AESDDoS Botnet Exploits CVE-2019-3396 to Perform RCE
Tags
attack-pattern: Data Model Botnet - T1583.005 Botnet - T1584.005 Confluence - T1213.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Template Injection - T1221 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID bfe4d154-29d4-4fe3-b387-7a203357cb8d
Fingerprint 85401e43e5b33183
Analysis status DONE
Considered CTI value 2
Text language
Published April 26, 2019, midnight
Added to db Feb. 17, 2023, 11:50 p.m.
Last updated Oct. 16, 2024, 2:47 a.m.
Headline AESDDoS Botnet Exploits CVE-2019-3396 to Perform RCE
Title AESDDoS Botnet Exploits CVE-2019-3396 to Perform RCE
Detected Hints/Tags/Attributes 42/1/6
Source URLs
Redirection Url
Details Source https://blog.trendmicro.com/trendlabs-security-intelligence/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining/
Details Source https://www.trendmicro.com/en_us/research/19/d/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining.html
Details Source https://www.trendmicro.com/en_ca/research/19/d/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining.html
Details Source https://www.trendmicro.com/en_in/research/19/d/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining.html
Details Source https://www.trendmicro.com/en_my/research/19/d/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Details trendmicro.com blog.trendmicro.com
Attributes
Details Type #Events CTI Value
Details CVE 38 
cve-2019-3396
Details Domain 49 
trojan.sh
Details sha256 1 
b14d5602c8aa16e3db4518832d567a4ca5b9545ce09f9a87684d58f8b1d9daaf
Details sha256 1 
2e4f18e28830771414c9d0cb99c1696d202fe001d1aa41f64d2f7ce6aef7f7c4
Details sha256 1 
f82dc01b04dfbdab3ccaacd20449395e0175d9ab4f0732019651480358d44ac6
Details IPv4 1 
23.224.59.34