Budworm
· Published 20/12/2025 22:22 · Modified 20/12/2025 22:22
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 20/12/2025 22:22
- Modified
- 20/12/2025 22:22
- Updated at
- 20/12/2025 22:22
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 8 attack patterns (mitre), 1 malware, 2 sectors, 1 countries, 39 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (8)
-
T1083 usesFile and Directory Discovery MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1036 usesMasquerading MITRE
-
T1574 usesHijack Execution Flow MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1003 usesOS Credential Dumping MITRE
-
T1574.002 uses
Malware (1)
-
HyperBro uses
Sectors (2)
-
Manufacturing targets
-
Government targets
Countries (1)
-
United States of America targets
Indicators (39)
-
551397b680da0573a85423fbb0bd10dac017f061a73f2b8ebc11084c1b364466indicates -
892663bb4f3080c3f2f1915734897cab1c9ee955a77bb8541b417ec2b03cd4efindicates -
ab949af896b6a6d986aed6096c36c4f323f650ccccfc7ea49004ba919d1bfa46indicates -
8b2e7924f5038473736705b5c3dc3efa918fb7ffe2cc19ce48e4554658d33fe6indicates -
c3213937c194246d29dd5fb39d8e7ef3671df58e3f01353784a06a075f21cfc5indicates -
27c2a9608ce80a443c87a0a2947864df7d4491cfa85608c6a6b6680ec0277f9dindicates -
25da610be6acecfd71bbe3a4e88c09f31ad07bdd252eb30feeef9debd9667c51indicates -
5cba27d29c89caf0c8a8d28b42a8f977f86c92c803d1e2c7386d60c0d8641285indicates -
stix 100/100 Revoked
nUFS_html SHA256 of 96ec8798bba011d5be952e0e6398795d
· Valid until 09/03/2026 · Source: AlienVault -
c501203ff3335fbfc258b2729a72e82638719f60f7e6361fc1ca3c8560365a0eindicates -
http://setting.101888gg.com/jquery-3.3.1.min.jsindicates -
cda8f76ce72759324e11c8af17736d685ca95954c0a09a682834b92a033bb11aindicates
Vulnerabilities (CVE) (2)
CVE-2021-45105
targets
5.9
Medium
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an …
- Attack vector
- Network
- Complexity
- High
- Published
- 18/12/2021
- Modified
- 29/05/2026
10.0
Critical
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
- Attack vector
- Network
- Published
- 10/12/2021
- Modified
- 27/05/2026