RevengeRAT Analysisinfo

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	872
zh	40
ru	36
fr	16
es	12

Country

US: USA	474
CN: China	226
VN: Vietnam	192
RU: Russia	54
GB: Great Britain	10

Actors

RevengeRAT	3
AsyncRAT	2
Dukes	1
DPRK	1
Indexsinas	1

Activities

Interest

Timeline

Type

Not Defined	324
Operating System	50
Programming Language Software	24
Content Management System	24
Application Server Software	22

Vendor

Not Defined	228
Microsoft	44
Linux	22
Apache	22
Apple	16

Product

Linux Kernel	22
Microsoft Windows	16
Apache Tomcat	10
Microsoft Edge	8
Foxit Reader	8

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	TikiWiki tiki-register.php input validation	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01075	0.38	CVE-2006-6168
2	eSyndicat Directory Software suggest-listing.php cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.22
3	CodeAstro Hospital Management System Add Laboratory Equipment Page his_admin_add_lab_equipment.php cross site scripting	4.1	4.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00084	0.19	CVE-2024-11676
4	Tiki Admin Password tiki-login.php improper authentication	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.91980	0.67	CVE-2020-15906
5	SPIP spip.php cross site scripting	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00193	0.91	CVE-2022-28959
6	MGB OpenSource Guestbook email.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.01434	0.26	CVE-2007-0354
7	kurniaramadhan E-Commerce-PHP Create Product Page create_product.php cross site scripting	2.4	2.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.38	CVE-2024-13205
8	LogicBoard CMS away.php redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	0.31
9	OpenX adclick.php redirect	5.3	4.7	$0-$5k	$0-$5k	Unproven	Unavailable	0.00584	0.09	CVE-2014-2230
10	AWStats Config awstats.pl cross site scripting	4.3	4.1	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.01713	0.03	CVE-2006-3681
11	Apache Superset External URL redirect	4.9	4.9	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00295	0.04	CVE-2021-28125
12	E-topbiz Viral DX 1 adclick.php sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00134	0.09	CVE-2008-2867
13	Apple Mac OS X Server Wiki Server sql injection	5.3	4.6	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00339	0.24	CVE-2015-5911
14	WordPress AdServe adclick.php sql injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00265	0.04	CVE-2008-0507
15	DZCP deV!L`z Clanportal config.php code injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.02820	0.31	CVE-2010-0966
16	Joomla CMS com_easyblog sql injection	6.3	6.1	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00000	0.15

IOC - Indicator of Compromise (18)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	6.43.51.17		RevengeRAT	11/19/2019	verified	Low
2	10.0.2.15		RevengeRAT	11/19/2019	verified	Low
3	38.132.101.45		RevengeRAT	02/16/2024	verified	High
4	45.147.230.231		RevengeRAT	08/01/2022	verified	Medium
5	XX.XXX.XXX.X		Xxxxxxxxxx	04/14/2022	verified	Medium
6	XX.XXX.XX.X	xxxx.xxxxxxxx.xx	Xxxxxxxxxx	04/14/2022	verified	Medium
7	XXX.XXX.XX.XX		Xxxxxxxxxx	04/14/2022	verified	Medium
8	XXX.XXX.XX.XXX		Xxxxxxxxxx	04/14/2022	verified	Medium
9	XXX.X.X.X	xxxxxxxxx	Xxxxxxxxxx	11/19/2019	verified	Low
10	XXX.XX.XXX.XXX		Xxxxxxxxxx	11/19/2019	verified	Low
11	XXX.XXX.XX.XX		Xxxxxxxxxx	04/14/2022	verified	Medium
12	XXX.XX.XX.XXX	xxxxxx-xx-xxxxxxxxxx.xxxxx.xxx.xx	Xxxxxxxxxx	06/28/2023	verified	High
13	XXX.XX.XX.XXX		Xxxxxxxxxx	11/19/2019	verified	Low
14	XXX.XXX.XXX.XX		Xxxxxxxxxx	04/14/2022	verified	Medium
15	XXX.XXX.XX.XX		Xxxxxxxxxx	04/14/2022	verified	Medium
16	XXX.XXX.XX.XXX		Xxxxxxxxxx	04/14/2022	verified	Medium
17	XXX.XXX.XX.XXX		Xxxxxxxxxx	04/14/2022	verified	Medium
18	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxx.xxx	Xxxxxxxxxx	04/14/2022	verified	Medium

TTP - Tactics, Techniques, Procedures (28)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006	CAPEC-126	CWE-21, CWE-22, CWE-23, CWE-29, CWE-37, CWE-425	Path Traversal	predictive	High
2	T1040	CAPEC-102	CWE-319	Authentication Bypass by Capture-replay	predictive	High
3	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	High
4	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
5	T1059.007	CAPEC-209	CWE-79, CWE-80	Basic Cross Site Scripting	predictive	High
6	T1068	CAPEC-122	CWE-264, CWE-269, CWE-284	Execution with Unnecessary Privileges	predictive	High
7	TXXXX	CAPEC-XXX	CWE-XXX	Xxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxx	predictive	High
8	TXXXX.XXX	CAPEC-XX	CWE-XXX, CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	High
9	TXXXX	CAPEC-XXX	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
10	TXXXX.XXX	CAPEC-XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	High
11	TXXXX		CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	High
12	TXXXX		CWE-XXXX	Xxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxx Xx X Xxxxxxxx Xxxxxx	predictive	High
13	TXXXX	CAPEC-X	CWE-XXX, CWE-XXX	Xxxxxxxxxx Xxxxxx	predictive	High
14	TXXXX.XXX	CAPEC-XXX	CWE-XXXX	Xxxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxxx	predictive	High
15	TXXXX	CAPEC-XXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	High
16	TXXXX.XXX	CAPEC-X	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	High
17	TXXXX	CAPEC-XX	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
18	TXXXX.XXX		CWE-XXX	Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxx	predictive	High
19	TXXXX	CAPEC-XXX	CWE-XXX	Xxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxx	predictive	High
20	TXXXX	CAPEC-XX	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	High
21	TXXXX.XXX		CWE-XXX	Xxxxxxxx Xxxxxx Xxxx	predictive	High
22	TXXXX.XXX	CAPEC-XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
23	TXXXX	CAPEC-XXX	CWE-XXX	Xxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxxxxxxxxx Xx Xx Xxxxxxxxxxxx Xxxxx	predictive	High
24	TXXXX	CAPEC-XXX	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
25	TXXXX.XXX		CWE-XX	Xxxxxxxxxxxxx	predictive	High
26	TXXXX	CAPEC-XXX	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	High
27	TXXXX.XXX	CAPEC-XXX	CWE-XXX, CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	High
28	TXXXX.XXX	CAPEC-X	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (368)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/admin/admin_widgets.php?action=remove/widget=Statistics	predictive	High
2	File	/admin/ajax.php?action=login	predictive	High
3	File	/admin/create_product.php	predictive	High
4	File	/admin/DatabaseQuery	predictive	High
5	File	/admin/edit-admin.php	predictive	High
6	File	/admin/extensions/upload.php	predictive	High
7	File	/admin/forgot-password.php	predictive	High
8	File	/admin/index.php?r=banner%2Fbanner-create	predictive	High
9	File	/admin/index2.html	predictive	High
10	File	/admin/options-theme.php	predictive	High
11	File	/adminPage/conf/reload	predictive	High
12	File	/adms/admin/?page=vehicles/view_transaction	predictive	High
13	File	/api/	predictive	Low
14	File	/api/runscript	predictive	High
15	File	/api/snapshots/	predictive	High
16	File	/api/v1/snapshots	predictive	High
17	File	/api/v2/maps	predictive	Medium
18	File	/apply/index.php	predictive	High
19	File	/backend/admin/his_admin_add_lab_equipment.php	predictive	High
20	File	/candidate/index.php	predictive	High
21	File	/cgi-bin/adm.cgi	predictive	High
22	File	/cgi-bin/nas_sharing.cgi	predictive	High
23	File	/cgi-bin/system_mgr.cgi	predictive	High
24	File	/cgi-bin/wlogin.cgi	predictive	High
25	File	/classes/SystemSettings.php?f=update_settings	predictive	High
26	File	/cms/category/list	predictive	High
27	File	/core/config-revisions	predictive	High
28	File	/device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___	predictive	High
29	File	/endpoint/add-calorie.php	predictive	High
30	File	/endpoint/add-timesheet.php	predictive	High
31	File	/etc/init.d/update_notifications.sh	predictive	High
32	File	/filemanager/upload	predictive	High
33	File	/foms/routers/place-order.php	predictive	High
34	File	/forum/away.php	predictive	High
35	File	/geoserver/gwc/rest.html	predictive	High
36	File	/goform/DhcpListClient	predictive	High
37	File	/goform/SetNetControlList	predictive	High
38	File	/hrm/leaverequest.php	predictive	High
39	File	/index.php	predictive	Medium
40	File	/index.php/admin	predictive	High
41	File	/index/ajax/lang	predictive	High
42	File	/install/	predictive	Medium
43	File	/Interface/DevManage/VM.php	predictive	High
44	File	/login.php	predictive	Medium
45	File	/xxxx	predictive	Low
46	File	/xxxxx/xxxx.xxx?xxxxxx=xxxx_xxxxx	predictive	High
47	File	/xxxxxxxxxxxxx.xx	predictive	High
48	File	/xx/xxxxxxxxxx.xxxx	predictive	High
49	File	/xxxxx/xxxx	predictive	Medium
50	File	/xxxxxxxx.xxx	predictive	High
51	File	/xxxxxxxxx/	predictive	Medium
52	File	/xxxxxx/xxx_xxxx	predictive	High
53	File	/xxxxxxx/xxx-xxxxxx.xxx	predictive	High
54	File	/xxxx/xxx_xxxxx_xxxxxx.xxx	predictive	High
55	File	/xxxx/xxxxx_xxxxx.xxx	predictive	High
56	File	/xxxx.xxx	predictive	Medium
57	File	/xxxxxxxx-xxxx/xxx_xx/xxxxxx.xxxx	predictive	High
58	File	/xxx/x-xxxxxx/xxxxxxx/xxxxxx/xxxx/xxxxxxx.x	predictive	High
59	File	/xxxxx/xxxxxxxxxxx.xxx	predictive	High
60	File	/xxxxxxxxxxx.xxx	predictive	High
61	File	/xxxxxxx/xxxxxxxxxxx.xxx	predictive	High
62	File	/xxx/xxxx/xxxxxxxxxxxx?xxxxxxxx=xxxxx	predictive	High
63	File	/xxxxxxxxxxxx/xxxx/xxxxxxxxxxx?_xxxxxx=xxxxx&xx=xxxxxxxxxxxxx&xxxx=xx&xxxx=x&xxxx=x_xxxxxxxxxxx+xxxx&xxxx=xxx	predictive	High
64	File	/xxxxxxxxx.xxx	predictive	High
65	File	/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxx	predictive	High
66	File	/xxx/xx/xxxxxxxxx/xxxxxxxxx	predictive	High
67	File	/xxxxxxx.xx	predictive	Medium
68	File	/xxxx/xxxx/xxxxxxxxxx/xxxxxx.xxx	predictive	High
69	File	/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxx	predictive	High
70	File	/xxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxx/xxxxxxxxx_xxxxxx.xxx	predictive	High
71	File	/xxxx/xxxxxxx_xxxxxxxxxx_xxxxxxxx.xxx	predictive	High
72	File	/xx/xxxxxxx/xxxxxx-xxxxxxx.xxx	predictive	High
73	File	/xxx/xxxx_xxx_xxx_xxxxxx.xxx	predictive	High
74	File	/xxx/xxxxxxxx.xxx	predictive	High
75	File	/xx-xxxxx/xxxxx-xxxx.xxx	predictive	High
76	File	/xx/xxxxx.xxx	predictive	High
77	File	/_xxxxx/_xxx_xxxxx.xxx	predictive	High
78	File	xxxxx.xxx/xxxxx-x.x.xxx/xxxxxxx.xxx/xxxx.xxx	predictive	High
79	File	xxxxxxxxxxx.xxx	predictive	High
80	File	xxx.x	predictive	Low
81	File	xxxxxxxx_xxx.xxx	predictive	High
82	File	xxxxxxx.xxx	predictive	Medium
83	File	xxxxx.xxxxxxxxx.xxx	predictive	High
84	File	xxxxx.xxx	predictive	Medium
85	File	xxxxx.xxxx	predictive	Medium
86	File	xxxxx/xxxxx.xxx	predictive	High
87	File	xxxxx/xxxxxxxxxxxxxxx.xxx	predictive	High
88	File	xxxxx/xxxxxxxx/xxxx_xxxxxxx.xxx	predictive	High
89	File	xx_xxxx.xxx	predictive	Medium
90	File	xxxxxxxx.xxx	predictive	Medium
91	File	xxx/xx	predictive	Low
92	File	xxx.xxxxxxxxxxxxxxxxxxxx.xx	predictive	High
93	File	xxxxxxxxxxxxxx.xxx	predictive	High
94	File	xxxxxxx.xx	predictive	Medium
95	File	xxxxxxx.xxxx	predictive	Medium
96	File	xxxxxxxxxx/xxx/xxxxxxx.xxxx	predictive	High
97	File	xxx-xxxx.xxx	predictive	Medium
98	File	xxx-xxx/xxxxxxxxxxxx.xxx	predictive	High
99	File	xxxxx.xxx	predictive	Medium
100	File	xxx.xxx?xxx=xxxxx_xxxx	predictive	High
101	File	xxxxxx/xxx.x	predictive	Medium
102	File	xxxxxx/xxx.x	predictive	Medium
103	File	xxxxx-xxxxxxx.xxx	predictive	High
104	File	xxxxxxx=xxxxxxxxxx&xxxx=xxxx&xxxxxxxxxxxxx=/	predictive	High
105	File	xxxx.x	predictive	Low
106	File	xxxxxx.xxx	predictive	Medium
107	File	xxxxxxx.xxxx.xxx	predictive	High
108	File	xxxxxx.xxx	predictive	Medium
109	File	xxxx/xxxxxx.xxxx	predictive	High
110	File	xxxxxxx.xxx	predictive	Medium
111	File	xxxxxx.xxx	predictive	Medium
112	File	xxx/xxxxx.xx	predictive	Medium
113	File	xxxx_xxx/xx/xxxxxxxx/xxxxxx.xxx	predictive	High
114	File	xxxxxxxxxxxxxxxx.xxx	predictive	High
115	File	xxxxx.xxx	predictive	Medium
116	File	xxxxxxxxxxx-xxx.xxx	predictive	High
117	File	xxxx-xxxx.x	predictive	Medium
118	File	xxxx.xxx	predictive	Medium
119	File	xxxx.xxx	predictive	Medium
120	File	xxxxxx.xxx	predictive	Medium
121	File	xxxx_xxxxxx.xxx	predictive	High
122	File	xxxxxx.x	predictive	Medium
123	File	xx/xxxxxx/xxxxx.x	predictive	High
124	File	xxx/xxxxxx_xxx.x	predictive	High
125	File	xxxxx.xxx	predictive	Medium
126	File	xxxxxx.xxxx	predictive	Medium
127	File	xxxx.xxx	predictive	Medium
128	File	xxxxx_xxxx.xxx	predictive	High
129	File	xxx_xxxxx_xxxx.xx	predictive	High
130	File	xxxxxx_xxxx_xxxxxx.xxx	predictive	High
131	File	xxxxxxxxxx/xxx/xxxx/xxxx/xxx/xxx/xxxxxx/xxxxxx/xxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx.xxxx	predictive	High
132	File	xxx/xxxxxx.xxx	predictive	High
133	File	xxxxxxx/xxxxxx.xxx	predictive	High
134	File	xxxxxxxx/xxxx_xxxxxxx.xxx	predictive	High
135	File	xxxxx.xxxx	predictive	Medium
136	File	xxxxx.xxx	predictive	Medium
137	File	xxxxx_xxxxxx.xxx	predictive	High
138	File	xxxxxxx.xxx	predictive	Medium
139	File	xxxxxxxx.xxx	predictive	Medium
140	File	xx_xxxxxxxx.xxx	predictive	High
141	File	xxxx.x	predictive	Low
142	File	xxx/xxxxxxxxxx/xxx/xxxxxxxxxx/xxxxxxxxx.xx	predictive	High
143	File	xxxxxxxxxx/xxxxxxxxxxxxx.x	predictive	High
144	File	xxxxxxx/xxxx.x	predictive	High
145	File	xxxxxxxx/xxx_xxxx.x	predictive	High
146	File	xxxxx-xxxxxx-xxxxxx.xxxx	predictive	High
147	File	xxxxx.xxxx	predictive	Medium
148	File	xxxxx.xxxx	predictive	Medium
149	File	xxxxxxxxxxxx.xxx	predictive	High
150	File	xxxx/xxxxxxxxxx.xxx	predictive	High
151	File	xx/xxxx.x	predictive	Medium
152	File	xxx/xxx/xx_xxx.x	predictive	High
153	File	xxxxxxxxx.xxx	predictive	High
154	File	xxxxxxxx.xxx	predictive	Medium
155	File	xxxxxxxxxxx.xxx	predictive	High
156	File	xxxxx.xxx	predictive	Medium
157	File	xx/xxxxxxx/xxxxxxxx/xxx-xxxxxx.x	predictive	High
158	File	xx/xxxxxxx/xxxxxxxx/xxx.x	predictive	High
159	File	xxxxxxxxxxx.xxx	predictive	High
160	File	xxxxx.xxx	predictive	Medium
161	File	xxxxxx.xx	predictive	Medium
162	File	xxxxxx/xx_xxxxxx_xxxxxx/xxxxx/xxxxx.xxx	predictive	High
163	File	xxxxxxx.xx	predictive	Medium
164	File	xxxxxxxxxxxxxxxxxx.xxx	predictive	High
165	File	xxxxxxxxx_xxxxxx/xxxxxxxxx/xxxxxxxx/xxxxx/xxxxx_xxxxxx.xx	predictive	High
166	File	xxxxx.xxx	predictive	Medium
167	File	xxxxx.xxx	predictive	Medium
168	File	xxxxxxxxxx.xxx	predictive	High
169	File	xxxxxxxx_xx.xxx	predictive	High
170	File	xxxxxx_xxxx-xxx	predictive	High
171	File	xxxxxxx/xxxxxxxxxx	predictive	High
172	File	xxxxxxx.xxx	predictive	Medium
173	File	xxxxx.xxx	predictive	Medium
174	File	xxxxxxx.xxx	predictive	Medium
175	File	xxxxxxx.xxx	predictive	Medium
176	File	xxxxxxxxxxxxxxx.xxx	predictive	High
177	File	xxx/xxxx/xxxx/xxx/xx/xxxx/xxxxxxx/xxxxxxxxxx/xxxxx/xxxxxxxxxxxxxx.xxxx	predictive	High
178	File	xxx/xxxx/xxxx/xxx/xxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxx.xxxx	predictive	High
179	File	xxxxxxx/xxxx/xxxxxxx.xxx	predictive	High
180	File	xxxxxxx_xxxx.xxx	predictive	High
181	File	xxxxxx_xxxxxx_xxxxx.xxx	predictive	High
182	File	xxxxxxx-xxxxxxxx.xxx	predictive	High
183	File	xxxxxxx-xxxxxxx.xxx	predictive	High
184	File	xxxxxxx_xxxxxxxx.xxx	predictive	High
185	File	xxxxxx/xxxxx/xxxxx/xxx_xxxx.xxx	predictive	High
186	File	xxxxxxxxx/xxxx.xxx	predictive	High
187	File	xxxx-xxxxx.xxx	predictive	High
188	File	xxxx-xxxxxxxxx.xxx	predictive	High
189	File	xxxx-xxxxx.xxx	predictive	High
190	File	xxxx-xxxxxxxx.xxx	predictive	High
191	File	xxxxxxxxxx.xxx	predictive	High
192	File	xxxxx/xxxxx/xxxxxxxxx/xxxxxx.xxx	predictive	High
193	File	xxx.xxx	predictive	Low
194	File	xxxxxxxx-xxx.xxx	predictive	High
195	File	xx/xxxxxx/xxxxxxxxxxx	predictive	High
196	File	xx/x.x.xx.xxxxxx/xxxxxxx/xx/xxxxx.xx.xxxxxxxxx	predictive	High
197	File	xxxxxx.xxx	predictive	Medium
198	File	xxxxxx/xxxxx.xxx/xxxx/xxxx	predictive	High
199	File	xxxxxx_xxxxxxxx.xxx	predictive	High
200	File	xxx.x	predictive	Low
201	File	xxxx.xxxx	predictive	Medium
202	File	xxxx/xxxxx.xxx	predictive	High
203	File	xxxxxxxx/xxxxxxxx	predictive	High
204	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	High
205	File	xxx_xxxxx.xxxx	predictive	High
206	File	xxxx.x	predictive	Low
207	File	xxxxxx/xxxxxxx/xxxxxxxx/xxxx/xxxxxxx.xxx	predictive	High
208	File	xxxxxx\xxxxxx\xxxxxxxxx-xxxxxx-xxxxxxx\xxx\xxxxxxx\xxxxxxxxxxxxx.xxx	predictive	High
209	File	xxxx.xxx	predictive	Medium
210	File	xxxxxx/xxxxxx.xxxx	predictive	High
211	File	xxxx_xxxxxxx.xxx	predictive	High
212	File	xxxxxxxxxxxx.xxx	predictive	High
213	File	xxxxxx.xxx	predictive	Medium
214	File	xxxxxxxxxx.xxx	predictive	High
215	File	xxxxxxxx.xxx	predictive	Medium
216	File	xxxxxx.xxx	predictive	Medium
217	File	xx.xxxxxx/xxxxxxx/	predictive	High
218	File	xx-xxxxxx.xxx	predictive	High
219	File	xx-xxxx.xxx	predictive	Medium
220	File	xx-xxxxxxxxxxx.xxx	predictive	High
221	File	xx-xxxxxxxxx.xxx	predictive	High
222	File	xxxxxxxxxxxxx	predictive	High
223	File	xxxxxxxxxxxxx.xxxx	predictive	High
224	File	\xx_xxxx\xxx\xxxxxxxx\xxxxxxxx_xxxxxxx.xx	predictive	High
225	File	{{xxxxxxxx}}/xxxxx	predictive	High
226	Library	/xxx/xxxx/xxxxx.x/xx-xxxx-xxxxxxx.xxxxx	predictive	High
227	Library	xxx/xxxx/xxxxxxxxxxxxxx_xxxxxxx.xx	predictive	High
228	Library	xxxx-xxxxxxxxxx/xxx/xxxx/xxxxxxxxxx/xxxx_xxxxxxxxx.xx	predictive	High
229	Library	xxxx.xxx	predictive	Medium
230	Library	xxxxxxxx.xxx	predictive	Medium
231	Argument	-xxxxxx	predictive	Low
232	Argument	.xxxxxxxx	predictive	Medium
233	Argument	xx/xx	predictive	Low
234	Argument	xxxxxx	predictive	Low
235	Argument	xxx_xxxxxxxx[xxxxxxxx_xxxx]	predictive	High
236	Argument	xxxx	predictive	Low
237	Argument	xxxxxxxxxx	predictive	Medium
238	Argument	xxxxxxxxxx[xxx]	predictive	High
239	Argument	xxxxxxxx	predictive	Medium
240	Argument	xxxxxxxx	predictive	Medium
241	Argument	xxxx	predictive	Low
242	Argument	xxxxxxx_xxxx/xxxxxxx_xxxx	predictive	High
243	Argument	xxxxxxxxxx	predictive	Medium
244	Argument	xxx	predictive	Low
245	Argument	xxxxx_xxxx	predictive	Medium
246	Argument	xxxxxx xx/xxxx/xxxx	predictive	High
247	Argument	xxx	predictive	Low
248	Argument	xxxxx/xxx	predictive	Medium
249	Argument	xxxxxxx	predictive	Low
250	Argument	xxxxxx	predictive	Low
251	Argument	xxxxxx[xxxxxxx]	predictive	High
252	Argument	xxxxxxxxx	predictive	Medium
253	Argument	xxxxxxx	predictive	Low
254	Argument	xxxxxxxx	predictive	Medium
255	Argument	xxxx_xx	predictive	Low
256	Argument	xxx/xxxx	predictive	Medium
257	Argument	xxxxxxxxxxx	predictive	Medium
258	Argument	xxxx	predictive	Low
259	Argument	xxxxxxxxxxxxxxx	predictive	High
260	Argument	x/xxxx	predictive	Low
261	Argument	xxxxxxxx	predictive	Medium
262	Argument	xxxxx	predictive	Low
263	Argument	xxx[xxxxxxxx]	predictive	High
264	Argument	xx_xxxxx_xx	predictive	Medium
265	Argument	xxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxxx/xxx_xxxx/xxx_xxxxxx/xxx_xxx	predictive	High
266	Argument	xxxxx_xxx	predictive	Medium
267	Argument	xxxxxxx	predictive	Low
268	Argument	xxxxx	predictive	Low
269	Argument	xxxxxx-xxxxxx	predictive	High
270	Argument	xxxxxxxxx_xxx	predictive	High
271	Argument	xxxxxx	predictive	Low
272	Argument	xxxx	predictive	Low
273	Argument	xxxx	predictive	Low
274	Argument	xx_xxxx	predictive	Low
275	Argument	xxxxx	predictive	Low
276	Argument	xxxxxxxxx/xxxxxx	predictive	High
277	Argument	xxxxxxxx	predictive	Medium
278	Argument	xx_xxxxxx	predictive	Medium
279	Argument	xx_xx	predictive	Low
280	Argument	xx	predictive	Low
281	Argument	xx	predictive	Low
282	Argument	xx	predictive	Low
283	Argument	xx	predictive	Low
284	Argument	xxx_xxxxxxxx	predictive	Medium
285	Argument	xxxxx	predictive	Low
286	Argument	xxxxxxx	predictive	Low
287	Argument	xxxxxxxxx/xxxxx	predictive	High
288	Argument	xxx_xxxxxxx	predictive	Medium
289	Argument	xxx	predictive	Low
290	Argument	xxxx	predictive	Low
291	Argument	xxxxxxx	predictive	Low
292	Argument	xxxx	predictive	Low
293	Argument	xxxxx	predictive	Low
294	Argument	xxxx	predictive	Low
295	Argument	xxx	predictive	Low
296	Argument	xxxxxxxxxx	predictive	Medium
297	Argument	xxxxxxx	predictive	Low
298	Argument	xxx/xxx	predictive	Low
299	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	High
300	Argument	x_xxxxxx/x_xxxxxxxxxx	predictive	High
301	Argument	xxxx	predictive	Low
302	Argument	xxxx	predictive	Low
303	Argument	xxxx/xxxxxxx	predictive	Medium
304	Argument	xxxx/xxxxx/xxxxx	predictive	High
305	Argument	xxxxxxxxxx/xxxxxxx/xxxxxxxxxxxxx	predictive	High
306	Argument	xxxxxxxx	predictive	Medium
307	Argument	xxxxxxxxx	predictive	Medium
308	Argument	xx_xx	predictive	Low
309	Argument	xx	predictive	Low
310	Argument	xxxxxxxxxxx	predictive	Medium
311	Argument	xxxx	predictive	Low
312	Argument	xxxxxx	predictive	Low
313	Argument	xxxxxxxx	predictive	Medium
314	Argument	xxxxxxxx	predictive	Medium
315	Argument	xxxxxx	predictive	Low
316	Argument	xxxxxxxxxxx	predictive	Medium
317	Argument	xxxxxx[xxxx].xxx	predictive	High
318	Argument	xxx_xxxxxxxx	predictive	Medium
319	Argument	xxxx_xxxxx	predictive	Medium
320	Argument	xxxxxxxxxxxxx	predictive	High
321	Argument	xxxxxxxxxxxxxxx	predictive	High
322	Argument	xxxxxxxxxxx	predictive	Medium
323	Argument	xxxxxxx	predictive	Low
324	Argument	xxxxxxx	predictive	Low
325	Argument	xxxxxxx_xx[xxxxx]	predictive	High
326	Argument	xxxxxxxxxx	predictive	Medium
327	Argument	xxxx	predictive	Low
328	Argument	xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx	predictive	High
329	Argument	xxxxxxxxxxxx	predictive	Medium
330	Argument	xxxxxx	predictive	Low
331	Argument	xxxxxxxxx	predictive	Medium
332	Argument	xxxxxx_xxx	predictive	Medium
333	Argument	xxxxxx_xx	predictive	Medium
334	Argument	xxxx	predictive	Low
335	Argument	xxx	predictive	Low
336	Argument	xxxx_xxxxxx	predictive	Medium
337	Argument	xxxx_xxxx	predictive	Medium
338	Argument	xxx_xx_xxx	predictive	Medium
339	Argument	xxxxxxxx	predictive	Medium
340	Argument	xxxx	predictive	Low
341	Argument	xxxx/xxxxxx/xxxxxxx/xxxxxxxxxx	predictive	High
342	Argument	xxxxxx	predictive	Low
343	Argument	x_xxxx	predictive	Low
344	Argument	xx_xx	predictive	Low
345	Argument	xxxxxxxx/xxxxxxxx	predictive	High
346	Argument	xxxxx	predictive	Low
347	Argument	xxxxx/xxxxxx	predictive	Medium
348	Argument	xxxxx	predictive	Low
349	Argument	xxxxxxxxxxx	predictive	Medium
350	Argument	xxx	predictive	Low
351	Argument	xxx	predictive	Low
352	Argument	xxxxxxxxx	predictive	Medium
353	Argument	xxxx	predictive	Low
354	Argument	xxxxxxxx	predictive	Medium
355	Argument	xxxxxxxx/xxxx	predictive	High
356	Argument	xxx_xxxx	predictive	Medium
357	Argument	xxxx	predictive	Low
358	Argument	xxxxxx	predictive	Low
359	Argument	xx	predictive	Low
360	Argument	_xxxxxx	predictive	Low
361	Argument	_xxxxxxxxxx	predictive	Medium
362	Input Value	..%xx	predictive	Low
363	Input Value	../	predictive	Low
364	Input Value	.x./	predictive	Low
365	Input Value	x%xx"()%xx%xx<xxx><xxxxxx>xxxxx(xxxxxxxx.xxxxxx)</xxxxxx>	predictive	High
366	Input Value	<<xx xxxxxx=xxxxx(x)>>xxxx</xx>	predictive	High
367	Input Value	<xxxxxx>xxxxx('xxx')</xxxxxx>	predictive	High
368	Network Port	xxx/xxxx	predictive	Medium

References (7)

The following list contains external sources which discuss the actor and the associated activities:

Samples (7)

The following list contains associated samples:

https://www.fortinet.com/blog/threat-research/malware-analysis-revenge-rat-sample.html

◂ PreviousOverviewNext ▸

This view requires CTI permissions

Just purchase a CTI license today!