LemonDuck
· Published 21/12/2025 07:46 · Modified 21/12/2025 07:46
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 07:46
- Modified
- 21/12/2025 07:46
- Updated at
- 21/12/2025 07:46
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 18 attack patterns (mitre), 1 malware, 1 countries, 7 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
2 CVEs 7 MITREs 1 Malware 8 Observables 1 APT
-
1 CVE 16 MITREs 1 Malware 5 Observables 1 APT
Attack patterns (MITRE) (18)
-
T1562.001 usesDisable or Modify Tools MITRE
-
T1078 usesValid Accounts MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1078.001 usesDefault Accounts MITRE
-
T1059.003 usesWindows Command Shell MITRE
-
T1053.005 usesScheduled Task MITRE
-
T1021.002 usesSMB/Windows Admin Shares MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1070 usesIndicator Removal MITRE
-
T1562.004 usesDisable or Modify System Firewall MITRE
-
T1571 usesNon-Standard Port MITRE
-
T1568 usesDynamic Resolution MITRE
Malware (1)
-
LemonDuck usesFamily
Countries (1)
-
Taiwan targets
Indicators (7)
-
http://t.amynyx.com/gim.jspindicates -
t.amynx.comindicates -
t.amynyx.comindicates -
http://w.zz3r0.com/page.html?pSVR-ESCWEBAPPindicates -
w.zz3r0.comindicates -
http://t.amynx.com/gim.jspindicates -
http://w.zz3r0.com/page.htmlindicates
Vulnerabilities (CVE) (2)
CVE-2023-46865
targets
7.2
High
/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png …
- Attack vector
- NETWORK
- Published
- 30/10/2023
- Modified
- 21/12/2025
8.8
High
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 17/03/2017
- Modified
- 22/04/2026