Raspberry Robin
· Published 21/12/2025 03:36 · Modified 21/12/2025 03:36
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 03:36
- Modified
- 21/12/2025 03:36
- Updated at
- 21/12/2025 03:36
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 37 attack patterns (mitre), 14 malware, 130 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
1 CVE 2 Malwares 121 Observables 1 APT
-
1 CVE 15 MITREs 2 Malwares 121 Observables 1 APT
Malware (14)
-
Raspberry Robin usesFamily
-
Arkei Stealer uses
-
Mars uses
-
DarkComet - S0334 usesFamily
-
StealC usesFamily
-
Vidar usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Azorult - S0344 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
QakBot - S0650 usesFamily
-
QakBot usesFamily
-
DarkKomet usesFamily
-
LOBSHOT usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Pony - S0453 usesFamily
Indicators (130)
-
http://bpe2vrpvh5ri7odgbqxhr6mjaxe3zvekcexzdwpaiorq3xcbttrxywid.onion:22316indicates -
ztgk5ebmxcq3onksgg3guxpe4abz4cktcfa5lgubcgyde3ojkbvyjnad.onionindicates -
ztnjv2hf4gxl7x7f27qhhfxehdd4cd6cdfwjw6u7njmqxjgllzm6kgid.onionindicates -
http://3c6vus267hplojma4d3qckohjgxnhattb2vkkwcm6anilylzqkzdakad.onion:48285indicates -
7jfv34s2axfur4euvzqzzowyqksby7hyt3sizuxvucxoc6ma46qjooqd.onionindicates -
glhdxhgiqrboqrgw2dmwutpocyilxxuahxc6v3lfpfxhihahw4tjfeid.onionindicates -
yuuexutjzjmul7wldcecq6mpr2v5dyblw5n77elnoikttxfk3y54gnad.onionindicates -
x76mtemtxl5fucgccu2nz4morfmpwwe44xp3ovkgsguzsntlh7ukn4id.onionindicates -
05c6f53118d363ee80989ef37cad85ee1c35b0e22d5dcebd8a6d6a396a94cb65indicates -
http://kykggujjvvag7p4nmptsfuyqrqtqiqqun3pimsuupecmpoez2gph4vqd.onion:34469indicates -
el4ccbgrbeyqdc4vn74tdtfstksdmwj66qdi7e77vucafwvvm7ozvgad.onionindicates -
http://uxfjrthzy6c6a7d2zqk47x4ltjm6hmftbroghxk4vfjva6mftpsmkbyd.onion:49600indicates
Vulnerabilities (CVE) (1)
CVE-2024-38196
targets
7.8
High
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- Attack vector
- LOCAL
- Published
- 13/08/2024
- Modified
- 21/12/2025