ChaChi Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en750
de94
fr76
zh48
es14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us496
cn94
ru50
fr46
gb46

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

ChaChi16
Cobalt Strike10
IcedID9
RedLine Stealer6
BumbleBee4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined240
Content Management System52
Operating System28
Web Server24
Router Operating System22

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined224
Microsoft42
Apache24
Google12
Zoho ManageEngine10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
Google Android12
WordPress12
Apache HTTP Server8
Apache Tomcat6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009431.00CVE-2010-0966
3jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.08CVE-2019-7550
4MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013020.88CVE-2007-0354
5Devilz Clanportal index.php sql injection7.36.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.007840.15CVE-2006-3347
6DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.74CVE-2007-1167
7Devilz Clanportal File Upload unknown vulnerability5.34.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.053620.07CVE-2006-6338
8YaBB yabb.pl cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.012400.04CVE-2004-2402
9TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.0107510.00CVE-2006-6168
10Lars Ellingsen Guestserver guestserver.cgi privileges management9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002660.07CVE-2001-0180
11nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.002412.18CVE-2020-12440
12Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009369.52CVE-2020-15906
13jforum cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.001170.05CVE-2012-5337
14DrayTek Vigor2960 mainfunction.cgi toLogin2FA os command injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.041540.05CVE-2020-19664
15Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005480.07CVE-2017-0055
16FreeBSD rmuser Utility master.passwd privileges management8.47.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000420.00CVE-2001-1017
17Topaz OFD Protection Module Warsaw core.exe unquoted search path6.16.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000430.23CVE-2023-5012
18Apache CXF services cross site scripting4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.178370.02CVE-2020-13954
19medoo columnQuote sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001460.02CVE-2019-10762
20Microsoft Windows MSHTML Remote Code Execution8.88.2$25k-$100k$5k-$25kHighOfficial Fix0.968210.00CVE-2021-40444

IOC - Indicator of Compromise (32)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
123.83.133.136ChaChi03/03/2022verifiedHigh
237.120.140.184ChaChi03/03/2022verifiedHigh
337.120.140.247ChaChi03/03/2022verifiedHigh
437.120.145.208amirah.thatisthebest.clubChaChi03/03/2022verifiedHigh
537.221.113.66ChaChi03/03/2022verifiedHigh
645.147.228.49ChaChi03/03/2022verifiedHigh
745.147.229.29ChaChi03/03/2022verifiedHigh
8XX.XXX.XXX.XXXXxxxxx03/03/2022verifiedHigh
9XX.XXX.XXX.XXXXxxxxx03/03/2022verifiedHigh
10XX.XXX.XX.XXXxxxxxx.xxxxxxxxxxxxxxx.xxXxxxxx03/03/2022verifiedHigh
11XX.XX.XXX.XXXXxxxxx03/03/2022verifiedHigh
12XX.XX.XX.XXXXxxxxx03/03/2022verifiedHigh
13XXX.XX.XXX.XXXXxxxxx03/03/2022verifiedHigh
14XXX.XX.XXX.XXxxx.xx.xxx.xx-xxxxxx.xxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx03/03/2022verifiedHigh
15XXX.XX.XXX.XXXxxx.xx.xxx.xxx-xxxxxx.xxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx03/03/2022verifiedHigh
16XXX.XX.XXX.XXXxxx.xx.xxx.xxx-xxxxxx.xxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx03/03/2022verifiedHigh
17XXX.XXX.XX.XXXXxxxxx03/03/2022verifiedHigh
18XXX.XXX.XX.Xxxx.xxx.xx.x.xxxxxx.xxxxxxxx.xxxXxxxxx03/03/2022verifiedHigh
19XXX.XXX.XXX.XXxxxxxxxxxxxx.xxxxxxx.xxXxxxxx03/03/2022verifiedHigh
20XXX.XXX.XX.XXXXxxxxx03/03/2022verifiedHigh
21XXX.XXX.XX.XXXxxxxx03/03/2022verifiedHigh
22XXX.X.XXX.XXXxxxxx03/03/2022verifiedHigh
23XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
24XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
25XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
26XXX.X.XXX.[]XXXXxxxxx03/03/2022verifiedHigh
27XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
28XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
29XXX.X.XXX.XXXXxxxxx03/03/2022verifiedHigh
30XXX.XXX.XXX.XXXXxxxxx03/03/2022verifiedHigh
31XXX.XXX.XXX.XXXXxxxxx03/03/2022verifiedHigh
32XXX.XXX.XXX.XXxxx.xxx.xxx.xx-xxxxxx.xxxxxxx.xxxxxxxxxxxxx.xxxXxxxxx03/03/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (25)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-294Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveHigh
8TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-16CWE-XXX, CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
10TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
12TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
13TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
14TXXXX.XXXCAPEC-492CWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-184CWE-XXXXxxxxxxx Xx Xxxx Xxxxxxx Xxxxxxxxx XxxxxpredictiveHigh
16TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
17TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
18TXXXXCAPEC-102CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
19TXXXXCAPEC-38CWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
21TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
22TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
23TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
24TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
25TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (305)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File//etc/RT2870STA.datpredictiveHigh
3File/admin/students/view_details.phppredictiveHigh
4File/cgi-bin/activate.cgipredictiveHigh
5File/cgi-bin/koha/acqui/supplier.pl?op=enterpredictiveHigh
6File/etc/quaggapredictiveMedium
7File/exportpredictiveLow
8File/forms/doLoginpredictiveHigh
9File/get_getnetworkconf.cgipredictiveHigh
10File/index.phppredictiveMedium
11File/intrams_sams/manage_student.phppredictiveHigh
12File/librarian/bookdetails.phppredictiveHigh
13File/messageboard/view.phppredictiveHigh
14File/nova/bin/detnetpredictiveHigh
15File/opensis/modules/users/Staff.phppredictiveHigh
16File/orrs/admin/reservations/view_details.phppredictiveHigh
17File/php_action/createUser.phppredictiveHigh
18File/plugins/servlet/gadgets/makeRequestpredictiveHigh
19File/REBOOTSYSTEMpredictiveHigh
20File/req_password_user.phppredictiveHigh
21File/servicespredictiveMedium
22File/Setting/change_password_savepredictiveHigh
23File/stockmovment/stockmovment/delete/predictiveHigh
24File/tmppredictiveLow
25File/uncpath/predictiveMedium
26File/UploadspredictiveMedium
27File/userRpm/MediaServerFoldersCfgRpm.htmpredictiveHigh
28File/view/timetable_update_form.phppredictiveHigh
29File/WEB-INF/web.xmlpredictiveHigh
30File/webconsole/APIControllerpredictiveHigh
31File/wp-admin/admin-ajax.phppredictiveHigh
32Fileaccount.asppredictiveMedium
33FileAccountStatus.jsppredictiveHigh
34Fileaddentry.phppredictiveMedium
35Fileadmin.a6mambocredits.phppredictiveHigh
36Filexxxxx.xxxxxxxxxx.xxxpredictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexxxxx.xxxpredictiveMedium
39Filexxxxx/xxxxxxx_xxxxxxxx.xxx?xxx=xxxxxxpredictiveHigh
40Filexxxxx/xxxxxx/xxxxxxx.xxxpredictiveHigh
41Filexxxxx/xxxxxxxxx.xxxpredictiveHigh
42Filexxxxx/xxxxx.xxxpredictiveHigh
43Filexxxxx/xxxxxxx_xxxxxxxx.xxx?xxx=xxxxxxpredictiveHigh
44Filexxxxx/xxxxxx_xxxxxx/xxxx_xxxxxx_xxx.xxxxpredictiveHigh
45Filexxxxxxxxxxxx.xxxpredictiveHigh
46Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
47Filexxxxxxxxxxx.xxxpredictiveHigh
48Filexxxxx_xxx.xxxpredictiveHigh
49Filexxxx_xxxxx.xxxpredictiveHigh
50Filexxx/xxxxxxxxxxx.xxxpredictiveHigh
51Filexxxxxxxxxxx\xxxx\xxxxxxxxxx\xxxxxxxx.xxxpredictiveHigh
52Filexxxxxx/xxx/xxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
53Filexxxx-xxxx.xpredictiveMedium
54Filexxxx.xxxpredictiveMedium
55Filexx_xxxxx_xxxxx.xxxpredictiveHigh
56Filex:\xxxxxxx xxxxx\xxxxx xxx\xxxxxx\xxxx.xxxpredictiveHigh
57Filexxx.xxxpredictiveLow
58Filexxxxxxxx.xxxpredictiveMedium
59Filexxx-xxx/xxxx-xxxpredictiveHigh
60Filexxx-xxx/xxxxxxx_xxx.xxxpredictiveHigh
61Filexxxx.xxxpredictiveMedium
62Filexxxxx.xxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxx_xxxxxxxx/xx.xxxpredictiveHigh
64Filexxxxxxx.xxxpredictiveMedium
65Filexxxxxxxxxxx/xxxxxx/xxx.xxxpredictiveHigh
66Filexxxx_xxxx_x_xxxxxx.xxxpredictiveHigh
67Filexxxxxxxxxx.xxxpredictiveHigh
68Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
69Filexxxxxxxx.xxxpredictiveMedium
70Filexxxxxxxxx.xxxpredictiveHigh
71Filexxxxxxx.xxxpredictiveMedium
72Filexxxxxx.xxxpredictiveMedium
73Filexxxxxx.xxxpredictiveMedium
74Filexxxxxxx.xxxpredictiveMedium
75Filexxxxx.xpredictiveLow
76Filexxxxxxx/xxxxx/xxxxx.xpredictiveHigh
77Filexxxxxx/xxx/xxxxxxx.xxxpredictiveHigh
78Filexxxxx.xxxpredictiveMedium
79Filexxx_xx/xxx/xxx/xxxxxx_xxxxxxx.xxxpredictiveHigh
80Filexxx_xx/xxx/xxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
81Filexxxxx.xxxpredictiveMedium
82Filexxxxxxxxxx.xxxpredictiveHigh
83Filexxxxxxx.xxxpredictiveMedium
84Filexxxxxxxx.xxxpredictiveMedium
85Filexxxxxxxxx.xxxpredictiveHigh
86Filexxxxxxxxxxx.xxxpredictiveHigh
87Filexxxx/x.xpredictiveMedium
88Filexxxx_xxxx.xpredictiveMedium
89Filexx/xxx/xxxx_xxxxx.xpredictiveHigh
90Filexxxxxx_xxx.xpredictiveMedium
91Filexxx/xxxxxx.xxxpredictiveHigh
92Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
93Filexxxxxxxx/xxxxxx.xxxpredictiveHigh
94Filexxxxxxxx/xxxxxxx/xxxxx-xxx.xxxpredictiveHigh
95Filexxxxx.xxpredictiveMedium
96Filexxxxx.xxxpredictiveMedium
97Filexxxxx.xxxpredictiveMedium
98Filexxxxx.xxpredictiveMedium
99Filexxxxxxxxxxxxx.xxxpredictiveHigh
100Filexxxxxxxxx/xxx/xxx_xxx.xpredictiveHigh
101Filexxxxxxx/xxxx/xxxxx.xxxxx.xxxpredictiveHigh
102Filexxxxx.xxxxpredictiveMedium
103Filexxxxxxxxxxxx.xxxpredictiveHigh
104Filexxxxxx.xxxxxxpredictiveHigh
105Filexxxxxx/xxxxxxxxx.xxxpredictiveHigh
106Filexx/xxxx.xpredictiveMedium
107Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
108Filexxxxxxx.xxxpredictiveMedium
109Filexxxxxxx/xxxx_xxx_xxxxx.xxxpredictiveHigh
110Filexxxxxxxxxx_xxxxxxx.xxxpredictiveHigh
111Filexxxxxx.xxpredictiveMedium
112Filexxx/xxx_xxxxx/xx_xxxxx.xpredictiveHigh
113Filexxx_xxxx.xxxpredictiveMedium
114Filexxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxx/xxxxxxx_xxxxx.xxxxpredictiveHigh
115Filexxxxx/_xxxxx.xxpredictiveHigh
116Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
117Filexxxxxxx.xxxpredictiveMedium
118Filexxxxx.xxxxx.xxxpredictiveHigh
119Filexxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
120Filexxxxxxx/xxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
121Filexxxxxxxx.xxxpredictiveMedium
122Filexxxx.xxxpredictiveMedium
123Filexxxxxxx-xxxx.xxxpredictiveHigh
124Filexxxxxxxxxxxxxx.xxxpredictiveHigh
125Filexxxxxxxx.xxxpredictiveMedium
126Filexxxxxx/__xxxx__.xxpredictiveHigh
127Filexxxxx_xxxxxx_xxx.xxxpredictiveHigh
128Filexxxxxxx.xpredictiveMedium
129Filexxxx.xxxpredictiveMedium
130Filexxxxx.xxxpredictiveMedium
131Filexxxxxxxx.xxxpredictiveMedium
132Filexxxxxxx.xxpredictiveMedium
133Filexxxxxxxx.xxxpredictiveMedium
134Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
135Filexxxxxxxxxxxx_xxxxxxxx.xxx.xxxpredictiveHigh
136Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
137Filexxxxxx.xxxpredictiveMedium
138Filexxx.xpredictiveLow
139Filexxxxxx.xxxpredictiveMedium
140Filexxxx.xxxpredictiveMedium
141Filexxxx.xxxpredictiveMedium
142Filexxxx.xxpredictiveLow
143Filexxxxxxxxxxxxx.xxxpredictiveHigh
144Filexxxxxxxxxxxx.xxxpredictiveHigh
145Filexxxxxxxxxxxxxxxx.xxxpredictiveHigh
146Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
147Filexxxxxxxx.xxxpredictiveMedium
148Filexxxxxx.xxxpredictiveMedium
149Filexxxxx.xxxpredictiveMedium
150Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
151Filexxxxxxx/xxxxx/xxxx/xxxxpredictiveHigh
152Filexxx/xxxx/xxxx/xxxxxx/xxx/xxxxxxxxxxxxxxxx.xxxxpredictiveHigh
153Filexxxxxxxxx/xxxxxx.xxxxpredictiveHigh
154Filexxxx-xxxpredictiveMedium
155Filexxxxx-xxxx.xxxpredictiveHigh
156Filexxxx-xxxxx.xxxpredictiveHigh
157Filexxxx-xxxxxxxx.xxxpredictiveHigh
158Filexxxx_xxx_xxxx.xxxpredictiveHigh
159Filexxxxx/_xxxxxxxx.xxxpredictiveHigh
160Filexxxxxxx.xxxpredictiveMedium
161Filexxxxxxxxxx.xxxpredictiveHigh
162Filexxxx\xxxxxxxxxx\xxxxxxx_xxxxxxxxx.xxxpredictiveHigh
163Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
164Filexx/xxxxxx/xxxxxpredictiveHigh
165Filexxxxxxxx.xxxpredictiveMedium
166Filexxxxxxx.xxxpredictiveMedium
167Filexxxxxxx.xxxpredictiveMedium
168Filexxxxxxxxx.xxxpredictiveHigh
169Filexxxxx.xxxpredictiveMedium
170Filexxxxxx/xxxxx/xxxx_xxx.xxxpredictiveHigh
171Filexxxxxxx/xxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
172Filexxxxxxx/xxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
173Filexxxxxxxxxx.xxxpredictiveHigh
174Filexxxxxxxxx.xxxpredictiveHigh
175Filexx-xxxxx/xxxxxxxx/xxxxx-xxxx-xxxxxx-xxxxxxxx.xxxpredictiveHigh
176Filexx-xxxxx/xxxx.xxxpredictiveHigh
177Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
178Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
179Filexxxxxxx.xxxxpredictiveMedium
180Filexxxxxxxx.xpredictiveMedium
181Filexxxx.xxpredictiveLow
182Filexx/xxx.xxxpredictiveMedium
183File_xxxxxxxx/xxxxxxxx.xxpredictiveHigh
184Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
185Libraryxxxxx.xxxpredictiveMedium
186Libraryxxxx_xx.xxxpredictiveMedium
187Libraryxxx/xxxx_xxxxxx/xxxxx.xxpredictiveHigh
188Libraryxxxxxxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
189Libraryxxxxx.xxxpredictiveMedium
190Libraryxxxxxxxxxxxxx.xxxpredictiveHigh
191LibraryxxxxxxpredictiveLow
192Argument-xpredictiveLow
193Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
194ArgumentxxxxxxxpredictiveLow
195Argumentxxxxx_xxxxxxxxpredictiveHigh
196ArgumentxxxxxxxpredictiveLow
197ArgumentxxxxxxxxpredictiveMedium
198ArgumentxxxxxpredictiveLow
199Argumentxxxxxxx_xxpredictiveMedium
200ArgumentxxxxxxxpredictiveLow
201ArgumentxxxpredictiveLow
202ArgumentxxxxxpredictiveLow
203Argumentxxx_xxxxpredictiveMedium
204ArgumentxxxpredictiveLow
205ArgumentxxxpredictiveLow
206ArgumentxxxxxxxxxxxxpredictiveMedium
207ArgumentxxxxxxxxxxxxpredictiveMedium
208Argumentxxx_xxxx_xxxxpredictiveHigh
209ArgumentxxxxpredictiveLow
210ArgumentxxxxxxpredictiveLow
211ArgumentxxxxxxxxxxxpredictiveMedium
212ArgumentxxxxxxxxxxxpredictiveMedium
213Argumentxxx[xxx]predictiveMedium
214ArgumentxxxxpredictiveLow
215ArgumentxxxxxxxpredictiveLow
216ArgumentxxxxxpredictiveLow
217ArgumentxxxxpredictiveLow
218ArgumentxxxxxxxxpredictiveMedium
219Argumentxxxx_xxpredictiveLow
220ArgumentxxxxxpredictiveLow
221Argumentxxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]predictiveHigh
222ArgumentxxxxpredictiveLow
223ArgumentxxxxxpredictiveLow
224ArgumentxxpredictiveLow
225Argumentxx/xxxxpredictiveLow
226ArgumentxxxxxxxxxxpredictiveMedium
227ArgumentxxxxxxxxxpredictiveMedium
228ArgumentxxxpredictiveLow
229ArgumentxxxxxpredictiveLow
230ArgumentxxxxpredictiveLow
231Argumentxxxx_xxpredictiveLow
232ArgumentxxxxpredictiveLow
233Argumentxxxx/xxxxxx_xxxxpredictiveHigh
234Argumentxxxxxxxxxxxx/xxxxx/xxxxxx/xxx/xxx/xxxxxxxx/xxxxxxxxxpredictiveHigh
235Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
236ArgumentxxxpredictiveLow
237ArgumentxxxpredictiveLow
238Argumentxx_xxxxxxxxpredictiveMedium
239ArgumentxxxxxxpredictiveLow
240Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
241Argumentxxxxxxxxx_xxxx_xxxxpredictiveHigh
242ArgumentxxxxpredictiveLow
243Argumentxxxxxx/xxxxxxx/xxxx_xxxx/xxxxxxx/xxxxpredictiveHigh
244ArgumentxxxpredictiveLow
245ArgumentxxxxxxxpredictiveLow
246ArgumentxxxxxxxpredictiveLow
247ArgumentxxxxpredictiveLow
248ArgumentxxxxxxxxpredictiveMedium
249ArgumentxxxxxxxxpredictiveMedium
250Argumentxxxxx_xxxx_xxxxpredictiveHigh
251ArgumentxxxxxxxxxpredictiveMedium
252ArgumentxxxxxxxxpredictiveMedium
253Argumentxxxxxxx_xxpredictiveMedium
254Argumentxxxxx-xxxxxxxxxxxxxpredictiveHigh
255ArgumentxxxxxxxpredictiveLow
256Argumentxxxxxx/xxxxxxxxxxxpredictiveHigh
257ArgumentxxxxxxxxpredictiveMedium
258Argumentxxxxxx_xxxxpredictiveMedium
259ArgumentxxxxxxxxpredictiveMedium
260Argumentxxxxxxx_xxxxpredictiveMedium
261ArgumentxxxxxxpredictiveLow
262ArgumentxxxxpredictiveLow
263ArgumentxxxxxxpredictiveLow
264Argumentxxxxxx xxxxxxxxxpredictiveHigh
265ArgumentxxxpredictiveLow
266ArgumentxxpredictiveLow
267ArgumentxxxxxxxxpredictiveMedium
268ArgumentxxxxxxxxxpredictiveMedium
269ArgumentxxxxxxpredictiveLow
270ArgumentxxxxxxxxxxxxpredictiveMedium
271ArgumentxxxxxxxxxxxpredictiveMedium
272Argumentxxxxxxxx_xxxxxpredictiveHigh
273ArgumentxxxxxpredictiveLow
274ArgumentxxxpredictiveLow
275ArgumentxxxxxpredictiveLow
276Argumentxxxxx_xxxxpredictiveMedium
277ArgumentxxxpredictiveLow
278ArgumentxxxxxxxxxpredictiveMedium
279ArgumentxxxxxxpredictiveLow
280ArgumentxxxxxxxxpredictiveMedium
281Argumentxxxxxxxx/xxxxxxxx xx/xxxxxpredictiveHigh
282Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveHigh
283Argumentxxxx_xxpredictiveLow
284ArgumentxxxxxpredictiveLow
285ArgumentxxxxxxxxxpredictiveMedium
286Argumentxxxx_xxxxpredictiveMedium
287Argumentx-xxxxxxxxx-xxxpredictiveHigh
288Argumentx-xxxxxxxxx-xxxpredictiveHigh
289Argumentx-xxxxxx-xxxxxxpredictiveHigh
290Argument\xxxxxx\predictiveMedium
291Argument_xxxx[_xxx_xxxx_xxxxpredictiveHigh
292Argument__xxx__predictiveLow
293Input Value%xxxxxx+-x+x+xx.x.xx.xxx%xx%xxpredictiveHigh
294Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
295Input Value../predictiveLow
296Input Value/..predictiveLow
297Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxxpredictiveHigh
298Input Value|<xxxxxxx>predictiveMedium
299Pattern/xxxpredictiveLow
300Patternxxx xxxx|xx xx|xxxxx xxxxpredictiveHigh
301Patternxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxpredictiveHigh
302Network Portxxx/xxx (xxx)predictiveHigh
303Network Portxx xxxxxxx xxx.xx.xx.xxpredictiveHigh
304Network Portxxx/xxxxpredictiveMedium
305Network Portxxx/xxx (xxxx)predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!