GOLD BLADE
· Published 21/12/2025 15:14 · Modified 21/12/2025 15:14
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 15:14
- Modified
- 21/12/2025 15:14
- Updated at
- 21/12/2025 15:14
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 23 attack patterns (mitre), 3 malware, 4 sectors, 2 countries, 31 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
19 MITREs 3 Malwares 28 Observables 1 APT
-
5 MITREs 1 Malware 5 Observables 1 APT
Attack patterns (MITRE) (23)
-
T1018 usesRemote System Discovery MITRE
-
T1569 usesSystem Services MITRE
-
T1204 usesUser Execution MITRE
-
T1053 usesScheduled Task/Job MITRE
-
T1566 usesPhishing MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1016 usesSystem Network Configuration Discovery MITRE
-
T1068 usesExploitation for Privilege Escalation MITRE
-
T1021 usesRemote Services MITRE
-
T1055 usesProcess Injection MITRE
-
T1547.001 usesRegistry Run Keys / Startup Folder MITRE
-
T1033 usesSystem Owner/User Discovery MITRE
Malware (3)
-
Terminator usesFamily
-
RedLoader usesFamily
-
QWCrypt usesFamily
Sectors (4)
-
Technology targets
-
Manufacturing targets
-
Retail targets
-
Services targets
Countries (2)
-
United States of America targets
-
Canada targets
Indicators (31)
-
194.113.245.238indicates -
c330c918051e07c50f023e9bd5099dc34f81778c6d0d1a8ad245687b701f5278indicates -
568352411deff640ba781ae55d98d657da02191d97e0466e6883b966dd1e77dbindicates -
9ce8c43d7d8ddab18fde6ca3c0f23efb5491d460bffc8c0ea5fc2f61a6e7b8e4indicates -
dcc85cc6b984961187ae364be8ee11541dee4f7a46bea3960c0218465fbc6b96indicates -
567f8647be25cd2943a014d525923e9fa17a129cf48b0a9802f0180b13ed130cindicates -
6755db8d62c605cb15cc7eca9d857601e0911dd839562027e3cb03f12d25ef4cindicates -
ac57fdf8297ec48e506f686c7f9ec90c1ccd7f828193eeb37f86483a43519617indicates -
ab4695e5d5472af124ea69e0c1abb4c9726980b4c99c5da10ae2ba85f55bf1e4indicates -
f5203c7ac07087fd5029d83141982f0a5e78f169cdc4ab9fc097cc0e2981d926indicates -
40506a308bfbb71e1f7d6a6473f4cc3eafa8d594232f0f23208494ec3649b69aindicates -
live.airemoteplant.workers.devindicates