Mallox
· Published 21/12/2025 04:47 · Modified 21/12/2025 04:47
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:47
- Modified
- 21/12/2025 04:47
- Updated at
- 21/12/2025 04:47
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 4 reports, 48 attack patterns (mitre), 5 malware, 7 sectors, 11 countries, 33 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (4)
-
1 CVE 10 MITREs 2 Malwares 21 Observables 1 APTPublished 24/09/2024 14:42 · Modified 24/09/2024 15:08
-
17 MITREs 2 Malwares 7 Observables 1 APTPublished 04/09/2024 16:31 · Modified 04/09/2024 18:49
-
19 MITREs 1 Malware 5 Observables 1 APTPublished 04/07/2024 10:36 · Modified 04/07/2024 10:53
-
15 MITREs 3 Malwares 10 Observables 1 APTPublished 14/05/2024 18:03 · Modified 14/05/2024 18:30
Attack patterns (MITRE) (48)
-
T1090 usesProxy
-
T1078 usesValid Accounts
-
T1033 usesSystem Owner/User Discovery
-
T1588.002 usesTool
-
T1132 usesData Encoding
-
T1027 usesObfuscated Files or Information
-
T1490 usesInhibit System Recovery
-
T1560 usesArchive Collected Data
-
T1491 usesDefacement
-
T1012 usesQuery Registry
-
T1059.004 usesUnix Shell
-
T1071.001 usesWeb Protocols
Malware (5)
-
Trigona usesFamilyPublished 01/05/2026 17:53 · Modified 01/05/2026 17:53
-
Mallox usesFamilyPublished 25/10/2024 20:49 · Modified 25/10/2024 20:49
-
Kryptina usesFamilyPublished 24/09/2024 14:42 · Modified 24/09/2024 14:42
-
Xollam usesFamilyPublished 14/05/2024 18:03 · Modified 14/05/2024 18:03
-
Remcos RAT usesFamilyPublished 17/06/2026 18:20 · Modified 17/06/2026 18:20
Sectors (7)
- Technology targets
- Finance targets
- Energy targets
- Manufacturing targets
- Telecommunications targets
- Retail targets
- Healthcare targets
Countries (11)
- United States of America targets
- Canada targets
- Brazil targets
- Qatar targets
- Australia targets
- Ukraine targets
- United Kingdom of Great Britain and Northern Ireland targets
- Russian Federation targets
- Germany targets
- China targets
- Kazakhstan targets
Indicators (33)
-
694eeec46cfe1b7acd54cf95b307416be984a5238b3059cc3af446e74e28d889indicates -
e52a8d0337bae656b01cb76c03975ac3d75ac4984c028ba2a6531396dea6ddddindicates -
45a236e7aa80515aafb6c656c758faad6e77fb435b35bfa407aef3918212078dindicates -
3b1b1beacd0925dcb27675c45f50574921181c097ab8004d18bc116e5a99bde0indicates -
2fdaee89b426fa3ee00f3e8d10ebf23f1de1562746e5ba2ee606443572190610indicates -
9f4c40c0d52291334d90455a64106f920ede3bda5c3f7d00b0933032b0f208d8indicates -
c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6indicates -
0772ab3066dbc9863f415f505e3a136266d46d9c8889646b3c3720c44d4ced79indicates -
ec1b3e6440b0fe1523295479fb18660aaac2f9f13a72145feebe07d60c2d9197indicates -
docs.mdindicates -
175e20a7c8d54bfa6271de9d550c25c21e1c91aaf39aaa80779389fc8600d53findicates -
ff5e8c23e622bdaf6fd608691e6c3da298b0bfe867b0d8d84d37d991b75a237cindicates
Vulnerabilities (CVE) (1)
CVE-2024-21338
KEV
7.8
High
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys …
- Attack vector
- Local
- Published
- 04/03/2024
- Modified
- 21/12/2025