Cosmic Leopard
· Published 21/12/2025 04:47 · Modified 21/12/2025 04:47
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:47
- Modified
- 21/12/2025 04:47
- Updated at
- 21/12/2025 04:47
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 15 attack patterns (mitre), 2 malware, 2 countries, 142 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
15 MITREs 2 Malwares 142 Observables 1 APTPublished 14/06/2024 08:31 · Modified 14/06/2024 09:11
Attack patterns (MITRE) (15)
-
T1598 usesPhishing for Information
-
T1583 usesAcquire Infrastructure
-
T1204 usesUser Execution
-
T1486 usesData Encrypted for Impact
-
T1573 usesEncrypted Channel
-
T1489 usesService Stop
-
T1059 usesCommand and Scripting Interpreter
-
T1056 usesInput Capture
-
T1557 usesAdversary-in-the-Middle
-
T1608 usesStage Capabilities
-
T1588 usesObtain Capabilities
-
T1597
-
T1555 usesCredentials from Password Stores
-
T1592 usesGather Victim Host Information
-
T1083 usesFile and Directory Discovery
Malware (2)
-
HeavyLift usesFamilyPublished 14/06/2024 08:31 · Modified 14/06/2024 08:31
-
GravityRAT - S0237 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 Published 20/12/2025 19:44 · Modified 21/12/2025 04:47
Countries (2)
- British Indian Ocean Territory targets
- India targets
Indicators (142)
-
http://jre.jdklibraries.com/hotriculture/671e00eb.phpindicates -
http://zclouddrive.com/system/clouddrive/indicates -
androidsdkstream.comindicates -
http://tl37.officelibraries.com/MicrosoftUpdates/741bbfe6.phpindicates -
http://zclouddrive.com/system/546F9A.phpindicates -
ux.androidwebkit.comindicates -
http://download.cvscout.uk/c9a5e83c.phpindicates -
https://dl01.mozillasecurity.com/Sier/resauth.phpindicates -
dev.androidadbserver.comindicates -
jre.jdklibraries.comindicates -
teraspace.co.inindicates -
http://sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zipindicates -
rockamore.co.ukindicates -
https://tl37.officelibraries.com/resauth.php/indicates -
https://api1.androidsdkstream.com/foxtrot/61c10953.phpindicates -
http://download.webbucket.co.uk/webbucket/strong_client.phpindicates -
36851d1da9b2f35da92d70d4c88ea1675f1059d68fafd3abb1099e075512b45eindicates -
officelibraries.comindicates -
http://dl01.mozillasecurity.com/indicates -
androidadbserver.comindicates -
https://dl01.windowsupdatecloud.com/opex/7ab24931.phpindicates -
http://cloudieapp.net/cloudie.zipindicates -
jun.javacdnlib.comindicates -
https://sni1.androidmetricsasia.com/voilet/8a99d28c.phpindicates -
http://download.cvscout.uk/cvscout/cvstyler_client.phpindicates -
http://adb.androidadbserver.com/jurassic/6c67d428.phpindicates -
http://tl37.officelibraries.com/resauth.php/indicates -
http://tl37.officelibraries.com/MsWordUpdates/c47d1870.phpindicates -
8e9bcc00fc32ddc612bdc0f1465fc79b40fc9e2df1003d452885e7e10feab1eeindicates -
https://download.cvscout.uk/c9a5e83c.phpindicates -
https://cloudieapp.net/cloudie.zipindicates -
http://api1.androidsdkstream.com/foxtrot/indicates -
https://download.webbucket.co.uk/webbucket/strong_client.phpindicates -
http://jun.javacdnlib.com/Quebec/5be977ac.phpindicates -
http://download.teraspace.co.in/78181D14.phpindicates -
380df073825aca1e2fdbea379431c2f4571a8c7d9369e207a31d2479fbc7be88indicates -
http://ux.androidwebkit.com/kangaroo/8a99d28c.phpindicates -
craftwithme.ukindicates -
cloudieapp.netindicates -
https://sdk2.sdklibraries.com/golf/c6cf642b.phpindicates -
https://dl01.mozillasecurity.com/indicates -
playstoreapi.netindicates -
http://dev.androidadbserver.com/jurassic/6c67d428.phpindicates -
http://download.rockamore.co.uk/m2c/m_client.phpindicates -
download.sexyber.netindicates -
https://download.webbucket.co.uk/A0B74607.phpindicates -
https://dev.androidadbserver.com/jurassic/6c67d428.phpindicates -
http://tl37.officelibraries.com/Sier/resauth.phpindicates -
download.rockamore.co.ukindicates -
http://dl01.mozillasecurity.com/MicrosoftUpdates/6efbb147.phpindicates -
https://www.craftwithme.uk/cwmb/d26873c6.phpindicates -
androidmetricsasia.comindicates -
zclouddrive.comindicates -
63a76ca25a5e1e1cf6f0ca8d32ce14980736195e4e2990682b3294b125d241cfindicates -
https://jupiter.playstoreapi.net/indigo/8a99d28c.phpindicates -
https://download.cvscout.uk/cvscout/indicates -
https://ux.androidwebkit.com/kangaroo/8a99d28c.phpindicates -
https://zclouddrive.com/system/546F9A.phpindicates -
www.craftwithme.ukindicates -
http://api1.androidsdkstream.com/foxtrot//DataX/indicates -
https://download.teraspace.co.in/teraspace/indicates -
download.cvscout.ukindicates -
https://download.cvscout.uk/cvscout/cvstyler_client.phpindicates -
https://moon.playstoreapi.net/indigo/8a99d28c.phpindicates -
https://sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zipindicates -
javacdnlib.comindicates -
dl01.windowsupdatecloud.comindicates -
https://api1.androidsdkstream.com/foxtrot/indicates -
12d98137cd1b0cf59ce2fafbfe3a9c3477a42dae840909adad5d4d9f05dd8edeindicates -
http://zclouddrive.com/downloads/CloudDrive_Setup_1.0.1.exeindicates -
http://download.webbucket.co.uk/A0B74607.phpindicates -
http://sni1.androidmetricsasia.com/voilet/8a99d28c.phpindicates -
https://www.craftwithme.uk/cwmb/craftwithme/indicates -
http://sdk2.sdklibraries.com/golf/c6cf642b.phpindicates -
https://library.androidwebkit.com/kangaroo/8a99d28c.phpindicates -
https://zclouddrive.com/system/clouddrive/indicates -
https://tl37.officelibraries.com/opex/13942BA7.phpindicates -
http://api1.androidsdkstream.com/foxtrot/61c10953.phpindicates -
jupiter.playstoreapi.netindicates -
http://moon.playstoreapi.net/indigo/8a99d28c.phpindicates -
http://www.craftwithme.uk/cwmb/d26873c6.phpindicates -
http://dl01.mozillasecurity.com/resauth.php/indicates -
http://download.teraspace.co.in/teraspace/indicates -
https://download.sexyber.net/0fb1e3a0.phpindicates -
dl01.mozillasecurity.comindicates -
tl37.officelibraries.comindicates -
https://zclouddrive.com/downloads/CloudDrive_Setup_1.0.1.exeindicates -
06b617aa8c38f916de8553ff6f572dcaa96e5c8941063c55b6c424289038c3a1indicates -
https://download.rockamore.co.uk/m2c/m_client.phpindicates -
https://dl01.mozillasecurity.com/resauth.php/indicates -
windowsupdatecloud.comindicates -
https://tl37.officelibraries.com/Sier/resauth.phpindicates -
sdklibraries.comindicates -
androidwebkit.comindicates -
https://adb.androidadbserver.com/jurassic/6c67d428.phpindicates -
4ebdfa738ef74945f6165e337050889dfa0aad61115b738672bbeda648a59dabindicates -
http://download.cvscout.uk/cvscout/indicates -
jdklibraries.comindicates -
http://jupiter.playstoreapi.net/RB/e7a18a38.phpindicates -
8d458fb59b6da20e1ba1658bb4a1f7dbb46d894530878e91b64d3c675d3d4516indicates -
838fd5d269fa09ef4f7e9f586b6577a9f46123a0af551de02de78501d916236dindicates -
https://dl01.mozillasecurity.com/MicrosoftUpdates/6efbb147.phpindicates -
https://www.sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zipindicates -
https://download.sexyber.net/sexyber/sexyberC.phpindicates -
cvscout.ukindicates -
04e216f4780b6292ccc836fa0481607c62abb244f6a2eedc21c4a822bcf6d79findicates -
www.sexyber.netindicates -
https://jun.javacdnlib.com/Quebec/5be977ac.phpindicates -
http://download.webbucket.co.uk/webbucket/indicates -
download.teraspace.co.inindicates -
https://tl37.officelibraries.com/MicrosoftUpdates/741bbfe6.phpindicates -
http://download.sexyber.net/0fb1e3a0.phpindicates -
http://jupiter.playstoreapi.net/indigo/8a99d28c.phpindicates -
download.webbucket.co.ukindicates -
http://www.sexyber.net/downloads/7ddf32e17a6ac5ce04a8ecbf782ca509/Sexyber-1.0.0.zipindicates -
sexyber.netindicates -
https://download.teraspace.co.in/78181D14.phpindicates -
api1.androidsdkstream.comindicates -
https://tl37.officelibraries.com/MsWordUpdates/c47d1870.phpindicates -
http://www.craftwithme.uk/cwmb/craftwithme/strong_client.phpindicates -
http://download.sexyber.net/sexyber/sexyberC.phpindicates -
http://dl01.mozillasecurity.com/Sier/resauth.phpindicates -
5695c1e5e4b381844a36d8281126eef73a9641a315f3fdd2eb475c9073c5f4daindicates -
c00cedd6579e01187cd256736b8a506c168c6770776475e8327631df2181fae2indicates -
http://www.craftwithme.uk/cwmb/craftwithme/indicates -
sdk2.sdklibraries.comindicates -
library.androidwebkit.comindicates -
sni1.androidmetricsasia.comindicates -
1382997d3a5bb9bdbb9d41bb84c916784591c7cdae68305c3177f327d8a63b71indicates -
moon.playstoreapi.netindicates -
https://download.webbucket.co.uk/webbucket/indicates -
https://www.craftwithme.uk/cwmb/craftwithme/strong_client.phpindicates -
http://library.androidwebkit.com/kangaroo/8a99d28c.phpindicates -
69414a0ca1de6b2ab7b504a507d35c859fc5a1b8e0b3cf0c6a8948b2f652cbe9indicates -
688c8e4522061bb9d82e4c3584f7ef8afc6f9e07e2374567755faad2a22e25b8indicates -
adb.androidadbserver.comindicates -
https://jupiter.playstoreapi.net/RB/e7a18a38.phpindicates -
http://dl01.windowsupdatecloud.com/opex/7ab24931.phpindicates -
https://jre.jdklibraries.com/hotriculture/671e00eb.phpindicates -
http://tl37.officelibraries.com/opex/13942BA7.phpindicates -
webbucket.co.ukindicates -
da3907cf75662c3401581a5140831f8b2520a4c3645257b3860c7db94295af88indicates