RedEcho Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en620
zh362
ko8
ja2
sv2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

hk956
cn20
us12
kr6
cf4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome54
Microsoft Windows28
Tuxera ntfs-3g20
Apache Tomcat16
Apache HTTP Server16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002411.80CVE-2020-12440
2Apple iOS/iPadOS IOSurfaceAccelerator out-of-bounds write8.28.0$25k-$100k$5k-$25kHighOfficial Fix0.003230.00CVE-2023-28206
3D-Link DIR-645 Interface Wireless command injection9.89.4$5k-$25k$0-$5kHighOfficial Fix0.971380.37CVE-2015-2051
4Symantec Gateway ipchange.php exec access control8.88.4$5k-$25k$0-$5kHighOfficial Fix0.973480.02CVE-2012-0297
5Fortinet FortiOS/FortiProxy Administrative Interface authentication bypass9.89.7$25k-$100k$5k-$25kHighOfficial Fix0.971640.05CVE-2022-40684
6Palo Alto PAN-OS GlobalProtect Portal stack-based overflow9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.002340.04CVE-2021-3064
7NVIDIA Omniverse Kit Create/Audio2Face/Isaac Sim/View/Code/Machinima injection8.38.3$0-$5k$0-$5kNot DefinedNot Defined0.000700.04CVE-2022-42268
8Oracle Banking Digital Experience Framework Remote Code Execution8.38.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.013160.00CVE-2021-2351
9Moment Module Regular Expression resource consumption6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002380.03CVE-2017-18214
10Apache HTTP Server mod_proxy input validation7.36.4$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.964970.04CVE-2014-0117
11Fortinet FortiOS sslvpnd heap-based overflow9.89.6$0-$5k$0-$5kHighOfficial Fix0.418830.00CVE-2022-42475
12Apache Ambari pathname traversal6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.001410.04CVE-2020-13924
13OpenSSL AES OCB Mode missing encryption5.65.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.003630.00CVE-2022-2097
14Cisco ASA/Firepower Threat Defense DNS Inspection resource consumption8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.001370.00CVE-2022-20760
15Apple iOS/iPadOS Kernel out-of-bounds write7.87.5$25k-$100k$5k-$25kHighOfficial Fix0.000620.00CVE-2022-32917
16Microsoft Windows Support Diagnostic Tool Follina Remote Code Execution7.37.1$25k-$100k$0-$5kHighWorkaround0.971750.05CVE-2022-30190
17Apache Log4j Incomplete Fix CVE-2021-44228 deserialization4.54.4$5k-$25k$0-$5kHighOfficial Fix0.973630.03CVE-2021-45046
18Google Chrome Profiles use after free7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002360.04CVE-2023-5472
19IEEE 802.11 Packet Routing authentication spoofing5.04.4$0-$5k$0-$5kProof-of-ConceptWorkaround0.000590.04CVE-2022-47522
20PHP IMAP mb_send_mail unknown vulnerability5.45.1$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000860.00CVE-2006-1014

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • India Power Grid

IOC - Indicator of Compromise (39)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
114.43.108.22RedEchoIndia Power Grid04/29/2022verifiedHigh
227.255.92.83RedEcho05/31/2021verifiedHigh
327.255.94.21RedEcho05/31/2021verifiedHigh
427.255.94.29RedEcho05/31/2021verifiedHigh
559.10.140.47RedEchoIndia Power Grid04/29/2022verifiedHigh
659.127.10.13259-127-10-132.hinet-ip.hinet.netRedEchoIndia Power Grid04/29/2022verifiedHigh
761.74.255.16RedEchoIndia Power Grid04/29/2022verifiedHigh
8101.78.177.227RedEcho05/31/2021verifiedHigh
9XXX.XX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
10XXX.XX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
11XXX.XXX.XXX.XXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
12XXX.XX.XX.XXxxx-xx-xx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
13XXX.XX.XX.XXXxxx-xx-xx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
14XXX.XX.XXX.XXXxxx-xx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
15XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
16XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
17XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
18XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
19XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
20XXX.XXX.XXX.XXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
21XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
22XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
23XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
24XXX.XXX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
25XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
26XXX.XX.XX.XXXXxxxxxx05/31/2021verifiedHigh
27XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
28XXX.XXX.XXX.XXXXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
29XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxx05/31/2021verifiedHigh
30XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxx05/31/2021verifiedHigh
31XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxx05/31/2021verifiedHigh
32XXX.XXX.XX.XXxxxxxx.xxxxxxx.xxx.xxx.xxXxxxxxx05/31/2021verifiedHigh
33XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
34XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxx-xx.xxxxx.xxxXxxxxxxXxxxx Xxxxx Xxxx04/29/2022verifiedHigh
35XXX.XXX.XXX.XXXxxxxxx05/31/2021verifiedHigh
36XXX.XXX.XXX.XXXxxxxxx05/31/2021verifiedHigh
37XXX.XXX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
38XXX.XXX.XXX.XXXXxxxxxx05/31/2021verifiedHigh
39XXX.XXX.XXX.XXXXxxxxxx05/31/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (27)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23, CWE-24, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CAPEC-104CWE-250, CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
9TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
10TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXXCAPEC-184CWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
14TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-466CWE-XXX, CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictiveHigh
19TXXXX.XXXCAPEC-220CWE-XXXXxxxxxxxx XxxxxxxxxpredictiveHigh
20TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
22TXXXX.XXXCAPEC-459CWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
24TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
25TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
26TXXXX.XXXCAPEC-CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
27TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (216)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin-panel1.phppredictiveHigh
2File/admin/academic/studenview_left.phppredictiveHigh
3File/admin/ajax.phppredictiveHigh
4File/admin/ajax.php?action=confirm_orderpredictiveHigh
5File/admin/controller/JobLogController.javapredictiveHigh
6File/admin/login.phppredictiveHigh
7File/ad_js.phppredictiveMedium
8File/alerts/alertConfigField.phppredictiveHigh
9File/api/blade-log/api/listpredictiveHigh
10File/api/v1/terminal/sessions/?limit=1predictiveHigh
11File/config/myfield/test.phppredictiveHigh
12File/context/%2e/WEB-INF/web.xmlpredictiveHigh
13File/core/conditions/AbstractWrapper.javapredictiveHigh
14File/data/removepredictiveMedium
15File/debug/pprofpredictiveMedium
16File/etc/passwdpredictiveMedium
17File/face-recognition-php/facepay-master/camera.phppredictiveHigh
18File/forms/doLoginpredictiveHigh
19File/fuel/index.php/fuel/logs/itemspredictiveHigh
20File/fuel/index.php/fuel/pages/itemspredictiveHigh
21File/goform/aspFormpredictiveHigh
22File/image_zoom.phppredictiveHigh
23File/include/config.cache.phppredictiveHigh
24File/index.phppredictiveMedium
25File/mkshop/Men/profile.phppredictiveHigh
26File/param.file.tgzpredictiveHigh
27File/php/exportrecord.phppredictiveHigh
28File/xxxxxxxpredictiveMedium
29File/xxxxx/predictiveLow
30File/xxxxxx/xxxxxxx/predictiveHigh
31File/xxxx/xxx/x/xxxxxxpredictiveHigh
32File/xxxx/xxx/xxxxxx/xxxxxxxxxxxxxxx/xxxpredictiveHigh
33File/xxxxxxx/xxxxxxxx.xxxpredictiveHigh
34File/xxxpredictiveLow
35File/xxxxxxx/predictiveMedium
36File/xxxxxxpredictiveLow
37File/xxx/xxx/xxxxxxpredictiveHigh
38File/xxxxx/xxxxxxxxxxxxxxpredictiveHigh
39File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
40File/xxx-xxx-xxxxx/xxxxxxxpredictiveHigh
41Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
42Filexxxxxx/xxxx/xxxxxx.xxxxpredictiveHigh
43Filexxxxx.xxxpredictiveMedium
44Filexxxxx/xxxxxx/xxx/xxxxxxxx.xxpredictiveHigh
45Filexxx_xxxxxx_xxxxxx.xxxpredictiveHigh
46Filexxxx/xxxxxxxxx.xxxpredictiveHigh
47Filexxx_xxxxxxx.xxxpredictiveHigh
48Filexxxxxx.xxxpredictiveMedium
49Filexxx_xxxxxxx_xxxxxxxxxxxx/.xxxx-xxxxx/xxxx-xxxxxxxxxpredictiveHigh
50Filexxxxxxxxxxxxxx.xxxpredictiveHigh
51Filexxxxxx.xpredictiveMedium
52Filexxxx_xxxx_xx.xxpredictiveHigh
53Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
54Filexxx_xxxx_xxxx.xpredictiveHigh
55Filexxx_xxxxxxxxxxx_xxx.xxxpredictiveHigh
56Filexxx.xxxpredictiveLow
57Filexxxxxxxx/xxxx_xxxx.xpredictiveHigh
58Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
59Filexxxxxxx.xxxpredictiveMedium
60Filexxxxxxx_xxxx.xxxpredictiveHigh
61Filexxxx/xxxxx.xxxxxxxxpredictiveHigh
62Filexxxxxx.xxxpredictiveMedium
63Filexxxxxxxxx.xxxxxxx.xxxpredictiveHigh
64Filexxxxxxx/predictiveMedium
65Filexxxxxxxxxx/xxxx.xxxpredictiveHigh
66Filexxxxxx/xx/xx_xxxxx.xpredictiveHigh
67Filexxxxxx/xxxx/xxxxxxxx.xpredictiveHigh
68Filexxxxxx/xxxxxxx/xxx_xxx.xpredictiveHigh
69Filexxxxxxxxxx.xpredictiveMedium
70Filexxxxxxx.xxxxx.xxxpredictiveHigh
71Filexxxxxxx/xxxx/xxxxx/xxxxx_xxxx.xpredictiveHigh
72Filexxxxxxx/xxx/xxx/xxx/xxxx_xxx.xpredictiveHigh
73Filexxxxxxx/xxxxx/xxxxx/xxxxxxx.xpredictiveHigh
74Filexx/xxxxx/xxxxxxx.xpredictiveHigh
75Filexxxx/xxxxxxx/xxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
76Filexxxxx/xxxxx.xxpredictiveHigh
77Filexxxx.xpredictiveLow
78Filexxxxx.xxxpredictiveMedium
79Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxpredictiveHigh
80Filexxxxx.xxx/xxxxxxx/xxxxx/xxxxxxxxxpredictiveHigh
81Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxxxxxxxpredictiveHigh
82Filexxxxx.xxx/xxxxxxx/xxxx/xxxxxpredictiveHigh
83Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveHigh
84Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxpredictiveHigh
85Filexxxxx.xxx?x=/xxxx/xxxxxxxxxxxx/xxxxxxxxpredictiveHigh
86Filexxxxxxx.xpredictiveMedium
87Filexxxxxx.xpredictiveMedium
88Filexxxxxxxxxxxxxx.xxxpredictiveHigh
89Filexxxxxxx/xxx_xxx.xpredictiveHigh
90Filexxxxx.xxxpredictiveMedium
91Filexxx-xxxxxxxx/xxxx.xxxpredictiveHigh
92Filexxxxxxxxxxx.xxxpredictiveHigh
93Filexxxxxxxx_xxxx.xxxpredictiveHigh
94Filexxxxxxx/xxxxx/xx_xxxxxx.xpredictiveHigh
95Filexxx_xxxxx.xpredictiveMedium
96Filexxx/xxxx/xxxxxx.xpredictiveHigh
97Filexxx_xxxxxxxx.xpredictiveHigh
98Filexxx_xxxx.xpredictiveMedium
99Filexxx.xpredictiveLow
100Filexx/xxxxpredictiveLow
101Filexx_xxx.xpredictiveMedium
102Filexxxxxxxx/xxxxxx-xxxxx/xxxxxxxxxxx/xxxx.xxpredictiveHigh
103Filexxxxxxxxxx.xxpredictiveHigh
104Filexxxxxxx.xxxpredictiveMedium
105Filexxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
106Filexxxxx/xxxxxxx.xpredictiveHigh
107Filexxxxxxxxxx.xxxpredictiveHigh
108Filexxxx\xxxxxxx\xxxxxxx\xxxxxxxx_xxxxxx.xxxpredictiveHigh
109Filexxxxxxxxxx.xxpredictiveHigh
110Filexxxxxxxx-xxx-xxxxxx.xpredictiveHigh
111Filexxxx_xxx_xx.xpredictiveHigh
112Filexxxx-xxx/xxxxxxxx.xxxpredictiveHigh
113Filexxxxxxxxxx_xxxxpredictiveHigh
114Filexxxxxx.xxpredictiveMedium
115Filexxxxx.xxxpredictiveMedium
116Filexxxx/xxxxxx.xxxpredictiveHigh
117Filexxx_xxxx.xpredictiveMedium
118Filexxx_xxxx.xpredictiveMedium
119Filexx/xxx.xpredictiveMedium
120Filexxxxxx.xxxpredictiveMedium
121Filexxxxxx-xxxx.xxxpredictiveHigh
122Filexxxxxxxx/xxxxxxxxpredictiveHigh
123Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
124Filexxxxxxxx/predictiveMedium
125Filexxxxxx-xxxxx.xxxpredictiveHigh
126Filexxx.xxxxpredictiveMedium
127Filexxxxxxx/xxxx/xxx/xxxx.xxxpredictiveHigh
128Filexxxxxx.xxxpredictiveMedium
129Filexxxxx/xxxxxxxxpredictiveHigh
130Filexxxxxxxx.xpredictiveMedium
131File~/xxxxx-xxxxx.xxxpredictiveHigh
132File~/xxxxxx-xxxx.xxxpredictiveHigh
133File~/xxxxx-xxxxxxxx.xxxpredictiveHigh
134File~/xxxxxx-xxxxx.xxxpredictiveHigh
135File~/xxxxxxxxxxxxx-xxxxxxxxxxxxxx.xxxpredictiveHigh
136File~/xxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
137File~/xxxxxxx-xxxxxxx-xxxxxx.xxxpredictiveHigh
138File~/xxxx-xxxxxxxxxx-xxxxx.xxxpredictiveHigh
139File~/xxxx/xxxxxxxxxx.xxxpredictiveHigh
140File~/xxxxx/xxxxxxxxxxxxx.xxxx.xxxpredictiveHigh
141Libraryxxxxx.xxxpredictiveMedium
142Libraryxxxxxx.xxxpredictiveMedium
143Libraryxxx/xxxxxxx/xxxxxxxxx.xxxpredictiveHigh
144Libraryxxx/xxxx/xxxxxxxxxx.xxpredictiveHigh
145Libraryxxxxxxxxxxx.xpredictiveHigh
146Libraryxxxxxx.xxxpredictiveMedium
147Libraryxxxxxxxx.xxxpredictiveMedium
148Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
149ArgumentxxxxxxpredictiveLow
150Argumentxxxxxx:/xxxxxxxx:/xxxxxxxxxxxxxx:predictiveHigh
151Argumentxxx/xxxxpredictiveMedium
152Argumentxxx_xxxxx_xxxxpredictiveHigh
153ArgumentxxxxxxpredictiveLow
154ArgumentxxxxxxxxxxxxxpredictiveHigh
155Argumentxxxx_xxxxxpredictiveMedium
156Argumentxxx_xxx[]predictiveMedium
157Argumentxxxxxxxx_xxxxpredictiveHigh
158ArgumentxxxpredictiveLow
159ArgumentxxxxxxpredictiveLow
160Argumentxxxxxxxxx xxxxpredictiveHigh
161Argumentxxxxxxx-xxxxxxpredictiveHigh
162ArgumentxxxxxxxxxxpredictiveMedium
163ArgumentxxxxxpredictiveLow
164ArgumentxxxxxxxxpredictiveMedium
165ArgumentxxxxxxxxxpredictiveMedium
166Argumentxx_xxxxx_xxpredictiveMedium
167Argumentxxxxxxxx/xxxxxxx/xxxxxpredictiveHigh
168ArgumentxxxxxxxxxxxxpredictiveMedium
169ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
170ArgumentxxxxxxxxpredictiveMedium
171ArgumentxxpredictiveLow
172ArgumentxxxpredictiveLow
173Argumentxx_xxxxxxx_xxxxpredictiveHigh
174Argumentxxxx_xxxxxxpredictiveMedium
175Argumentxx_xxxxxxpredictiveMedium
176ArgumentxxxxpredictiveLow
177Argumentxxxxxxx[xxxxxx_xxxxx]predictiveHigh
178ArgumentxxxxxxxpredictiveLow
179ArgumentxxxxxxxpredictiveLow
180ArgumentxxxxxxxxpredictiveMedium
181Argumentxxxx_xxpredictiveLow
182Argumentxxx_xx_xxxx/xxx_xx_xxxxxxxxpredictiveHigh
183Argumentxxxxxxx_xx/xxxx_xxpredictiveHigh
184ArgumentxxxpredictiveLow
185Argumentxxxxx_xxxxxxpredictiveMedium
186ArgumentxxxxxpredictiveLow
187ArgumentxxxxxxxxxxxpredictiveMedium
188Argumentxxxxxxxx_xxxxpredictiveHigh
189ArgumentxxxxxxxxxxpredictiveMedium
190ArgumentxxxxxxxxxxxxpredictiveMedium
191ArgumentxxxxxxxxxpredictiveMedium
192ArgumentxxxxxxxxxpredictiveMedium
193ArgumentxxxpredictiveLow
194ArgumentxxxpredictiveLow
195ArgumentxxxxxxxxpredictiveMedium
196Argumentxxxxxxxx-xxxxxxxxpredictiveHigh
197Argumentxxx-xxxpredictiveLow
198ArgumentxxxpredictiveLow
199ArgumentxxxxxxpredictiveLow
200Argumentxxxx_xxxxxxxxxpredictiveHigh
201Argumentxxxxx_xxxxxxxxxx_xxxxxpredictiveHigh
202Argument_xxxxxxxxpredictiveMedium
203Input Value%xx%xxpredictiveLow
204Input Value..predictiveLow
205Input Value../predictiveLow
206Input Valuex:\xxxxx\xxxx\xxx\xxx\xxxxxxxxxx.xxxpredictiveHigh
207Input Valuex=xpredictiveLow
208Input Value[]xxxxxx{}/x["xxx"]predictiveHigh
209Input Value\xxxxxpredictiveLow
210Input Value\xxx\xxx\xxx\xxxpredictiveHigh
211PatternxxxxpredictiveLow
212Network Portxxxx/xxxxxpredictiveMedium
213Network Portxxx/xx (xxxxxx)predictiveHigh
214Network Portxxx/xxxxpredictiveMedium
215Network Portxxx/xxx (xxxx)predictiveHigh
216Network Portxxx/xxxpredictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!