bluebottle
· Published 20/12/2025 23:16 · Modified 20/12/2025 23:16
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 20/12/2025 23:16
- Modified
- 20/12/2025 23:16
- Updated at
- 20/12/2025 23:16
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 9 attack patterns (mitre), 5 malware, 1 sectors, 37 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (9)
-
T1021 usesRemote Services MITRE
-
T1003 usesOS Credential Dumping MITRE
-
T1204 usesUser Execution MITRE
-
T1127 usesTrusted Developer Utilities Proxy Execution MITRE
-
T1566 usesPhishing MITRE
-
T1056 usesInput Capture MITRE
-
T1189 usesDrive-by Compromise MITRE
-
T1562 usesImpair Defenses MITRE
-
T1569 usesSystem Services MITRE
Malware (5)
-
SharpHound usesFamily
-
GuLoader usesFamily
-
Quasar usesFamily
-
Cobalt Strike usesFamily
-
NETWIRE uses
Sectors (1)
-
Finance targets
Indicators (37)
-
0612ef9d2239edeab05f421e3188e2cfcadacbaeafbc9b8e35e778f7234aaa3bindicates -
ca75b0864d8308efe94eb0822de55eb7f5cfd482d2190100dfd00d433ee790a0indicates -
e933ec0f52cbc60b92134d48b08661b1af25c7d93ff5041fc704559b45bd85b8indicates -
f4fba2181668f766fdfbd1362420a53ac0b987f999c95baf5dbe235fd3bad4b8indicates -
91b3546dde60776ae3ed84fdf4f6b5fba7d39620f0a6307280265cde3a33206bindicates -
8495a328fdd4afd33c3336e964802018d44c1dda15b804560743d6276e926218indicates -
f276c6a25d6b865c6202978f1d409e8b74e063263eab517f249cf6d3ad3fae4aindicates -
e5633d656dea530a62f5ad2792f253e74453712be34d2eadfb49190f7a9ee10bindicates -
818284e7ea0a4bd64ba0eda664f51877ed8c6d35bf052898559dbf4ad8030968indicates -
9c4c9fa4d8935df811cae0ce067de54ffdb5cfb4f99b4bc36c5aa2a1ac6f9c8findicates -
938f50cb2e2d670497209e8cef5bf1042f752b6bf76d1547d68040b5a27f618bindicates -
fa6ca0a168f3400a00dc43f1be07296f4111d7ad9b275809217a9269dd613ae8indicates