CL-CRI-1036
· Published 21/12/2025 19:56 · Modified 21/12/2025 19:56
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 19:56
- Modified
- 21/12/2025 19:56
- Updated at
- 21/12/2025 19:56
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 12 attack patterns (mitre), 2 malware, 1 sectors, 2 countries, 3 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
1 CVE 12 MITREs 2 Malwares 3 Observables 1 APT
Attack patterns (MITRE) (12)
-
T1070.004 usesFile Deletion MITRE
-
T1562.001 usesDisable or Modify Tools MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1078 usesValid Accounts MITRE
-
T1112 usesModify Registry MITRE
-
T1027.001 usesBinary Padding MITRE
-
T1490 usesInhibit System Recovery MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1021.001 usesRemote Desktop Protocol MITRE
-
T1486 usesData Encrypted for Impact MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1059.001 usesPowerShell MITRE
Sectors (1)
-
Chemical targets
Countries (2)
-
Philippines targets
-
Taiwan targets
Indicators (3)
-
ba41f0c7ea36cefe7bc9827b3cf27308362a4d07a8c97109704df5d209bce191indicates -
6aad1c36ab9c7c44350ebe3a17178b4fd93c2aa296e2af212ab28d711c0889a3indicates -
e5834b7bdd70ec904470d541713e38fe933e96a4e49f80dbfb25148d9674f957indicates
Vulnerabilities (CVE) (1)
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in …
- Published
- 03/11/2021
- Modified
- 21/12/2025