Budworm
· Published 20/12/2025 22:22 · Modified 20/12/2025 22:22
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 20/12/2025 22:22
- Modified
- 20/12/2025 22:22
- Updated at
- 20/12/2025 22:22
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 8 attack patterns (mitre), 1 malware, 2 sectors, 1 countries, 39 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (8)
-
T1083 usesFile and Directory Discovery MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1036 usesMasquerading MITRE
-
T1574 usesHijack Execution Flow MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1003 usesOS Credential Dumping MITRE
-
T1574.002 uses
Malware (1)
-
HyperBro uses
Sectors (2)
-
Manufacturing targets
-
Government targets
Countries (1)
-
United States of America targets
Indicators (39)
-
df571c233c3c10462f4d88469bababe4c57c21a52cca80f2b1e1af848a2b4d23indicates -
df847abbfac55fb23715cde02ab52cbe59f14076f9e4bd15edbe28dcecb2a348indicates -
90eb92db757dc1ab4ca55b18b604350ecd84b7cd1d9a2555d789432f8c9a430bindicates -
779ae012ede492b321fd86df70f7c9da94251440ebe5ec3efee84a432f432478indicates -
3d7dc77ded4022a92a32db9e10dbc67fbcc80854a281c3cc0f00b6cbd2bfd112indicates -
714d0101039bfd7d3db4dfe8307bc1657b7266ff2528b5e852b752879ebe7113indicates -
48e81b1c5cc0005cc58b99cefe1b6087c841e952bb06db5a5a6441e92e40bed6indicates -
setting.101888gg.comindicates -
d4776939dcf78f5f7491b9938480423956ac10a3c576028dec307511c586a124indicates -
0129c9c7b55a6f514a9fa8c38ce59d8939efda6ece67b90c6be13aec40f1bdabindicates -
233bb85dbeba69231533408501697695a66b7790e751925231d64bddf80bbf91indicates -
c8aea84abb476ab536198a36df53b37be3d987a9ce58cb06e93cac7d2bfb3703indicates
Vulnerabilities (CVE) (2)
CVE-2021-45105
targets
5.9
Medium
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an …
- Attack vector
- Network
- Complexity
- High
- Published
- 18/12/2021
- Modified
- 29/05/2026
10.0
Critical
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
- Attack vector
- Network
- Published
- 10/12/2021
- Modified
- 27/05/2026