Manic Menagerie
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 00:49
- Modified
- 21/12/2025 00:49
- Updated at
- 21/12/2025 00:49
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 9 attack patterns (mitre), 1 malware, 1 countries, 40 indicators, 9 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (9)
-
T1505 usesServer Software Component MITRE
-
T1068 usesExploitation for Privilege Escalation MITRE
-
T1135 usesNetwork Share Discovery MITRE
-
T1014 usesRootkit MITRE
-
T1553 usesSubvert Trust Controls MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1070 usesIndicator Removal MITRE
-
T1102 usesWeb Service MITRE
-
T1195 usesSupply Chain Compromise MITRE
Malware (1)
-
Manic Menagerie usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Countries (1)
-
Australia targets
Indicators (40)
-
stix 100/100 Revoked
Win64:Trojan-gen
· Valid until 05/10/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked
DT_VMP_32
· Valid until 05/10/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked
Win.Trojan.Generic-9910725-0
· Valid until 05/10/2024 · Source: AlienVault -
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/10/2024 · Source: AlienVault
Vulnerabilities (CVE) (9)
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
- Published
- 10/01/2022
- Modified
- 20/12/2025
Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.
- Attack vector
- Network
- Published
- 30/09/2022
- Modified
- 20/12/2025
- Published
- 20/12/2025
- Modified
- 21/12/2025
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.
- Published
- 18/01/2022
- Modified
- 20/12/2025
Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows …
- Published
- 03/11/2021
- Modified
- 21/12/2025
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.
- Published
- 03/11/2021
- Modified
- 20/12/2025
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
- Published
- 15/03/2022
- Modified
- 21/12/2025
Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.
- Published
- 03/11/2021
- Modified
- 29/05/2026
Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 12/05/2017
- Modified
- 22/04/2026