RedEcho Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en708
zh284
ja6
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

hk976
us14
cn6
cf2
tw2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows36
Google Chrome32
Apache HTTP Server20
Tuxera ntfs-3g18
Apache Tomcat12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1D-Link DIR-645 Interface Wireless command injection9.88.8$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.040.07584CVE-2015-2051
2Symantec Gateway ipchange.php exec access control8.88.4$5k-$25k$0-$5kHighOfficial Fix0.010.81590CVE-2012-0297
3Fortinet FortiOS/FortiProxy Administrative Interface authentication bypass9.89.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.080.89292CVE-2022-40684
4Palo Alto PAN-OS GlobalProtect Portal stack-based overflow9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01086CVE-2021-3064
5Fortinet FortiOS sslvpnd heap-based overflow9.89.3$0-$5k$0-$5kProof-of-ConceptOfficial Fix1.090.15362CVE-2022-42475
6Apache Ambari pathname traversal6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2020-13924
7OpenSSL AES OCB Mode missing encryption5.65.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01537CVE-2022-2097
8Cisco ASA/Firepower Threat Defense DNS Inspection resource consumption8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.01055CVE-2022-20760
9Apple iOS/iPadOS Kernel out-of-bounds write7.87.5$25k-$100k$5k-$25kHighOfficial Fix0.000.01455CVE-2022-32917
10Microsoft Windows Support Diagnostic Tool Follina Remote Code Execution7.37.1$25k-$100k$0-$5kHighWorkaround0.000.69589CVE-2022-30190
11Apache Log4j Incomplete Fix CVE-2021-44228 deserialization4.54.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.71951CVE-2021-45046
12RainyGao DocSys ZIP File Decompression path traversal5.55.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00890CVE-2022-4402
13maku-boot Scheduled Task AbstractScheduleJob.java doExecute injection6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.00890CVE-2022-4322
14Oracle Communications Messaging Server Apache PDFBox denial of service5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.05242CVE-2021-31812
15Apache Shiro RequestDispatcher improper authentication8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.01246CVE-2022-40664
16Microsoft App Installer Privilege Escalation7.16.2$5k-$25k$0-$5kUnprovenOfficial Fix0.010.01150CVE-2021-43890
17Apache Log4j JMSAppender deserialization8.88.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.68637CVE-2021-4104
18Apache Tomcat HTTP Header request smuggling7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined0.040.05242CVE-2021-33037
19Microsoft Exchange Server Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.040.31667CVE-2021-42321
20Linux Kernel Inter-Process Communication crypto.c tipc_crypto_key_rcv missing encryption7.06.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.12300CVE-2021-43267

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • India Power Grid

IOC - Indicator of Compromise (43)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
114.43.108.22RedEchoIndia Power GridverifiedHigh
227.255.92.83RedEchoverifiedHigh
327.255.94.21RedEchoverifiedHigh
427.255.94.29RedEchoverifiedHigh
559.10.140.47RedEchoIndia Power GridverifiedHigh
659.127.10.13259-127-10-132.hinet-ip.hinet.netRedEchoIndia Power GridverifiedHigh
761.74.255.16RedEchoIndia Power GridverifiedHigh
8101.78.177.227RedEchoverifiedHigh
9101.78.177.242RedEchoverifiedHigh
10XXX.XX.XXX.XXXXxxxxxxverifiedHigh
11XXX.XXX.XXX.XXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
12XXX.XX.XX.XXxxx-xx-xx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
13XXX.XX.XX.XXXxxx-xx-xx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
14XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
15XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
16XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
17XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
18XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
19XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
20XXX.XXX.XXX.XXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
21XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
22XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
23XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
24XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
25XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
26XXX.XX.XX.XXXXxxxxxxverifiedHigh
27XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
28XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
29XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxxverifiedHigh
30XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxxverifiedHigh
31XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxxverifiedHigh
32XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxxverifiedHigh
33XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
34XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx XxxxverifiedHigh
35XXX.XXX.XXX.XXXxxxxxxverifiedHigh
36XXX.XXX.XXX.XXXxxxxxxverifiedHigh
37XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
38XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
39XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
40XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
41XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
42XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
43XXX.XXX.XXX.XXXXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Pathname TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94, CWE-1321Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
12TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
15TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
16TXXXX.XXXCWE-XXXXxxxxxxxx XxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
20TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
23TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (243)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin-panel1.phppredictiveHigh
2File/admin/academic/studenview_left.phppredictiveHigh
3File/admin/controller/JobLogController.javapredictiveHigh
4File/admin/login.phppredictiveHigh
5File/ad_js.phppredictiveMedium
6File/alerts/alertConfigField.phppredictiveHigh
7File/API/system/admins/sessionpredictiveHigh
8File/cgi-bin/ExportALLSettings.shpredictiveHigh
9File/config/config.phppredictiveHigh
10File/context/%2e/WEB-INF/web.xmlpredictiveHigh
11File/core/conditions/AbstractWrapper.javapredictiveHigh
12File/DataHandler/AM/AM_Handler.ashxpredictiveHigh
13File/DataHandler/HandlerAlarmGroup.ashxpredictiveHigh
14File/DataHandler/HandlerEnergyType.ashxpredictiveHigh
15File/DataHandler/Handler_CFG.ashxpredictiveHigh
16File/ECT_Provider/predictiveHigh
17File/etc/passwdpredictiveMedium
18File/face-recognition-php/facepay-master/camera.phppredictiveHigh
19File/fuel/index.php/fuel/logs/itemspredictiveHigh
20File/fuel/index.php/fuel/pages/itemspredictiveHigh
21File/image_zoom.phppredictiveHigh
22File/include/config.cache.phppredictiveHigh
23File/index.phppredictiveMedium
24File/mkshop/Men/profile.phppredictiveHigh
25File/plugin/ajax.phppredictiveHigh
26File/preauthpredictiveMedium
27File/proxy/predictiveLow
28File/public/plugins/predictiveHigh
29File/rest/api/2/searchpredictiveHigh
30File/rest/api/latest/projectvalidate/keypredictiveHigh
31File/xxx-xpredictiveLow
32File/xxxxxxx/xxxxxxxx.xxxpredictiveHigh
33File/xxxpredictiveLow
34File/xxxxxxx/predictiveMedium
35File/xxxxxxpredictiveLow
36File/xxxxxxx/xxxxpredictiveHigh
37File/xxx/xxx/xxxxxxpredictiveHigh
38File/xxxxx/xxxxxxxxxxxxxxpredictiveHigh
39Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
40Filexxxxx.xxxpredictiveMedium
41Filexxxxx/xxxxxxxxx.xxxpredictiveHigh
42Filexxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
43Filexxx_xxxxxxx.xxxpredictiveHigh
44Filexxxxxx.xxxpredictiveMedium
45Filexxxxxx.xpredictiveMedium
46Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
47Filexxx_xxxx_xxxx.xpredictiveHigh
48Filexxx.xxxpredictiveLow
49Filexxx-xxxx.xxxpredictiveMedium
50Filexxx/xxxxxxx.xxpredictiveHigh
51Filexxxxxxxx/xxxx_xxxx.xpredictiveHigh
52Filexxxxxxx.xxxpredictiveMedium
53Filexxxxxx_xxxxxxxx.xpredictiveHigh
54Filexxxxxx_xxxxx.xxpredictiveHigh
55Filexxxxxx.xxxpredictiveMedium
56Filexxxxxx.xxxpredictiveMedium
57Filexxxxxxx.xpredictiveMedium
58Filexxxxxxxxx.xxxxxxx.xxxpredictiveHigh
59Filexxxxxxxxxx/xxxx.xxxpredictiveHigh
60Filexxxxxxx/xxxx.xxxpredictiveHigh
61Filexxxxxx/xxxx/xxxxxxxx.xpredictiveHigh
62Filexxxxxxx/xxx/xxx/xxx/xxxx_xxx.xpredictiveHigh
63Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictiveHigh
64Filexxxxxxx/xxxxx/xxxxx/xxxxxxx.xpredictiveHigh
65Filexx/xxxx/xxxxxx.xpredictiveHigh
66Filexx/xxxxx/xxxxxxx.xpredictiveHigh
67Filexxxx/xxxxxxx/xxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
68Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
69Filex/xpredictiveLow
70Filexxxxx.xxxpredictiveMedium
71Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxpredictiveHigh
72Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxxxxxpredictiveHigh
73Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxxxxxxxpredictiveHigh
74Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxpredictiveHigh
75Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
76Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxpredictiveHigh
77Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
78Filexxxxxx.xpredictiveMedium
79Filexxx.x/xxxxxx.xpredictiveHigh
80Filexxxxxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
83Filexxxxxxx/xxx_xxx.xpredictiveHigh
84Filexxxxx.xxxpredictiveMedium
85Filexxxxxxxxxx.xxxpredictiveHigh
86Filexxx-xxxxxxxx/xxxx.xxxpredictiveHigh
87Filexxxxxxxx_xxxx.xxxpredictiveHigh
88Filexxxxxxxx.xxpredictiveMedium
89Filexxxxxxx/xxxxx/xx_xxxxxx.xpredictiveHigh
90Filexxx_xxxxx.xpredictiveMedium
91Filexxx/xxxx/xxxxxx.xpredictiveHigh
92Filexxxx.xxxxxx.xxpredictiveHigh
93Filexxx_xxxxxxxx.xpredictiveHigh
94Filexxxxxxxxxxx.xxxpredictiveHigh
95Filexxx_xxxx.xpredictiveMedium
96Filexx_xxx.xpredictiveMedium
97Filexxxxxxxx.xxxpredictiveMedium
98Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
99Filexx/xxxxpredictiveLow
100Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveHigh
101Filexxxxxxxxxx.xxpredictiveHigh
102Filexxxxxxx.xxxpredictiveMedium
103Filexxxxxxx/xxxxx/xxxxx-xxxxxxxxx.xpredictiveHigh
104Filexxxxx/xxxxxxx.xpredictiveHigh
105Filexxxxxxxxxx.xxxpredictiveHigh
106Filexxxx\xxxxxxx\xxxxxxx\xxxxxxxx_xxxxxx.xxxpredictiveHigh
107Filexxx.xxxpredictiveLow
108FilexxxxxxxxxxxxxxxxxxxxpredictiveHigh
109Filexxxxxxxxxx.xxpredictiveHigh
110Filexxxxxx.xxxpredictiveMedium
111Filexxxx_xxx_xx.xpredictiveHigh
112Filexxxxxxx.xpredictiveMedium
113Filexxxxxx.xxpredictiveMedium
114Filexxxxxx.xxxpredictiveMedium
115Filexxxxxxx.xpredictiveMedium
116Filexxxxx.xxxpredictiveMedium
117Filexxxx/xxxxxx.xxxpredictiveHigh
118Filexxxxxxx.xxxpredictiveMedium
119Filexxxxxxxxxx.xpredictiveMedium
120Filexxx_xxxx.xpredictiveMedium
121Filexxx_xxxx.xpredictiveMedium
122Filexxxxxxxxx.xxxpredictiveHigh
123Filexx/xxx.xpredictiveMedium
124Filexxxxxx.xxxpredictiveMedium
125Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
126Filexxxxxxxx/predictiveMedium
127Filexxxxxxxxxx.xxxxpredictiveHigh
128Filexxxxxx-xxxxx.xxxpredictiveHigh
129Filexxx.xxxxpredictiveMedium
130Filexxxxxxx/xxxx/xxx/xxxx.xxxpredictiveHigh
131Filexxxxxxx.xxx.xxxpredictiveHigh
132Filexxxxxxxxx.xpredictiveMedium
133Filexxxxx/xxxxxxxxpredictiveHigh
134Filexxxxxxxx.xpredictiveMedium
135Filexxxx.xxxpredictiveMedium
136File\xxxxxxxx.xxxpredictiveHigh
137File~/xxxxx-xxxxx.xxxpredictiveHigh
138File~/xxxxxx-xxxx.xxxpredictiveHigh
139File~/xxxxx-xxxxxxxx.xxxpredictiveHigh
140File~/xxxxxx-xxxxx.xxxpredictiveHigh
141File~/xxx/xxxxxxxxx/xxxx/xxxx/xxxxxx.xxxpredictiveHigh
142File~/xxxxxxxx/xxxxx-xxx-xxxxxx-xxxxxxxxxxxx.xxxpredictiveHigh
143File~/xxxxxxxxxxxxx-xxxxxxxxxxxxxx.xxxpredictiveHigh
144File~/xxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
145File~/xxxxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
146File~/xxxx-xxxxxxxxxx-xxxxx.xxxpredictiveHigh
147File~/xxxx/xxxxxxxxxx.xxxpredictiveHigh
148File~/xxxxx/xxxxxxxxxxxxx.xxxx.xxxpredictiveHigh
149Libraryxxxxx.xxxpredictiveMedium
150Libraryxxxxxx.xxxpredictiveMedium
151Libraryxx_xxx.xxxpredictiveMedium
152Libraryxxx/xxxxxxx/xxxxxxxxx.xxxpredictiveHigh
153Libraryxxx/xxxxxx/xxxxx_xxxx.xxpredictiveHigh
154Libraryxxx/xxx/xxxxx.xxpredictiveHigh
155Libraryxxxxxxxxxxx.xpredictiveHigh
156Libraryxxxxxx.xxxpredictiveMedium
157Libraryxxxxxxxx.xxxpredictiveMedium
158Argument$xxxxxxx['xxx_xxxx']predictiveHigh
159Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
160Argumentxxxxxx:/xxxxxxxx:/xxxxxxxxxxxxxx:predictiveHigh
161ArgumentxxxxpredictiveLow
162ArgumentxxxxxxpredictiveLow
163ArgumentxxxxxxxxxxxxxpredictiveHigh
164ArgumentxxxxxxpredictiveLow
165Argumentxxxxxxxx_xxxxpredictiveHigh
166ArgumentxxxpredictiveLow
167ArgumentxxxxxxpredictiveLow
168ArgumentxxxxxxxpredictiveLow
169Argumentxxxxxxxxx xxxxpredictiveHigh
170Argumentxxxxxxx-xxxxxxpredictiveHigh
171Argumentxx xxxxpredictiveLow
172ArgumentxxxxxxxxxxxxpredictiveMedium
173ArgumentxxxxxxxxxxpredictiveMedium
174ArgumentxxxxxpredictiveLow
175ArgumentxxxxxxxxxpredictiveMedium
176ArgumentxxxxxxxxxxxxxxxpredictiveHigh
177ArgumentxxxxxpredictiveLow
178Argumentxx_xxxxx_xxpredictiveMedium
179ArgumentxxxxxpredictiveLow
180ArgumentxxxxxxxpredictiveLow
181Argumentxxxxx_xxxx_xxxxpredictiveHigh
182Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
183ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
184Argumentxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
185ArgumentxxxxxxxxpredictiveMedium
186ArgumentxxpredictiveLow
187Argumentxx/xxxxxxxxxxxpredictiveHigh
188Argumentxxxxxx_xxx_xxxxpredictiveHigh
189ArgumentxxxpredictiveLow
190ArgumentxxxpredictiveLow
191ArgumentxxxxpredictiveLow
192ArgumentxxxxxxxpredictiveLow
193Argumentxx_xxxxxxxpredictiveMedium
194Argumentxxxx_xxxxxxpredictiveMedium
195Argumentxxxx_xxxxpredictiveMedium
196ArgumentxxxxpredictiveLow
197Argumentxxxxxxx[xxxxxx_xxxxx]predictiveHigh
198ArgumentxxxxxxxpredictiveLow
199ArgumentxxxxxxxpredictiveLow
200ArgumentxxxxpredictiveLow
201ArgumentxxxxxxxxpredictiveMedium
202ArgumentxxxxxxpredictiveLow
203Argumentxxxx_xxpredictiveLow
204Argumentxxx_xx_xxxx/xxx_xx_xxxxxxxxpredictiveHigh
205ArgumentxxxpredictiveLow
206Argumentxxxxx_xxxxxxpredictiveMedium
207ArgumentxxxxxxxpredictiveLow
208ArgumentxxxxxxxxxxxpredictiveMedium
209ArgumentxxxxxxpredictiveLow
210Argumentxxxxxx_xxxxpredictiveMedium
211Argumentxxxxxxxx_xxxxpredictiveHigh
212ArgumentxxxxxxxxxxpredictiveMedium
213ArgumentxxxxxxxxxxxxpredictiveMedium
214ArgumentxxxxpredictiveLow
215ArgumentxxxxxxpredictiveLow
216ArgumentxxxxxxxxxpredictiveMedium
217ArgumentxxxxxxxxxpredictiveMedium
218Argumentxxxxxx_xxxx_xxxpredictiveHigh
219ArgumentxxxpredictiveLow
220ArgumentxxxpredictiveLow
221ArgumentxxxxxpredictiveLow
222Argumentxxxxxxxx-xxxxxxxxpredictiveHigh
223ArgumentxxxxpredictiveLow
224Argumentxxx-xxxpredictiveLow
225ArgumentxxxpredictiveLow
226ArgumentxxxxpredictiveLow
227ArgumentxxxxxxpredictiveLow
228ArgumentxxxxxxxxpredictiveMedium
229ArgumentxxxxxxxxxxxpredictiveMedium
230Argumentxxxx_xxxxxxxxxpredictiveHigh
231ArgumentxxxxpredictiveLow
232Argumentxxxxx_xxxxxxxxxx_xxxxxpredictiveHigh
233Argument_xxxxxxxxpredictiveMedium
234Input Value%xx%xxpredictiveLow
235Input Value../predictiveLow
236Input Valuex=xpredictiveLow
237Input Value\xxxxxpredictiveLow
238Input Value\xxx\xxx\xxx\xxxpredictiveHigh
239PatternxxxxpredictiveLow
240Network Portxxx/xx (xxx)predictiveMedium
241Network Portxxx/xx (xxxxxx)predictiveHigh
242Network Portxxx/xxx (xxxx)predictiveHigh
243Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!