Bitter APT Group
· Published 21/12/2025 06:28 · Modified 21/12/2025 06:28
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 06:28
- Modified
- 21/12/2025 06:28
- Updated at
- 21/12/2025 06:28
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 10 attack patterns (mitre), 9 malware, 79 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
10 MITREs 9 Malwares 82 Observables 1 APT
Attack patterns (MITRE) (10)
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1562 usesImpair Defenses MITRE
-
T1583 usesAcquire Infrastructure MITRE
-
T1135 usesNetwork Share Discovery MITRE
-
T1588 usesObtain Capabilities MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1071 usesApplication Layer Protocol MITRE
-
T1113 usesScreen Capture MITRE
-
T1566 usesPhishing MITRE
-
T1005 usesData from Local System MITRE
Malware (9)
-
sstn.exe usesFamily
-
stom.jpg usesFamily
-
schs.exe usesFamily
-
OLMAPI32.dll usesFamily
-
sparrow.jpg usesFamily
-
Figlio.exe usesFamily
-
SearchApp.jpg usesFamily
-
ORPCBackdoor usesFamily
-
scm.exe usesFamily
Indicators (79)
-
http://172.86.68.175:4443/uploadindicates -
935dd2793ea9bfdf8bb5e52b51b81cd541cf4a752a3fe0abae939a2b0a12f731indicates -
outlook-web.ddns.netindicates -
86376d909ab4ff020a9b0477f17efeee736cf1eb2020ded3c511188f8571ebc5indicates -
ff372dc759f9ec71dc3ae80082d5b125dfe1e1e23c774a09e5b0cef7e5ed67b8indicates -
libreofficeonline.comindicates -
03672dae225aa70a8983aa7d34785f66a35082f364dd1cb3815cd67049437ad7indicates -
2cd43763e992a0127e91efe5bb4749c66bcf215f31133ce6388a8170c8f8a7f6indicates -
6cdc79edba95c6a9ec1d50457dc16f40f02c46a7d0b9665f099abe8155d1a25cindicates -
http://bickrickneoservice.com/Z/mrcvs.exeindicates -
d9ca0a9fcf6458ce310c234410a27bc1e50eb51e41e29434c5ef1182f556d3baindicates -
ae61ef6e864c75cf0761f0f645563ed467d9a9fc34284e20dc32acd420703468indicates