Chinese APT (possibly APT41 subgroup)
· Published 21/12/2025 06:27 · Modified 21/12/2025 06:27
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 06:27
- Modified
- 21/12/2025 06:27
- Updated at
- 21/12/2025 06:27
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 16 attack patterns (mitre), 2 malware, 2 sectors, 2 countries, 30 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
16 MITREs 2 Malwares 30 Observables 1 APT
Attack patterns (MITRE) (16)
-
T1568 usesDynamic Resolution MITRE
-
T1027.002 usesSoftware Packing MITRE
-
T1553.002 usesCode Signing MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1055 usesProcess Injection MITRE
-
T1036 usesMasquerading MITRE
-
T1204.002 usesMalicious File MITRE
-
T1059.001 usesPowerShell MITRE
-
T1518.001 usesSecurity Software Discovery MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1547.009 usesShortcut Modification MITRE
-
T1071.001 usesWeb Protocols MITRE
Malware (2)
-
Marte Beacon usesFamily
-
CobaltStrike usesFamily
Sectors (2)
-
Government targets
-
Energy targets
Countries (2)
-
Taiwan targets
-
Philippines targets
Indicators (30)
-
9228d8ad3acec40e5d328f2b3ef4107fbe49107a85eb850c900b516520a1cb20indicates -
159d13989d0ae44fddb7b1d4c331f1040d187693f16daa138c651f2cc9b7f6d3indicates -
333ed1e77dd0ae502dd73ea029957cb015e770cabad3e090ab3db659769f86afindicates -
e7c58c2e315be01bd3a279c134e471ccf28046f67604b901279594dc5269a0f1indicates -
api.s2cloud-amazon.comindicates -
fb640cfb9a86b9dc6806b048c6a88ef6ff546ca830a147322b4e3a3646b70942indicates -
a725be0997035e10e059f8f3141a12f836aaca13e364cfa588ea548ec38d9498indicates -
1e6c661d6981c0fa56c011c29536e57d21545fd11205eddf9218269ddf53d448indicates -
1c13e6b1f57de9aa10441f63f076b7b6bd6e73d180e70e6148b3e551260e31eeindicates -
ca05513c365c60a8fdabd9e21938796822ecda03909b3ee5f12eb82fefa34d84indicates -
http://us2.s3bucket-azure.online:443indicates -
4887fdb5bd5a59fa1754415dd818d455567cf6fe65fbeb7fbdbbe5b018bc3713indicates