AsynRAT Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (26)

Tidslinje

Lang

en26

Land

us22

Skådespelare

AsyncRAT1
Ave Maria1
Stealc1
RedLine Stealer1
Mirai1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined18
Video Surveillance Software2
Game Console2
Cloud Software2
Forum Software2

Säljare

Not Defined4
SourceCodester4
Xiamen Four Letter2
Iatek2
Early Impact2

Produkt

Xiamen Four Letter Video Surveillance Management S ...2
Iatek ASPapp2
Early Impact Product Cart2
libspdm2
Virtual Programming VP-ASP2

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1MidiCart PHP Shopping Cart item_show.php sql injektion6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.05
2ASP Portal News_Item.asp sql injektion6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.009830.00CVE-2006-1353
3ASP-DEv XM Forums profile.asp sql injektion7.37.1$0-$5k$0-$5kHighUnavailable0.000640.02CVE-2012-4060
4e-Quick Cart shopprojectlogin.asp cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.00
5Virtual Programming VP-ASP shopcurrency.asp sql injektion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.006700.04CVE-2006-2263
6Oracle WebLogic Server WebLogic Console okänd sårbarhet5.35.1$25k-$100k$0-$5kNot DefinedOfficial Fix0.001790.04CVE-2013-1504
7Early Impact Product Cart viewprd.asp sql injektion7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.009180.03CVE-2005-2445
8Sony PSP libTIFF minneskorruption7.36.4$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000420.02CVE-2006-4507
9Iatek ASPapp links.asp sql injektion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000970.02CVE-2008-1430
10Active Web Softwares Active Business Directory default.asp sql injektion7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.00CVE-2008-5972
11Comersus Open Technologies Comersus Cart comersus_optreviewreadexec.asp sql injektion7.37.1$0-$5k$0-$5kHighUnavailable0.003080.05CVE-2007-3323
12DUware DUpaypal Pro cat.asp sql injektion7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.001920.03CVE-2005-2047
13e-Quick Cart shopprojectlogin.asp sql injektion6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.04
14SourceCodester Online Student Management System edit-class-detail.php sql injektion7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001480.04CVE-2023-1099
15Xiamen Four Letter Video Surveillance Management System Login UserInfoAction.class privilegier eskalering8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.00CVE-2023-3805
16Microsoft Azure AD Log in with Microsoft nOAuth privilegier eskalering6.36.1$5k-$25k$0-$5kNot DefinedTemporary Fix0.000000.04
17OTCMS kataloggenomgång3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.04CVE-2023-3241
18libspdm privilegier eskalering5.65.5$0-$5k$0-$5kNot DefinedOfficial Fix0.001040.00CVE-2023-32690
19Google Chrome Camera minneskorruption7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000860.04CVE-2023-2458
20SourceCodester Lost and Found Information System privilegier eskalering7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000780.05CVE-2023-2670

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
1185.254.37.238AsynRAT16/03/2023verifiedHög

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassSårbarheterÅtkomstvektorTypFörtroende
1CAPEC-10CWE-20, CWE-119, CWE-266, CWE-285, CWE-416, CWE-863Unknown VulnerabilitypredictiveHög
2T1006CAPEC-126CWE-22Path TraversalpredictiveHög
3TXXXXCAPEC-10CWE-XX, CWE-XXXXxxxxxxx Xxxxxxxxxxxxxx Xx Xxxx Xxxxxx Xxxxx XxxxxxxxxxxpredictiveHög
4TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxxx XxxxxxxxxpredictiveHög
5TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx XxxxxxxxxpredictiveHög
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
7TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxx XxxxxxxxxpredictiveHög
8TXXXX.XXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHög

IOA - Indicator of Attack (35)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/admin/read.php?mudi=announContentpredictiveHög
2Fileadmin/?page=user/manage_userpredictiveHög
3Fileadmincp/auth/secure.phppredictiveHög
4Filecat.asppredictiveLåg
5Filecomersus_optreviewreadexec.asppredictiveHög
6Filexxxxxxx.xxxpredictiveMedium
7Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxxpredictiveHög
8Filexxxxxxx/xxxx-xxxxx-xxxxxx.xxx?xxxxxx=xpredictiveHög
9Filexxxx_xxxx.xxxpredictiveHög
10Filexxxxx.xxxpredictiveMedium
11Filexxxx_xxxx.xxxpredictiveHög
12Filexxxxxxx.xxxpredictiveMedium
13Filexxxx-xxx/xxxxxxxx.xxx?xxxx=xxx_xxxxx.xxxpredictiveHög
14Filexxxxxxxxxxxx.xxxpredictiveHög
15Filexxxxxxxxxxxxxxxx.xxxpredictiveHög
16Filexxxxxxxxx/xxxxxxxxx/xxxxxx.xxxxxx.xxxpredictiveHög
17Filexxxxxxx.xxxpredictiveMedium
18Libraryxxxxxxxxxxxxxx.xxxxxpredictiveHög
19ArgumentxxxxxpredictiveLåg
20ArgumentxxxxxpredictiveLåg
21ArgumentxxxxxxxxxxpredictiveMedium
22ArgumentxxxpredictiveLåg
23Argumentxxxx_xxpredictiveLåg
24Argumentxxxxxxxxxx.xxxxxxxxxxxxxpredictiveHög
25Argumentxxxxxxx_xxpredictiveMedium
26ArgumentxxxxxxpredictiveLåg
27ArgumentxxxxxxxxxxxxpredictiveMedium
28ArgumentxxxxpredictiveLåg
29ArgumentxxpredictiveLåg
30ArgumentxxxxxxxxxxpredictiveMedium
31ArgumentxxxxxxxxxpredictiveMedium
32Argumentxxxx_xxxxpredictiveMedium
33ArgumentxxxxxxxxxpredictiveMedium
34ArgumentxxxxxxpredictiveLåg
35ArgumentxxxpredictiveLåg

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Interested in the pricing of exploits?

See the underground prices here!