Vobfus Analysis

IOB - Indicator of Behavior (699)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en524
zh88
de26
fr20
ru14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us402
cn132
ru44
fr26
gb14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows18
Linux Kernel14
Microsoft IIS12
WordPress12
Google Chrome10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.10
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
3Basilix Webmail login.php3 command injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.07
4DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.00CVE-2010-0966
5Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.15CVE-2017-0055
6nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002412.45CVE-2020-12440
7Apache HTTP Server mod_rewrite redirect6.76.7$5k-$25k$5k-$25kNot DefinedNot Defined0.002580.35CVE-2020-1927
8Apache Log4j SMTP Appender SMTPS certificate validation3.73.7$5k-$25k$5k-$25kNot DefinedNot Defined0.001910.05CVE-2020-9488
9Dropbear SSH dropbearconvert input validation8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009560.00CVE-2016-7407
10Dropbear SSH input validation8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.029110.45CVE-2016-7406
11Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.07CVE-2009-4889
12Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.001370.05CVE-2008-4879
13OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.50CVE-2016-6210
14Lars Ellingsen Guestserver guestbook.cgi cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001690.20CVE-2005-4222
15lighttpd mod_alias_physical_handler mod_alias.c path traversal7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.003480.04CVE-2018-19052
16Microsoft IIS IP/Domain Restriction access control6.55.7$25k-$100k$0-$5kUnprovenOfficial Fix0.008170.40CVE-2014-4078
17Next.js path traversal4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.002130.00CVE-2020-5284
18Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.40
19Eclipse Jetty temp file6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000720.05CVE-2020-27216
20Apple iOS API Core Text Bomb resource consumption7.57.2$25k-$100k$0-$5kHighOfficial Fix0.024830.00CVE-2018-4100

IOC - Indicator of Compromise (47)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
113.107.21.200Vobfus04/14/2022verifiedMedium
218.211.9.206ec2-18-211-9-206.compute-1.amazonaws.comVobfus04/14/2022verifiedMedium
323.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comVobfus04/14/2022verifiedMedium
437.48.65.148Vobfus04/29/2022verifiedMedium
545.202.208.234Vobfus05/05/2022verifiedMedium
646.166.182.115Vobfus04/29/2022verifiedMedium
752.137.90.34Vobfus07/17/2021verifiedMedium
864.32.8.67customer.sharktech.netVobfus04/29/2022verifiedMedium
967.225.218.50lb01.parklogic.comVobfus04/14/2022verifiedMedium
1069.50.208.17Vobfus04/25/2023verifiedMedium
11XX.XX.XX.XXXXxxxxx04/14/2022verifiedMedium
12XX.XX.XXX.XXXxxxx.xxxxxxxxx.xxxXxxxxx04/14/2022verifiedMedium
13XX.XX.XX.XXXXxxxxx04/29/2022verifiedMedium
14XX.XX.XX.XXXxxxxx07/17/2021verifiedMedium
15XX.XXX.XXX.XXXxxxxx04/25/2023verifiedMedium
16XXX.XX.X.XXXxxxxx04/14/2022verifiedMedium
17XXX.XX.X.XXXxxxxx04/14/2022verifiedMedium
18XXX.XX.XXX.XXXxxxxx04/14/2022verifiedMedium
19XXX.XX.XX.XXXXxxxxx04/14/2022verifiedMedium
20XXX.XX.XX.XXXXxxxxx04/14/2022verifiedMedium
21XXX.XX.XX.XXXxxxxx04/14/2022verifiedMedium
22XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxx04/14/2022verifiedMedium
23XXX.XXX.X.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
24XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxx04/29/2022verifiedMedium
25XXX.XXX.X.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
26XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
27XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
28XXX.XXX.XX.XXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxx04/29/2022verifiedMedium
29XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
30XXX.XXX.XX.XXXxxxxxxxx-xx-xxx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
31XXX.XXX.XX.XXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
32XXX.XXX.XX.XXXxxxxxxxx-xx-xx.xxxxx.xxxXxxxxx04/14/2022verifiedMedium
33XXX.XXX.XXX.XXXxx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxxXxxxxx01/16/2023verifiedMedium
34XXX.XXX.XXX.XXXXxxxxx04/29/2022verifiedMedium
35XXX.XXX.XXX.XXXXxxxxx07/17/2021verifiedMedium
36XXX.XXX.XXX.XXXXxxxxx07/17/2021verifiedMedium
37XXX.XX.XXX.XXXxxxxx04/14/2022verifiedMedium
38XXX.XXX.XXX.XXXxxxx.xxxxxx.xxxXxxxxx07/17/2021verifiedMedium
39XXX.XXX.XXX.XXxxxxxx-xx-xxx-xxx-xxx-xx.xxxxxx.xx-xxxx.xxxXxxxxx04/29/2022verifiedMedium
40XXX.XXX.XXX.XXXxxxxx04/14/2022verifiedMedium
41XXX.XXX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxx04/29/2022verifiedMedium
42XXX.XX.XX.XXXxxxxx04/12/2022verifiedMedium
43XXX.XX.XXX.XXXx-xxxx.x-xxxxxx.xxxXxxxxx04/14/2022verifiedMedium
44XXX.XXX.XX.XXXXxxxxx04/29/2022verifiedMedium
45XXX.XX.XXX.XXXxxxxx04/12/2022verifiedMedium
46XXX.XX.XX.XXXxxxxx04/14/2022verifiedMedium
47XXX.XXX.XXX.XXxxxx-xx.xxxxxxxxxxxx.xxxXxxxxx04/14/2022verifiedMedium

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
5T1068CAPEC-122CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
6TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-CWE-XXX, CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-1CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
11TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
13TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
15TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
16TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
17TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
21TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (357)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/adfs/lspredictiveMedium
2File/admin/inquiries/view_details.phppredictiveHigh
3File/api/RecordingList/DownloadRecord?file=predictiveHigh
4File/api/sys/set_passwdpredictiveHigh
5File/app/controller/Books.phppredictiveHigh
6File/bin/boapredictiveMedium
7File/cgi-bin/wapopenpredictiveHigh
8File/cgi-bin/wlogin.cgipredictiveHigh
9File/config/getuserpredictiveHigh
10File/context/%2e/WEB-INF/web.xmlpredictiveHigh
11File/dev/urandompredictiveMedium
12File/etc/ajenti/config.ymlpredictiveHigh
13File/etc/quantum/quantum.confpredictiveHigh
14File/etc/shadowpredictiveMedium
15File/exec/predictiveLow
16File/forum/away.phppredictiveHigh
17File/getcfg.phppredictiveMedium
18File/goform/dir_setWanWifipredictiveHigh
19File/HNAP1predictiveLow
20File/mgmt/tm/util/bashpredictiveHigh
21File/MIME/INBOX-MM-1/predictiveHigh
22File/modules/projects/vw_files.phppredictiveHigh
23File/opt/tms/bin/clipredictiveHigh
24File/out.phppredictiveMedium
25File/plainpredictiveLow
26File/server-statuspredictiveHigh
27File/setSystemAdminpredictiveHigh
28File/staff/tools/custom-fieldspredictiveHigh
29File/tmp/phpglibccheckpredictiveHigh
30File/uncpath/predictiveMedium
31File/WebMstr7/servlet/mstrWebpredictiveHigh
32File/webpages/datapredictiveHigh
33File/wp-admin/options.phppredictiveHigh
34File/wp-content/plugins/updraftplus/admin.phppredictiveHigh
35File/wp-content/plugins/woocommerce/templates/emails/plain/predictiveHigh
36File/wp-json/oembed/1.0/embed?urlpredictiveHigh
37File/xyhai.php?s=/Auth/editUserpredictiveHigh
38File/_nextpredictiveLow
39Fileaccount.asppredictiveMedium
40FileactionHandler/ajax_managed_services.phppredictiveHigh
41Fileadclick.phppredictiveMedium
42Filexxx_xxxxxxx.xxxpredictiveHigh
43Filexxxxx.xxxxxxxxxxxxxx.xxxpredictiveHigh
44Filexxxxx.xxxxxxxxxx.xxxpredictiveHigh
45Filexxxxx.xxxpredictiveMedium
46Filexxxxx/xxxxx.xxxxxpredictiveHigh
47Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
48Filexxxxx\xxxxx\xxxxxxx\xxxxxxxx.xxxpredictiveHigh
49Filexxxxxx.xxxpredictiveMedium
50Filexxxx-xxxxxxx.xxxpredictiveHigh
51Filexxxx/xxx/xxxx/xxxxxxxxxxxpredictiveHigh
52Filexxxxxxxxxxx.xxxpredictiveHigh
53Filexxxxx_xxxxxx.xxxpredictiveHigh
54Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
55Filexxxxxxxxx/xxxxxxxxxxxxxpredictiveHigh
56Filexxx/xxxxxxx/xxxxx/xxx/xxxxxxx/xxxxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxx.xxxpredictiveHigh
57Filexxx/xxxxx/xxxxxx/xxxxx/xxxxx.xxxpredictiveHigh
58Filexxxxxxxxxxxxxx.xxxpredictiveHigh
59Filexxxxxx.xxxpredictiveMedium
60Filexxxx-xxxx.xpredictiveMedium
61Filexxxxxxx.xxxxpredictiveMedium
62Filexxxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxxx.xxxxxxx.xxxpredictiveHigh
64Filexxxxxxx.xxpredictiveMedium
65Filexxx/xxxxxx_xxxxxxx.xxxpredictiveHigh
66Filexxxxx.xxxpredictiveMedium
67Filexxxx.xpredictiveLow
68Filex:\xxxxpredictiveLow
69Filex:\xxxxx\predictiveMedium
70Filexxx_xxxx.xpredictiveMedium
71Filexxxx_xxxxxxx.xxxpredictiveHigh
72Filexxx-xxx/predictiveMedium
73Filexxx-xxx/xxxxxxx.xxpredictiveHigh
74Filexxx-xxx/xxxxxxpredictiveHigh
75Filexxx-xxx/xxxx_xxx.xxxpredictiveHigh
76Filexxxxx.xxxxx.xxxpredictiveHigh
77Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
78Filexxx.xxxpredictiveLow
79Filexxx.xxxpredictiveLow
80Filexxxxxxxx_xxxxxxx.xxxpredictiveHigh
81Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
82Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
83Filexxxxxx.xxx.xxxpredictiveHigh
84Filexxxxxx_xxxxxxx.xxxpredictiveHigh
85Filexxxxxxx/xxx_xxxxxxx.xxxpredictiveHigh
86Filexxxxxx.xpredictiveMedium
87Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
88Filexxxxxxxxxxxxxxx/predictiveHigh
89Filexxxxx_xxxx.xpredictiveMedium
90Filexxxxxxx.xxxpredictiveMedium
91Filexxxxxxxxx.xxxpredictiveHigh
92Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
93FilexxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
94Filexxxxxxxx_xxx.xxxpredictiveHigh
95Filexxxxxxx/xxx/xxxxxxxx.xpredictiveHigh
96Filexxxxxxx/xxxxxxxxxx/xxxx/xxxx.xpredictiveHigh
97Filexxxxxxx/xxx/xxx/xxxxx.xpredictiveHigh
98Filexxxxxxx/xxx/xxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx_xxxxx.xpredictiveHigh
99Filexxxxxxx/xxx/xxxxxx/xxxx_xxxxxxxxxx.xpredictiveHigh
100Filexxxxx.xxxpredictiveMedium
101Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xpredictiveHigh
102Filexxxxx.xxxpredictiveMedium
103Filexxxx.xxxpredictiveMedium
104Filexxx/xxxx/xxxxxx/xxxxxx_xxxxxxx.xpredictiveHigh
105Filexxxxxxxxxxx.xxxxx.xxxpredictiveHigh
106Filexxx_xxxx.xpredictiveMedium
107Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
108Filexxxxxx.xxxpredictiveMedium
109Filexx/xxxxxx/xxxxxx.xpredictiveHigh
110Filexx/xxxxxxxxx/xxxx_xx.xpredictiveHigh
111Filexx/xxxxxxx.xpredictiveMedium
112Filexxx_xxxxxx.xpredictiveMedium
113Filexxxxxx.xxxpredictiveMedium
114Filexxxx.xxxpredictiveMedium
115Filexxxx.xxxpredictiveMedium
116Filexxxxxxxxx.xxxpredictiveHigh
117Filexxxxxxxxx.xxpredictiveMedium
118Filexxxxxx.xxxpredictiveMedium
119Filexxxxxx.xxxpredictiveMedium
120Filexxxx.xxxpredictiveMedium
121Filexxxxxxxxxx.xxxpredictiveHigh
122Filexxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveHigh
123Filexxxx_xxxx.xpredictiveMedium
124Filex-xxxx.xxxpredictiveMedium
125Filexxxxxxxxx.xxxpredictiveHigh
126Filexxx/xxxxxx.xxxpredictiveHigh
127Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
128Filexxxxxxx.xxxpredictiveMedium
129Filexxxxxxxx/xxxx.xxxpredictiveHigh
130Filexxxxx.xxxpredictiveMedium
131Filexxxxx.xxxpredictiveMedium
132Filexxxx.xxx.xxxpredictiveMedium
133Filexxxxxx.xxxpredictiveMedium
134Filexxxxxxx.xxxxxpredictiveHigh
135Filexxxx_xxxx.xxxpredictiveHigh
136Filexxxx_xxxx.xxxpredictiveHigh
137Filexx/xxx_xxxxxxx.xx.xxxpredictiveHigh
138Filexxxxxx.xpredictiveMedium
139Filexxxxxx/xxxxx/xxxx.xpredictiveHigh
140Filexxxxx.xxxpredictiveMedium
141Filexxxxxx.xxxpredictiveMedium
142Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
143Filexxxxx.xxxpredictiveMedium
144Filexxxxx.xxxpredictiveMedium
145Filexxxxx.xxxxpredictiveMedium
146Filexxxxxxxx.xxpredictiveMedium
147Filexxxx.xxxpredictiveMedium
148Filexxxxxxxx.xxxpredictiveMedium
149Filexxxxxxx_xxx.xxxpredictiveHigh
150Filexx/xxx.xpredictiveMedium
151Filexxxxxxx/xxx_xxxxxxxx.xxxpredictiveHigh
152Filexxx_xxxxx.xpredictiveMedium
153Filexxx_xxxxx_xxxxxx_xxxxx.xxxpredictiveHigh
154Filexxx_xxxxxxxx.xxxpredictiveHigh
155Filexxx_xxxxx_xxxxx.xpredictiveHigh
156Filexxx_xxxxx_xxxx.xpredictiveHigh
157Filexxxxxxx/xxxxx.xpredictiveHigh
158Filexxxxxxxx.xxxpredictiveMedium
159Filexxxxxxxxx/xxxxxxxxxxxxxx:x.x.xpredictiveHigh
160Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
161Filexxx/xxxxx.xxxxpredictiveHigh
162Filexxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
163Filexxxxxxxxxxx.xxxpredictiveHigh
164Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
165Filexxxxxxx.xxxpredictiveMedium
166Filexxxxxxxx.xxpredictiveMedium
167Filexxxx.xxxpredictiveMedium
168Filexxxxxxxx.xxxpredictiveMedium
169Filexxxxxxx.xxpredictiveMedium
170Filexxx_xxxxxxxxxxxx.xxxpredictiveHigh
171Filexxxxxxxxxx.xxxpredictiveHigh
172Filexxxxx_xxxxx.xxxpredictiveHigh
173Filexxxx.xxxpredictiveMedium
174Filexxxxxxx.xxxpredictiveMedium
175Filexxxxxxxxxx.xxxpredictiveHigh
176Filexxxxxxxx_xxxx.xxxpredictiveHigh
177Filexxx/xxxxxxx/xxxxxx/xxxx/xxxxx/xxxxxxx/xxxxxx/xxxxx/xxx%xxxxxxxxxxxxx.xx.xxxpredictiveHigh
178Filexxxx.xxxpredictiveMedium
179Filexxx.xpredictiveLow
180Filexxxxxx.xxpredictiveMedium
181Filexxxxxx_xxx_xxxxxx.xxxpredictiveHigh
182Filexxxxxxxxxxx.xxxpredictiveHigh
183Filexxxxxxxx.xxxpredictiveMedium
184Filexxxxx.xxxpredictiveMedium
185Filexxxx.xxxpredictiveMedium
186Filexxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
187Filexxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxxpredictiveHigh
188Filexxxxx/xxxx-xxxxxx.xpredictiveHigh
189Filexx/xxx/xxxxxxxxpredictiveHigh
190Filexxxxxxx.xxx/xxxxxxx.xxxxxxxxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxx.xxxx.xxpredictiveHigh
191Filexxx.xxxpredictiveLow
192Filexxxxxxxxx.xpredictiveMedium
193Filexxxxx_xx.xxxpredictiveMedium
194Filexxxx.xxxpredictiveMedium
195Filexxxxxxx.xxxpredictiveMedium
196Filexxxxxxx.xxxpredictiveMedium
197Filexxxx_xxxxx.xxxpredictiveHigh
198Filexxxxxx.xxxpredictiveMedium
199Filexxxxxxx.xpredictiveMedium
200Filexxx\_xxxxxxx\_xxxxxxx.xxxpredictiveHigh
201Filexxxxxxxx.xxxpredictiveMedium
202Filexx-xxxxx/xxxxx.xxx?xxxx=xx_xxxxxxx_xxxx_xxxxxx.xxx&xxxxxxx=xpredictiveHigh
203Filexx-xxxxx/xxxxxxxxx.xxxpredictiveHigh
204Filexx-xxxxx.xxxpredictiveMedium
205Filexxxxxxxxxx.xxxpredictiveHigh
206Filexxxxx.xpredictiveLow
207Filexxxxx.xxxpredictiveMedium
208Filexxxxxx.xxxpredictiveMedium
209Filexxxxxxxxxxx.xxxpredictiveHigh
210Filexxxxxxxxxxxx.xxxpredictiveHigh
211Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxx/xxxxxx.xxxpredictiveHigh
212Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxx/xxxxxxxxxx.xxxpredictiveHigh
213Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
214Libraryxxxxxx.xxxpredictiveMedium
215Libraryxxxxxx/xxx/xxxxxxxxx/xxx/xxx_xxx.xpredictiveHigh
216Libraryxxxxxxxxx.xxxxxxxxxx.xxxxxxxxxxx.xxx.xxxpredictiveHigh
217Libraryxxxxxx-xx/xxx/xxx-xxxxxx-xxxxx-xx.xxxpredictiveHigh
218Libraryxx/xxx.xxx.xxxpredictiveHigh
219Libraryxxxxxx/xxxxxxx/xxxx.xxxpredictiveHigh
220Libraryxxxxx.xxxpredictiveMedium
221Libraryxxxxxx.xxxpredictiveMedium
222Libraryxxxxxxx.xxx/xxxxxx.xxxpredictiveHigh
223Argument-xpredictiveLow
224Argument-x/-xpredictiveLow
225Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
226Argumentxx/xxpredictiveLow
227Argumentxxxxxxxx_xxxxpredictiveHigh
228ArgumentxxxxxxxpredictiveLow
229ArgumentxxxxxpredictiveLow
230Argumentxxxxxx_xxxxpredictiveMedium
231ArgumentxxxxxxxxxxxxxxpredictiveHigh
232ArgumentxxxxpredictiveLow
233ArgumentxxxxxxxxpredictiveMedium
234ArgumentxxxxxxxxpredictiveMedium
235Argumentxxxx_xxxpredictiveMedium
236ArgumentxxxxxxpredictiveLow
237Argumentxxx_xxxpredictiveLow
238Argumentxxxxxxxxxx_xxxxpredictiveHigh
239Argumentxxx_xxxpredictiveLow
240Argumentxxxx_xxx_xxxxpredictiveHigh
241ArgumentxxxpredictiveLow
242ArgumentxxxxxxxxpredictiveMedium
243Argumentxxx_xxpredictiveLow
244ArgumentxxxpredictiveLow
245ArgumentxxxxxxxxxpredictiveMedium
246Argumentxxxx_xxpredictiveLow
247ArgumentxxxxxxxpredictiveLow
248ArgumentxxxxxxpredictiveLow
249Argumentxxxxxx[xxxxxxx_xxx]predictiveHigh
250Argumentxxxxxx_xxxxxxx[xxxx][xxxxxxx][]predictiveHigh
251ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
252Argumentxxx_x_xxxpredictiveMedium
253Argumentxx_xxxxxxxxxxxxx_xxpredictiveHigh
254ArgumentxxxxxxxxxxxxpredictiveMedium
255ArgumentxxxxpredictiveLow
256ArgumentxxxpredictiveLow
257ArgumentxxxpredictiveLow
258Argumentxxxxxxxx[xxxx_xxx]predictiveHigh
259Argumentxxxxx xxxxpredictiveMedium
260ArgumentxxxxxxxxxxxpredictiveMedium
261Argumentxxxxx_xxxx_xxxxpredictiveHigh
262Argumentxx_xxxxxxxpredictiveMedium
263ArgumentxxxxpredictiveLow
264ArgumentxxxxxxxxxxpredictiveMedium
265ArgumentxxxxxxxxpredictiveMedium
266ArgumentxxxxxxxpredictiveLow
267ArgumentxxxpredictiveLow
268Argumentxxxxx_xxpredictiveMedium
269ArgumentxxxxxxxxpredictiveMedium
270ArgumentxxxxpredictiveLow
271ArgumentxxxxpredictiveLow
272ArgumentxxxxpredictiveLow
273Argumentxx_xxxx_xx/xx_xxxx_xxpredictiveHigh
274ArgumentxxpredictiveLow
275ArgumentxxxxxxxxxxpredictiveMedium
276ArgumentxxxxxxxxxpredictiveMedium
277Argumentxx_xxxpredictiveLow
278Argumentxx_xxxxpredictiveLow
279ArgumentxxxxxpredictiveLow
280Argumentxxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxxpredictiveHigh
281ArgumentxxxpredictiveLow
282Argumentxxxxxxxx_xxxpredictiveMedium
283ArgumentxxxxxxxpredictiveLow
284ArgumentxxxxpredictiveLow
285Argumentxxx_xxxxxxx_xxxpredictiveHigh
286Argumentxx_xxxxxxpredictiveMedium
287Argumentxxxx_xxxxpredictiveMedium
288Argumentxx_xxxxxxxxpredictiveMedium
289Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
290Argumentxxxxxxxxx_xxxx_xxxxpredictiveHigh
291Argumentxxxxxxx_xxxxpredictiveMedium
292ArgumentxxxxpredictiveLow
293Argumentxxxx_xxxxpredictiveMedium
294Argumentxxxxxx_xxxpredictiveMedium
295Argumentx_xxpredictiveLow
296ArgumentxxxxxxxxpredictiveMedium
297ArgumentxxxxxxxxpredictiveMedium
298Argumentxxxx[xxxxxxxxxxxxxxxxx]predictiveHigh
299Argumentxxxx_xxxxpredictiveMedium
300Argumentxxxx_xx_xx_xxxpredictiveHigh
301Argumentxxx_xxxxpredictiveMedium
302Argumentxxxxx_xxxx_xxxxpredictiveHigh
303Argumentxxxxxxx_xxxpredictiveMedium
304Argumentxxxxxxxxxx[x]predictiveHigh
305Argumentxx_xxxxpredictiveLow
306Argumentxxxxxxxx_xxxxxpredictiveHigh
307Argumentxx_xxxxpredictiveLow
308ArgumentxxxxxxpredictiveLow
309ArgumentxxxxxxxxpredictiveMedium
310ArgumentxxxxxxxxpredictiveMedium
311ArgumentxxxxxxxxpredictiveMedium
312ArgumentxxxxxxxxpredictiveMedium
313Argumentxxxxxx_xxxxpredictiveMedium
314ArgumentxxxxxxxpredictiveLow
315ArgumentxxxxxxpredictiveLow
316ArgumentxxxxxxxpredictiveLow
317ArgumentxxxxxxxxpredictiveMedium
318ArgumentxxxxpredictiveLow
319Argumentxxxxxxxxxxx_xxxxpredictiveHigh
320ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
321ArgumentxxxxxxpredictiveLow
322ArgumentxxxxxxxpredictiveLow
323ArgumentxxxxxxpredictiveLow
324ArgumentxxxxxxxxxxpredictiveMedium
325Argumentxxx_xxxxx/xxxx_xxxxx/xxxx_xxxxxpredictiveHigh
326ArgumentxxxxxxxxpredictiveMedium
327ArgumentxxxpredictiveLow
328ArgumentxxxxxpredictiveLow
329ArgumentxxxxxxxxxxxpredictiveMedium
330ArgumentxxxxpredictiveLow
331Argumentx_xxxxxxpredictiveMedium
332Argumentxxxxxxxxxxx/xxxxxxxxxpredictiveHigh
333ArgumentxxxpredictiveLow
334ArgumentxxxpredictiveLow
335ArgumentxxxxpredictiveLow
336ArgumentxxxxpredictiveLow
337ArgumentxxxxxxxxpredictiveMedium
338Argumentxxxxxxxx/xxxxpredictiveHigh
339ArgumentxxxxxpredictiveLow
340Argumentxxxx_xxxxxxxpredictiveMedium
341Argumentxxxx->xxxxxxxpredictiveHigh
342Argumentxx-xxxxxx_xxxxpredictiveHigh
343Argument_xxxxx_xxxxxxx_xxxxxxxxx_xxxxxxx-xxxpredictiveHigh
344Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
345Input Value../predictiveLow
346Input Value../..predictiveLow
347Input Value.xxxpredictiveLow
348Input Value/%xxpredictiveLow
349Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
350Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
351Input ValuexxxxxxpredictiveLow
352Pattern() {predictiveLow
353Patternx|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|.|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|x|xx|predictiveHigh
354Network PortxxxxpredictiveLow
355Network Portxxx/xxxxpredictiveMedium
356Network Portxxx/xxxxpredictiveMedium
357Network Portxxx xxxxxx xxxxpredictiveHigh

References (11)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!