CNC
· Published 21/12/2025 13:26 · Modified 21/12/2025 13:26
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 13:26
- Modified
- 21/12/2025 13:26
- Updated at
- 21/12/2025 13:26
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 22 attack patterns (mitre), 13 malware, 2 sectors, 2 countries, 11 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
15 MITREs 13 Malwares 1 APTPublished 10/04/2025 18:50 · Modified 10/04/2025 20:12
Attack patterns (MITRE) (22)
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1056.001 usesKeylogging
-
T1074 usesData Staged
-
T1005 usesData from Local System
-
T1573.002 usesAsymmetric Cryptography
-
T1566.001 usesSpearphishing Attachment
-
T1059 usesCommand and Scripting Interpreter
-
T1059.003 usesWindows Command Shell
-
T1553.002 usesCode Signing
-
T1547 usesBoot or Logon Autostart Execution
-
T1056 usesInput Capture
-
T1102.002 usesBidirectional Communication
-
T1204.002 usesMalicious File
-
T1573 usesEncrypted Channel
-
T1102 usesWeb Service
-
T1204 usesUser Execution
-
T1571 usesNon-Standard Port
-
T1091 usesReplication Through Removable Media
-
T1074.001 usesLocal Data Staging
-
T1566 usesPhishing
-
T1113 usesScreen Capture
-
T1553 usesSubvert Trust Controls
Malware (13)
-
windowsfilters.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
FamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
CacheStore.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
FamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
mscleanup64.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
tericerit.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
aliyun_updater64.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
srclogsys.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
qaxreporter.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
filecoauthx86.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
FamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
windowassistance.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
-
YoudaoGui.exe usesFamilyPublished 10/04/2025 18:50 · Modified 10/04/2025 18:50
Sectors (2)
- Government targets
- Education targets
Countries (2)
- British Indian Ocean Territory targets
- India targets
Indicators (11)
-
https://aliyunconsole.com/product/VectorRetrievalService/dashvectorindicates -
c75cbbb4435e0e7392db00a854c72fe48ef5811308e84707cf5bbf3798527234indicates -
https://185.140.12.224/.vendor/git/srclogindicates -
https://66.85.26.161:443/csgdyhfywhefdj/gdydfhasc/qgtopl.exeindicates -
https://66.85.26.161:443/csgdyhfywhefdj/gdydfhasc/chsgdjc.pdfindicates -
https://192.52.166.252/cgyusdft/whfgujfg/calc.exeindicates -
https://aliyunconsole.com/alcloud/dgyx-4121-Firnsnxywfytwindicates -
https://185.140.12.224/logindex.php?q=asciiindicates -
aliyunconsole.comindicates -
https://185.140.12.224/licenseAdministrator/discover.xmlindicates -
https://192.52.166.252/cgyusdft/whfgujfg/tt.pdfindicates