Vobfus Analysis
IOB - Indicator of Behavior (696)
Timeline
The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.
Activities
Interest
Timeline
The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.
Vulnerabilities
IOC - Indicator of Compromise (47)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
TTP - Tactics, Techniques, Procedures (21)
Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.
IOA - Indicator of Attack (357)
These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.
ID | Class | Indicator | Type | Confidence |
---|---|---|---|---|
1 | File | /adfs/ls | predictive | Medium |
2 | File | /admin/inquiries/view_details.php | predictive | High |
3 | File | /api/RecordingList/DownloadRecord?file= | predictive | High |
4 | File | /api/sys/set_passwd | predictive | High |
5 | File | /app/controller/Books.php | predictive | High |
6 | File | /bin/boa | predictive | Medium |
7 | File | /cgi-bin/wapopen | predictive | High |
8 | File | /cgi-bin/wlogin.cgi | predictive | High |
9 | File | /config/getuser | predictive | High |
10 | File | /context/%2e/WEB-INF/web.xml | predictive | High |
11 | File | /dev/urandom | predictive | Medium |
12 | File | /etc/ajenti/config.yml | predictive | High |
13 | File | /etc/quantum/quantum.conf | predictive | High |
14 | File | /etc/shadow | predictive | Medium |
15 | File | /exec/ | predictive | Low |
16 | File | /forum/away.php | predictive | High |
17 | File | /getcfg.php | predictive | Medium |
18 | File | /goform/dir_setWanWifi | predictive | High |
19 | File | /HNAP1 | predictive | Low |
20 | File | /mgmt/tm/util/bash | predictive | High |
21 | File | /MIME/INBOX-MM-1/ | predictive | High |
22 | File | /modules/projects/vw_files.php | predictive | High |
23 | File | /opt/tms/bin/cli | predictive | High |
24 | File | /out.php | predictive | Medium |
25 | File | /plain | predictive | Low |
26 | File | /server-status | predictive | High |
27 | File | /setSystemAdmin | predictive | High |
28 | File | /staff/tools/custom-fields | predictive | High |
29 | File | /tmp/phpglibccheck | predictive | High |
30 | File | /uncpath/ | predictive | Medium |
31 | File | /WebMstr7/servlet/mstrWeb | predictive | High |
32 | File | /webpages/data | predictive | High |
33 | File | /wp-admin/options.php | predictive | High |
34 | File | /wp-content/plugins/updraftplus/admin.php | predictive | High |
35 | File | /wp-content/plugins/woocommerce/templates/emails/plain/ | predictive | High |
36 | File | /wp-json/oembed/1.0/embed?url | predictive | High |
37 | File | /xyhai.php?s=/Auth/editUser | predictive | High |
38 | File | /_next | predictive | Low |
39 | File | account.asp | predictive | Medium |
40 | File | actionHandler/ajax_managed_services.php | predictive | High |
41 | File | adclick.php | predictive | Medium |
42 | File | xxx_xxxxxxx.xxx | predictive | High |
43 | File | xxxxx.xxxxxxxxxxxxxx.xxx | predictive | High |
44 | File | xxxxx.xxxxxxxxxx.xxx | predictive | High |
45 | File | xxxxx.xxx | predictive | Medium |
46 | File | xxxxx/xxxxx.xxxxx | predictive | High |
47 | File | xxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxx | predictive | High |
48 | File | xxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxx | predictive | High |
49 | File | xxxxxx.xxx | predictive | Medium |
50 | File | xxxx-xxxxxxx.xxx | predictive | High |
51 | File | xxxx/xxx/xxxx/xxxxxxxxxxx | predictive | High |
52 | File | xxxxxxxxxxx.xxx | predictive | High |
53 | File | xxxxx_xxxxxx.xxx | predictive | High |
54 | File | xxxxxx/xxxxxxxxx.xxx | predictive | High |
55 | File | xxxxxxxxx/xxxxxxxxxxxxx | predictive | High |
56 | File | xxx/xxxxxxx/xxxxx/xxx/xxxxxxx/xxxxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxx.xxx | predictive | High |
57 | File | xxx/xxxxx/xxxxxx/xxxxx/xxxxx.xxx | predictive | High |
58 | File | xxxxxxxxxxxxxx.xxx | predictive | High |
59 | File | xxxxxx.xxx | predictive | Medium |
60 | File | xxxx-xxxx.x | predictive | Medium |
61 | File | xxxxxxx.xxxx | predictive | Medium |
62 | File | xxxxxxxxxxxxxx.xxx | predictive | High |
63 | File | xxxxxx.xxxxxxx.xxx | predictive | High |
64 | File | xxxxxxx.xx | predictive | Medium |
65 | File | xxx/xxxxxx_xxxxxxx.xxx | predictive | High |
66 | File | xxxxx.xxx | predictive | Medium |
67 | File | xxxx.x | predictive | Low |
68 | File | x:\xxxx | predictive | Low |
69 | File | x:\xxxxx\ | predictive | Medium |
70 | File | xxx_xxxx.x | predictive | Medium |
71 | File | xxxx_xxxxxxx.xxx | predictive | High |
72 | File | xxx-xxx/ | predictive | Medium |
73 | File | xxx-xxx/xxxxxxx.xx | predictive | High |
74 | File | xxx-xxx/xxxxxx | predictive | High |
75 | File | xxx-xxx/xxxx_xxx.xxx | predictive | High |
76 | File | xxxxx.xxxxx.xxx | predictive | High |
77 | File | xxxxxxxxxx_xxxxx.xxx | predictive | High |
78 | File | xxx.xxx | predictive | Low |
79 | File | xxx.xxx | predictive | Low |
80 | File | xxxxxxxx_xxxxxxx.xxx | predictive | High |
81 | File | xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx | predictive | High |
82 | File | xxxxxxxxxxxxxxxxxxxx.xxxx | predictive | High |
83 | File | xxxxxx.xxx.xxx | predictive | High |
84 | File | xxxxxx_xxxxxxx.xxx | predictive | High |
85 | File | xxxxxxx/xxx_xxxxxxx.xxx | predictive | High |
86 | File | xxxxxx.x | predictive | Medium |
87 | File | xxxx/xxxxxxxxxxxxxxx.xxx | predictive | High |
88 | File | xxxxxxxxxxxxxxx/ | predictive | High |
89 | File | xxxxx_xxxx.x | predictive | Medium |
90 | File | xxxxxxx.xxx | predictive | Medium |
91 | File | xxxxxxxxx.xxx | predictive | High |
92 | File | xxxxxxxxxxxxxxx.xxx | predictive | High |
93 | File | xxxxxxxxxxxxxxxxxxxxxx | predictive | High |
94 | File | xxxxxxxx_xxx.xxx | predictive | High |
95 | File | xxxxxxx/xxx/xxxxxxxx.x | predictive | High |
96 | File | xxxxxxx/xxxxxxxxxx/xxxx/xxxx.x | predictive | High |
97 | File | xxxxxxx/xxx/xxx/xxxxx.x | predictive | High |
98 | File | xxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx_xxxxx.x | predictive | High |
99 | File | xxxxxxx/xxx/xxxxxx/xxxx_xxxxxxxxxx.x | predictive | High |
100 | File | xxxxx.xxx | predictive | Medium |
101 | File | xxxx/xxxxxxxxxx/xxxxxx-xxx.x | predictive | High |
102 | File | xxxxx.xxx | predictive | Medium |
103 | File | xxxx.xxx | predictive | Medium |
104 | File | xxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.x | predictive | High |
105 | File | xxxxxxxxxxx.xxxxx.xxx | predictive | High |
106 | File | xxx_xxxx.x | predictive | Medium |
107 | File | xxxxxxxxxxxxxxxxxxxxxxxxxx.xxx | predictive | High |
108 | File | xxxxxx.xxx | predictive | Medium |
109 | File | xx/xxxxxx/xxxxxx.x | predictive | High |
110 | File | xx/xxxxxxxxx/xxxx_xx.x | predictive | High |
111 | File | xx/xxxxxxx.x | predictive | Medium |
112 | File | xxx_xxxxxx.x | predictive | Medium |
113 | File | xxxxxx.xxx | predictive | Medium |
114 | File | xxxx.xxx | predictive | Medium |
115 | File | xxxx.xxx | predictive | Medium |
116 | File | xxxxxxxxx.xxx | predictive | High |
117 | File | xxxxxxxxx.xx | predictive | Medium |
118 | File | xxxxxx.xxx | predictive | Medium |
119 | File | xxxxxx.xxx | predictive | Medium |
120 | File | xxxx.xxx | predictive | Medium |
121 | File | xxxxxxxxxx.xxx | predictive | High |
122 | File | xxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xx | predictive | High |
123 | File | xxxx_xxxx.x | predictive | Medium |
124 | File | x-xxxx.xxx | predictive | Medium |
125 | File | xxxxxxxxx.xxx | predictive | High |
126 | File | xxx/xxxxxx.xxx | predictive | High |
127 | File | xxx/xxxxxxxxxxx/xxxxxxx.xxx | predictive | High |
128 | File | xxxxxxx.xxx | predictive | Medium |
129 | File | xxxxxxxx/xxxx.xxx | predictive | High |
130 | File | xxxxx.xxx | predictive | Medium |
131 | File | xxxxx.xxx | predictive | Medium |
132 | File | xxxx.xxx.xxx | predictive | Medium |
133 | File | xxxxxx.xxx | predictive | Medium |
134 | File | xxxxxxx.xxxxx | predictive | High |
135 | File | xxxx_xxxx.xxx | predictive | High |
136 | File | xxxx_xxxx.xxx | predictive | High |
137 | File | xx/xxx_xxxxxxx.xx.xxx | predictive | High |
138 | File | xxxxxx.x | predictive | Medium |
139 | File | xxxxxx/xxxxx/xxxx.x | predictive | High |
140 | File | xxxxx.xxx | predictive | Medium |
141 | File | xxxxxx.xxx | predictive | Medium |
142 | File | xxxxxxxxx/xxxxxx.xxx.xxx | predictive | High |
143 | File | xxxxx.xxx | predictive | Medium |
144 | File | xxxxx.xxx | predictive | Medium |
145 | File | xxxxx.xxxx | predictive | Medium |
146 | File | xxxxxxxx.xx | predictive | Medium |
147 | File | xxxx.xxx | predictive | Medium |
148 | File | xxxxxxxx.xxx | predictive | Medium |
149 | File | xxxxxxx_xxx.xxx | predictive | High |
150 | File | xx/xxx.x | predictive | Medium |
151 | File | xxxxxxx/xxx_xxxxxxxx.xxx | predictive | High |
152 | File | xxx_xxxxx.x | predictive | Medium |
153 | File | xxx_xxxxx_xxxxxx_xxxxx.xxx | predictive | High |
154 | File | xxx_xxxxxxxx.xxx | predictive | High |
155 | File | xxx_xxxxx_xxxxx.x | predictive | High |
156 | File | xxx_xxxxx_xxxx.x | predictive | High |
157 | File | xxxxxxx/xxxxx.x | predictive | High |
158 | File | xxxxxxxx.xxx | predictive | Medium |
159 | File | xxxxxxxxx/xxxxxxxxxxxxxx:x.x.x | predictive | High |
160 | File | xxxxxxxxxxxxxxxxxxxxx.xxxx | predictive | High |
161 | File | xxx/xxxxx.xxxx | predictive | High |
162 | File | xxxxx/xxxxxxxx.xxx.xxx | predictive | High |
163 | File | xxxxxxxxxxx.xxx | predictive | High |
164 | File | xxxxxxxxxxxxxxx.xxx | predictive | High |
165 | File | xxxxxxx.xxx | predictive | Medium |
166 | File | xxxxxxxx.xx | predictive | Medium |
167 | File | xxxx.xxx | predictive | Medium |
168 | File | xxxxxxxx.xxx | predictive | Medium |
169 | File | xxxxxxx.xx | predictive | Medium |
170 | File | xxx_xxxxxxxxxxxx.xxx | predictive | High |
171 | File | xxxxxxxxxx.xxx | predictive | High |
172 | File | xxxxx_xxxxx.xxx | predictive | High |
173 | File | xxxx.xxx | predictive | Medium |
174 | File | xxxxxxx.xxx | predictive | Medium |
175 | File | xxxxxxxxxx.xxx | predictive | High |
176 | File | xxxxxxxx_xxxx.xxx | predictive | High |
177 | File | xxx/xxxxxxx/xxxxxx/xxxx/xxxxx/xxxxxxx/xxxxxx/xxxxx/xxx%xxxxxxxxxxxxx.xx.xxx | predictive | High |
178 | File | xxxx.xxx | predictive | Medium |
179 | File | xxx.x | predictive | Low |
180 | File | xxxxxx.xx | predictive | Medium |
181 | File | xxxxxx_xxx_xxxxxx.xxx | predictive | High |
182 | File | xxxxxxxxxxx.xxx | predictive | High |
183 | File | xxxxxxxx.xxx | predictive | Medium |
184 | File | xxxxx.xxx | predictive | Medium |
185 | File | xxxx.xxx | predictive | Medium |
186 | File | xxxxx/xxxxxxxx/xxxxxxxxx.xxx | predictive | High |
187 | File | xxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxx | predictive | High |
188 | File | xxxxx/xxxx-xxxxxx.x | predictive | High |
189 | File | xx/xxx/xxxxxxxx | predictive | High |
190 | File | xxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xx | predictive | High |
191 | File | xxx.xxx | predictive | Low |
192 | File | xxxxxxxxx.x | predictive | Medium |
193 | File | xxxxx_xx.xxx | predictive | Medium |
194 | File | xxxx.xxx | predictive | Medium |
195 | File | xxxxxxx.xxx | predictive | Medium |
196 | File | xxxxxxx.xxx | predictive | Medium |
197 | File | xxxx_xxxxx.xxx | predictive | High |
198 | File | xxxxxx.xxx | predictive | Medium |
199 | File | xxxxxxx.x | predictive | Medium |
200 | File | xxx\_xxxxxxx\_xxxxxxx.xxx | predictive | High |
201 | File | xxxxxxxx.xxx | predictive | Medium |
202 | File | xx-xxxxx/xxxxx.xxx?xxxx=xx_xxxxxxx_xxxx_xxxxxx.xxx&xxxxxxx=x | predictive | High |
203 | File | xx-xxxxx/xxxxxxxxx.xxx | predictive | High |
204 | File | xx-xxxxx.xxx | predictive | Medium |
205 | File | xxxxxxxxxx.xxx | predictive | High |
206 | File | xxxxx.x | predictive | Low |
207 | File | xxxxx.xxx | predictive | Medium |
208 | File | xxxxxx.xxx | predictive | Medium |
209 | File | xxxxxxxxxxx.xxx | predictive | High |
210 | File | xxxxxxxxxxxx.xxx | predictive | High |
211 | Library | /xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxx/xxxxxx.xxx | predictive | High |
212 | Library | /xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxx/xxxxxxxxxx.xxx | predictive | High |
213 | Library | /_xxx_xxx/xxxxx.xxx | predictive | High |
214 | Library | xxxxxx.xxx | predictive | Medium |
215 | Library | xxxxxx/xxx/xxxxxxxxx/xxx/xxx_xxx.x | predictive | High |
216 | Library | xxxxxxxxx.xxxxxxxxxx.xxxxxxxxxxx.xxx.xxx | predictive | High |
217 | Library | xxxxxx-xx/xxx/xxx-xxxxxx-xxxxx-xx.xxx | predictive | High |
218 | Library | xx/xxx.xxx.xxx | predictive | High |
219 | Library | xxxxxx/xxxxxxx/xxxx.xxx | predictive | High |
220 | Library | xxxxx.xxx | predictive | Medium |
221 | Library | xxxxxx.xxx | predictive | Medium |
222 | Library | xxxxxxx.xxx/xxxxxx.xxx | predictive | High |
223 | Argument | -x | predictive | Low |
224 | Argument | -x/-x | predictive | Low |
225 | Argument | ?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=x | predictive | High |
226 | Argument | xx/xx | predictive | Low |
227 | Argument | xxxxxxxx_xxxx | predictive | High |
228 | Argument | xxxxxxx | predictive | Low |
229 | Argument | xxxxx | predictive | Low |
230 | Argument | xxxxxx_xxxx | predictive | Medium |
231 | Argument | xxxxxxxxxxxxxx | predictive | High |
232 | Argument | xxxx | predictive | Low |
233 | Argument | xxxxxxxx | predictive | Medium |
234 | Argument | xxxxxxxx | predictive | Medium |
235 | Argument | xxxx_xxx | predictive | Medium |
236 | Argument | xxxxxx | predictive | Low |
237 | Argument | xxx_xxx | predictive | Low |
238 | Argument | xxxxxxxxxx_xxxx | predictive | High |
239 | Argument | xxx_xxx | predictive | Low |
240 | Argument | xxxx_xxx_xxxx | predictive | High |
241 | Argument | xxx | predictive | Low |
242 | Argument | xxxxxxxx | predictive | Medium |
243 | Argument | xxx_xx | predictive | Low |
244 | Argument | xxx | predictive | Low |
245 | Argument | xxxxxxxxx | predictive | Medium |
246 | Argument | xxxx_xx | predictive | Low |
247 | Argument | xxxxxxx | predictive | Low |
248 | Argument | xxxxxx | predictive | Low |
249 | Argument | xxxxxx[xxxxxxx_xxx] | predictive | High |
250 | Argument | xxxxxx_xxxxxxx[xxxx][xxxxxxx][] | predictive | High |
251 | Argument | xxxxxxxxxxxxxxxx | predictive | High |
252 | Argument | xxx_x_xxx | predictive | Medium |
253 | Argument | xx_xxxxxxxxxxxxx_xx | predictive | High |
254 | Argument | xxxxxxxxxxxx | predictive | Medium |
255 | Argument | xxxx | predictive | Low |
256 | Argument | xxx | predictive | Low |
257 | Argument | xxx | predictive | Low |
258 | Argument | xxxxxxxx[xxxx_xxx] | predictive | High |
259 | Argument | xxxxx xxxx | predictive | Medium |
260 | Argument | xxxxxxxxxxx | predictive | Medium |
261 | Argument | xxxxx_xxxx_xxxx | predictive | High |
262 | Argument | xx_xxxxxxx | predictive | Medium |
263 | Argument | xxxx | predictive | Low |
264 | Argument | xxxxxxxxxx | predictive | Medium |
265 | Argument | xxxxxxxx | predictive | Medium |
266 | Argument | xxxxxxx | predictive | Low |
267 | Argument | xxx | predictive | Low |
268 | Argument | xxxxx_xx | predictive | Medium |
269 | Argument | xxxxxxxx | predictive | Medium |
270 | Argument | xxxx | predictive | Low |
271 | Argument | xxxx | predictive | Low |
272 | Argument | xxxx | predictive | Low |
273 | Argument | xx_xxxx_xx/xx_xxxx_xx | predictive | High |
274 | Argument | xx | predictive | Low |
275 | Argument | xxxxxxxxxx | predictive | Medium |
276 | Argument | xxxxxxxxx | predictive | Medium |
277 | Argument | xx_xxx | predictive | Low |
278 | Argument | xx_xxxx | predictive | Low |
279 | Argument | xxxxx | predictive | Low |
280 | Argument | xxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxx | predictive | High |
281 | Argument | xxx | predictive | Low |
282 | Argument | xxxxxxxx_xxx | predictive | Medium |
283 | Argument | xxxxxxx | predictive | Low |
284 | Argument | xxxx | predictive | Low |
285 | Argument | xxx_xxxxxxx_xxx | predictive | High |
286 | Argument | xx_xxxxxx | predictive | Medium |
287 | Argument | xxxx_xxxx | predictive | Medium |
288 | Argument | xx_xxxxxxxx | predictive | Medium |
289 | Argument | xxxxxxxxx_xxxxxxxx_xxxx | predictive | High |
290 | Argument | xxxxxxxxx_xxxx_xxxx | predictive | High |
291 | Argument | xxxxxxx_xxxx | predictive | Medium |
292 | Argument | xxxx | predictive | Low |
293 | Argument | xxxx_xxxx | predictive | Medium |
294 | Argument | xxxxxx_xxx | predictive | Medium |
295 | Argument | x_xx | predictive | Low |
296 | Argument | xxxxxxxx | predictive | Medium |
297 | Argument | xxxxxxxx | predictive | Medium |
298 | Argument | xxxx[xxxxxxxxxxxxxxxxx] | predictive | High |
299 | Argument | xxxx_xxxx | predictive | Medium |
300 | Argument | xxxx_xx_xx_xxx | predictive | High |
301 | Argument | xxx_xxxx | predictive | Medium |
302 | Argument | xxxxx_xxxx_xxxx | predictive | High |
303 | Argument | xxxxxxx_xxx | predictive | Medium |
304 | Argument | xxxxxxxxxx[x] | predictive | High |
305 | Argument | xx_xxxx | predictive | Low |
306 | Argument | xxxxxxxx_xxxxx | predictive | High |
307 | Argument | xx_xxxx | predictive | Low |
308 | Argument | xxxxxx | predictive | Low |
309 | Argument | xxxxxxxx | predictive | Medium |
310 | Argument | xxxxxxxx | predictive | Medium |
311 | Argument | xxxxxxxx | predictive | Medium |
312 | Argument | xxxxxxxx | predictive | Medium |
313 | Argument | xxxxxx_xxxx | predictive | Medium |
314 | Argument | xxxxxxx | predictive | Low |
315 | Argument | xxxxxx | predictive | Low |
316 | Argument | xxxxxxx | predictive | Low |
317 | Argument | xxxxxxxx | predictive | Medium |
318 | Argument | xxxx | predictive | Low |
319 | Argument | xxxxxxxxxxx_xxxx | predictive | High |
320 | Argument | xxxxxxxxxxxxxxxxxxxx | predictive | High |
321 | Argument | xxxxxx | predictive | Low |
322 | Argument | xxxxxxx | predictive | Low |
323 | Argument | xxxxxx | predictive | Low |
324 | Argument | xxxxxxxxxx | predictive | Medium |
325 | Argument | xxx_xxxxx/xxxx_xxxxx/xxxx_xxxxx | predictive | High |
326 | Argument | xxxxxxxx | predictive | Medium |
327 | Argument | xxx | predictive | Low |
328 | Argument | xxxxx | predictive | Low |
329 | Argument | xxxxxxxxxxx | predictive | Medium |
330 | Argument | xxxx | predictive | Low |
331 | Argument | x_xxxxxx | predictive | Medium |
332 | Argument | xxxxxxxxxxx/xxxxxxxxx | predictive | High |
333 | Argument | xxx | predictive | Low |
334 | Argument | xxx | predictive | Low |
335 | Argument | xxxx | predictive | Low |
336 | Argument | xxxx | predictive | Low |
337 | Argument | xxxxxxxx | predictive | Medium |
338 | Argument | xxxxxxxx/xxxx | predictive | High |
339 | Argument | xxxxx | predictive | Low |
340 | Argument | xxxx_xxxxxxx | predictive | Medium |
341 | Argument | xxxx->xxxxxxx | predictive | High |
342 | Argument | xx-xxxxxx_xxxx | predictive | High |
343 | Argument | _xxxxx_xxxxxxx_xxxxxxxxx_xxxxxxx-xxx | predictive | High |
344 | Input Value | %xxxxxx+-x+x+xx.x.xx.xxx%xx%xx | predictive | High |
345 | Input Value | ../ | predictive | Low |
346 | Input Value | ../.. | predictive | Low |
347 | Input Value | .xxx | predictive | Low |
348 | Input Value | /%xx | predictive | Low |
349 | Input Value | ::$xxxxx_xxxxxxxxxx | predictive | High |
350 | Input Value | xxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxx | predictive | High |
351 | Input Value | xxxxxx | predictive | Low |
352 | Pattern | () { | predictive | Low |
353 | Pattern | x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|.|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx| | predictive | High |
354 | Network Port | xxxx | predictive | Low |
355 | Network Port | xxx/xxxx | predictive | Medium |
356 | Network Port | xxx/xxxx | predictive | Medium |
357 | Network Port | xxx xxxxxx xxxx | predictive | High |
References (11)
The following list contains external sources which discuss the actor and the associated activities:
- https://blog.talosintelligence.com/2019/04/threat-roundup-0329-0405.html
- https://blog.talosintelligence.com/2019/04/threat-roundup-0412-0419.html
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxx/xx/xxxxxx-xxxxxxx-xxxx-xxxx.xxxx
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxxxx-xxxxxxx-xxxx-xxxx/
- xxxxx://xxxx.xxxxxxxxxxxxxxxxx.xxx/xxxxxx-xxxxxxx-xxxx-xxxx-x/
- xxxxx://xxxxxx.xxx/xxxxx/xxxxx_xxxxxx_xxxxxxxxxxxx/xxxx/xxxx/xxxxxx/xxxxxx