Goldoon
· Published 21/12/2025 04:33 · Modified 21/12/2025 04:33
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:33
- Modified
- 21/12/2025 04:33
- Updated at
- 21/12/2025 04:33
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 18 attack patterns (mitre), 1 malware, 23 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
1 CVE 18 MITREs 1 Malware 24 Observables 1 APT
Attack patterns (MITRE) (18)
-
T1078 usesValid Accounts MITRE
-
T1204 usesUser Execution MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1071 usesApplication Layer Protocol MITRE
-
T1562 usesImpair Defenses MITRE
-
T1560 usesArchive Collected Data MITRE
-
T1095 usesNon-Application Layer Protocol MITRE
-
T1498 usesNetwork Denial of Service MITRE
-
T1546 usesEvent Triggered Execution MITRE
-
T1499 usesEndpoint Denial of Service MITRE
-
T1547 usesBoot or Logon Autostart Execution MITRE
-
T1529 usesSystem Shutdown/Reboot MITRE
Malware (1)
-
Goldoon usesFamily
Indicators (23)
-
88cea61218bdeea94537b74c67873e75b8ada6d050a30d311569c3118d161c46indicates -
b10e47db989e29ace6c23ed15e29f313993f95e5e615711060881dfa84618071indicates -
d7367d41d19baa4f1022f8eb47f7ff1e13f583265c7c26ab96d5f716fa0d61eeindicates -
246142a5e3f3d3f84d8b38f98ff6897b03628e06e31016b8fafc9eb8c2b6201dindicates -
037331ab84a841b9d3cfb6f8797c1695e2dc0a2cdcc3f8f3c794dfaa50bcf0dfindicates -
3123a458a6346fd14c5bd7d41cda6c9c9bdabc786366a9ab3d5e7c00132ff835indicates -
c81cfe4d3b98d0b28d3c3e7812beda005279bc6c67821b27571240eba440fa49indicates -
712d9abe8fbdff71642a4d377ef920d66338d73388bfee542f657f2e916e219cindicates -
fc44018b7432d9e6a1e98f723b0402101fa6e7483d098b10133aac142c0a4a0bindicates -
9af8720766c5f3978718c026c2263801b08634443c93bd67022c56c6ef531ef3indicates -
aa9e6006bce7d0b4554165dba76e67c4a44d98090c9e6ac9f3dca726f6e9adbfindicates -
48130a7c09a5c92e15b3fc0d2e1eb655e0bd8f759e01ba849f7734e32dbc2652indicates
Vulnerabilities (CVE) (1)
8.8
High
D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
- Attack vector
- Adjacent
- Complexity
- LOW
- Published
- 23/02/2015
- Modified
- 22/04/2026