UNK_DeadDrop
· Published 09/06/2026 10:58 · Modified 09/06/2026 10:58
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 09/06/2026 10:58
- Modified
- 09/06/2026 10:58
- Updated at
- 09/06/2026 10:58
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 20 attack patterns (mitre), 4 malware, 3 sectors, 1 countries, 25 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
20 MITREs 4 Malwares 18 Observables 1 APTPublished 08/06/2026 10:05 · Modified 09/06/2026 09:00
Attack patterns (MITRE) (20)
-
T1059.005 usesVisual Basic
-
T1566.002 usesSpearphishing Link
-
T1027 usesObfuscated Files or Information
-
T1059.001 usesPowerShell
-
T1082 usesSystem Information Discovery
-
T1005 usesData from Local System
-
T1140 usesDeobfuscate/Decode Files or Information
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1555.003 usesCredentials from Web Browsers
-
T1070.004 usesFile Deletion
-
T1204.001 usesMalicious Link
-
T1552.001 usesCredentials In Files
-
T1176 usesSoftware Extensions
-
T1555.004 usesWindows Credential Manager
-
T1059.006 usesPython
-
T1041 usesExfiltration Over C2 Channel
-
T1539 usesSteal Web Session Cookie
-
T1071.001 usesWeb Protocols
-
T1056.002 usesGUI Input Capture
-
T1071.004 usesDNS
Malware (4)
-
OtterCookie usesFamilyPublished 08/06/2026 10:05 · Modified 08/06/2026 10:05
-
Invisible Ferret usesFamilyPublished 08/06/2026 10:05 · Modified 08/06/2026 10:05
-
FlexibleFerret usesFamilyPublished 08/06/2026 10:05 · Modified 08/06/2026 10:05
-
Overlord usesFamilyPublished 08/06/2026 10:05 · Modified 08/06/2026 10:05
Sectors (3)
- Finance targets
- Technology targets
- Education targets
Countries (1)
- United States of America targets
Indicators (25 / 77)
-
careertrixauvex.inkindicates -
nemesistrade.workindicates -
careerpulsynk.xyzindicates -
hr.mailpredicttogether.inkindicates -
predicttocareer.spaceindicates -
ceronetwork.orgindicates -
predicttogerecruit.storeindicates -
hr.contacttrixauvex.inkindicates -
alphanonega.orgindicates -
empowerpharmacy.spaceindicates -
339907b44f161f57ff30819f422c552382ff437b3ae437463b4222cfe86bd943indicates -
hyperdevpipline.orgindicates -
contactpredicttogether.inkindicates -
predictcareertogether.spaceindicates -
2812e0847d472cb8870c94f463331dbe53b84135132b9bf5f6d84c2382be628findicates -
pulsynk.orgindicates -
recruitptogether.xyzindicates -
ceronet.workindicates -
doxxela.inkindicates -
teampulsynk.teamindicates -
e1bf1b29e6fa3525d7f32f429290a88d6ea2890e61c06574b8ff6372aa5d0667indicates -
coslyintra.onlineindicates -
contactpulsynk.inkindicates -
hr.trixauvex.orgindicates -
hr.mailpulsynk.xyzindicates