BlackEnergy Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en172
de21
fr3
zh2
ru2

Country

us64
ru43
ua28
la23
de16

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2Expinion.net News Manager Lite comment_add.asp cross site scriting4.33.8$0-$5k$0-$5kUnprovenOfficial Fix0.00CVE-2004-1845
3polkit pkexec access control8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.56CVE-2021-4034
4Microsoft Windows HTTP Protocol Stack Remote Code Execution9.89.0$100k and more$0-$5kProof-of-ConceptOfficial Fix0.07CVE-2022-21907
5Microsoft Windows LSA information disclosure6.45.9$25k-$100k$5k-$25kFunctionalOfficial Fix0.04CVE-2021-36942
6Cisco Adaptive Security Device Manager Signature Verification code injection7.57.2$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2021-1585
7Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.10
8nginx Log File link following7.87.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2016-1247
9DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.52CVE-2010-0966
10Cisco ASA SSL VPN double free10.09.5$100k and more$0-$5kHighOfficial Fix0.04CVE-2018-0101
11i2pd/kovri I2P Routing information disclosure7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2017-17066
12Phorum register.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2004-2110
13Tiki TikiWiki tiki-editpage.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.07CVE-2004-1386
14Dreaxteam Xt-News add_comment.php cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.04CVE-2006-6746
15Apache James Server os command injection8.17.7$5k-$25k$5k-$25kNot DefinedOfficial Fix0.04CVE-2015-7611
16Apple MacOS X/iOS CoreText API denial of service7.57.2$25k-$100k$0-$5kHighOfficial Fix0.04
17All in One SEO Best WordPress SEO Plugin Import/Export code injection5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-24307
18Microsoft Office memory corruption7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-0851
19Microsoft Outlook S/MIME resource management6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-3870
20Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.10CVE-2022-1040

IOC - Indicator of Compromise (29)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (108)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/BRS_netgear_success.htmlHigh
2File/uncpath/Medium
3File/usr/bin/pkexecHigh
4File/var/log/nginxHigh
5File/webapps/blogs-journals/execute/editBlogEntryHigh
6File/wordpress/wp-admin/admin.phpHigh
7File/wp-jsonMedium
8Fileadclick.phpMedium
9Fileadd.phpLow
10Fileadd.php/del.phpHigh
11Fileadd_comment.phpHigh
12Fileadmin/adminsignin.htmlHigh
13Fileadmin/forums.phpHigh
14Filexxxxx/xxxxxxxx.xxxxHigh
15Filexxx/xxxx/xxxx/xxxx/xxx/xxxxxx/xxxxx.xxxHigh
16Filexxxxxxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxxxxxxx/xxxxxxxx.xxxHigh
17Filexxxx/xxxxxxxxxxxx.xxxHigh
18Filexxxx.xxxMedium
19Filexxxxxxxxxx.xxxxHigh
20Filexxxxxxx_xxx.xxxHigh
21Filexxxxxx.xxxMedium
22Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
23Filexxxxxxxxxx.xxxHigh
24Filexxxxx.xLow
25Filexxxx-xxxxxx.xxxHigh
26Filexxxx.xxxMedium
27Filexxx/xxxx/xxx_xxxx.xHigh
28Filexxxxxxxx.xMedium
29Filexxxxxxxxxxxx.xxxHigh
30Filexxxxxx.xxxMedium
31Filexx.xxxLow
32Filexxx/xxxxxx.xxxHigh
33Filexxxxx.xxxMedium
34Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxHigh
35Filexxxxxxxxxx/xxx/xxxxxx_xxxx.xxxHigh
36Filexx_xxxx.xMedium
37Filexxxxx/xxxxx.xxxHigh
38Filexxx-xxx.xxxx.xxHigh
39Filexxxxx.xxxMedium
40Filexxxxxxx/xxxxx/xxxxxxxxxxx/xxxxx.xxxHigh
41Filexxxxxxxxxxx.xxxHigh
42Filexxxxxxxx.xMedium
43Filexxxx.xxxMedium
44Filexxxxxxx.xMedium
45Filexxxxxxxx.xxxMedium
46Filexxxxxx_xxxx.xxxHigh
47Filexxxxx-xxxxxxxx.xxxHigh
48Filexxxxxxxxxxxxxx.xxxHigh
49Filexxxxxx.xxxMedium
50Filexxx/xxxxxxxx.xHigh
51Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxHigh
52Filexxxx-xxxxxxxx.xxxHigh
53Filexxxxxxxxx.xxxHigh
54Filexx-xxxxx/xxxxx-xxxx.xxxHigh
55Filexx-xxxxx/xxxxx.xxx?xxxx=xxxxxxxxxxxxHigh
56Filexx-xxxxx-xxxxxx.xxxHigh
57File~/xxx/xxxx-xxxxxxxxx.xxxHigh
58Libraryxxxxxxxx-xx.xxxHigh
59Libraryxxxxxx.xxxMedium
60Libraryxxxxxxxx.xxxMedium
61Argument-xLow
62Argumentxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxHigh
63Argumentxxxx_xxxMedium
64ArgumentxxxxxxxxMedium
65ArgumentxxxxxxLow
66ArgumentxxxxxxxxMedium
67Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xHigh
68Argumentxxxxx_xxxxMedium
69ArgumentxxxLow
70Argumentxxxxxxx-xxxxMedium
71ArgumentxxxxxxxLow
72ArgumentxxxxLow
73Argumentxxxx_xxxMedium
74ArgumentxxxLow
75ArgumentxxxxxxxxMedium
76Argumentxxxx_xxxxxMedium
77ArgumentxxLow
78Argumentxx_xxxxLow
79Argumentxxxxxxxxx-xxxxxxx/xxxxxxxxx/xxxxxxxxxxHigh
80ArgumentxxxxxxxLow
81ArgumentxxxxxxxxMedium
82Argumentxxxxx[xxxxxxx]High
83ArgumentxxLow
84ArgumentxxxxxxxxxxxxxxHigh
85ArgumentxxxxLow
86ArgumentxxxxxxLow
87ArgumentxxxxxLow
88ArgumentxxxxxxxxMedium
89ArgumentxxxxxxxxMedium
90Argumentxxx_xxxxMedium
91Argumentxxxxxxx_xxMedium
92Argumentxxxxxx_xxxxxMedium
93Argumentxxxx_xxxxxxMedium
94ArgumentxxxxxxxLow
95ArgumentxxxLow
96ArgumentxxxxxLow
97ArgumentxxxxxLow
98Argumentxxxxx_xxMedium
99Argumentxxxxxxxxx_xxxxxxHigh
100ArgumentxxxLow
101Argumentx-xxxxxxxxx-xxxHigh
102Argument_xxxLow
103Argument_xxx_xxxxxxxxxxx_High
104Input Valuexxxx:xxxxxxxxHigh
105Network Portxxx/xx (xxxx)High
106Network Portxxx/xxxx (xxxxx)High
107Network Portxxx/xxxxxMedium
108Network Portxxx xxxxxx xxxxHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!