AsynRAT Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (26)

Sprache

en	26

Land

us	14

Akteure

AsyncRAT	1
Ave Maria	1
Stealc	1
RedLine Stealer	1
Mirai	1

Interesse

Typ

Not Defined	16
Operating System	4
Cloud Software	2
Forum Software	2
Video Surveillance Software	2

Hersteller

Not Defined	8
Microsoft	6
ASP-DEv	2
Early Impact	2
SourceCodester	2

Produkt

Microsoft Windows	4
Microsoft Azure AD	2
ASP-DEv XM Forums	2
Early Impact Product Cart	2
SourceCodester Online Student Management System	2

Schwachstellen

#	Schwachstelle	Base	Temp	0day	Heute	Aus	Mas	EPSS	CTI	CVE
1	MidiCart PHP Shopping Cart item_show.php SQL Injection	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.05
2	ASP Portal News_Item.asp SQL Injection	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00983	0.00	CVE-2006-1353
3	ASP-DEv XM Forums profile.asp SQL Injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00064	0.00	CVE-2012-4060
4	e-Quick Cart shopprojectlogin.asp Cross Site Scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.00
5	Virtual Programming VP-ASP shopcurrency.asp SQL Injection	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00670	0.03	CVE-2006-2263
6	Oracle WebLogic Server WebLogic Console unbekannte Schwachstelle	5.3	5.1	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00179	0.06	CVE-2013-1504
7	Early Impact Product Cart viewprd.asp SQL Injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00918	0.04	CVE-2005-2445
8	Sony PSP bis 2.80 libTIFF korruptes TIFF-Bild anzeigen Pufferüberlauf	7.3	6.4	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00042	0.04	CVE-2006-4507
9	Iatek ASPapp links.asp SQL Injection	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00097	0.00	CVE-2008-1430
10	Active Web Softwares Active Business Directory default.asp SQL Injection	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00064	0.00	CVE-2008-5972
11	Comersus Open Technologies Comersus Cart comersus_optreviewreadexec.asp SQL Injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00381	0.00	CVE-2007-3323
12	DUware DUpaypal Pro cat.asp SQL Injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00192	0.00	CVE-2005-2047
13	e-Quick Cart shopprojectlogin.asp SQL Injection	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.04
14	SourceCodester Online Student Management System edit-class-detail.php SQL Injection	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00148	0.05	CVE-2023-1099
15	Xiamen Four Letter Video Surveillance Management System Login UserInfoAction.class erweiterte Rechte	8.1	7.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00063	0.00	CVE-2023-3805
16	Microsoft Azure AD Log in with Microsoft nOAuth erweiterte Rechte	6.3	6.1	$5k-$25k	$0-$5k	Not Defined	Temporary Fix	0.00000	0.00
17	OTCMS Directory Traversal	3.5	3.2	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00072	0.06	CVE-2023-3241
18	libspdm erweiterte Rechte	5.6	5.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00104	0.00	CVE-2023-32690
19	Google Chrome Camera Pufferüberlauf	7.5	7.4	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00168	0.04	CVE-2023-2458
20	SourceCodester Lost and Found Information System erweiterte Rechte	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00109	0.00	CVE-2023-2670

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-Adresse	Hostname	Akteur	Kampagnen	Identifiziert	Typ	Akzeptanz
1	185.254.37.238		AsynRAT		16.03.2023	verifiziert	High

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klassifizierung	Schwachstellen	Zugriffsart	Typ	Akzeptanz
1	T1006	CAPEC-126	CWE-22	Path Traversal	prädiktiv	High
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	prädiktiv	High
3	TXXXX	CAPEC-242	CWE-XX	Xxxxxxxx Xxxxxxxxx	prädiktiv	High
4	TXXXX.XXX	CAPEC-209	CWE-XX, CWE-XX	Xxxxx Xxxx Xxxxxxxxx	prädiktiv	High
5	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	prädiktiv	High
6	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	prädiktiv	High
7	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	prädiktiv	High

IOA - Indicator of Attack (35)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasse	Indicator	Typ	Akzeptanz
1	File	/admin/read.php?mudi=announContent	prädiktiv	High
2	File	admin/?page=user/manage_user	prädiktiv	High
3	File	admincp/auth/secure.php	prädiktiv	High
4	File	cat.asp	prädiktiv	Low
5	File	comersus_optreviewreadexec.asp	prädiktiv	High
6	File	xxxxxxx.xxx	prädiktiv	Medium
7	File	xxxxxxx/xxxx-xxxxx-xxxxxx.xxx	prädiktiv	High
8	File	xxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=x	prädiktiv	High
9	File	xxxx_xxxx.xxx	prädiktiv	High
10	File	xxxxx.xxx	prädiktiv	Medium
11	File	xxxx_xxxx.xxx	prädiktiv	High
12	File	xxxxxxx.xxx	prädiktiv	Medium
13	File	xxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxx.xxx	prädiktiv	High
14	File	xxxxxxxxxxxx.xxx	prädiktiv	High
15	File	xxxxxxxxxxxxxxxx.xxx	prädiktiv	High
16	File	xxxxxxxxx/xxxxxxxxx/xxxxxx.xxxxxx.xxx	prädiktiv	High
17	File	xxxxxxx.xxx	prädiktiv	Medium
18	Library	xxxxxxxxxxxxxx.xxxxx	prädiktiv	High
19	Argument	xxxxx	prädiktiv	Low
20	Argument	xxxxx	prädiktiv	Low
21	Argument	xxxxxxxxxx	prädiktiv	Medium
22	Argument	xxx	prädiktiv	Low
23	Argument	xxxx_xx	prädiktiv	Low
24	Argument	xxxxxxxxxx.xxxxxxxxxxxxx	prädiktiv	High
25	Argument	xxxxxxx_xx	prädiktiv	Medium
26	Argument	xxxxxx	prädiktiv	Low
27	Argument	xxxxxxxxxxxx	prädiktiv	Medium
28	Argument	xxxx	prädiktiv	Low
29	Argument	xx	prädiktiv	Low
30	Argument	xxxxxxxxxx	prädiktiv	Medium
31	Argument	xxxxxxxxx	prädiktiv	Medium
32	Argument	xxxx_xxxx	prädiktiv	Medium
33	Argument	xxxxxxxxx	prädiktiv	Medium
34	Argument	xxxxxx	prädiktiv	Low
35	Argument	xxx	prädiktiv	Low

Referenzen (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!