Statc Stealer Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (94)

Curso de tempo

Idioma

en90
ja2
de2

País

de94

Actores

Statc Stealer1
RisePro1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined54
Web Browser4
SCADA Software4
Medical Device Software2
WordPress Plugin2

Fabricante

Not Defined28
Campcodes4
TOTOLINK2
GE Healthcare2
Fuji Electric2

Produto

TOTOLINK A3002R2
GE Healthcare Signa2
GE Healthcare Brivo2
GE Healthcare Optima2
GE Healthcare LOGIQ2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Intelbras TIP200/TIP200LITE/TIP300 cgiServer.exx Directório Traversal5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.001890.00CVE-2020-13886
2cym1102 nginxWebUI upload direitos alargados4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.26CVE-2024-3736
3Campcodes Complete Online Student Management System courses_view.php Roteiro Cruzado de Sítios3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-3531
4Campcodes House Rental Management System view_payment.php Injecção SQL6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.13CVE-2024-3696
5SourceCodester Kortex Lite Advocate Office Management System deactivate_case.php Injecção SQL4.74.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.00CVE-2024-3617
6Campcodes Church Management System admin_user.php Roteiro Cruzado de Sítios3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-3541
7SMI SMI-EX-5414W Web Interface Falsificação de Pedido Cross Site4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.56CVE-2024-3873
8TikiWiki tiki-register.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010751.39CVE-2006-6168
9DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009430.78CVE-2010-0966
10Genetechsolutions Pie Register User Account pie-register.php direitos alargados5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.088230.02CVE-2014-8802
11MediaTek EN7528/EN7580 Boa direitos alargados8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.003260.02CVE-2022-32665
12V-SFT/TELLUS Image File Excesso de tampão7.06.9$0-$5k$0-$5kNot DefinedNot Defined0.000650.00CVE-2022-43448
13Sage XRT Business Exchange Add Currencies/Payment Order/Transfer History Injecção SQL7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.000710.00CVE-2022-34324
14w3c Unicorn ValidatorNuMessage.java ValidatorNuMessage Roteiro Cruzado de Sítios4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.07CVE-2021-4296
15jerryhanjj ERP Commodity Management inventory.php uploadImages direitos alargados7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000800.22CVE-2022-3944
16oretnom23 Food Ordering Management System place-order.php Roteiro Cruzado de Sítios3.63.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.000560.09CVE-2022-43046
17GitLab Community Edition/Enterprise Edition External Status Check Roteiro Cruzado de Sítios5.05.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001570.00CVE-2022-2904
18Metabase Malicious Request Divulgação de Informação5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000620.00CVE-2022-39358
19Linux Kernel nftables nft_osf_eval Divulgação de Informação4.74.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000450.08CVE-2022-42432

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
195.217.5.87static.87.5.217.95.clients.your-server.deStatc Stealer20/08/2023verifiedAlto

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4TXXXXCAPEC-242CWE-XXXxxxxxxx XxxxxxxxxpredictiveAlto
5TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-0CWE-XXXXxx Xx Xxxx-xxxxx XxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
10TXXXXCAPEC-102CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
11TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
12TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (39)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/admin/admin_user.phppredictiveAlto
2File/adminPage/main/uploadpredictiveAlto
3File/control/deactivate_case.phppredictiveAlto
4File/foms/place-order.phppredictiveAlto
5Fileadclick.phppredictiveMédio
6Filexxxxx/predictiveBaixo
7Filexxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxx/xxxxxxxxx.xxxpredictiveAlto
8Filexxx-xxx/xxxxxxxxx.xxxpredictiveAlto
9Filexxx_xxxx.xpredictiveMédio
10Filexxxxxxx_xxxx.xxxpredictiveAlto
11Filexxx.xxxpredictiveBaixo
12Filexxxxxxx/xxxxx/xxx-xxxxxxx/xxxxxxx.xpredictiveAlto
13Filexxx/xxxxxx.xxxpredictiveAlto
14Filexxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
15Filexxxxxxxxxxxxxx.xxxpredictiveAlto
16Filexxxxxxxxxx/xxxxxxx.xpredictiveAlto
17Filexxxxxxxxxx.xxxpredictiveAlto
18Filexxx/xxx_xxxxx/xx_xxxxx.xpredictiveAlto
19Filexx/xxxxpredictiveBaixo
20Filexxx-xxxxxxxx.xxxpredictiveAlto
21Filexxxxxxxxxxxxxx.xxxpredictiveAlto
22Filexxxxxxxx.xxxpredictiveMédio
23Filexxxxxx.xxxpredictiveMédio
24Filexxx/xxx/xxx/xxxxxxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
25Filexxxx-xxxxxxxx.xxxpredictiveAlto
26Filexxxxxxxxxxx.xxxpredictiveAlto
27Filexx_xxxx_xxxxx_xxxx_xxxx.xpredictiveAlto
28Filexxxx_xxxxxxx.xxxpredictiveAlto
29Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
30ArgumentxxxxxxxxpredictiveMédio
31ArgumentxxxxxxxxxpredictiveMédio
32ArgumentxxxxxxxxxxxpredictiveMédio
33Argumentxxxx/xxpredictiveBaixo
34ArgumentxxpredictiveBaixo
35ArgumentxxxxxxxxxxxpredictiveMédio
36ArgumentxxxxxxxpredictiveBaixo
37ArgumentxxxxpredictiveBaixo
38Argumentxxxx_xxxxpredictiveMédio
39Argumentxxxx xxxx/xxxxxxxxpredictiveAlto

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!