GhostLocker Analysisinfo

IOB - Indicator of Behavior (51)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en38
it6
es4
ru2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

SourceCodester Online Reviewer System2
MantisBT2
lakernote EasyAdmin2
SourceCodester Library Management System2
Yii Framework2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1SourceCodester Simple and Beautiful Shopping Cart System delete_user_query.php sql injection7.27.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.001830.04CVE-2023-1940
2SourceCodester Loan Management System Users Page deleteUser.php delete_user sql injection5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000750.09CVE-2023-6312
3SourceCodester Clinics Patient Management System update_user.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001350.05CVE-2023-1035
4Microsoft Windows cmd.exe privileges management7.36.6$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000000.00
5MantisBT Private Project wiki.php information disclosure4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000640.00CVE-2023-44394
6SourceCodester Library Management System bookdetails.php sql injection8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.001720.00CVE-2022-36711
7Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.000640.04CVE-2009-4889
8SourceCodester Library Management System bookdetails.php sql injection8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.001720.05CVE-2022-36708
9SourceCodester Library Management System bookdetails.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004570.19CVE-2022-2214
10Secureideas base base_local_rules.php Remote Code Execution7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010600.00CVE-2009-4592
11Secureideas base base_qry_main.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.00CVE-2012-1017
12Secureideas Basic Analysis And Security Engine base_qry_main.php cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.004190.04CVE-2007-6156
13Kevin Johnson Basic Analysis/Security Engine base_qry_common.php code injection4.84.6$0-$5k$0-$5kHighOfficial Fix0.952650.00CVE-2006-2685
14Yii Framework Exception Error ErrorHandler.php information disclosure6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002460.04CVE-2018-6010
1574cms ajax_street.php sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.208430.00CVE-2020-22208
16plusPHP Short URL Multi-User Script plus.php code injection9.88.9$0-$5k$0-$5kProof-of-ConceptUnavailable0.058420.00CVE-2008-2480
17DeDeCMS qrcode.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001420.00CVE-2018-18578
18Microsoft Exchange Server Outlook Web Access logon.aspx server-side request forgery7.97.9$5k-$25k$25k-$100kNot DefinedNot Defined0.005190.00CVE-2018-16793
19SourceCodester Purchase Order Management System GET Parameter view_details.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.150910.06CVE-2023-2130
20Surya2Developer Online Shopping System POST Parameter login.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.07CVE-2024-1971

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
141.216.183.31GhostLocker01/30/2024verifiedVery High
2XX.XXX.XX.XXXxxxxxxxx.xxxxxx-xx-xxxxxx.xxXxxxxxxxxxx04/19/2024verifiedHigh

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/suppliers/view_details.phppredictiveHigh
2File/admin/users.phppredictiveHigh
3File/application/websocket/controller/Setting.phppredictiveHigh
4File/forum/away.phppredictiveHigh
5File/librarian/bookdetails.phppredictiveHigh
6File/member/chat.phppredictiveHigh
7File/owa/auth/logon.aspxpredictiveHigh
8File/reviewer/system/system/admins/manage/users/user-update.phppredictiveHigh
9File/staff/bookdetails.phppredictiveHigh
10File/xxxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
11Filexxxxx/xxxxxxxxx.xxxpredictiveHigh
12Filexxxxx/xxxxxxx-xxxx.xxxpredictiveHigh
13Filexxx.xxxpredictiveLow
14Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
15Filexxxx_xxxxx_xxxxx.xxxpredictiveHigh
16Filexxxx_xxx_xxxxxx.xxxpredictiveHigh
17Filexxxx_xxx_xxxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxx.xxxpredictiveLow
20Filexxxxxx.xxxpredictiveMedium
21Filexxxxxxxxxx.xxxpredictiveHigh
22Filexxxxxx_xxxx_xxxxx.xxxpredictiveHigh
23Filexxxx_xxxxxx.xxxpredictiveHigh
24Filexxxx.xxxpredictiveMedium
25Filexxxxxxxxxx.xxxpredictiveHigh
26Filexxxxx.xxxpredictiveMedium
27Filexxx.xxxpredictiveLow
28Filexxxxxxx/xxxxxx%xxxxxxx/xxxxxx_xxx.xxx&xxxx=xxxxxxxxxxxxxxxxxx&xxxx=xpredictiveHigh
29Filexxxx.xxxpredictiveMedium
30Filexxxx.xxxpredictiveMedium
31Filexxxx/xxxx_xxxxxx.xxxpredictiveHigh
32Filexxxx/xxxxxx.xxxpredictiveHigh
33Filexxxxx.xxxpredictiveMedium
34Filexxxx/xxxx.xxxpredictiveHigh
35Filexxx/xxxx/xxxx/xxx/xxxxx/xxxxx/xxxxxx/xxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxxpredictiveHigh
36Filexxxxxx_xxxx.xxxpredictiveHigh
37Filexxxx.xxxpredictiveMedium
38Filexxxx.xxxpredictiveMedium
39Filexxxxxxxxxxxx-xxxxxxxx.xxxpredictiveHigh
40Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxpredictiveHigh
41File{xxxxxxx}/xxx/xxxxxxx.xxxpredictiveHigh
42File~/xxxxxxxx/xxxxxxxxx/xxxxxxx-xxxx.xxxpredictiveHigh
43Argumentxxxx_xxxxpredictiveMedium
44ArgumentxxxxxxpredictiveLow
45ArgumentxxxxxxxxxxxpredictiveMedium
46ArgumentxxxxpredictiveLow
47Argumentx_xxxx_xxxxxxpredictiveHigh
48ArgumentxxpredictiveLow
49ArgumentxxpredictiveLow
50Argumentxxxx_xxpredictiveLow
51Argumentxxxxxx_xxxxpredictiveMedium
52ArgumentxxxpredictiveLow
53Argumentxxxx_xxxxxxxxxxpredictiveHigh
54ArgumentxxxpredictiveLow
55ArgumentxxxxxxxxpredictiveMedium
56ArgumentxxxxxxxpredictiveLow
57Argumentxxxx_xxpredictiveLow
58ArgumentxxxpredictiveLow
59Argumentxxx[x]predictiveLow
60ArgumentxxxxpredictiveLow
61Argumentxxxx_xx[]predictiveMedium
62ArgumentxxxpredictiveLow
63ArgumentxxxxxxxxpredictiveMedium
64Argumentxxxx_xxpredictiveLow
65Argument_xxxxx_xxxpredictiveMedium
66Input Value' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveHigh
67Input Valuex'xxx x=x xxxxx xxxxxx x,xxxxx(xx),x,x,x --+predictiveHigh
68Input Valuexxxxxxxxx'+xx+x%xxx+xxxxx+x%xxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!