SneakyChef
· Published 21/12/2025 04:59 · Modified 21/12/2025 04:59
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:59
- Modified
- 21/12/2025 04:59
- Updated at
- 21/12/2025 04:59
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 3 reports, 21 attack patterns (mitre), 2 malware, 1 sectors, 7 countries, 155 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (3)
-
1 CVE 10 MITREs 2 Malwares 4 Observables 1 APT
-
8 MITREs 2 Malwares 148 Observables 1 APT
-
11 MITREs 2 Malwares 6 Observables 1 APT
Attack patterns (MITRE) (21)
-
T1136 usesCreate Account MITRE
-
T1119 usesAutomated Collection MITRE
-
T1566 usesPhishing MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1485 usesData Destruction MITRE
-
T1195 usesSupply Chain Compromise MITRE
-
T1053 usesScheduled Task/Job MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1036 usesMasquerading MITRE
-
T1574 usesHijack Execution Flow MITRE
-
T1114 usesEmail Collection MITRE
-
T1070 usesIndicator Removal MITRE
Malware (2)
-
SugarGh0st usesFamily
-
SpiceRAT usesFamily
Sectors (1)
-
Government targets
Countries (7)
-
British Indian Ocean Territory targets
-
Latvia targets
-
Kazakhstan targets
-
Turkmenistan targets
-
Angola targets
-
Saudi Arabia targets
-
India targets
Indicators (155)
-
0b6dcf9ba14096c631bd9a3f90180c5f6ad9177a8283724146425b2f08b53e02indicates -
8cd0026ba4f0c8984bdb6daaddb6fa17088e3b9272859cc2c03195d36f47f334indicates -
4e18b57c586b3bfb6bd825ecbee2bdfcce91c8414e40c0a7655edc327d62ac0findicates -
8190e8990bb7bc860691ce2d3ff6015d7f9a0339e77aa7c6e5e3ae5209bd6f4cindicates -
67b648a7f0d24e5b56e83f73f9494be6a63f4d7372c960a2134054352c9c3490indicates -
43c40fe84b53b2573564331db15f5fea8cdf599d6c9c2f361dd154a9b78cd6aaindicates -
70359e4ce398ad356fd36f1f9306a570b36c552b83310332e5bf257f21cb1e9aindicates -
b9a60ea9b1ac73e333b403f8471b5111a0ba67b60c9f0d7e44e2e290fccf6f42indicates -
727bcb28eb0282a389bd2c82e3fac57a9c348aedee23d18c8d136bbd8803b642indicates -
06056f83e93849124dc435166c1b463bf34bbf99ea5671221ddaf6641e3db4f4indicates -
88c6525924bf306dc21aada7898084622bf6a224465123025a53b1c187ff8ae9indicates -
fb76bc19e177372d210bcfe9b1f35fb296b0b7cb64f0ad5075a64d06a3c85159indicates
Vulnerabilities (CVE) (1)
CVE-2024-5806
targets
9.1
Critical
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass in limited scenarios.This issue affects MOVEit Transfer: from …
- Attack vector
- NETWORK
- Published
- 25/06/2024
- Modified
- 21/12/2025