxxxxpredictiveLow
189Argumentxxxx_xxx_xxxxpredictiveHigh
190ArgumentxxxpredictiveLow
191Argumentxxxxxxxx/xxxxxxpredictiveHigh
192Argumentxxxxxxxx_xxpredictiveMedium
193Argumentxxx_xxpredictiveLow
194ArgumentxxxxxxxxxxpredictiveMedium
195ArgumentxxxxxxxpredictiveLow
196ArgumentxxxxxxpredictiveLow
197ArgumentxxxxxxxxxxpredictiveMedium
198Argumentxxxxxx[xxx_xxxx_xxxx]predictiveHigh
199ArgumentxxxxxxxpredictiveLow
200ArgumentxxxxxxxxpredictiveMedium
201ArgumentxxxxxxpredictiveLow
202ArgumentxxxxxxxpredictiveLow
203Argumentxxxxxxx_xxxx_xxxxpredictiveHigh
204Argumentxxxxxx_xxxxx_xxxxpredictiveHigh
205ArgumentxxxxxxxxpredictiveMedium
206ArgumentxxxxpredictiveLow
207ArgumentxxxpredictiveLow
208ArgumentxxxxxpredictiveLow
209Argumentxxxxx_xxxxxx/xxxxpredictiveHigh
210ArgumentxxxxxxxxxxxpredictiveMedium
211Argumentxx_xxxxx_xxpredictiveMedium
212Argumentxxxxx_xxxx_xxxxpredictiveHigh
213ArgumentxxxxxpredictiveLow
214Argumentxxxxx_xxxxxxxxxxxpredictiveHigh
215Argumentxx_xxxxxxxpredictiveMedium
216ArgumentxxxxxxxpredictiveLow
217ArgumentxxxxxxpredictiveLow
218Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveHigh
219Argumentxxxx[xxxxxxx]predictiveHigh
220Argumentxxxx_xxxxxpredictiveMedium
221Argumentxxxx_xxxxxxxpredictiveMedium
222ArgumentxxpredictiveLow
223ArgumentxxpredictiveLow
224ArgumentxxpredictiveLow
225ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
226ArgumentxxxxxxxxxpredictiveMedium
227Argumentxxxxxxx_xxxxpredictiveMedium
228ArgumentxxxxxxxxxpredictiveMedium
229ArgumentxxxxpredictiveLow
230ArgumentxxxxxxpredictiveLow
231ArgumentxxxxpredictiveLow
232Argumentxxxx_xxxxpredictiveMedium
233Argumentxxxx_xxxxpredictiveMedium
234ArgumentxxxxxxxpredictiveLow
235ArgumentxxxxpredictiveLow
236ArgumentxxxxxxxxxxxxxxpredictiveHigh
237ArgumentxxxxxxxxxxxxxpredictiveHigh
238Argumentxxx_xxxx_xxxxpredictiveHigh
239Argumentxxxxxxxxx_xxpredictiveMedium
240ArgumentxxxxxxxxpredictiveMedium
241Argumentxx_xxxxxxxxpredictiveMedium
242ArgumentxxxxpredictiveLow
243Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
244Argumentxxxxxxx_xxxxpredictiveMedium
245ArgumentxxxxpredictiveLow
246Argumentxxxx/xxxxx/xxxxxxxpredictiveHigh
247ArgumentxxxxpredictiveLow
248Argumentxxxxxx_xxxxxx[xxxxxx_xxxx]predictiveHigh
249ArgumentxxxxxpredictiveLow
250Argumentxx_xxxxxxxxxxxpredictiveHigh
251ArgumentxxxxpredictiveLow
252Argumentxxxx_xxxxpredictiveMedium
253Argumentxxxx_xx_xx_xxxpredictiveHigh
254ArgumentxxxxxxxxxpredictiveMedium
255Argumentxxxxx_xxxx_xxxxpredictiveHigh
256ArgumentxxxxxxxpredictiveLow
257ArgumentxxxxxpredictiveLow
258Argumentxxxxxxxxxx[x]predictiveHigh
259Argumentxx_xxxxpredictiveLow
260Argumentxxxxxxx_xxxxxxxpredictiveHigh
261Argumentxxxxx_xxxxxxpredictiveMedium
262Argumentxxxxxxxxxxxx_xxxxxxxxxpredictiveHigh
263ArgumentxxxxxxxxxxxpredictiveMedium
264ArgumentxxxxxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxxxpredictiveMedium
266Argumentxxxx_xxxxpredictiveMedium
267Argumentxxxxxxxxxx_xxxxpredictiveHigh
268ArgumentxxxxxpredictiveLow
269ArgumentxxxxxxxxxxpredictiveMedium
270ArgumentxxxxxxxxxxxxpredictiveMedium
271ArgumentxxxpredictiveLow
272Argumentxxxxxxxxxxx/xxxxxx/xxxxxxxxxx/xxxxxxxxpredictiveHigh
273ArgumentxxxpredictiveLow
274ArgumentxxxxpredictiveLow
275Argumentxxxx_xx[]predictiveMedium
276ArgumentxxxpredictiveLow
277Argumentxxxx-xxxxxpredictiveMedium
278ArgumentxxxxxxxxpredictiveMedium
279Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
280Argumentxxxx_xxxxxpredictiveMedium
281Argumentxxxx_xxxxxpredictiveMedium
282Argumentxxxxx_xxxpredictiveMedium
283ArgumentxxxxpredictiveLow
284Argument_xxx_xxxxxxx_xxxxx_xxxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxx_xxxxxpredictiveHigh
285Argument__xxxxxxxxxpredictiveMedium
286Input Value'xx''='predictiveLow
287Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxx+xxxxx+xxxxxx+x,x,xxxx,xxx,x,x+xxxx+xxx_xxxxx+xxxxx+xx=x--+predictiveHigh
288Input Value<xxxxxx>xxxxx(/xxx/)</xxxxxx>predictiveHigh
289Input Value\xxx../../../../xxx/xxxxxxpredictiveHigh
290Pattern() {predictiveLow
291Patternxxxxxxx-xxxx|xx| xxxx/xxxxpredictiveHigh
292Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
293Pattern|xx xx xx xx|predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!