RTM Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en903
es24
de19
fr17
zh14

Country

nl920
us62
gb4
ch4
ru3

Actors

Charming Kitten170
RTM83
LinuxMoose49
APT3634
FIN721

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.49CVE-2017-0055
2Cisco Jabber IM XML Parser input validation6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2013-1161
3nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined3.59CVE-2020-12440
4nginx Log File link following7.87.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2016-1247
5Microsoft Windows Event Tracing Privilege Escalation7.36.3$25k-$100k$25k-$100kUnprovenOfficial Fix0.00CVE-2021-34487
6Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34530
7Microsoft Windows Graphics Remote Code Execution7.06.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34533
8Microsoft Windows Event Tracing Privilege Escalation8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.00CVE-2021-26425
9Microsoft Windows Bluetooth Driver Privilege Escalation8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-34537
10Microsoft Dynamics 365 Privilege Escalation8.57.4$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34524
11Microsoft Windows Storage Spaces Controller Local Privilege Escalation7.86.8$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-34536
12Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.06CVE-2021-36926
13Cisco Jabber Client Framework cross site scripting4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.05CVE-2018-0201
14Microsoft ASP.NET Core/Visual Studio information disclosure4.94.3$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2021-34532
15Microsoft Windows Services for NFS ONCRPC XDR Driver information disclosure6.45.5$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-36933
16Microsoft Windows Remote Desktop Client Remote Code Execution8.87.9$100k and more$25k-$100kProof-of-ConceptOfficial Fix0.09CVE-2021-34535
17Microsoft Windows Media MPEG-4 Video Decoder Remote Code Execution8.37.3$100k and more$25k-$100kUnprovenOfficial Fix0.00CVE-2021-36937
18Microsoft Windows Cryptographic Primitives Library information disclosure4.94.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.00CVE-2021-36938
19Microsoft Windows MSHTML Platform Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-34534
20Microsoft Windows TCP/IP Stack Privilege Escalation9.98.6$100k and more$25k-$100kUnprovenOfficial Fix0.05CVE-2021-26424

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Buhtrap/Buran

IOC - Indicator of Compromise (45)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameCampaignsConfidence
15.45.71.239parkino.netBuhtrap/BuranHigh
25.154.190.167High
35.154.190.168High
45.154.190.189High
55.154.191.57High
65.154.191.154High
75.154.191.174High
85.154.191.225High
937.1.206.78High
10XX.X.XXX.XXXXxxxxxx/xxxxxHigh
11XX.XXX.XX.XXXXxxxxxx/xxxxxHigh
12XX.XXX.XX.XXXxxxxxxxxx.xxxxxxxx-xxxx.xxxHigh
13XX.XXX.X.XXHigh
14XX.XXX.XXX.XXxxxxxxxxxx.xxxHigh
15XX.XXX.XXX.XXXHigh
16XX.XXX.XXX.XXxxxx-xxxxxx.xxxxxxxxxxxx.xxxHigh
17XX.XXX.XX.XXxx-xxx-xx-xx.xxxxxx.xxxx.xxXxxxxxx/xxxxxHigh
18XX.XXX.XX.XXXxxxxxx-xx.xxxxxxxx.xxHigh
19XX.XXX.XXX.XXXxxxxxx/xxxxxHigh
20XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xxxxxx-xx-xxxxxxxxxxx.xxxHigh
21XXX.XXX.XX.XXXHigh
22XXX.XX.XXX.XXXHigh
23XXX.XXX.XXX.XXXxxxxxx.xxx.xxx.xxx.xxx.xxxxxxx.xxxx-xxxxxx.xxHigh
24XXX.XX.XXX.XXXHigh
25XXX.XXX.X.XXXHigh
26XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx-xxxx.xxxxHigh
27XXX.XXX.XXX.XXXxxxxx.xxxxxxx.xxxXxxxxxx/xxxxxHigh
28XXX.XX.XXX.XXHigh
29XXX.XX.XXX.XXHigh
30XXX.XX.XXX.XXxxxxxxxxx.xxxxxxxxxx.xxxHigh
31XXX.XX.XXX.XXxxxxxxxxxx.x.xxxxx-xxxxxxxx.xxxHigh
32XXX.XXX.XX.XXXHigh
33XXX.XXX.XX.XXXHigh
34XXX.XXX.XX.XXXHigh
35XXX.XXX.XXX.XXXXxxxxxx/xxxxxHigh
36XXX.XXX.XXX.XXXXxxxxxx/xxxxxHigh
37XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxx.xxxHigh
38XXX.XXX.XXX.XXxxx-xx.xxxxxx.xxxxxxx.xxXxxxxxx/xxxxxHigh
39XXX.XXX.XX.XXXxxxxxx-xx-xxx-xxx-xx-xxx.xxxxxx.xx-xxxx.xxxHigh
40XXX.XX.XXX.XXxxxx.xxxxxxx.xxx.xxHigh
41XXX.XX.XXX.XXXxxxxxx.xxxxxx-xx.xxxHigh
42XXX.XX.XX.XXXxxxxxx-xx-xxx-xx-xx-xxx.xxxxxx.xx-xxxx.xxxHigh
43XXX.XXX.XX.XXXxxxxxx/xxxxxHigh
44XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxx.xxxxxx.xxHigh
45XXX.XX.X.XXxxxxxxxx.xxxxxxxxxxx.xxHigh

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (334)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File.travis.ymlMedium
2File/.envLow
3File/admin.phpMedium
4File/admin/config.php?display=disa&view=formHigh
5File/category_view.phpHigh
6File/dev/kmemMedium
7File/dev/shmMedium
8File/medical/inventories.phpHigh
9File/monitoringMedium
10File/NAGErrorsMedium
11File/plugins/servlet/audit/resourceHigh
12File/plugins/servlet/project-config/PROJECT/rolesHigh
13File/PreviewHandler.ashxHigh
14File/proc/ioportsHigh
15File/replicationMedium
16File/RestAPIMedium
17File/rom-0Low
18File/tmpLow
19File/tmp/speedtest_urls.xmlHigh
20File/uncpath/Medium
21File/var/log/nginxHigh
22File/wp-admin/admin.phpHigh
23File14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgiHigh
24Fileabook_database.phpHigh
25Fileaccount.aspMedium
26Fileadmin-ajax.php?action=get_wdtable order[0][dir]High
27Fileadmin/index.phpHigh
28Fileadmin/login.phpHigh
29Fileadmincp.php?app=filesHigh
30Fileadmin\model\catalog\download.phpHigh
31Fileajax/render/widget_phpHigh
32Fileapcupsd.pidMedium
33Fileapi/sms/send-smsHigh
34Fileapi/v1/alarmsHigh
35Fileapplication/controller/InstallerController.phpHigh
36Filearch/powerpc/kvm/book3s_rtas.cHigh
37Filearformcontroller.phpHigh
38Filexxxx-xxxx.xMedium
39Filexxxx-xxxxxxx.xHigh
40Filexxxx/xxxxxxx.xxxHigh
41Filexxxxx-xxx.xMedium
42Filexxxxxx_xxxx.xxxHigh
43Filexxx/xxx.xMedium
44Filex:\xxxxxxxxMedium
45Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxHigh
46Filexxxxxxxx.xxxMedium
47Filexxxxxxxx.xxxMedium
48Filexxxx.xxxMedium
49Filexxxxxxxx_xxxx.xxxHigh
50Filexxx-xxx/xxxxxxxx.xxxHigh
51Filexxx-xxx/xxxxMedium
52Filexxx-xxx/xx.xxxHigh
53Filexxx-xxx/xxxx-xxxHigh
54Filexxx/xxxxxxx.xxHigh
55Filexxxx_xxxxxx.xHigh
56Filexxxxx.xx_xxxxxxxxx.xxxHigh
57Filexxxxxx.xxxMedium
58Filexxx.xxxLow
59Filexxx_xxxxxx.xxxHigh
60Filexxx.xxxLow
61Filexxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
62Filexxxxxx.xxxMedium
63Filexxxxxxxx.xxMedium
64Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
65Filexxxxxxxx/xxxxxxxxxxx.xxxHigh
66Filexxxxxx.xxxMedium
67Filexxxxxxx.xxxMedium
68Filexxxxxx.xxxMedium
69Filexxxxxxxx.xxxMedium
70Filexxxxxxx/xxx/xxxx/xxxx.xHigh
71Filexxxxxxx/xxxx/xxxx_xxxxxxxxx_xxxxx.xHigh
72Filexxxxxxx_xxxx_xxxxxx_xxxx.xxxHigh
73Filexxxxx.xxxMedium
74Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xHigh
75Filexxx/xxxxxxxx/xxx_xxxxxxxxxxxx.xHigh
76Filexxxxxxxxxxxx.xxxHigh
77Filexxxxxxx.xxxMedium
78Filexxxxxxxxxxx/xxxxx.xxxHigh
79Filexxxxx.xxxMedium
80Filexxx_xxxx.xMedium
81Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxHigh
82Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxHigh
83Filexxxxxxx.xMedium
84Filexx/xxxxxxxxx.xHigh
85Filexx/xxxxx.xMedium
86Filexx.xxxxx.xxxMedium
87Filexxxxx.xxxMedium
88Filexxxxxxxxxx.xxHigh
89Filexxxxxxxxxx.xxxHigh
90Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxHigh
91Filexxxxxxxxxxxxxxxxxxxxx.xxxHigh
92Filexxxx_xxxx.xMedium
93Filexxxxxx_xxxxx_xxxxxxx.xHigh
94Filexxxxxxxxxx.xx/xxx-xxxxx.xxxHigh
95Filexxxxxxxxxxxxxxxxxxx.xxxxHigh
96Filexxx/xxxxxxxx.xxxHigh
97Filexxx/xxxxxx.xxxHigh
98Filexxxxxxx/xxxxx/xxx_xxxx.xHigh
99Filexxxxxxx/xxxx.xxxHigh
100Filexxxxxxxx/xxxxx-xxxxxxxxx.xxxHigh
101Filexxxxx.xxMedium
102Filexxxxx.xxxMedium
103Filexxxxx.xxx?xx=xxxxxxxx.xxxxxxHigh
104Filexxxxx.xxMedium
105Filexxxxxxx.xxxMedium
106Filexxxxxxxxx/xxxxx/xxx_xxx/xxxx.xxxHigh
107Filexxxxxxxxxx.xxxHigh
108Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxHigh
109Filexxxx.xxxMedium
110Filexxxxx.xxxxxxx.xxxHigh
111Filexxxx_xxxx.xxxHigh
112Filexxx?xxxx.xxxMedium
113Filexxxxx.xxxMedium
114Filexxx/xxxxx-xxx-xxxxxxx.xxxHigh
115Filexxxxxxxxx/xxxxxxx/xxxxx.xxxHigh
116Filexxxxxx.xMedium
117Filexxxxxx/xxx/xxxxxxxx.xHigh
118Filexxxxxx/xxxxx/xxxxx_xxxxxx_xxxxxx.xHigh
119Filexxxxxxxxxx.xxxHigh
120Filexxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxx.xxxHigh
121Filexxxxxx/xxx/xxxxxx_xxxx.xHigh
122Filexxxx.xxxMedium
123Filexxxxx.xxxMedium
124Filexxxxx.xxxMedium
125Filexxxxx.xxxMedium
126Filexxxx.xLow
127Filexxxxxx_xxxxx_xxxxxxx.xHigh
128Filexxxxxxxxxxxxxxxx.xHigh
129Filexxxxxx/xxxxxxxxxxxxx.xxxHigh
130Filexxxxxx/xxxx_xxxxxx.xxHigh
131Filexxxxxxx/xxxxxxx/xxx_xxxxxxx.xHigh
132Filexxxxxxx/xxx/xxx_xxxxxxx.xHigh
133Filexxx_xxxxx.xxxHigh
134Filexxx/xxxxxxxxx/xxxxx_xxxx.xHigh
135Filexxx/xxxxxxxxx/x_xxxxxx.xHigh
136Filexxx/xxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxx.xxxxHigh
137Filexxx/xxxxxx/xxxxxxxx/xxxxx/xxxxxxxxx.xxxxHigh
138Filexxxxxxxxxxxxxxxxxxxxx.xxxxHigh
139Filexx_xxxxxx_xxxxxxx/xxxx/xxxxxxxxxxx/xxxx.xxxHigh
140Filexxx_xx.xMedium
141Filexxx.xxLow
142Filexxxxxxxxxxxxxxx.xxxHigh
143Filexxxxxxxxx.xxx.xxxHigh
144Filexxx.xxxLow
145Filexxxxxxx.xxxMedium
146Filexxxxxxxxxxxxx.xxxHigh
147Filexxxxxxxxxxxx.xxxHigh
148Filexxxxx-xxxx.xxxHigh
149Filexxxxx.xxxMedium
150Filexxxxxxxx/Medium
151Filexxxx.xxxMedium
152Filexxxxxxxxxx.xxxHigh
153Filexxxxxxx.xxxMedium
154Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxHigh
155Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]High
156Filexxxxxxxx.xxxxxxHigh
157Filexxx_xxxxxx/xxxxxx/xxxxxxxxxxxxHigh
158Filexxxxxxxx.xxxMedium
159Filexxxxxxx.xMedium
160Filexxxxxxxxxx/xxxxxxxxxx_xxxx.xxx?xxxxxx=xxxxxxHigh
161Filexxx_xxxx_xxxxxxxxx.xxHigh
162Filexxxx.xxxMedium
163Filexxx.xLow
164Filexxxxxxxx/xxxxxxxx/xxxxx.xxxHigh
165Filexxxxx.xxxMedium
166Filexxxxx.xxxMedium
167Filexxxx-xxxxxx.xHigh
168Filexxxx.xxxMedium
169Filexxxx_xxxxxxx_xxxxxxxx.xxxHigh
170Filexxxxxxx.xMedium
171Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxHigh
172Filexxxxxxxxxx.xMedium
173Filexxxx-xxxx_xxxx_xxxxxxx.xxxHigh
174Filexxxx/xxxx-xxxxxx_xxxx.xxxHigh
175Filexxxxxxxxx.xxxHigh
176Filexxxxxx.xxxMedium
177Filexxxxxxx/xxxxxxx/xxxxxx/xxxxxx_xxxx.xxxHigh
178Filexxxx/xxx/xxxx-xxxxx.xxxHigh
179Filexxxx/xxxxxxxx/xxxxxxxx.xxxxHigh
180Filexxxxxxxxx.xMedium
181Filexxxxxxxxxxxxxxxxx.xxxHigh
182Filexxxx.xxxMedium
183Filexxxxx/xxxxx.xxHigh
184Filexx_xxxxxxxx.xxxHigh
185Filexxxxxx.xxxMedium
186Filexxxxxx/xxxxxxxxxxxxx.xxxHigh
187Filexxxxxxxx.xxxMedium
188Filexx-xxxxx/xxxxx-xxxx.xxxHigh
189Filexx-xxxxx/xxxxx.xxx?xxxx=xxxxxxxxxx-xxxxxxxHigh
190Filexx-xxxxx/xxxxxxxxx.xxxHigh
191Filexx-xxxxx/xxxxxxx-xxxxxxx.xxx?xxxx=xxxxxxxxxx-xHigh
192Filexx-xxxxx/xxxx.xxxHigh
193Filexx-xxxxxxx/xxxxxxxHigh
194Filexx-xxxxxxxx/xxxxxxxxx.xxxHigh
195Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxHigh
196Filexx_xxxxxxx.xMedium
197Filexxxxxx.x/xxxxx.x/xxxx.xHigh
198Filexx_xxxx.xxxMedium
199Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxxx.xxxHigh
200Libraryxxxxxxx.xxxMedium
201Libraryxxxxxxxxx.xxxHigh
202Libraryxxxxxxxx.xxxMedium
203Libraryxxx/xxxxxx/xxxxxxxxx/xxxxxx.xHigh
204Libraryxxxxxx.xxxMedium
205Libraryxxxxxxxxxx/xxxxxxxx.xHigh
206Libraryxxxxxx.xxxMedium
207Libraryxxxxxxxxxxxxxxxxx.xxxHigh
208Libraryxxxxx.xxxMedium
209Libraryxxx/xxx/xxxx/High
210Libraryxxxxxxxx.xxxMedium
211Argument$xxxxLow
212Argument-xLow
213Argument-xLow
214Argumentxxx_xxxxMedium
215Argumentxxxxx_xxxxxxxxHigh
216ArgumentxxxxxxLow
217ArgumentxxxxxxxxxxxxxxHigh
218ArgumentxxxxxxxxMedium
219ArgumentxxxxxxxxxxMedium
220Argumentxxxxxxxxxx_xxxxHigh
221ArgumentxxxLow
222ArgumentxxxxxLow
223Argumentxxx_xxLow
224ArgumentxxxLow
225ArgumentxxxLow
226ArgumentxxxxxxxxxxxxxxxHigh
227Argumentxxxxxxx_xxxMedium
228Argumentxxxx_xxLow
229Argumentxxxxxxx-xxxxxxHigh
230ArgumentxxxxxxxLow
231Argumentxxxxxxx_xxxx->xxx($xxxxxxxx)High
232ArgumentxxxxLow
233ArgumentxxxxxxxxxxxMedium
234Argumentxxx_xxxx/xxx_xxxxxxxHigh
235ArgumentxxxxxxLow
236Argumentxxxxx_xxxMedium
237Argumentxxxxx[]Low
238ArgumentxxxxxxxxxxxMedium
239Argumentxxxxxxxxx->xxxxxxxxxHigh
240ArgumentxxxxxLow
241ArgumentxxxxLow
242ArgumentxxxxxxLow
243ArgumentxxxxxxxxMedium
244ArgumentxxxxxxxLow
245ArgumentxxxxxxLow
246ArgumentxxxxxLow
247ArgumentxxxxxxxxxxMedium
248ArgumentxxLow
249ArgumentxxxxxxLow
250ArgumentxxxxxxxxxMedium
251ArgumentxxxxxxxxMedium
252Argumentxxxx_xxxxxxMedium
253ArgumentxxLow
254ArgumentxxLow
255ArgumentxxxxxxxxxMedium
256ArgumentxxxxxxxxxMedium
257Argumentxxxxx xxxxxMedium
258Argumentxxxxxxx_xxxMedium
259ArgumentxxxxxxxxxxxMedium
260ArgumentxxxxxxLow
261ArgumentxxxxLow
262Argumentxxxx_xxLow
263Argumentxxxx_xxxxxx_xxxxx/xxxx_xxxxxx_xxxx_xxxxxxHigh
264ArgumentxxxLow
265Argumentxxxxxxxxx/xxxxxxxxxHigh
266ArgumentxxxLow
267Argumentxx_xxxxLow
268ArgumentxxxLow
269ArgumentxxxxLow
270Argumentxxx_xxxxxxxx_x/xxx_xxxxxxxx_xHigh
271Argumentxxxxxxx/xxxx/xxxxxxxxHigh
272ArgumentxxxxxLow
273Argumentxxxx_xxxxMedium
274ArgumentxxxxxxLow
275ArgumentxxxxxxxxMedium
276ArgumentxxxxxxxxMedium
277ArgumentxxxxLow
278ArgumentxxxxxxxxxMedium
279Argumentxxxxxx_xxxxMedium
280Argumentxxxxxxxx_xxxxxHigh
281ArgumentxxxxxxLow
282ArgumentxxxxxxLow
283ArgumentxxxLow
284ArgumentxxxxxLow
285ArgumentxxxxxxxxxxMedium
286ArgumentxxxxLow
287Argumentxxx_xxxxxxMedium
288ArgumentxxxxxxLow
289ArgumentxxxxxxLow
290ArgumentxxxxxxxxxMedium
291ArgumentxxxLow
292ArgumentxxxxxxxxxMedium
293ArgumentxxxxxLow
294ArgumentxxxxxxxxxMedium
295Argumentxxx$xxxLow
296ArgumentxxxLow
297ArgumentxxxLow
298Argumentxxxxx_xxxxxxxxHigh
299ArgumentxxxxLow
300Argumentxxxxxxxx-xxxxxxxxHigh
301Argumentxxxx_xxLow
302ArgumentxxxxLow
303ArgumentxxxxLow
304ArgumentxxxLow
305ArgumentxxxxLow
306ArgumentxxxxxxxxMedium
307Argumentxxx_xxxxxxxxxHigh
308Argumentxxxxxxxxxxxx[xxxx]High
309Argumentxxxx->xxxxxxxHigh
310Argumentx-xxxxxxxxx-xxxHigh
311Argumentx-xxxx-xxMedium
312Argument\xxxxxx\Medium
313Argument_xxx_xxxxxxx_xxxxxxx_xxxxxxxxxxxxx_xxx_xxx_xxxxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx_xxxxxxxxxxxxxxxHigh
314Argument_xxx_xxxxxxxxxxx_High
315Input Value%xxxxxxxx%xxxxxxx%xxx%xx%xx%xxxxxxxx%xxHigh
316Input Value-x/xxxxxxxxxxHigh
317Input Value.%xx.../.%xx.../High
318Input Value..Low
319Input Value../Low
320Input Valuexxx xxxxxxxxMedium
321Input Valuex;xxx=xxxx://xxxxxx.xxx/"; xxxx-xxxxx="xxxxxxx" xxx="High
322Input Valuexxxxxxxxx' xxx 'x'='xHigh
323Input Valuexxx?xxxx.xxxMedium
324Input Valuexxxxxxx/.......//./.......//./High
325Input Valuexxxxxxx_xxxxx.xxxxxxx_xxxxxxxHigh
326Input Value\..\..\..\..\xxxxxxxx\xxxxxx.xxxHigh
327Pattern() {Low
328Patternxxxxxxx.xxxMedium
329Network PortxxxxxLow
330Network Portxx xxxxxxx xxx.xx.xx.xxHigh
331Network Portxxx/xx (xxxxxx)High
332Network Portxxx/xxxxMedium
333Network Portxxx/xxxxxMedium
334Network Portxxx xxxxxx xxxxHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!