FlyingYeti
· Published 21/12/2025 04:31 · Modified 21/12/2025 04:31
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:31
- Modified
- 21/12/2025 04:31
- Updated at
- 21/12/2025 04:31
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 10 attack patterns (mitre), 1 malware, 1 sectors, 1 countries, 8 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
1 CVE 10 MITREs 1 Malware 8 Observables 1 APT
Attack patterns (MITRE) (10)
-
T1204.001 usesMalicious Link MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1218.010 usesRegsvr32 MITRE
-
T1588.001 usesMalware MITRE
-
DNS Calculation usesT1568.003 MITRE
-
T1566 usesPhishing MITRE
-
T1053.005 usesScheduled Task MITRE
-
T1588.003 MITRE
-
T1059.001 usesPowerShell MITRE
-
T1027.005 usesIndicator Removal from Tools MITRE
Malware (1)
-
COOKBOX usesFamily
Sectors (1)
-
Government targets
Countries (1)
-
Ukraine targets
Indicators (8)
-
postdock.serveftp.comindicates -
https://www.komunalka.uaindicates -
79a9740f5e5ea4aa2157d9d96df34ee49a32e2d386fe55fedfd1aa33e151c06dindicates -
a0a294f85c8a19be048ffcc05ede6fd5a7ac5e2f0032a3ca0050dc1ae960c314indicates -
19e25456c2996ded3e29577b609de54a2bef90dad8f868cdad795c18df05a79bindicates -
0cca8f795c7a81d33d36d5204fcd9bc73bdc2af7de315c1449cbc3551ef4fb59indicates -
e0d65e2d36afd3db1b603f10e0488cee3f58ade24d8abc6bee240314d8696708indicates -
915721b94e3dffa6cef3664532b586be6cf989fec923b26c62fdaf201ee81d2cindicates
Vulnerabilities (CVE) (1)
7.8
High
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file …
- Attack vector
- Local
- Published
- 24/08/2023
- Modified
- 27/05/2026