TA413
· Published 20/12/2025 21:15 · Modified 20/12/2025 21:15
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 20/12/2025 21:15
- Modified
- 20/12/2025 21:15
- Updated at
- 20/12/2025 21:15
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 4 attack patterns (mitre), 1 malware, 4 countries, 17 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Attack patterns (MITRE) (4)
Malware (1)
-
Turian uses
Countries (4)
-
India targets
-
Russian Federation targets
-
Philippines targets
-
Nepal targets
Indicators (17)
-
bf10a54348c2d448afa5d0ba5add70aaccd99506dfcf9d6cf185c0b77c14ace5indicates -
sputnikradio.netindicates -
4369f3c729d9bacffab6ec9a8f0e582b4e12b32ed020b5fe0f4c8c0c620931dcindicates -
exchange.oufca.com.auindicates -
d118f2c99400e773b8cfd3e08a5bcf6ecaa6a644cb58ef8fd5b8aa6c29af4cf1indicates -
http://212.138.130.8/analysis.htmlindicates -
8e986c906d0c6213f80d0224833913fa14bc4c15c047766a62f6329bfc0639bdindicates -
http://coolrat.xyzindicates -
4f11f567634b81171a871c804b35c672646a0839485eca0785db71647a1807dfindicates -
4dda59b51d51f18c9071eb07a730ac4548e36e0d14dbf00e886fc155e705eeefindicates -
34dc42f3f486ec282c5e3a16d81a377c2f642d87994ae103742df5ed5804d0f7indicates -
www.tripinindian.comindicates
Vulnerabilities (CVE) (2)
CVE-2022-21907
targets
9.8
Critical
HTTP Protocol Stack Remote Code Execution Vulnerability
- Attack vector
- NETWORK
- Published
- 11/01/2022
- Modified
- 20/12/2025
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An …
- Published
- 14/06/2022
- Modified
- 27/05/2026