Budworm
· Published 20/12/2025 22:22 · Modified 20/12/2025 22:22
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 20/12/2025 22:22
- Modified
- 20/12/2025 22:22
- Updated at
- 20/12/2025 22:22
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 8 attack patterns (mitre), 1 malware, 2 sectors, 1 countries, 39 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (8)
-
T1083 usesFile and Directory Discovery MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1036 usesMasquerading MITRE
-
T1574 usesHijack Execution Flow MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1003 usesOS Credential Dumping MITRE
-
T1574.002 uses
Malware (1)
-
HyperBro uses
Sectors (2)
-
Manufacturing targets
-
Government targets
Countries (1)
-
United States of America targets
Indicators (39)
-
386c9079d65bdd7e3f7b8872024a80992b5d5c6a3c8b971c47d1ef439b9e2671indicates -
5c2d05bfc9b6d4fc7aea32312c62180564fac9f65b0867e824d81051e5fc34fdindicates -
42b603fffd4766fa22f6e10884e7fa43f449d515cfa20a18f0d07a6d4c370962indicates -
6e493ce8dccabf172d818453cc9d4e5bf4b1969ff9690c51b8cb538346e8e00eindicates -
stix 100/100 Revoked
TEL:Trojan:Win32/SuspLDAPQuery.A
· Valid until 31/12/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 16/01/2024 · Source: AlienVault
-
018d3a957aa0eaa7a621b52d15f4a1ed18b0f81c477e6023cd80313d83f7dbc0indicates -
http://207.148.76.235/jquery-3.3.1.min.jsindicates -
c53b6a2ec48647121a3e8816636b34ee2cdd6846d6d05efd9539d17a1c021da0indicates -
5aecbb6c073b0cf1ad1c6803fa1bfaa6eca2ec4311e165f25d5f7f0b3fe001dbindicates -
620e401b2b7727a6c7ebc37ee1f7d8e1742d7121c1f4ea350a43d460ef9bdc4cindicates -
6398876f73cd0157a7681de4b2326a0a313dc7f9cb2bee3001894137da41c1f0indicates
Vulnerabilities (CVE) (2)
CVE-2021-45105
targets
5.9
Medium
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an …
- Attack vector
- Network
- Complexity
- High
- Published
- 18/12/2021
- Modified
- 29/05/2026
10.0
Critical
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
- Attack vector
- Network
- Published
- 10/12/2021
- Modified
- 27/05/2026