Invicta Stealer Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (283)

Język

en	248
ja	10
zh	8
pl	6
fr	2

Kraj

us	284

Aktorzy

Cobalt Strike	1
DCRat	1
Hook	1
Rhadamanthys	1
Ave Maria	1

Wysiłek

Rodzaj

Not Defined	62
Content Management System	30
Forum Software	10
Network Management Software	6
Survey Software	4

Sprzedawca

Not Defined	42
SourceCodester	10
HP	6
Mambo	4
Pearlinger	4

Produkt

SourceCodester Inventory Management System	6
HP Integrated Lights-Out	6
phpShop	6
Jetbox One CMS	4
Pearlinger Products	4

Luki w zabezpieczeniach

#	Słaby punkt	Base	Temp	0day	Dzisiaj	Wyk	Prz	EPSS	CTI	CVE
1	LogicBoard CMS away.php Redirect	6.3	6.1	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00000	1.90
2	esoftpro Online Guestbook Pro ogp_show.php sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00135	0.00	CVE-2010-4996
3	Esoftpro Online Guestbook Pro ogp_show.php cross site scripting	4.3	4.2	$0-$5k	$0-$5k	High	Unavailable	0.00209	0.02	CVE-2009-2441
4	Squitosoft Squito Gallery photolist.inc.php memory corruption	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01371	0.04	CVE-2005-2258
5	Esoftpro Online Guestbook Pro ogp_show.php cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00101	0.08	CVE-2009-2448
6	Esoftpro Online Guestbook Pro ogp_show.php cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00129	0.07	CVE-2009-2447
7	HP Integrated Lights-Out information disclosure	9.8	8.5	$5k-$25k	$0-$5k	Unproven	Official Fix	0.02286	0.02	CVE-2012-3271
8	htmltonuke htmltonuke.php privilege escalation	7.3	6.7	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.01849	0.04	CVE-2006-0308
9	Storytlr cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00129	0.18	CVE-2014-100037
10	WordPress AdServe adclick.php sql injection	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00073	0.08	CVE-2008-0507
11	Appindex MWChat start_lobby.php privilege escalation	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01895	0.00	CVE-2005-1869
12	Cisco BroadWorks Application Delivery Platform Single Sign-On Remote Code Execution	9.9	9.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00143	0.00	CVE-2023-20238
13	Zentrack index.php privilege escalation	7.3	7.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00000	0.03
14	Jetbox One CMS memory corruption	5.9	5.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01999	0.05	CVE-2004-1448
15	Mambo Artlinks component artlinks.dispnew.php privilege escalation	8.1	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01742	0.03	CVE-2006-3949
16	xoops Xoopsgallery Module mod_gallery sql injection	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01520	0.00	CVE-2008-0138
17	MosXML mod_mainmenu.php privilege escalation	7.3	6.4	$0-$5k	$0-$5k	Unproven	Unavailable	0.00441	0.01	CVE-2008-5206
18	SourceCodester Best Courier Management System Manage Account Page cross site scripting	4.1	4.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00050	0.04	CVE-2023-5302
19	Comersus Open Technologies Comersus Cart comersus_optreviewreadexec.asp sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00308	0.05	CVE-2007-3323
20	UBB.threads login.php cross site scripting	3.5	3.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.02

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adres IP	Hostname	Aktor	Kampanie	Identified	Rodzaj	Pewność siebie
1	94.156.253.17		Invicta Stealer		2024-04-03	verified	Wysoki

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klasa	Luki w zabezpieczeniach	Wektor dostępu	Rodzaj	Pewność siebie
1	T1006	CAPEC-126	CWE-22, CWE-23	Path Traversal	predictive	Wysoki
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	Wysoki
3	T1059.007	CAPEC-209	CWE-79, CWE-80	Cross Site Scripting	predictive	Wysoki
4	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
5	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Wysoki
6	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	Wysoki
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Wysoki
8	TXXXX	CAPEC-50	CWE-XXX, CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
9	TXXXX	CAPEC-37	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Wysoki
10	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Wysoki
11	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Wysoki
12	TXXXX.XXX	CAPEC-0	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	Wysoki
13	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Wysoki

IOA - Indicator of Attack (169)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasa	Indicator	Rodzaj	Pewność siebie
1	File	/admin/list_addr_fwresource_ip.php	predictive	Wysoki
2	File	/DXR.axd	predictive	Medium
3	File	/forum/away.php	predictive	Wysoki
4	File	/importexport.php	predictive	Wysoki
5	File	/log/decodmail.php	predictive	Wysoki
6	File	/multi-vendor-shopping-script/product-list.php	predictive	Wysoki
7	File	/see_more_details.php	predictive	Wysoki
8	File	/servlet/webacc	predictive	Wysoki
9	File	/SysManage/AddUpdateRole.aspx	predictive	Wysoki
10	File	/textpattern/index.php	predictive	Wysoki
11	File	adclick.php	predictive	Medium
12	File	adDetail.asp	predictive	Medium
13	File	admin.a6mambocredits.php	predictive	Wysoki
14	File	admin.cropcanvas.php	predictive	Wysoki
15	File	admin/theme-edit.php	predictive	Wysoki
16	File	adminBanned.php	predictive	Wysoki
17	File	adminBoards.php	predictive	Wysoki
18	File	adminForums.php	predictive	Wysoki
19	File	allopass-error.php	predictive	Wysoki
20	File	allopass.php	predictive	Medium
21	File	announce.php	predictive	Medium
22	File	app/ajax/search_sell_paymen_report.php	predictive	Wysoki
23	File	xxxxxxxx.xxxxxxx.xxx	predictive	Wysoki
24	File	xxx.xxx	predictive	Niski
25	File	xxxx_xxxxxxxx.xxx	predictive	Wysoki
26	File	xx_xxxx.xxx	predictive	Medium
27	File	xxxx_xxxxxxxx/xx.xxx	predictive	Wysoki
28	File	xxxxxxxx_xxxxxxxxxxxxxxxxx.xxx	predictive	Wysoki
29	File	xxxxx.xxx	predictive	Medium
30	File	xxxxxxxx.xx	predictive	Medium
31	File	xxxxxxxx.xxx.xxx	predictive	Wysoki
32	File	xxxx_xxxxxxx.xxx	predictive	Wysoki
33	File	xxx/xxxx/xxx_xxxx.x	predictive	Wysoki
34	File	xxxxxxxxxxx.xxxxx.xxx	predictive	Wysoki
35	File	xxxxxxxxxxxxxxxxxxxx.xxx	predictive	Wysoki
36	File	xxxxxxxx.xxxx.xxx	predictive	Wysoki
37	File	xxxxxxxxxxxx_xxxx.xxx	predictive	Wysoki
38	File	xxxx_xxxxxxx.xxx.xxx	predictive	Wysoki
39	File	xxxxxxxxxx.xxx	predictive	Wysoki
40	File	xxxx.xxx.xxx	predictive	Medium
41	File	xxxxxxxxxx.xxx	predictive	Wysoki
42	File	xxxxx_xxxxxx.xxx	predictive	Wysoki
43	File	xxxxxxxxx.xxx	predictive	Wysoki
44	File	xxx/xxxxxx.xxx	predictive	Wysoki
45	File	xxxxxxx.xxx	predictive	Medium
46	File	xxxxxxx/xxxxx/xxxxxxx.x	predictive	Wysoki
47	File	xxxxxxxx/xxxx.xxx	predictive	Wysoki
48	File	xxxxxxxx/xxxxxxxxxxxx.xxx.xxx	predictive	Wysoki
49	File	xxxxx.xxx	predictive	Medium
50	File	xxxxxx.xxx	predictive	Medium
51	File	xxxxxxx.xxx	predictive	Medium
52	File	xxxxxx/xxxx/xxxxxx_xxx.xxx	predictive	Wysoki
53	File	xxxxxxxx.xxx.xxx	predictive	Wysoki
54	File	xxxxx.xxx	predictive	Medium
55	File	xxx_xxxxxxxx.xxx	predictive	Wysoki
56	File	xxxxx-x.x	predictive	Medium
57	File	xxxxxxxx.xxx	predictive	Medium
58	File	xxxxxxx/xxx_xxxxxxxx.xxx	predictive	Wysoki
59	File	xxx_xxxxxxx.xxx	predictive	Wysoki
60	File	xxx_xxxxxxx_xxxx.xxx	predictive	Wysoki
61	File	xxx_xxxxxxx_xxxxxxxxxxx.xxx	predictive	Wysoki
62	File	xxx_xxxxxxx_xxxxxxxxxx.xxx	predictive	Wysoki
63	File	xxxx.xxx	predictive	Medium
64	File	xxx_xxxx.xxx	predictive	Medium
65	File	xxxxxxxxx.xxx.xxx	predictive	Wysoki
66	File	xxxxxx.xxxxx.xxx	predictive	Wysoki
67	File	xxxx.xxx	predictive	Medium
68	File	xxxxxxx.xxxxxxx.xxxxxx.xxx	predictive	Wysoki
69	File	xxx.xxx	predictive	Niski
70	File	xxxxxxx_xxxxxx_xxxxxxxx.xxx	predictive	Wysoki
71	File	xxxxxx_xxx_xxxxxx.xxx	predictive	Wysoki
72	File	xxxx.xxx	predictive	Medium
73	File	xxxxxxxxxxxxxxx.xxx	predictive	Wysoki
74	File	xxxxxxxx.xxx/xxxxxx.xxx/xxxxxxxx.xxx	predictive	Wysoki
75	File	xxxx_xxxxxxxx.xxx/xxxx_xxxx.xxx	predictive	Wysoki
76	File	xxxxx/xxxxxxxx/xxxxxxxxx.xxx	predictive	Wysoki
77	File	xx_xxxx.xxx	predictive	Medium
78	File	xxxxx_xxxx.xxx	predictive	Wysoki
79	File	xxxxx_xxxxx.xxx	predictive	Wysoki
80	File	xxxxxxxxxxxxx.xxx	predictive	Wysoki
81	File	xxxxx/xxxx_xxxxxx_xxxxxx.xxx	predictive	Wysoki
82	File	xxxx/xxx/xxxx-xxxxx.xxx	predictive	Wysoki
83	File	xxxx.xxx	predictive	Medium
84	File	xxxxxxxxx.xxx	predictive	Wysoki
85	File	xxxx_xxxxxxx_xxxx.xxx	predictive	Wysoki
86	File	xxxx/xxxx-x-xxxxxx.x	predictive	Wysoki
87	File	xx-xxxxx.xxx	predictive	Medium
88	File	xx-xxxxxxxxx.xxx	predictive	Wysoki
89	File	xxxxxxxxxxxx.xxx	predictive	Wysoki
90	File	_xxxxxxxxx.xxx	predictive	Wysoki
91	Library	xxx.xxx/xxxxxxx.xxxxxxx/xxxx.xxx/xxxxxxx.xxxxxxx.xxxxxx.xxx	predictive	Wysoki
92	Library	xxxxxx[xxxxxx_xxxx	predictive	Wysoki
93	Library	xxxxxxx/xxx.xxx.xxx.xxx	predictive	Wysoki
94	Library	xxxx.xxx.xxx	predictive	Medium
95	Argument	xxxxx	predictive	Niski
96	Argument	xxxxxxxx_xxxx	predictive	Wysoki
97	Argument	xxxxxxxx	predictive	Medium
98	Argument	xxxx_xxx	predictive	Medium
99	Argument	xxxxx	predictive	Niski
100	Argument	xxxx	predictive	Niski
101	Argument	xxx	predictive	Niski
102	Argument	xxx_xx	predictive	Niski
103	Argument	xxxxxxx[x][xxxx]	predictive	Wysoki
104	Argument	xxxxxx	predictive	Niski
105	Argument	xxxxxxxxxx	predictive	Medium
106	Argument	xxxxxx[xxxxxx_xxxx]	predictive	Wysoki
107	Argument	xxxxxxxxxxxx	predictive	Medium
108	Argument	xxxxxxxx	predictive	Medium
109	Argument	xxxxxxxx	predictive	Medium
110	Argument	xxxxxxxx	predictive	Medium
111	Argument	xxxxxxx	predictive	Niski
112	Argument	xxxxxx_xxxx	predictive	Medium
113	Argument	xxxxx	predictive	Niski
114	Argument	xxxxx_xxxx_xxxx	predictive	Wysoki
115	Argument	xxxxx	predictive	Niski
116	Argument	xxxxxxxxx	predictive	Medium
117	Argument	xx_xxxxxxx	predictive	Medium
118	Argument	xxxx	predictive	Niski
119	Argument	xxxxxxx	predictive	Niski
120	Argument	xxxxx xxxx	predictive	Medium
121	Argument	xxxxxxx_xxxxxxx	predictive	Wysoki
122	Argument	xxxxxxxxxxxxxx[xxxxxxxxxxxxxxxxxx]	predictive	Wysoki
123	Argument	xxxx[xxxxxxx]	predictive	Wysoki
124	Argument	xxxxxxxx	predictive	Medium
125	Argument	xxxx	predictive	Niski
126	Argument	xx	predictive	Niski
127	Argument	xxxxxxxxx	predictive	Medium
128	Argument	xxxxx_xxx	predictive	Medium
129	Argument	xxxx	predictive	Niski
130	Argument	xxxxxxx	predictive	Niski
131	Argument	xxx_xxxx_xxxx	predictive	Wysoki
132	Argument	xxx	predictive	Niski
133	Argument	xxxxxxxxx_xxxxxxxx_xxxx	predictive	Wysoki
134	Argument	xxxxxxxxx_xxxx_xxxx	predictive	Wysoki
135	Argument	xxxxxxx_xxxx	predictive	Medium
136	Argument	xxxxx_xxx	predictive	Medium
137	Argument	xxxxxx_xxxxxx[xxxxxx_xxxx]	predictive	Wysoki
138	Argument	xxxx	predictive	Niski
139	Argument	xxxxxx	predictive	Niski
140	Argument	xxxx_xxxx	predictive	Medium
141	Argument	xxxxxxxxx	predictive	Medium
142	Argument	xxxxx_xxxx_xxx	predictive	Wysoki
143	Argument	xxxxx_xxxx_xxxx	predictive	Wysoki
144	Argument	xxxxxxx_xxx	predictive	Medium
145	Argument	xx	predictive	Niski
146	Argument	xxxxxxxxxx[x]	predictive	Wysoki
147	Argument	xx_xxxx	predictive	Niski
148	Argument	xxxxxx	predictive	Niski
149	Argument	xxxxx	predictive	Niski
150	Argument	xxxxxxxxxx	predictive	Medium
151	Argument	xxxxxxx	predictive	Niski
152	Argument	xxxx_xxxx	predictive	Medium
153	Argument	xxx	predictive	Niski
154	Argument	xxxxxx	predictive	Niski
155	Argument	xxxxxx_xxxxxx	predictive	Wysoki
156	Argument	xxx_xxxxx	predictive	Medium
157	Argument	xxxx_xxxx	predictive	Medium
158	Argument	xxx	predictive	Niski
159	Argument	xx_xx	predictive	Niski
160	Argument	xxxxxxxx_xxx	predictive	Medium
161	Argument	xxx_xxxxxxxxxxxx	predictive	Wysoki
162	Argument	xxxxxxxxxx	predictive	Medium
163	Argument	xx_xx	predictive	Niski
164	Argument	xxxxxxxxxxx	predictive	Medium
165	Argument	_xxxx[_xxx_xxxx_xxxx	predictive	Wysoki
166	Input Value	xxxx	predictive	Niski
167	Input Value	xxxxxx	predictive	Niski
168	Input Value	\xxx../../../../xxx/xxxxxx	predictive	Wysoki
169	Network Port	xxx xxxxxx xxxx	predictive	Wysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PoprzedniPrzeglądKolejny ▸

Interested in the pricing of exploits?

See the underground prices here!