FROZEN#SHADOW
· Published 21/12/2025 04:25 · Modified 21/12/2025 04:25
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:25
- Modified
- 21/12/2025 04:25
- Updated at
- 21/12/2025 04:25
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 18 attack patterns (mitre), 2 malware, 73 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (18)
-
T1057 usesProcess Discovery MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1070.004 usesFile Deletion MITRE
-
T1033 usesSystem Owner/User Discovery MITRE
-
T1518.001 usesSecurity Software Discovery MITRE
-
T1219 usesRemote Access Tools MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1102 usesWeb Service MITRE
-
T1059.001 usesPowerShell MITRE
-
T1069.002 usesDomain Groups MITRE
-
T1071.002 usesFile Transfer Protocols MITRE
-
T1059.007 usesJavaScript MITRE
Malware (2)
-
SSLoad usesFamily
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Indicators (73)
-
ba3fa920708db856737a66f70e2c7e86bba73c73836f7f30c2ce42cd70d0c5bdindicates -
68e1caf530366b1890993185157c01161b3d625063d75a41c88d2d1bb8edfe02indicates -
l1-03.winupdate.us.toindicates -
f8fc9b40b946b742d6044f291914439727e1a7f53ea87562446f682b26cce65aindicates -
24cb279eebcd49e1327905ab2bd19b9b2e09efa3e0a5e1875f3989c398a5da81indicates -
caf8295570e8a8244c7099a8eabfd1bd55ea50f026b4461e9f0f5425d54703e8indicates -
titnovacrion.topindicates -
7dff08656413a737483ecee2a50e412338ebfee3d36a1a5c04e74b25949b2306indicates -
8f7a90b540f38712c9c1a5359c6333bbe1091102d6f621b22321e08352c84cfcindicates -
skinnyjeanso.comindicates -
http://23-95-209-148-host.colocrossing.com:443indicates -
f5bf914415faf7587958bbdc3312536fd9abea647f1541d44d2e757f0e683650indicates