Librarian Ghouls
· Published 21/12/2025 14:10 · Modified 21/12/2025 14:10
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 14:10
- Modified
- 21/12/2025 14:10
- Updated at
- 21/12/2025 14:10
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 16 attack patterns (mitre), 1 malware, 2 sectors, 3 countries, 55 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
13 MITREs 1 Malware 55 Observables 1 APT
Attack patterns (MITRE) (16)
-
T1566.001 usesSpearphishing Attachment MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1555.003 usesCredentials from Web Browsers MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1059.003 usesWindows Command Shell MITRE
-
T1574.002 uses
-
T1036.005 usesMatch Legitimate Resource Name or Location MITRE
-
T1571 usesNon-Standard Port MITRE
-
T1219 usesRemote Access Tools MITRE
-
T1070.004 usesFile Deletion MITRE
-
T1204.002 usesMalicious File MITRE
Malware (1)
-
XMRig usesFamily
Sectors (2)
-
Manufacturing targets
-
Education targets
Countries (3)
-
Belarus targets
-
Kazakhstan targets
-
Russian Federation targets
Indicators (55)
-
f8c80bbecbfb38f252943ee6beec98edc93cd734ec70ccd2565ab1c4db5f072findicates -
outinfo.ruindicates -
d8edd46220059541ff397f74bfd271336dda702c6b1869e8a081c71f595a9e68indicates -
65f7c3e16598a8cb279b86eaeda32cb7a685801ed07d36c66ff83742d41cd415indicates -
7d6b598eaf19ea8a571b4bd79fd6ff7928388b565d7814b809d2f7fdedc23a0aindicates -
acountservices.nlindicates -
e880a1bb0e7d422b78a54b35b3f53e348ab27425f1c561db120c0411da5c1ce9indicates -
fd58900ea22b38bad2ef3d1b8b74f5c7023b8ca8a5b69f88cfbfe28b2c585bafindicates -
accouts-verification.ruindicates -
office-account.ruindicates -
d7bcab5acc8428026e1afd694fb179c5cbb74c5be651cd74e996c2914fb2b839indicates -
649ee35ad29945e8dd6511192483dddfdfe516a1312de5e0bd17fdd0a258c27findicates