SilverFish Analysis

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en934
ru18
zh12
de10
it8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

gb574
us126
cn26
es14
hu12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows58
Microsoft Internet Explorer28
Linux Kernel22
Microsoft IIS20
Google Chrome20

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1user-domain-whitelist Plugin cross-site request forgery6.56.2$0-$5kCalculatingNot DefinedOfficial Fix0.030.00885CVE-2014-10381
2Adobe Acrobat Reader Installation getPlus_HelperSvc.exe access control5.35.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.050.08276CVE-2009-2564
3portable SDK for UPnP unique_service_name memory corruption10.09.5$0-$5k$0-$5kHighOfficial Fix0.060.91250CVE-2012-5958
4VeronaLabs wp-statistics Plugin API Endpoint Blind sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00954CVE-2019-13275
5Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.360.61804CVE-2021-34473
6Rocklobster Contact Form 7 unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.080.69867CVE-2020-35489
7Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
8CGI Script sql injection7.37.1$0-$5k$0-$5kNot DefinedWorkaround0.080.00000
9Dcscripts Dcshop HTTP GET Request auth_user_file.txt Password information disclosure5.35.2$0-$5k$0-$5kNot DefinedWorkaround0.060.04187CVE-2001-0821
10Sophos Firewall User Portal/Webadmin code injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.000.01156CVE-2022-3236
11jQuery cross site scripting4.33.8$0-$5k$0-$5kNot DefinedOfficial Fix0.080.03407CVE-2011-4969
12CutePHP CuteNews unrestricted upload7.56.8$0-$5kCalculatingProof-of-ConceptNot Defined0.030.35200CVE-2019-11447
13Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.030.64728CVE-2022-1040
14WordPress Object injection5.35.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.120.01034CVE-2022-21663
15Microsoft Windows Active Directory Domain Services Privilege Escalation8.88.1$100k and more$0-$5kProof-of-ConceptOfficial Fix0.090.02288CVE-2022-26923
16QNAP QTS Media Library access control8.58.2$0-$5k$0-$5kHighOfficial Fix0.050.27000CVE-2017-13067
17WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.01034CVE-2022-21664
18Oracle Application Server sql injection5.35.1$5k-$25kCalculatingNot DefinedOfficial Fix0.040.01108CVE-2007-0286
19HorizontCMS FileManager <php_file_name> unrestricted upload7.57.2$0-$5kCalculatingNot DefinedOfficial Fix0.050.21043CVE-2020-27387
20Synology Video Station subtitle.cgi command injection7.37.0$0-$5kCalculatingNot DefinedOfficial Fix0.010.01213CVE-2015-6912

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • SolarWinds

IOC - Indicator of Compromise (44)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
15.61.57.152SilverFishSolarWindsverifiedHigh
223.106.61.74SilverFishSolarWindsverifiedHigh
337.48.84.156SilverFishverifiedHigh
438.135.104.189h189-us104.fcsrv.netSilverFishverifiedHigh
574.72.74.142cpe-74-72-74-142.nyc.res.rr.comSilverFishSolarWindsverifiedHigh
679.110.52.138SilverFishverifiedHigh
779.110.52.139SilverFishverifiedHigh
879.110.52.140SilverFishverifiedHigh
981.4.122.101comet.v1sor.comSilverFishverifiedHigh
10XX.XX.XXX.XXxxx-x.xxxxxxxxx.xxXxxxxxxxxxverifiedHigh
11XX.XXX.XXX.XXxx-xxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
12XX.XXX.XXX.XXxx-xxxxxxxx.xxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
13XXX.XXX.XXX.XXXxxxxxxxxxverifiedHigh
14XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
15XXX.X.XXX.XXXxxxxxxxxxverifiedHigh
16XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
17XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
18XXX.X.XXX.XXXxxxxxxxxxverifiedHigh
19XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
20XXX.X.XXX.XXXxxxxxxxxx.xxx.xxXxxxxxxxxxverifiedHigh
21XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
22XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
23XXX.X.XXX.XXXXxxxxxxxxxverifiedHigh
24XXX.XXX.X.XXxxxxxxxxxverifiedHigh
25XXX.XXX.XXX.XXXxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
26XXX.X.XX.XXXxxxxxxxxxverifiedHigh
27XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xx-xxxx.xxxxXxxxxxxxxxverifiedHigh
28XXX.XXX.XXX.XXXxxxxxxxxxverifiedHigh
29XXX.XX.XXX.XXXxxx.xxxxxxx.xxxXxxxxxxxxxverifiedHigh
30XXX.XXX.XX.XXxxx.xxxxxxxxxx.xxXxxxxxxxxxverifiedHigh
31XXX.XX.XXX.XXXXxxxxxxxxxverifiedHigh
32XXX.XX.XXX.XXXxxxxxxxxxverifiedHigh
33XXX.XX.XXX.XXXxxxxxxxxxverifiedHigh
34XXX.XX.XXX.XXxxxxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
35XXX.XX.XX.XXXxxx-xxxxxx.xxxxxx-xx-xxxxx.xxxXxxxxxxxxxverifiedHigh
36XXX.XX.XXX.XXXxxx.xxxxxxxx.xxxXxxxxxxxxxverifiedHigh
37XXX.XX.XXX.XXXxxx.xx.xxxxxxxxxx.xxxXxxxxxxxxxverifiedHigh
38XXX.XXX.XX.XXXXxxxxxxxxxverifiedHigh
39XXX.XXX.XX.XXXxx-xxxx.xxxxxxxxx.xxxXxxxxxxxxxXxxxxxxxxxverifiedHigh
40XXX.XXX.XX.XXXxx-xxxx.xxxxxxxxx.xxxXxxxxxxxxxXxxxxxxxxxverifiedHigh
41XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
42XXX.XXX.XXX.XXXXxxxxxxxxxverifiedHigh
43XXX.XXX.XXX.XXXxxxx.xxXxxxxxxxxxverifiedHigh
44XXX.XXX.XX.XXxxxxxx-xx-xxx-xxx-xx-xx.xxxxxx.xx-xxxx.xxxXxxxxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23Pathname TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74InjectionpredictiveHigh
4T1059CWE-94Cross Site ScriptingpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
13TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
14TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh
16TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
19TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
20TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
21TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveHigh
22TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveHigh
25TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (366)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10predictiveHigh
2File.htaccesspredictiveMedium
3File/.asppredictiveLow
4File/admin/admin_login.phppredictiveHigh
5File/advanced/adv_dns.xgipredictiveHigh
6File/api/RecordingList/DownloadRecord?file=predictiveHigh
7File/CFIDE/probe.cfmpredictiveHigh
8File/cgi-bin/kerbynetpredictiveHigh
9File/conf/predictiveLow
10File/dev/snd/seqpredictiveMedium
11File/etc/passwdpredictiveMedium
12File/goform/saveParentControlInfopredictiveHigh
13File/goform/SetFirewallCfgpredictiveHigh
14File/goform/SysToolChangePwdpredictiveHigh
15File/htdocs/admin/dict.php?id=3predictiveHigh
16File/module/module_frame/index.phppredictiveHigh
17File/nidp/app/loginpredictiveHigh
18File/procpredictiveLow
19File/rapi/read_urlpredictiveHigh
20File/release-x64/otfccdumppredictiveHigh
21File/rom-0predictiveLow
22File/sbin/conf.d/SuSEconfig.javaruntpredictiveHigh
23File/tmppredictiveLow
24File/uncpath/predictiveMedium
25File/user-utils/users/md5.jsonpredictiveHigh
26File/usr/lib/utmp_updatepredictiveHigh
27File/usr/localpredictiveMedium
28File/wp-adminpredictiveMedium
29File/wp-admin/admin-post.php?es_skip=1&option_namepredictiveHigh
30File2020\Messages\SDNotify.exepredictiveHigh
31Fileadclick.phppredictiveMedium
32Fileadmin/Login.phppredictiveHigh
33Fileadmin/plugin-index.phppredictiveHigh
34FileadministrationpredictiveHigh
35FileadministrativepredictiveHigh
36Fileag_server_service.exepredictiveHigh
37FileAlias.asmxpredictiveMedium
38Fileaolfix.exepredictiveMedium
39Fileapp/models/user.rbpredictiveHigh
40Filexxxxx.xxxpredictiveMedium
41Filexxxxx.xxxxxxxxx.xxxxxxpredictiveHigh
42Filexxxxxxxxxxxx.xxxxpredictiveHigh
43Filexxxxxxxx.xxxpredictiveMedium
44Filexxxxxxxxxx.xxxpredictiveHigh
45Filexxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxx_xx_xxxxxxx_xxxx.xxpredictiveHigh
46Filexxxxxx.xpredictiveMedium
47Filex:\xxxpredictiveLow
48Filex:\xxxxxxpredictiveMedium
49Filexxx-xxx/xx.xxxpredictiveHigh
50Filexxxxxxx.xxxpredictiveMedium
51Filexxx.xxxpredictiveLow
52Filexxxxxxxxxx/xxxxxxx.xxxxpredictiveHigh
53Filexxxxxx/xxx.xpredictiveMedium
54Filexxxxxx/xxxx.xpredictiveHigh
55FilexxxxxxxxxxpredictiveMedium
56Filexxxxxxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
57Filexxxxxxxxxxx/xxxxxx/xxxxx.xxxpredictiveHigh
58Filexxxxxxxxx.xxx.xxxpredictiveHigh
59Filexxxxxxx/xxxxxxpredictiveHigh
60Filexxxxx/xxxxx.xxxpredictiveHigh
61Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
62Filexxxx_xxxxx.xxxpredictiveHigh
63Filexxxxx.xxxpredictiveMedium
64Filexxxxxxxxx.xpredictiveMedium
65Filexxxxxxx.xxxpredictiveMedium
66FilexxxxxxxxpredictiveMedium
67Filexxxxxxx.xxxxx.xxxpredictiveHigh
68Filexxxxxxx.xxxpredictiveMedium
69Filexxxxxx.xxxpredictiveMedium
70Filexxxxxxx.xxxpredictiveMedium
71Filexxxxxxxx_xxxx.xpredictiveHigh
72Filexxxxxxx/xx/xx-xxxxx.xpredictiveHigh
73Filexxxxxxx/xxxxx/xxxxx.xpredictiveHigh
74FilexxxxxxxxxxxpredictiveMedium
75Filexxxxxxxxxxxxx.xxxxpredictiveHigh
76Filexxxxxxx/xxxxx_xxxxx/xxx_xxx.xxxpredictiveHigh
77Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xpredictiveHigh
78Filexx-xxxxxxx/xxxxxxxxxxxx/xxxxxx/xxxxx.xxxxxxxxxxxx.xxxx.xxxpredictiveHigh
79Filexx/xx-xx.xpredictiveMedium
80Filexx/xxxxxxxxx.xpredictiveHigh
81Filexxxxxxxx.xxpredictiveMedium
82Filexxx/xxxx_xxxx.xpredictiveHigh
83Filexx-xxxxxxx/xxxxxxxpredictiveHigh
84Filexxxx_xxxxxx.xpredictiveHigh
85Filexxxx/xxx-xxxxxxxx.xxxpredictiveHigh
86Filexxxx/xxxxxxx.xpredictiveHigh
87Filexxx _xxx_xxxpredictiveMedium
88Filexxxxxx.xxxpredictiveMedium
89Filexxx/xxxxxx.xxxpredictiveHigh
90Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
91Filexxxxxxxx/xxxxx-xxxxxx-xxxx-xxxxxxx.xxxpredictiveHigh
92Filexxxxx.xxxpredictiveMedium
93Filexxxxx.xxxpredictiveMedium
94Filexxxxx.xxx/xxxxxxxxxxxxx/xxxpredictiveHigh
95Filexxxxx.xxx?xxx=xxxx&xxx=xxxxxxxxpredictiveHigh
96Filexxxxx.xxx?x=/xxxx/xxxxxxxxpredictiveHigh
97FilexxxxxxxxpredictiveMedium
98Filexxxxxxxxxx.xxxpredictiveHigh
99Filexxxxx.xxxxxxx.xxxpredictiveHigh
100Filexxxx_xxxx.xxxpredictiveHigh
101Filexxxx-xxxxxxxx://predictiveHigh
102Filexxxxxxxx/xxxx/xxxx.xxxpredictiveHigh
103Filexx.xx.xpredictiveLow
104Filexxxxxxxxxx/xxx.xpredictiveHigh
105Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
106Filexxxxxxxxxx/xxxx_xxxxx.xpredictiveHigh
107Filexxxxxxxxxx/xxxx_xxxx.xpredictiveHigh
108Filexxxxxxxxxx/xxxxxx.xpredictiveHigh
109Filexxxxxxxxxx/xxx_xxxxxx.xpredictiveHigh
110Filexxxxxxxxxx/xxxxxxxxxxx.xpredictiveHigh
111Filexxxxxxxxxx/xxxxx.xpredictiveHigh
112Filexxxxxxxxxx/xxx.xpredictiveHigh
113Filexxxxxxxxxx/xxxx.xpredictiveHigh
114Filexxxxxxxxxx/xxxxxxx.xpredictiveHigh
115Filexxxxxxxxxx/xxxxxxx.xpredictiveHigh
116Filexxxxxxxxxx/xxxxxxx.xpredictiveHigh
117Filexxxxxxxxx/xxxxxxxxx.xpredictiveHigh
118Filexxxxxxxxx/xxx.xpredictiveHigh
119Filexxxxxxxxx.xxpredictiveMedium
120Filexxxxxxx.xxxpredictiveMedium
121Filexxxxxxxxx/xxxx_xxxxxxx/xxxxxxx.xxxpredictiveHigh
122Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
123Filexxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
124Filexxxxx/xxxxxxx/xxxxxx_xxxxx_xxxxxxx.xxpredictiveHigh
125Filexxxxxxx.xxxpredictiveMedium
126Filexx.xxxpredictiveLow
127Filexxx/xxx.xxxpredictiveMedium
128Filexxxxxx/xxxx_xxxxxx.xxpredictiveHigh
129Filexxxxx.xxxpredictiveMedium
130Filexx.xxxpredictiveLow
131Filexxxxx.xxxpredictiveMedium
132Filexxxx.xxxpredictiveMedium
133Filexxx/xxxxxxxxx/xxxxxx/xxxx.xpredictiveHigh
134Filexxx/xxxx/xxx.xpredictiveHigh
135Filexxx/xxxx_xxxxx/xxxxx_xxxx.xxpredictiveHigh
136Filexxx/xxxx/xxx_xxx.xpredictiveHigh
137Filexxx/xxxx/xxxxxx.xpredictiveHigh
138Filexxxxx-xxxxxxx.xxxpredictiveHigh
139Filexxx\xxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
140Filexxxxxxxx.xxxpredictiveMedium
141Filex /xxxxxxx/<xxx_xxxx_xxxx>predictiveHigh
142Filexxxxxx.xxx/xxxx_xxxx_xxxx.xxxpredictiveHigh
143Filexxxxxx-xxx_xxxx.xpredictiveHigh
144Filexxxxxxxxx.xpredictiveMedium
145Filexxxxxx.xxxpredictiveMedium
146Filexxx_xxx.xxxpredictiveMedium
147Filexxxxxxxxxx.xxxpredictiveHigh
148Filexxxxx/xxxxxxxxxx.xxxpredictiveHigh
149Filexxxxxx.xpredictiveMedium
150Filexxxx/xxx/xxxpredictiveMedium
151Filexxxx.xxxpredictiveMedium
152Filexxxxxxxxxx.xxxpredictiveHigh
153Filexxxxxxx.xxpredictiveMedium
154Filexxxxx.xxxpredictiveMedium
155Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
156Filexxxxxxx.xxxpredictiveMedium
157Filexxxxx.xxxpredictiveMedium
158Filexxxxxxxx.xxxpredictiveMedium
159Filexxxxxxxx.xxxpredictiveMedium
160Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
161Filexxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
162Filexxxxxxxx.xpredictiveMedium
163Filexxx.xxxxpredictiveMedium
164Filexxx.xxxxxxpredictiveMedium
165Filexxx/xxx_xxxpredictiveMedium
166Filexxxxxxxx.xxxpredictiveMedium
167Filex/xxxxx/xxxxxxx/xxxx/xxxpredictiveHigh
168Filexxxxxxxxxxxxxx.xxxpredictiveHigh
169Filexxxxxxxxxxxxx.xxxpredictiveHigh
170Filexxxxxxxxxxx.xxxpredictiveHigh
171Filexxxx-xxxxxxxx.xxxpredictiveHigh
172Filexxxx_xx.xpredictiveMedium
173Filexxxx.xxxpredictiveMedium
174Filexxxxx.xxxxpredictiveMedium
175Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
176Filexxxxx/xxxxx.xxxpredictiveHigh
177Filexxxxxxxx.xxxpredictiveMedium
178Filexxx/xxxxx/xxxxxx.xxx?xxxxxxx=xxxxxxxpredictiveHigh
179Filexxxxx.xxxpredictiveMedium
180Filexx.xxxpredictiveLow
181Filexxxxxxxxxxx_xxxxxx_xxxx.xxxx.xxxpredictiveHigh
182Filexx_xxxxx.xxxxpredictiveHigh
183Filexxxxxx.xpredictiveMedium
184Filexxxx-xxxxxxxxxx.xxxpredictiveHigh
185Filexxxxxxxx.xxxpredictiveMedium
186Filexxxxxxxx/xxxxxxxxpredictiveHigh
187Filexxxxxxx/xxxxxxpredictiveHigh
188Filexxxxxxx.xxxpredictiveMedium
189Filexxxxxxxxx.xpredictiveMedium
190Filexxxxxxx_xxxxx.xxxpredictiveHigh
191FilexxxxxxxxxxpredictiveMedium
192Filexxxx_xxxxxx.xxxpredictiveHigh
193Filexxxxxxx/xxxxx.xxxpredictiveHigh
194Filexxxxxxx/xxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
195Filexx-xxxxx/xxxxx-xxxx.xxx?xxxx=xxxxxxxxxpredictiveHigh
196Filexx-xxxxxxx/xxxxxxx/xxxxxxx/xxxxx_xxxxpredictiveHigh
197Filexxx_xx-xxx.xpredictiveMedium
198Filexxxxxx.xxxpredictiveMedium
199Filexxxx.xxxpredictiveMedium
200Filexxxx.xxpredictiveLow
201File~/.xxxxxxxpredictiveMedium
202File~/.xxxxxxxxxxxx/predictiveHigh
203Libraryxxxxxx/xxx/xxxxxxx_xxxxxx_xxxx.xxxpredictiveHigh
204Libraryxxxxx.xxxpredictiveMedium
205Libraryxxx-xxxxxx-xxxxxxxpredictiveHigh
206LibraryxxxxxxxxxxxpredictiveMedium
207Libraryxxxxxxxx_xxxxxx_xxxxx(predictiveHigh
208Libraryxxxxxxxx.xxxpredictiveMedium
209Libraryxxxxxxxx.xxxpredictiveMedium
210Libraryxx.xxxpredictiveLow
211LibraryxxxxxpredictiveLow
212Libraryxxxxxx.xxxpredictiveMedium
213Libraryxx_xxxx.xxxpredictiveMedium
214LibraryxxxxxxxpredictiveLow
215Libraryxxx/xxxxxx.xpredictiveMedium
216LibraryxxxxxxxxxxxxxxpredictiveHigh
217LibraryxxxxxxxpredictiveLow
218LibraryxxxxxxxxpredictiveMedium
219LibraryxxxxxxxxxxxpredictiveMedium
220Libraryxxxxxxxx.xxxpredictiveMedium
221Libraryxxxxxx.xxxpredictiveMedium
222Libraryxxxxxxxx.xxxpredictiveMedium
223Libraryxxxxxxx.xxxpredictiveMedium
224Libraryxxxxxxx.xxxpredictiveMedium
225Libraryxxxxx.xxxpredictiveMedium
226Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxpredictiveHigh
227Libraryxxxxx.xxxpredictiveMedium
228Libraryxxxxx.xxxpredictiveMedium
229Library_xxx/xxxxx.xxx.xxxpredictiveHigh
230Argument$_xxxx['xxxxx']predictiveHigh
231Argument%xxx_xxxxpredictiveMedium
232Argument-xpredictiveLow
233ArgumentxxxxxxxxxxpredictiveMedium
234ArgumentxxxxxxxpredictiveLow
235ArgumentxxxxxpredictiveLow
236ArgumentxxxxxpredictiveLow
237Argumentxxxxxxxx_x/xxxxxxxx_xpredictiveHigh
238Argumentxxx_xxxxx_xxxxpredictiveHigh
239Argumentxxxxxx_xxxxpredictiveMedium
240ArgumentxxxxxxxxpredictiveMedium
241ArgumentxxxxxpredictiveLow
242ArgumentxxxpredictiveLow
243ArgumentxxxxxpredictiveLow
244Argumentxxx_xxpredictiveLow
245ArgumentxxxxxxxxpredictiveMedium
246Argumentxxxx_xxpredictiveLow
247ArgumentxxxxxxxxxxxxxpredictiveHigh
248Argumentxxxxxxx-xxxxpredictiveMedium
249ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
250Argumentxxxxxxxxxxx/xxxxxxxx/xxx/xxxxxpredictiveHigh
251ArgumentxxxxpredictiveLow
252ArgumentxxxxxxxxxxxpredictiveMedium
253Argumentxxxxxxxx/xxxxpredictiveHigh
254Argumentxxxxxx_xxpredictiveMedium
255Argumentxxxx_xxxx_xxpredictiveMedium
256ArgumentxxxxxxxxxxxpredictiveMedium
257ArgumentxxxxpredictiveLow
258ArgumentxxxxxxxxpredictiveMedium
259ArgumentxxxxxxpredictiveLow
260ArgumentxxxpredictiveLow
261ArgumentxxxxxxxxxxxxpredictiveMedium
262Argumentx_xxxxxpredictiveLow
263Argumentxxxxxxx[xx_xxx_xxxx]predictiveHigh
264ArgumentxxxxpredictiveLow
265ArgumentxxxxpredictiveLow
266Argumentxxxx/xxxxxxpredictiveMedium
267ArgumentxxxxpredictiveLow
268ArgumentxxpredictiveLow
269ArgumentxxxxxpredictiveLow
270ArgumentxxxxpredictiveLow
271ArgumentxxpredictiveLow
272ArgumentxxxxpredictiveLow
273Argumentxxxx_xxpredictiveLow
274Argumentxxxx-xxxxxxxx:/predictiveHigh
275ArgumentxxxxxxxpredictiveLow
276Argumentxxxxxxx_xxxxxxxxpredictiveHigh
277ArgumentxxxxpredictiveLow
278Argumentxxx_xxxxxpredictiveMedium
279Argumentxx_xxxxxxxpredictiveMedium
280ArgumentxxxxxxpredictiveLow
281Argumentxx-xpredictiveLow
282Argumentxxxxxxx/xxxxpredictiveMedium
283Argumentxx-xxxxxxxxxx-xxxxpredictiveHigh
284ArgumentxxxxxxpredictiveLow
285Argumentx_xxxxxx/x_xxxxxxxxxxpredictiveHigh
286ArgumentxxxxpredictiveLow
287ArgumentxxxxxxpredictiveLow
288Argumentxxxxx/xxxxpredictiveMedium
289ArgumentxxxxpredictiveLow
290ArgumentxxxxxxxpredictiveLow
291ArgumentxxxxpredictiveLow
292Argumentxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
293ArgumentxxxxxxpredictiveLow
294Argumentxxxx_xxxxpredictiveMedium
295ArgumentxxxxxxxpredictiveLow
296ArgumentxxxxxxxxpredictiveMedium
297ArgumentxxxpredictiveLow
298ArgumentxxxxxxxxxpredictiveMedium
299Argumentxxx_xxxxxxxxxxxpredictiveHigh
300ArgumentxxxxxxpredictiveLow
301Argumentxxxxxxx_xxpredictiveMedium
302ArgumentxxxxxxpredictiveLow
303Argumentxxxx_xxpredictiveLow
304ArgumentxxxxpredictiveLow
305ArgumentxxxxpredictiveLow
306ArgumentxxxpredictiveLow
307Argumentxxxxxxxx_xxxxxxxxpredictiveHigh
308ArgumentxxxxxpredictiveLow
309ArgumentxxxxxxpredictiveLow
310ArgumentxxxxxxxxxxpredictiveMedium
311ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
312ArgumentxxxxpredictiveLow
313Argumentxxxxxxxx/xxxxxxxpredictiveHigh
314ArgumentxxxpredictiveLow
315ArgumentxxxpredictiveLow
316ArgumentxxxxpredictiveLow
317ArgumentxxxxxxxxpredictiveMedium
318Argumentxxxx/xx/xxxx/xxxpredictiveHigh
319ArgumentxxxxxpredictiveLow
320Input Value">[xxxxxx]xxxxx(xxxxxxxx.xxxxxx);[/xxxxxx]<!--predictiveHigh
321Input Value%xx%xxpredictiveLow
322Input Value%xx/%xx.xxxpredictiveMedium
323Input Value%xxpredictiveLow
324Input Value-xpredictiveLow
325Input Value.%xx.../.%xx.../predictiveHigh
326Input Value../predictiveLow
327Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveHigh
328Input Value/%xx/%xx/predictiveMedium
329Input Valuex' xx x=x -- -predictiveHigh
330Input Valuexxxxx/xxxxxxxxpredictiveHigh
331Input Valuexxxxxx:xxxxx/xxx[...]+xxxx=xxxxxxxxxpredictiveHigh
332Input ValuexxxxxxxxxxxpredictiveMedium
333Input Valuexxxx://xxx.xxx.x.x/xxx-xxx/xxxxxxxx.xxx?xxxx=/xxx/xxxxxx.xxxxxxpredictiveHigh
334Input Valuexxxx://[xxxx.xxxx.xxxxxxxxxx.xxx.xxxx]/xxxx.xxx?<xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>predictiveHigh
335Input Valuexxxxxxxxx://xxx.xxxxxxx.xxxxxxx/[xxxxx]predictiveHigh
336Input Valuexxx://xxxxxxx.xxx/xxxx_xxx.xxx#xxxxxxxxxx:%xx*://*%xxxxxxx(xxxxxxxx.xxxx)/predictiveHigh
337Input ValuexxxxxxxxxxpredictiveMedium
338Input Valuexxx://xxx.xxxxxxx.xxxxxxx:xxxxpredictiveHigh
339Input Value[xxxxxx]xxxxx("xxxx_xx")[/xxxxxx]predictiveHigh
340Pattern() {predictiveLow
341Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
342Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
343Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
344Patternxxxxxxxxxxx/xxxpredictiveHigh
345PatternxxxxxxxxpredictiveMedium
346Patternxxxxxxx-xxxxxxxxxxx|xx|predictiveHigh
347Patternxxxxxxx.xxxpredictiveMedium
348PatternxxxxpredictiveLow
349Patternxxxxx.xxxpredictiveMedium
350PatternxxxxpredictiveLow
351PatternxxxxxxxpredictiveLow
352Pattern|xx xx xx xx|predictiveHigh
353Pattern|xx xx xx xx xx|predictiveHigh
354Pattern|xx|predictiveLow
355Pattern|xx xx xx xx xx xx xx xx|predictiveHigh
356Pattern|xx xx|predictiveLow
357Pattern|xx xx xx|predictiveMedium
358Pattern|xx|predictiveLow
359Pattern|xx|predictiveLow
360Network PortxxxxpredictiveLow
361Network Portxxxx xxxxpredictiveMedium
362Network Portxxx/xx (xxxxxx)predictiveHigh
363Network Portxxx/xxxpredictiveLow
364Network Portxxx/xxxx (xx-xxx)predictiveHigh
365Network Portxxx/xxxxpredictiveMedium
366Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!