RudePanda
· Published 21/12/2025 17:42 · Modified 21/12/2025 17:42
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 17:42
- Modified
- 21/12/2025 17:42
- Updated at
- 21/12/2025 17:42
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 20 attack patterns (mitre), 3 malware, 36 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
16 MITREs 3 Malwares 36 Observables 1 APT
Attack patterns (MITRE) (20)
-
T1078 usesValid Accounts MITRE
-
T1014 usesRootkit MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1140 usesDeobfuscate/Decode Files or Information MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1218.011 usesRundll32 MITRE
-
T1573.002 usesAsymmetric Cryptography MITRE
-
T1112 usesModify Registry MITRE
-
T1070.001 usesClear Windows Event Logs MITRE
-
T1204.001 usesMalicious Link MITRE
-
T1505.003 usesWeb Shell MITRE
-
T1059.001 usesPowerShell MITRE
Malware (3)
-
HijackServer usesFamily
-
HijackDriverManager usesFamily
-
WingtbCLI usesFamily
Indicators (36)
-
c348996e27fc14e3dce8a2a476d22e52c6b97bf24dd9ed165890caf88154edd2indicates -
913431f1d36ee843886bb052bfc89c0e5db903c673b5e6894c49aabc19f1e2fcindicates -
82b7f077021df9dc2cf1db802ed48e0dec8f6fa39a34e3f2ade2f0b63a1b5788indicates -
c1ca053e3c346513bac332b5740848ed9c496895201abc734f2de131ec1b9fb2indicates -
64d0a4703ec976b0e0db4e193b9ccdf4ef6f34d24c32274579ee028a67bfa3a9indicates -
88fd3c428493d5f7d47a468df985c5010c02d71c647ff5474214a8f03d213268indicates -
wseo99.comindicates -
e107bf25abc1cff515b816a5d75530ed4d351fa889078e547d7381b475fe2850indicates -
wseo88.comindicates -
8ed76396e11d1c268b6a80def8b57abacf4ea1ac059838bd858c8587c26b849cindicates -
7260f09e95353781f2bebf722a2f83c500145c17cf145d7bda0e4f83aafd4d20indicates -
af05f1b780a14583887857cb87d697d985ce172abb1d57e4108cac5e5aaca136indicates