AsukaStealer Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (45)

Lang

en	38
ru	6
it	2

Land

us	34
it	2

Skådespelare

Cobalt Strike	1
Amadey	1
AsukaStealer	1
RecordBreaker	1
Raccoon	1

Intressera

Typ

Not Defined	12
WordPress Plugin	4
Content Management System	4
Log Management Software	2
Operating System	2

Säljare

Not Defined	14
SourceCodester	2
IBM	2
Linux	2
Intelliants	2

Produkt

Ziteboard Online Whiteboard Plugin	2
SourceCodester Life Insurance Management System	2
Tiki	2
SPIP	2
Responsive Menus	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	TikiWiki tiki-register.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01009	1.46	CVE-2006-6168
2	DZCP deV!L`z Clanportal config.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	1.30	CVE-2010-0966
3	RealFaviconGenerator Favicon Plugin class-favicon-by-realfavicongenerator-admin.php install_new_favicon förfalskning på begäran över webbplatsen	5.8	5.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00206	0.24	CVE-2015-10116
4	Intelliants eSyndiCat suggest-category.php cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00228	0.02	CVE-2010-4504
5	PHP Link Directory Administration Page index.html cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00374	0.31	CVE-2007-0529
6	Storytlr cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00129	0.03	CVE-2014-100037
7	Linux Kernel hv_netvsc register_netdevice_notifier Privilege Escalation	5.5	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00000	0.04-	CVE-2024-26820
8	Microsoft OLE DB Driver/SQL Server minneskorruption	8.8	7.7	$25k-$100k	$5k-$25k	Unproven	Official Fix	0.00043	0.05	CVE-2024-28913
9	WordPress XML-RPC class-wp-xmlrpc-server.php privilegier eskalering	8.0	7.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00731	0.03	CVE-2020-28036
10	NodeBB XML-RPC Request xmlrpc.php privilegier eskalering	8.0	7.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.11383	0.02	CVE-2023-43187
11	GPAC os_file.c gf_fwrite minneskorruption	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.04	CVE-2023-46426
12	PhotoPost PHP Pro zipndownload.php privilegier eskalering	7.3	6.4	$0-$5k	$0-$5k	Unproven	Official Fix	0.05109	0.02	CVE-2006-4828
13	WP Recipe Maker Plugin cross site scripting	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.02	CVE-2024-0382
14	nbviewer-app Privilege Escalation	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00063	0.04	CVE-2023-51277
15	IBM QRadar WinCollect Agent privilegier eskalering	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.00	CVE-2023-26279
16	Timo Reith Post Status Notifier Lite Plugin cross site scripting	5.8	5.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00046	0.00	CVE-2023-47766
17	Ziteboard Online Whiteboard Plugin Shortcode cross site scripting	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.00	CVE-2023-5076
18	Apple Safari Web Contents Remote Code Execution	6.3	6.0	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00147	0.08	CVE-2023-42852
19	Home Assistant svag autentisering	7.6	7.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00054	0.00	CVE-2023-41898
20	Oracle Hospitality Cruise Shipboard Property Management System Next-Gen SPMS Remote Code Execution	9.8	9.6	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00361	0.00	CVE-2023-20873

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Kampanjer	Identified	Typ	Förtroende
1	5.42.66.25		AsukaStealer		23/02/2024	verified	Hög

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1059	CWE-94	Argument Injection	predictive	Hög
2	T1059.007	CWE-79, CWE-80	Cross Site Scripting	predictive	Hög
3	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
4	TXXXX	CWE-XX, CWE-XX	Xxx Xxxxxxxxx	predictive	Hög
5	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	Hög
6	TXXXX.XXX	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (24)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/settings/account	predictive	Hög
2	File	/spip.php	predictive	Medium
3	File	admin.php3	predictive	Medium
4	File	xxxxx/xxxxx-xxxxxxx-xx-xxxxxxxxxxxxxxxxxxxx-xxxxx.xxx	predictive	Hög
5	File	xxx/xxxxxx.xxx	predictive	Hög
6	File	xxxxx.xxxx	predictive	Medium
7	File	xxxxx.xxx/xxxxxxxxx_xxxx/xxx_xxxxxxx_xxxxxxxxxx/	predictive	Hög
8	File	xxxxxxxxxxxxx.xxx	predictive	Hög
9	File	xxxxxxxxxx_xxxxx.xxxxxx	predictive	Hög
10	File	xxxxxxx-xxxxxxxx.xxx	predictive	Hög
11	File	xxxx-xxxxx.xxx	predictive	Hög
12	File	xxxx-xxxxxxxx.xxx	predictive	Hög
13	File	xxxxx/xx_xxxx.x	predictive	Hög
14	File	xx-xxxxxxxx/xxxxx-xx-xxxxxx-xxxxxx.xxx	predictive	Hög
15	File	xxxxxx.xxx	predictive	Medium
16	File	xxxxxxxxxxxx.xxx	predictive	Hög
17	Argument	xxx/xxx	predictive	Låg
18	Argument	xxxxxxxx	predictive	Medium
19	Argument	xxxxxxxx	predictive	Medium
20	Argument	xxxxxx_xxx	predictive	Medium
21	Argument	xxxxxxx_xx	predictive	Medium
22	Argument	xx_xxxx	predictive	Låg
23	Argument	xxxxxx	predictive	Låg
24	Argument	xxxxx	predictive	Låg

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!