Locky Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en214
es11
it11
sv9
de5

Country

us233
ru9
ua1

Actors

Activities

Interest

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.51CVE-2010-0966
3jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2019-7550
4Joomla CMS com_easyblog sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.04
5MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.39CVE-2007-0354
6Genetechsolutions Pie-Register wp-login.php cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2013-4954
7WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.06CVE-2006-5509
8Microsoft Windows Uniscribe memory corruption8.07.2$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2017-0083
9Linux Foundation Xen EFLAGS Register SYSENTER input validation6.25.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2013-1917
10Apache HTTP Server mod_session heap-based overflow7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-26691
11PHP phpinfo cross site scriting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.17CVE-2007-1287
12Kaqoo Auction Software register.inc.php code injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.03CVE-2007-1790
13DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.17CVE-2007-1167
14Russcom Network Loginphp register.php cross site scriting4.34.1$0-$5k$0-$5kProof-of-ConceptUnavailable0.05CVE-2006-2160
15D-Link DIR-865L register_send.php improper authentication7.57.1$5k-$25k$5k-$25kProof-of-ConceptNot Defined0.03CVE-2013-3096
16CONTROLzx HMS register_domain.php cross site scriting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.08
17LushiWarPlaner register.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.07CVE-2007-0864
18ImageMagick JPEGWarningHandler resource management5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2012-0260
19OrientDB access control8.58.5$0-$5k$0-$5kHighNot Defined0.03CVE-2017-11467
20MercuryBoard Message Board index.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2008-0757

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxHigh
3TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxHigh

IOA - Indicator of Attack (49)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/dev/fdLow
2File/inc/HTTPClient.phpHigh
3File/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=eventsHigh
4File/ISAPI/Security/users/1High
5Fileaddentry.phpMedium
6Filedata/gbconfiguration.datHigh
7Filexxxxx.xxxMedium
8Filexxxx.xLow
9Filexxx/xxxxxx.xxxHigh
10Filexxx/xxxxxxxxxxx/xxxxxxx.xxxHigh
11Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxHigh
12Filexxxxx.xxxMedium
13Filexxxx.xxxMedium
14Filexxxxxxxx.xMedium
15Filexx/xxxxxxxxx.xHigh
16Filexxx/xxxx/xxx_xxxxxxxx.xHigh
17Filexxx_xxxx.xxxMedium
18Filexxx_xxxxxx.xxxxHigh
19Filexxxxxxxx.xxxxHigh
20Filexxxxxxxx.xxxMedium
21Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxHigh
22Filexxxxxxxx_xxxxxx.xxxHigh
23Filexxxxxxxx_xxxx.xxxHigh
24Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxHigh
25Filexxxxxx_xxxxxxxxxx.xxxHigh
26Filexxxxxx.xxxMedium
27Filexxxxxx.xMedium
28Filexxxxxxxxx/xxxxxx_xxxxxxxx_xxxx_xxxxxxx_xxxx.xxx.xxxHigh
29Filexxxx-xxxxxxxx.xxxHigh
30Filexxxxxx.xxxMedium
31Filexx-xxxxxxxx/xxxx.xxxHigh
32Filexx-xxxxx.xxxMedium
33Libraryxxxxxxx.xxxMedium
34ArgumentxxxxxxxxMedium
35ArgumentxxxxLow
36ArgumentxxxxxxxxMedium
37ArgumentxxLow
38Argumentxxxxxxx_xxxxMedium
39ArgumentxxxxxxxLow
40ArgumentxxLow
41ArgumentxxxxLow
42ArgumentxxxxxLow
43Argumentxxxx_xxxxxxxxHigh
44ArgumentxxxxxxxxxxxxxxxxHigh
45ArgumentxxxxxxLow
46ArgumentxxxxxLow
47ArgumentxxxxxxxxMedium
48Pattern/_xxx_xxx/.xxx/High
49Patternxxxx/Low

References (6)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!