216.73.217.22

Greedy Sponge

· Published 21/12/2025 15:47 · Modified 21/12/2025 15:47 · Source: AlienVault

Essential information

Confidence
100/100
Published
21/12/2025 15:47
Modified
21/12/2025 15:47
Updated at
21/12/2025 15:47
Revoked
No
Author / Source
AlienVault
Resource level
Primary motivation
Related entities
1 reports, 16 attack patterns (mitre), 2 malware, 7 sectors, 1 countries, 68 indicators, 2 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (1)

Attack patterns (MITRE) (16)

Malware (2)

  • SystemBC uses
    Family
    Published 12/06/2026 21:29 · Modified 12/06/2026 21:29
  • AllaKore RAT uses
    Family
    Published 21/08/2025 16:16 · Modified 21/08/2025 16:16

Sectors (7)

  • Culture and entertainment targets
  • Manufacturing targets
  • Agriculture targets
  • Retail targets
  • Government targets
  • Transportation targets
  • Finance targets

Countries (1)

  • Mexico targets

Indicators (68)

  • 3729396b11c69c60f9d096ce726f4cc5b4ed2054d89f7d195e998456de7fb229 indicates
  • 50e5cd438024b34ba638e170f6e4595b0361dedb0ea925d06d06f68988468ddf indicates
  • siperasul.com indicates
  • masamadreartesanal.com indicates
  • pachisuave.com indicates
  • capitolioeventos.com indicates
  • e9b9cdb713bfea40e13acffbe90faa536df206675819035835ce9218365cd118 indicates
  • fed1c094280d1361e8a9aafdb4c1b3e63e0f2e5bb549d5d737d0a33f2b63b4b8 indicates
  • dc409e9fa8b8c031c347d9c36f5732ea03e246c29d73e3425e4e8aaa1da6ff7c indicates
  • 5b51d1682cbd40cc6eca23333554ab16b7ed4bbd727712b3a00b07c24e629863 indicates
  • e4a6be2fb70603f1545641240680b44e21b5601e8016c0d144711423eef9778e indicates
  • elitesubmissions.com indicates
  • 9170503615e4d2cf1d67f0935ded3ce36a984247ae7f9ab406d81ebe1daf3604 indicates
  • cleanmades.com indicates
  • e9cd7c4db074c8e7c6b488a724be1cd05c8536dae28674ce3aa48ebb258e3c31 indicates
  • 8bf0d693033a761843ae20c7e118c05f851230cb95058f836ffe2b51770f788a indicates
  • b9bb43b725a454e826ab64fdd6256af809c60119dab2876d081b3721d226c672 indicates
  • cupertujo.com indicates
  • 73a46441a7135296d1070f5905a5cb6453ea8511a99a3b9c76060069aa7abcef indicates
  • trenipono.com indicates
  • flapawer.com indicates
  • 53b85d1b7127c365a4ebae5f22ed479cd5d7e9efc716fb9df68ebdd18551834a indicates
  • 34e347d1c9ce80b4e2b77f2de5aa7b4d98084704896bd169338c6d4b440e16c3 indicates
  • 21614973732d4012889da2e1538b20fd1c0aefdb1d1452d79fd9a1bc06d569da indicates
  • https://manzisuape.com/ao/190.exe indicates
  • idaculipa.com indicates
  • 5d16547900119112c12a755e099bed1fafe1890869df4db297a6a21ec40185b0 indicates
  • manzisuape.com indicates
  • barrosuon.com indicates
  • logisticasmata.com indicates
  • f5adef8c202e62125be49f748ed3b30b34e0fb2c9539c805dd96a75a26c7ddc4 indicates
  • 12557dcf9c9a609521d7a2cc84a7e6fb95a93957aed6bda0f9644e96dfbbc180 indicates
  • 681b15a43925e02d7f4f0c9e554e8d73e230931ce6634f49dd5b204afd03d20c indicates
  • pasaaportes-citas-srre-gob.com indicates
  • mx-terrasabvia.com indicates
  • 544091acb5807aaac32ca4843bb85c4aa7ce0ab0acda296efa1a23fe3c181b7e indicates
  • glossovers.com indicates
  • a83f218d9dbb05c1808a71c75f3535551b67d41da6bb027ac0972597a1fc49fe indicates
  • https://manzisuape.com/amw/ indicates
  • bb3f433799c30a8aad5257abc2df479ecad058f6099fd89fb8e7c278dfe3be45 indicates
  • 8634988a90e69d8e657f72cf5f599176be5854448e0544abc42eb49b0c245f0c indicates
  • e848a0f1900e2f0be9ed1ea8e947ae3bae14e78f3ff81c02d8e5a54353cdbac8 indicates
  • 4f08865b1bdcc0e27e34bbd722279de661c92ce9aafb9fced1b5de1275887486 indicates
  • f76b456cf2af1382325c704bf70b5168d28d30da0f3d0a5207901277e01db395 indicates
  • metritono.com indicates
  • 3b0772608844821555bb90e0218972f89f421dad9b1f7bd1918de26a929e998f indicates
  • 79a5ac15d0de66df3dd00a4148aa76dc183ebf47553fbcc5355f4902dc981267 indicates
  • bd299b5e3d7645b10286410f98f6ec79d803ce2b977c61e49f2dc26285823c99 indicates
  • 0dbaf8970c0620e1b5902fd87c1cd0e72e917c45add84a024338c0481b5e161c indicates
  • https://masamadreartesanal.com/tag/ss.exe indicates
  • chuacheneguer.com indicates
  • inmobiliariaarte.com indicates
  • a8abffa5d7259a94951d96ad3d60e8910927b5d0697f8edece2e295154e00832 indicates
  • mepunico.com indicates
  • c33723a6c0ece4f790396f5fd5133cf384143736e6acd06e1d7642c04757bbae indicates
  • 65fc84ffd9be05720b700292b7dbc0ac8afa7faaadf6fcd4485ce34785ba0932 indicates
  • 32ef3a0da762bc88afb876537809350a885bbbc3ec59b1838e9e9ccc0a04b081 indicates
  • 84b046a4dbfcd9d4b2d62b4bc8faaf4c6395696f1e688f464bc9e0b760885263 indicates
  • c3e7089e47e5c9fc896214bc44d35608854cd5fa70ae5c19aadb0748c6b353d6 indicates
  • d8343068669d8fbb52b0af87bd3d4f3579d76192d021b37b6fd236b0973e4a5d indicates
  • 20fe630a63dd1741ec4ade9fe05b2e7e57208f776d5e20bbf0a012fea96ad0c0 indicates
  • kalichepa.com indicates
  • dcfa26a38a5af8a072104854fba1b7c0aa9ec99875d35dbd623c12932df44969 indicates
  • 974c221c75c35d03dd2158d1d1a0a72a7ae85a6f7c1c729977f3676f946758ee indicates
  • tlelmeuas.com indicates
  • http://masamadreartesanal.com/tag/ss.exe indicates
  • arimateas.com indicates
  • 4bf4bcf1cc45d9e50efbd184aad827e2c81f900a53961cf4fbea90fa31ca7549 indicates

Vulnerabilities (CVE) (2)

CVE-2025-20265
10.0 Critical

A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to …

Attack vector
Network
Published
14/08/2025
Modified
27/05/2026
Awaiting Analysis
CVE-2025-25256
9.8 Critical

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through …

Attack vector
Network
Published
12/08/2025
Modified
27/05/2026
Received