GrewApacha
· Published 21/12/2025 05:58 · Modified 21/12/2025 05:58
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 05:58
- Modified
- 21/12/2025 05:58
- Updated at
- 21/12/2025 05:58
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 11 attack patterns (mitre), 2 malware, 1 countries, 5 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
11 MITREs 2 Malwares 5 Observables 1 APT
Attack patterns (MITRE) (11)
-
T1003 usesOS Credential Dumping MITRE
-
T1036 usesMasquerading MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1195 usesSupply Chain Compromise MITRE
-
T1022 uses
-
T1056 usesInput Capture MITRE
-
T1053 usesScheduled Task/Job MITRE
-
T1018 usesRemote System Discovery MITRE
-
T1012 usesQuery Registry MITRE
Malware (2)
-
CloudSorcerer usesFamily
-
PlugY usesFamily
Countries (1)
-
Russian Federation targets
Indicators (5)
-
0aa627736df73c543c26c3f033f1962282dd005e6a0ec8d9357df3511b2fc8a6indicates -
5071022aaa19d243c9d659e78ff149fe0398cf7d9319fd33f718d8e46658e41cindicates -
e2f87428a855ebc0cda614c6b97e5e0d65d9ddcd3708fd869c073943ecdde1c0indicates -
bd747692ab5db013cd4c4cb8ea9cafa7577c95bf41aa2629a7fea875f6dcbc41indicates -
668f61df2958f30c6a0f1356463e14069b3435fb4e8417a948b6738f5f340dd9indicates