SneakyChef
· Published 21/12/2025 04:59 · Modified 21/12/2025 04:59
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 04:59
- Modified
- 21/12/2025 04:59
- Updated at
- 21/12/2025 04:59
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 3 reports, 21 attack patterns (mitre), 2 malware, 1 sectors, 7 countries, 155 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (3)
-
1 CVE 10 MITREs 2 Malwares 4 Observables 1 APT
-
8 MITREs 2 Malwares 148 Observables 1 APT
-
11 MITREs 2 Malwares 6 Observables 1 APT
Attack patterns (MITRE) (21)
-
T1136 usesCreate Account MITRE
-
T1119 usesAutomated Collection MITRE
-
T1566 usesPhishing MITRE
-
T1082 usesSystem Information Discovery MITRE
-
T1485 usesData Destruction MITRE
-
T1195 usesSupply Chain Compromise MITRE
-
T1053 usesScheduled Task/Job MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1036 usesMasquerading MITRE
-
T1574 usesHijack Execution Flow MITRE
-
T1114 usesEmail Collection MITRE
-
T1070 usesIndicator Removal MITRE
Malware (2)
-
SugarGh0st usesFamily
-
SpiceRAT usesFamily
Sectors (1)
-
Government targets
Countries (7)
-
British Indian Ocean Territory targets
-
Latvia targets
-
Kazakhstan targets
-
Turkmenistan targets
-
Angola targets
-
Saudi Arabia targets
-
India targets
Indicators (155)
-
c4e2301615cbab9abf2d94327bb7839df64d88fc5c508a2f33c3f0fc881be7c3indicates -
9483bccb2b0964d11b13ca01fba7ba6a21a531807d48eb3182ceaf7ed240ef2bindicates -
e56537d09156bb77f4821d5ce005c7840ec41890de233d88a1152f68110098cfindicates -
cac8c35fd03cc8698e53cafa64941be59870380ecedd2f4998e110787224241cindicates -
065f10e2a92b433a779c508e4add9c096b2891f5417fa183e58c8b8f7f9f8524indicates -
653281c876250878eb503e4377c3f79bdfec31e94b27e5413a1b9f8f0f84a6a4indicates -
http://stock.adobe-service.net/homepage/index.aspxindicates -
99ab797804684699925b70bdf2ecbbb878f4a86e7b971349036700c72ad15fb1indicates -
21cf0efec4def4a95af75a7bfdef915bf103a9a6cd03593b4f665f49cdbe4a02indicates -
4f02b04252b268bffdc6584ced29254209fcac4ba7388527efa43786cad17aaaindicates -
bae38315e5a6622d01b66db561efa206e698f3cb6157645dabd4f0267b8d2c91indicates -
bc73528b391f30acdd3c3a1674bc7973d3026c367142d72684facd68915851f6indicates
Vulnerabilities (CVE) (1)
CVE-2024-5806
targets
9.1
Critical
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass in limited scenarios.This issue affects MOVEit Transfer: from …
- Attack vector
- NETWORK
- Published
- 25/06/2024
- Modified
- 21/12/2025