AmmyyRAT Analys

IOB - Indicator of Behavior (9)

Tidslinje

Lang

en10

Land

Skådespelare

Aktiviteter

Intressera

Tidslinje

Typ

Säljare

Produkt

Teclib GLPI Agent2
SPIP2
Zoho ManageEngine ServiceDesk Plus2
OpenProject2
WordPress2

Sårbarheter

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
1185.99.133.83rns.nz.zappiehost.comAmmyyRAT12/05/2022verifiedHög

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22Path TraversalpredictiveHög
2T1059CWE-94Argument InjectionpredictiveHög
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHög
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveHög
5TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHög
6TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHög

IOA - Indicator of Attack (5)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/usr/local/psa/admin/sbin/wrapperpredictiveHög
2FileFileDownload.jsppredictiveHög
3Filexx-xxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxxxxxxx.xxxpredictiveHög
4ArgumentxxxxxxxxpredictiveMedium
5Argumentxxxxxxxx_xx_xxpredictiveHög

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!