216.73.217.22

LapDogs

· Published 21/12/2025 15:11 · Modified 21/12/2025 15:11 · Source: AlienVault

Essential information

Confidence
100/100
Published
21/12/2025 15:11
Modified
21/12/2025 15:11
Updated at
21/12/2025 15:11
Revoked
No
Author / Source
AlienVault
Resource level
Primary motivation
Related entities
1 reports, 18 attack patterns (mitre), 1 malware, 5 sectors, 4 countries, 7 indicators, 2 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (1)

Attack patterns (MITRE) (18)

  • T1046 uses
    Network Service Discovery
  • T1105 uses
    Ingress Tool Transfer
  • T1082 uses
    System Information Discovery
  • T1547.006 uses
    Kernel Modules and Extensions
  • T1572 uses
    Protocol Tunneling
  • T1190 uses
    Exploit Public-Facing Application
  • T1573.002 uses
    Asymmetric Cryptography
  • T1571 uses
    Non-Standard Port
  • T1055 uses
    Process Injection
  • T1016 uses
    System Network Configuration Discovery
  • T1568 uses
    Dynamic Resolution
  • T1574.006 uses
    Dynamic Linker Hijacking
  • T1078 uses
    Valid Accounts
  • T1059.004 uses
    Unix Shell
  • T1133 uses
    External Remote Services
  • T1102.002 uses
    Bidirectional Communication
  • T1021.001 uses
    Remote Desktop Protocol
  • T1205 uses
    Traffic Signaling

Malware (1)

  • ShortLeash uses
    Family
    Published 26/06/2025 21:14 · Modified 26/06/2025 21:14

Sectors (5)

  • Telecommunications targets
  • Construction targets
  • Technology targets
  • Media targets
  • Government targets

Countries (4)

  • United States of America targets
  • Japan targets
  • Taiwan targets
  • Hong Kong targets

Indicators (7)

  • 02ab315e4e3cf71c1632c91d4914c21b9f6e0b9aa0263f2400d6381aab759a61 indicates
  • 1a180186e6fbaf6fa88f934965290235e8418976d6f3546dbf100217d1752db4 indicates
  • 073133298e5cca0833354be754f5d14358c0dbc24ba5f70e5b5eceec1d6726e6 indicates
  • 75618401b64046d970df49fcfdfcc36174b0aae27ac4e1c178dc75219992080a indicates
  • 9b954bfc2949d07eb41446225592eaa65ed3954cd2b93a13c574bb89147a4465 indicates
  • 33ff77940436498a50bbb05391324964063cd3c93f2e66b07d1cb31442bb1513 indicates
  • northumbra.com indicates

Vulnerabilities (CVE) (2)

CVE-2015-1548
5.0 Medium

mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol …

Published
10/02/2015
Modified
07/05/2026