MRxC0DER
· Published 21/12/2025 05:45 · Modified 21/12/2025 05:45
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 05:45
- Modified
- 21/12/2025 05:45
- Updated at
- 21/12/2025 05:45
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 9 attack patterns (mitre), 1 malware, 1 sectors, 24 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
9 MITREs 1 Malware 25 Observables 1 APT
Attack patterns (MITRE) (9)
-
T1204 usesUser Execution MITRE
-
T1539 usesSteal Web Session Cookie MITRE
-
T1114 usesEmail Collection MITRE
-
T1090.004 usesDomain Fronting MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1132.001 usesStandard Encoding MITRE
-
T1566.001 usesSpearphishing Attachment MITRE
-
T1567 usesExfiltration Over Web Service MITRE
-
T1557 usesAdversary-in-the-Middle MITRE
Malware (1)
-
Caffeine usesFamily
Sectors (1)
-
Finance targets
Indicators (24)
-
908af49857b6f5d1e0384a5e6fc8ee53ca1df077601843ebdd7fc8a4db8bcb12indicates -
47b12127c3d1d2af24f6d230e8e86a7b0c661b4e70ba3b77a9beca4998a491eaindicates -
bsifinancial019.ssllst.cloudindicates -
3d58733b646431a60d39394be99ff083d6db3583796b503e8422baebed8d097eindicates -
agchoice.us-hindus.comindicates -
d3b03f79cf1d088d2ed41e25c961e9945533aeabb93eac2d33ebc4b589ba6172indicates -
51fdaa65511e7c3a8d4d08af59d310a2ad8a18093ca8d3c817147d79a89f44a1indicates -
docusign.multiparteurope.comindicates -
702008cae9a145741e817e6c6566cd1d79c737d51b718f13a2d16d72a00cd5a7indicates -
52e04c615b08af10b4982506c1cee74cb062116d31f0300ed027f6efd3119b1aindicates -
authmicronlineonfication.comindicates -
473.kernam.comindicates