RansomEXX
· Published 21/12/2025 06:02 · Modified 21/12/2025 06:02
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 06:02
- Modified
- 21/12/2025 06:02
- Updated at
- 21/12/2025 06:02
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 27 attack patterns (mitre), 1 malware, 1 sectors, 2 countries, 18 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
1 CVE 27 MITREs 1 Malware 18 Observables 1 APT
Attack patterns (MITRE) (27)
-
T1074.001 usesLocal Data Staging MITRE
-
T1543.003 usesWindows Service MITRE
-
T1078.003 usesLocal Accounts MITRE
-
T1140 usesDeobfuscate/Decode Files or Information MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1490 usesInhibit System Recovery MITRE
-
T1566.001 usesSpearphishing Attachment MITRE
-
T1021.002 usesSMB/Windows Admin Shares MITRE
-
T1078 usesValid Accounts MITRE
-
T1041 usesExfiltration Over C2 Channel MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1059.003 usesWindows Command Shell MITRE
Malware (1)
-
RansomEXX usesFamily
Sectors (1)
-
Finance targets
Countries (2)
-
India targets
-
British Indian Ocean Territory targets
Indicators (18)
-
http://iq3ahijcfeont3xx.fenaow48fn42.comindicates -
iq3ahijcfeont3xx.sm4i8smr3f43.comindicates -
5c3569c166654eed781b9a2a563adec8e2047078fdcbafcdef712fabf2dd3f57indicates -
b89742731932a116bd973e61628bbe4f5d7d92b53df3402e404f63003bac5104indicates -
09c99e37121722dd45a2c19ff248ecfe2b9f1e082381cc73446e0f4f82e0c468indicates -
rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.onionindicates
Vulnerabilities (CVE) (1)
9.8
Critical
Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead …
- Attack vector
- Network
- Published
- 19/08/2024
- Modified
- 21/12/2025