ASO RAT
AlienVault
· Published 13/04/2026 17:48 · Modified 13/04/2026 17:48
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 13/04/2026 17:48
- Modified
- 13/04/2026 17:48
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 8 attack patterns (mitre), 4 sectors, 23 indicators, 2 vulnerabilities (cve), 1 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (8)
-
T1587.001 usesMalware MITRE
-
T1204.002 usesMalicious File MITRE
-
T1583.001 usesDomains MITRE
-
T1498 usesNetwork Denial of Service MITRE
-
T1584.005 usesBotnet MITRE
-
T1566.002 usesSpearphishing Link MITRE
-
T1583.003 usesVirtual Private Server MITRE
-
T1547.001 usesRegistry Run Keys / Startup Folder MITRE
Sectors (4)
-
NGO targets
-
Media targets
-
Government targets
-
Defense targets
Indicators (23)
-
stix 100/100· Valid until 09/04/2027 · Source: AlienVault
-
http://45.74.4.179:3000/indicatesstix 100/100 Revoked· Valid until 12/05/2026 · Source: AlienVault -
http://45.74.4.179:8090/indicatesstix 100/100 Revoked· Valid until 12/05/2026 · Source: AlienVault -
stix 100/100· Valid until 09/04/2027 · Source: AlienVault
-
http://172.111.200.133:8080/admin/indicatesstix 100/100 Revoked· Valid until 12/05/2026 · Source: AlienVault -
http://172.111.200.133:8090indicatesstix 100/100 Revoked· Valid until 12/05/2026 · Source: AlienVault -
stix 100/100· Valid until 09/04/2027 · Source: AlienVault
-
stix 100/100· Valid until 09/04/2027 · Source: AlienVault
Vulnerabilities (CVE) (2)
7.5
High
HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).
- Attack vector
- Network
- Complexity
- LOW
- Published
- 10/10/2023
- Modified
- 15/05/2026
CVE-2025-23419
targets
4.3
Medium
When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass …
- Attack vector
- NETWORK
- Published
- 05/02/2025
- Modified
- 13/04/2026
Reports (1)
-
AlienVault Confidence 100 2 CVEs 8 MITREs 1 Malware 23 IOCs 23 Observables