1877 team
· Published 21/12/2025 00:19 · Modified 21/12/2025 00:19
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 00:19
- Modified
- 21/12/2025 00:19
- Updated at
- 21/12/2025 00:19
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 4 attack patterns (mitre), 3 malware, 2 sectors, 2 countries, 138 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (4)
Malware (3)
-
Trojan:Win32/ClipBanker uses
-
RedLine Stealer usesFamily The MITRE Corporation Confidence 100
[RedLine Stealer](https://attack.mitre.org/software/S1240) is an information-stealer malware variant first identified in 2020.(Citation: ESET RedLine Stealer November 2024)(Citation: Proofpoint RedLine Stealer March 2020)(Citation: Splunk RedLine Stealer June 2023) [RedLine Stealer](https://attack.mitre.org/software/S1240)…
First seen 01/01/1970 · Last seen 16/11/5138 · -
TEL:Trojan:Win32/Remcos uses
Sectors (2)
-
Government targets
-
Telecommunications targets
Countries (2)
-
Iran, Islamic Republic of targets
-
Türkiye targets
Indicators (138)
-
mail.rywrhsg.dns05.comindicates -
huncho.mlindicates -
mail.jhuyghft.dynamic-dns.netindicatesstix 100/100 Revoked· Valid until 15/08/2024 · Source: AlienVault -
kjuhygtrfdewsa.onedumb.comindicates -
servercheck.zyns.comindicates -
hawler.duckdns.orgindicates -
supplypurchase.dns04.comindicates -
bjigcdrfbbcx.tkindicates -
90706da9b2d8dca13b4823cb9b6c95bde3df92ac336826722b33cfe495d2e300indicates -
oiuryhgyefdter.gqindicates -
www.asadohostma.tkindicates -
www.jihugkyfjtdsrytsrd.cfindicates