South Georgia and the South Sandwich Islands Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en758
zh154
de32
ru18
es12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us494
cn324
gb40
tr36
il32

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Cobalt Strike8
Sliver2
Meterpreter2
Colombian Govt Attacks2
NjRAT1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined320
Content Management System54
WordPress Plugin44
Social Network Software30
Programming Language Software30

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined290
Facebook32
Microsoft30
Oracle22
SourceCodester14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Facebook WhatsApp22
WordPress16
Microsoft Windows12
PHP12
Linux Kernel10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix10.000.01009CVE-2006-6168
2V-EVA Press Release Script page.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.210.00187CVE-2010-5047
3LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable5.800.00000
4Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix4.750.00936CVE-2020-15906
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.380.00943CVE-2010-0966
6PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.340.00374CVE-2007-0529
7MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.760.01302CVE-2007-0354
8jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.030.00289CVE-2019-7550
9Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.170.00169CVE-2005-4222
10SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.00045CVE-2024-1875
11Esoftpro Online Guestbook Pro ogp_show.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.420.00108CVE-2009-4935
12ThinkPHP Language Pack pearcmd.php file inclusion8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.04153CVE-2022-47945
13vBulletin redirector.php6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.080.00141CVE-2018-6200
14AWStats Config awstats.pl cross site scripting4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.130.00587CVE-2006-3681
15JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00489CVE-2010-5048
16Indexu suggest_category.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.080.00000
17Citrix NetScaler ADC/NetScaler Gateway OpenID openid-configuration ns_aaa_oauthrp_send_openid_config CitrixBleed memory corruption8.38.2$25k-$100k$0-$5kHighOfficial Fix0.020.96486CVE-2023-4966
18PHP CityPortal index.php sql injection8.58.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00285CVE-2017-15970
19SourceCodester Online Computer and Laptop Store Master.php register sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00063CVE-2023-5373
20Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.210.00000

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
143.228.156.154South Georgia and the South Sandwich Islands Unknown01/03/2023verifiedHigh
243.228.156.172South Georgia and the South Sandwich Islands Unknown01/03/2023verifiedHigh
345.12.70.91erase-deem.yourbandinc.comSouth Georgia and the South Sandwich Islands Unknown01/03/2023verifiedHigh
4XX.XX.XX.XXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
5XX.XX.XXX.XXXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
6XX.XX.XXX.XXXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
7XX.XX.XXX.XXXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
8XX.XXX.XXX.XXxxx.xxxxxxxxxx.xxxxxXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
9XXX.XXX.XX.XXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
10XXX.XX.XX.Xxxxxxxxxx.xxxxxxxx.xxxxxxxxxXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
11XXX.XX.XX.XXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
12XXX.XXX.XXX.XXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
13XXX.XX.XX.XXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
14XXX.XX.XXX.XXXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx01/03/2023verifiedHigh
15XXX.XXX.XXX.XXxxxx Xxxxxxx Xxx Xxx Xxxxx Xxxxxxxx Xxxxxxx Xxxxxxx02/28/2023verifiedHigh

TTP - Tactics, Techniques, Procedures (26)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-21, CWE-22, CWE-23, CWE-25, CWE-36, CWE-425Path TraversalpredictiveHigh
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CWE-94, CWE-1321Argument InjectionpredictiveHigh
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
13TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
15TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
17TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveHigh
18TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveHigh
19TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
21TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
24TXXXX.XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
25TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh
26TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (422)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File%SYSTEMDRIVE%\node_modules\.bin\wmic.exepredictiveHigh
2File/#ilang=DE&b=c_smartenergy_swgroupspredictiveHigh
3File/Account/login.phppredictiveHigh
4File/admin/predictiveLow
5File/admin/save.phppredictiveHigh
6File/adminapi/system/crudpredictiveHigh
7File/adminapi/system/file/openfilepredictiveHigh
8File/admin_route/dec_service_credits.phppredictiveHigh
9File/api/baskets/{name}predictiveHigh
10File/api/downloadpredictiveHigh
11File/api/v1/alertspredictiveHigh
12File/api/v1/terminal/sessions/?limit=1predictiveHigh
13File/api/v4/teams//channels/deletedpredictiveHigh
14File/b2b-supermarket/shopping-cartpredictiveHigh
15File/cancel.phppredictiveMedium
16File/category.phppredictiveHigh
17File/categorypage.phppredictiveHigh
18File/cgi-bin/cstecgi.cgipredictiveHigh
19File/cgi-bin/luci/api/wirelesspredictiveHigh
20File/cgi-bin/vitogate.cgipredictiveHigh
21File/change-language/de_DEpredictiveHigh
22File/Content/Template/root/reverse-shell.aspxpredictiveHigh
23File/core/conditions/AbstractWrapper.javapredictiveHigh
24File/debug/pprofpredictiveMedium
25File/devinfopredictiveMedium
26File/dist/index.jspredictiveHigh
27File/downloadpredictiveMedium
28File/fcgi/scrut_fcgi.fcgipredictiveHigh
29File/forum/away.phppredictiveHigh
30File/geoserver/gwc/rest.htmlpredictiveHigh
31File/goform/formSysCmdpredictiveHigh
32File/HNAP1predictiveLow
33File/hosts/firewall/ippredictiveHigh
34File/index.jsp#settingspredictiveHigh
35File/index.php/ccm/system/file/uploadpredictiveHigh
36File/jeecg-boot/sys/common/uploadpredictiveHigh
37File/log/decodmail.phppredictiveHigh
38File/oauth/idp/.well-known/openid-configurationpredictiveHigh
39File/OA_HTML/cabo/jsps/a.jsppredictiveHigh
40File/php/ping.phppredictiveHigh
41File/proxypredictiveLow
42File/register.dopredictiveMedium
43File/RPS2019Service/status.htmlpredictiveHigh
44File/s/index.php?action=statisticspredictiveHigh
45File/settingpredictiveMedium
46File/Setting/change_password_savepredictiveHigh
47File/sicweb-ajax/tmproot/predictiveHigh
48File/signup.phppredictiveMedium
49File/xxxx.xxxpredictiveMedium
50File/xx_xxx.xxxpredictiveMedium
51File/xxxxxx/xxx/xx/xxxx/xxxx_xxxxx.xpredictiveHigh
52File/xxxxxxxx.xxxpredictiveHigh
53File/xxxxxx/xxxx/xxxxpredictiveHigh
54File/xxxxxxxxxxxx/xxxx/xxxxxxxxxxx?_xxxxxx=xxxxx&xx=xxxxxxxxxxxxx&xxxx=xx&xxxx=x&xxxx=x_xxxxxxxxxxx+xxxx&xxxx=xxxpredictiveHigh
55File/xxx/xxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxpredictiveHigh
56File/xxxxxx/xxxxxxxxxxxxx?xxxxxx=xxxxxxpredictiveHigh
57File/xxxxxxx/predictiveMedium
58File/xxxx/xxxxx/xxxxxxxx?xx=xpredictiveHigh
59File/xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
60File/xxxx-xxxx-xxxxxx.xxxpredictiveHigh
61File/xxxxxxxxxxx/xxxxxxxxpredictiveHigh
62File/xxxxxx/predictiveMedium
63File/xxxxxx/xxxx/xx_xxxxxxx_xxxx_xx.xxxpredictiveHigh
64File/xxx-xxx-xxxxx/xxxxxxx/xxxxpredictiveHigh
65File/xxx-xxx-xxxxx/xxxx/xxxpredictiveHigh
66File/xxxxxx/xxxxx.xxx/xxxxx/xxxxx/xxx_xxxxxx_xxxxxxxx.xxxxpredictiveHigh
67File?x=xxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
68Filexxxxxx.xxxpredictiveMedium
69Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
70Filexxxxxxx.xxxpredictiveMedium
71Filexxx-xxx.xxxpredictiveMedium
72Filexxxxx.xxxxxxxxx.xxxpredictiveHigh
73Filexxxxx.xxxpredictiveMedium
74Filexxxxx.xxx?x=xxxxxx&x=xxxxxx&x=xxxxxxpredictiveHigh
75Filexxxxx/xxxxxxxx.xxxpredictiveHigh
76Filexxxxx/xxxxx.xxxpredictiveHigh
77Filexxxxx/xxxxxxx/xxx-xxxxxx-xxxxxxxxx/xxxxxxx/xxxxx-xxxxxx-xxxxxxxxx-xxxx.xxxpredictiveHigh
78Filexxxxx/xxxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
79Filexxxxx_xxxxx.xxxpredictiveHigh
80Filexxxxxxxxx_x.xxxpredictiveHigh
81Filexxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxxx.xxxpredictiveMedium
83Filexxxxx_xxxxxx.xxxpredictiveHigh
84Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
85Filexxxxxxx.xxxpredictiveMedium
86Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
87Filexxx/xxxx/xxxx.xxxpredictiveHigh
88Filexxx-xxx.xxxpredictiveMedium
89Filexxxxxxxxxx.xxxpredictiveHigh
90Filexxxxxxxxx.xxxpredictiveHigh
91Filexxxxx-xxxx/xxxxxx.xpredictiveHigh
92Filexxxxxxx.xxpredictiveMedium
93Filexxx_xxxx_xxxxx.xpredictiveHigh
94Filexx_xxxx.xxxpredictiveMedium
95Filexxxx_xxxxxx_xxxxxx.xxxpredictiveHigh
96Filexxxxxxxx.xxxpredictiveMedium
97Filexxx-xxx/xxxxxxx.xxpredictiveHigh
98Filexxx-xxx/xxxxxxxx.xxxpredictiveHigh
99FilexxxxxxxpredictiveLow
100Filexxxx.xxxpredictiveMedium
101Filexxxxxxx/xxxxxx.xxxpredictiveHigh
102Filexxxxx.xxxpredictiveMedium
103Filexxxxx-xxxxxxx.xxxpredictiveHigh
104Filexxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
105Filexxxxxx.xxxpredictiveMedium
106Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
107Filexxxx.xxpredictiveLow
108Filexx_xxxxxxxxxxxxxx.xxxpredictiveHigh
109Filexxxxxxxx.xpredictiveMedium
110Filexxxxxxxx_xxx.xxxpredictiveHigh
111Filexxxxx.xxxpredictiveMedium
112Filexxxxxxxx/xxxxxx-xxxx.xxxpredictiveHigh
113Filexxxxxxxxxxxxx.xxxxpredictiveHigh
114Filexxxx/xxxxxxxxxx/xxxxxx-xxxxxx.xpredictiveHigh
115Filexxxx_xxxxx.xxxpredictiveHigh
116Filexx/xxxxx/xxxxxxxxxx.xpredictiveHigh
117Filexx/xxx/xxxxxx/xx_xxxxxxx.xpredictiveHigh
118Filexx/xxx/xxxxxx/xxxxxxx.xpredictiveHigh
119Filexxxxxxx/xxxxxx/xxxx_xxxxxx/xxxxxx/xxxxxx_xxx.xxxpredictiveHigh
120Filexxxxxxx/xxxx/xx/xxxxxx/xxxx.xxxpredictiveHigh
121Filexxxx.xxxpredictiveMedium
122Filexxxxxxx.xxxpredictiveMedium
123Filexxxxxxxxx.xxxpredictiveHigh
124Filexxxxxx.xxxpredictiveMedium
125Filexxxx.xpredictiveLow
126Filexxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
127Filexxxxxxxxxxxx.xxxpredictiveHigh
128Filexxxxxxxxxxxxxx.xxxpredictiveHigh
129Filexxx/xxxxxx.xxxpredictiveHigh
130Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
131Filexxxxxxxxxxxxx.xxxpredictiveHigh
132Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveHigh
133Filexxxxx.xxxpredictiveMedium
134Filexxxxx.xxxxpredictiveMedium
135Filexxxxx.xxxpredictiveMedium
136Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveHigh
137Filexxxxxxx_xxxx.xxxpredictiveHigh
138Filexxxx.xxxpredictiveMedium
139Filexxxxxxxxx/xxxx-xxxxxxxxxx.xxxpredictiveHigh
140Filexxxxxxxx/xxx-xxx/xxxxxxxxxx/xxxxxxx.xxpredictiveHigh
141Filexx/xxxxxx/xxxxxxxxxxxpredictiveHigh
142Filexxxx_xxxx.xxxpredictiveHigh
143Filexxxxx/xxx_xxx.xpredictiveHigh
144Filexxxxxx.xxxpredictiveMedium
145Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
146Filexxxxxxxxx/xxxxxx_xxxx_xxx.xpredictiveHigh
147Filexxxx.xxxpredictiveMedium
148Filexxxxx.xxxxpredictiveMedium
149Filexxxxxx.xxxpredictiveMedium
150Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
151Filexxxxx_xxxxx/xx_xxxxxxx.xpredictiveHigh
152Filexxxx/xxxxxxx_xxxx.xpredictiveHigh
153Filexxxxxxx.xxx/xxxxx.xxxpredictiveHigh
154Filexxxxxxx/xxx.xxxpredictiveHigh
155Filexxxxxx_xx.xxxpredictiveHigh
156Filexxxx/?x=xxxxxxxx/xxxx_xxxxxxxpredictiveHigh
157Filexxxxxxxx.xxpredictiveMedium
158Filexxxxxxxx.xxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxpredictiveHigh
159Filexxx/xxxx/xxx.xpredictiveHigh
160Filexxx/xxxxxxxxx/xxx_xxxxxxxxx.xpredictiveHigh
161Filexxxxx_xxxxxxxxxx.xxxpredictiveHigh
162Filexxx_xxxxxxxx.xpredictiveHigh
163Filexxx_xxxx.xxxpredictiveMedium
164Filexxxx.xxxpredictiveMedium
165Filexxxxxxxxxx.xxpredictiveHigh
166Filexxxxxx\xxx_xxxxxxx\xxxxxxxxxxxxxxxx\xxxxxxxxxxxxxxxx.xxxpredictiveHigh
167Filexxxxxxx.xxxpredictiveMedium
168Filexxx-xxx/?x=xxxxxxx_xxxxxpredictiveHigh
169Filexxxxxxx.xxxpredictiveMedium
170Filexxxxxxx_xxxxxx_xxx.xxxxpredictiveHigh
171Filexxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
172Filexxxxxx_xxx.xxxpredictiveHigh
173Filexxxx_xxxx.xxxpredictiveHigh
174Filexxxxxxxxxx.xxxpredictiveHigh
175Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
176Filexxxxxxx.xxxpredictiveMedium
177Filexxxxxxxx.xxx?xxxxxxxx=xxx&xxxxx=xxxxxxxx&xxx=xxx_xxxxxpredictiveHigh
178Filexxxxx.xxxpredictiveMedium
179Filexxxxxxxx.xxxpredictiveMedium
180Filexxxxxxxxxx.xxxpredictiveHigh
181Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
182Filexxxxxxxx.xxxpredictiveMedium
183Filexxx.xpredictiveLow
184Filexxxxxxx/xxx-xxxxxx-xxxxpredictiveHigh
185Filexxx_xx.xxpredictiveMedium
186Filexxxxxx_xxxx_xxxx.xxxpredictiveHigh
187Filexxxxxx/xxxxxxxxxxx/xxx/xxxxxxxxxx/xxxx.xxxpredictiveHigh
188Filexxxxx.xxxpredictiveMedium
189Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
190Filexxxxxxx.xxxpredictiveMedium
191Filexxxxxxxx.xxx.xxxpredictiveHigh
192Filexxxxxxx.xxxpredictiveMedium
193Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
194Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxx-xxxxxxxx.xxxpredictiveHigh
195Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
196Filexxxxxx/xxxxxxxxx/xxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
197Filexxxxxxx/xxxxxx.xxxpredictiveHigh
198Filexxx_xxxxx.xpredictiveMedium
199Filexxx/xxxxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
200Filexxx/xxxx/xxxx/xx/xxxxx/xxxxx/xxxx/xxxxxxxxxxxx.xxxxpredictiveHigh
201Filexxx/xxxxxxxx/xxxxxxx.xpredictiveHigh
202Filexxxxxxx/xxxxx_xxxx.xxpredictiveHigh
203Filexxxxxx.xpredictiveMedium
204Filexxxxxxx-xxxxxxx.xxxpredictiveHigh
205Filexxxxxxx_xxxxxxxx.xxxpredictiveHigh
206Filexxxxxxxxxx.xxxxxpredictiveHigh
207Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveHigh
208Filexxxxxxxx.xxxxx.xxxpredictiveHigh
209Filexxxx-xxxxx.xxxpredictiveHigh
210Filexxxx-xxxxx.xxxpredictiveHigh
211Filexxxx-xxxxxxxx.xxxpredictiveHigh
212Filexxxxxxxxxxxxxxxxx.xxxxxpredictiveHigh
213Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
214Filexxxxx.xxxpredictiveMedium
215Filexxxxx/xxxxx.xxxpredictiveHigh
216Filexxxxx/xxxxxxxx-xxxxxxxxx.xxxpredictiveHigh
217Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
218Filexxxxxxx.xxxpredictiveMedium
219Filexxxxxxx.xxxpredictiveMedium
220Filexxxxxxx.xxxpredictiveMedium
221Filexxxxxxx.xxxpredictiveMedium
222Filexxxxxx.xxxpredictiveMedium
223Filexxx.xxxpredictiveLow
224Filexxx.xxxpredictiveLow
225Filexxx/xxxxxxx/xxxxxxx/xxxxxxxxxx?xx=xpredictiveHigh
226Filexxx/xxxxxxx/xxxxxxx/xxxxxxxx?xx=xpredictiveHigh
227Filexxxxxxxx/xxxxx/xxxxxxxxx.xxxpredictiveHigh
228Filexxxxxxx_xxxxxxxxx.xxxpredictiveHigh
229Filexxxxxxxx.xxxpredictiveMedium
230Filexx-xxxxx/xxxxxxx.xxxpredictiveHigh
231Filexx-xxxx.xxxpredictiveMedium
232Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
233Filexx-xxxxx.xxxpredictiveMedium
234Filexx-xxxxxxxxx.xxxpredictiveHigh
235Filexxxxxx.xxxpredictiveMedium
236Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xpredictiveHigh
237Filexxxxxxxxxxx.xxxpredictiveHigh
238File_xxxxxx.xxxpredictiveMedium
239File__xxxx_xxxxxxxx.xxxpredictiveHigh
240File~/xxxxxxxx.xxxpredictiveHigh
241Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
242Libraryxxxxxx/xxxxxxx/xxx/xxx/xxxxx/xxxxxx/xxxxxxxxx.xxxpredictiveHigh
243Libraryxxxxxxxx.xxxpredictiveMedium
244Libraryxxxxxxx/xxx/xxxxxx.xxx.xxxpredictiveHigh
245Libraryxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
246Libraryxxx/xx/xxxxx/xxxxxxxxxx/xxxx.xxpredictiveHigh
247Libraryxxx/xxxxxxxxx.xxpredictiveHigh
248Libraryxxxxxxxx.xxxpredictiveMedium
249Libraryxxxxxxxxx.x.x.xxx.xxxpredictiveHigh
250Libraryxxx/xx_xxx.xpredictiveMedium
251Libraryxxxxxxxxxxxxxx.xxxxxpredictiveHigh
252Libraryxxxxxxx.xxxpredictiveMedium
253Argument$_xxxxxx["xxx_xxxx"]predictiveHigh
254ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
255ArgumentxxxxxxpredictiveLow
256ArgumentxxxxxxxpredictiveLow
257ArgumentxxxxxxxpredictiveLow
258ArgumentxxxxpredictiveLow
259ArgumentxxxxxxxxxpredictiveMedium
260Argumentxxxx_xxxxxpredictiveMedium
261ArgumentxxpredictiveLow
262ArgumentxxxxxxpredictiveLow
263ArgumentxxxxxxxxpredictiveMedium
264ArgumentxxxxxxxxpredictiveMedium
265Argumentxxxx_xxxpredictiveMedium
266ArgumentxxxxpredictiveLow
267ArgumentxxxxxpredictiveLow
268Argumentxxxxxxxxxx_xxxxpredictiveHigh
269Argumentxxxx_xxpredictiveLow
270ArgumentxxxpredictiveLow
271ArgumentxxxxxxxxxxpredictiveMedium
272ArgumentxxxxxxxxxxpredictiveMedium
273Argumentxxxxx/xxxxpredictiveMedium
274Argumentxxx_xxpredictiveLow
275ArgumentxxxxxxxxpredictiveMedium
276Argumentxxxxx_xxpredictiveMedium
277ArgumentxxxxxxpredictiveLow
278ArgumentxxxxxxxxxxxxpredictiveMedium
279ArgumentxxxxxxpredictiveLow
280Argumentxxxxxx[xxxx]predictiveMedium
281ArgumentxxxxxxxxpredictiveMedium
282ArgumentxxxxxxxxxxpredictiveMedium
283ArgumentxxxxpredictiveLow
284ArgumentxxxxxxxxxpredictiveMedium
285ArgumentxxxxpredictiveLow
286Argumentxxxxxx_xxxpredictiveMedium
287ArgumentxxxxpredictiveLow
288ArgumentxxxxxxxxxxxpredictiveMedium
289ArgumentxxxxxxxpredictiveLow
290ArgumentxxxxxxxxxxpredictiveMedium
291ArgumentxxxxxpredictiveLow
292Argumentxxxxx/xxxx/xxxxx/xxxxxxxxpredictiveHigh
293Argumentxxxxx/xxxxpredictiveMedium
294Argumentxxxxx/xxxxxxxxpredictiveHigh
295ArgumentxxxxxpredictiveLow
296ArgumentxxxxxxxxxpredictiveMedium
297Argumentxxxxx_xxxpredictiveMedium
298Argumentxxxxxxxx[xxxxxxx_xx]predictiveHigh
299ArgumentxxxxpredictiveLow
300Argumentxxxxxxx/xxxxxxxxpredictiveHigh
301ArgumentxxxxxxxxpredictiveMedium
302ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
303Argumentxxxxxx_xxxpredictiveMedium
304Argumentxxxxx xxxxpredictiveMedium
305Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
306Argumentxxxx/xxxxxxx/xxx/xxxxxxxxxpredictiveHigh
307Argumentxxxxxxxx[xxx_xx]predictiveHigh
308Argumentxxxxxxxxx/xxxxxxpredictiveHigh
309Argumentxx_xxpredictiveLow
310ArgumentxxxxxxpredictiveLow
311Argumentxxxxxxxxxxxxxxx._xxxxpredictiveHigh
312ArgumentxxxxpredictiveLow
313ArgumentxxxxpredictiveLow
314ArgumentxxxxpredictiveLow
315Argumentxxxx_xxxxpredictiveMedium
316ArgumentxxpredictiveLow
317ArgumentxxxxxxxxxxpredictiveMedium
318ArgumentxxxxxxpredictiveLow
319Argumentxx_xxxxxxxx/xx_xxxx/xx_xxxxxxx/xxxxxpredictiveHigh
320ArgumentxxxxxpredictiveLow
321ArgumentxxxpredictiveLow
322Argumentxxx_xxxxxxxxpredictiveMedium
323ArgumentxxxxxxxpredictiveLow
324ArgumentxxxxxxxxxpredictiveMedium
325ArgumentxxxxxxxxxpredictiveMedium
326Argumentxx_xxxxxpredictiveMedium
327Argumentxxxxxxxx[xx]predictiveMedium
328ArgumentxxxxxxxxpredictiveMedium
329Argumentx/xx/xxxpredictiveMedium
330ArgumentxxxxpredictiveLow
331Argumentxxxx_xxxxpredictiveMedium
332ArgumentxxxpredictiveLow
333ArgumentxxxpredictiveLow
334ArgumentxxxxxxxpredictiveLow
335ArgumentxxxpredictiveLow
336ArgumentxxxpredictiveLow
337ArgumentxxxxxxxxxpredictiveMedium
338Argumentxxx_xxxxx_xxxxxxxxpredictiveHigh
339ArgumentxxxxpredictiveLow
340Argumentxxx/xxxpredictiveLow
341ArgumentxxxxpredictiveLow
342Argumentxx_xxpredictiveLow
343ArgumentxxxxxxpredictiveLow
344Argumentxxxxxx[]predictiveMedium
345Argumentxxxxxxxx/xxxxxxxxxpredictiveHigh
346ArgumentxxxxpredictiveLow
347ArgumentxxxxxxxxpredictiveMedium
348ArgumentxxxxxxxxpredictiveMedium
349ArgumentxxxxxxxxpredictiveMedium
350Argumentxxxx_xxxxpredictiveMedium
351ArgumentxxxxxxxpredictiveLow
352Argumentxxxxxxx/xxxxxx/xxxxxxxpredictiveHigh
353Argumentxxxxx_xxxx_xxxxpredictiveHigh
354ArgumentxxxxxxxxpredictiveMedium
355Argumentxxxxxx_xxxx/xxxxxx_xx/xxxxxx_xxxx/xxxxxxxxpredictiveHigh
356Argumentxxxx_xxxpredictiveMedium
357ArgumentxxxxxxxxxxpredictiveMedium
358Argumentxxxxxxx xxxxxpredictiveHigh
359ArgumentxxxxxxxxxxxpredictiveMedium
360Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
361Argumentxxxxx_xxxxxxpredictiveMedium
362ArgumentxxxxxxxxpredictiveMedium
363ArgumentxxxxxxxxpredictiveMedium
364ArgumentxxxxxxxxxxpredictiveMedium
365ArgumentxxxxxxxxxpredictiveMedium
366ArgumentxxxxxxxxxxpredictiveMedium
367Argumentxxxxxx_xxxxpredictiveMedium
368ArgumentxxxxxxpredictiveLow
369Argumentxxx_xxxxpredictiveMedium
370Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
371ArgumentxxxxxxxxxxpredictiveMedium
372ArgumentxxxxxxxxxpredictiveMedium
373Argumentxxxxxx_xxxx_xxxxpredictiveHigh
374ArgumentxxxxpredictiveLow
375ArgumentxxxxpredictiveLow
376ArgumentxxxxxxxxxpredictiveMedium
377Argumentxxxxxxxx_xxxx/xxxxxxxx_xxxxxxxpredictiveHigh
378ArgumentxxxxxxpredictiveLow
379Argumentxxxxxxx[]predictiveMedium
380ArgumentxxxxxxxxxxxpredictiveMedium
381Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
382Argumentxxxx_xx_xxxpredictiveMedium
383ArgumentxxxxpredictiveLow
384ArgumentxxxxxxxxpredictiveMedium
385ArgumentxxxxxpredictiveLow
386ArgumentxxxxxpredictiveLow
387ArgumentxxxxxpredictiveLow
388ArgumentxxxxxxxpredictiveLow
389ArgumentxxxxxxxxxxxpredictiveMedium
390Argumentxxxxx/xxxxxxxxpredictiveHigh
391ArgumentxxxpredictiveLow
392ArgumentxxxpredictiveLow
393Argumentxxxxxx/xxxxxpredictiveMedium
394Argumentxxxxxxxxxxxxx.xxxxxxxxxxpredictiveHigh
395ArgumentxxxxxxxxpredictiveMedium
396Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
397ArgumentxxxpredictiveLow
398Argumentxxxx->xxxxxxxpredictiveHigh
399Argumentx-xxxxx-xxxxxxxpredictiveHigh
400Argumentxxxx xxxxxxxxpredictiveHigh
401Argument_xxx_xxxxxxxxxxx_predictiveHigh
402Input Value"><xxx xxx=x xxxxxxx=xxxxxx(x)>predictiveHigh
403Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
404Input Value../predictiveLow
405Input Value/\xxxxxxx.xxxpredictiveHigh
406Input ValuexxxxpredictiveLow
407Input Valuex%xxxx%xxx=xpredictiveMedium
408Input Valuexx' xxx xxx_xxxx.xxxxxxx('xxxx://xxxxxxxxx_xxxx/xxxxx')='x' xxxxx xx xxxxx_xxxx)) --predictiveHigh
409Input Value<xxx xxx="x" xxxxxxx="xxxxxxx.xxx(x)">predictiveHigh
410Input Value<xxx xxx=x xxxxxxx=xxxxx(xxxxxxxx.xxxxxx)>predictiveHigh
411Input Value<xxxxxxx>xxpredictiveMedium
412Input Value<xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
413Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
414Input Value<xxx xxxxxxx="xxxxx(x)" xxxxx=xxxxxxx:xxxxx>xxxxx xxxx</xxx>predictiveHigh
415Input Valuexxxxxxx -xxxpredictiveMedium
416Input Valuexxxxxx|xxx|xxxxxxxpredictiveHigh
417Input Valuexxxxxx%xx+xx+%xxx%xx+%xx+%xxx%xx+--+-predictiveHigh
418Input Value\xxx\xxx\xxx\xxx\xxxpredictiveHigh
419Pattern|xx xx xx|predictiveMedium
420Network Portxxxx/xxxxxpredictiveMedium
421Network Portxxx/xxxxxpredictiveMedium
422Network Portxxx xxxxxx xxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!