Unknown
· Published 21/12/2025 03:42 · Modified 21/12/2025 03:42
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 03:42
- Modified
- 21/12/2025 03:42
- Updated at
- 21/12/2025 03:42
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 19 attack patterns (mitre), 3 malware, 1 sectors, 26 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
20 MITREs 2 Malwares 33 Observables 1 APT
-
15 MITREs 3 Malwares 36 Observables 1 APT
Attack patterns (MITRE) (19)
-
T1073 uses
-
T1553 usesSubvert Trust Controls MITRE
-
T1204 usesUser Execution MITRE
-
T1559.001 MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1555.003 usesCredentials from Web Browsers MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1553.005 usesMark-of-the-Web Bypass MITRE
-
T1189 usesDrive-by Compromise MITRE
-
MSBuild usesT1127.001 MITRE
-
T1059.001 usesPowerShell MITRE
-
T1055 usesProcess Injection MITRE
Malware (3)
-
Trojan:Win32/Amadey usesFamily
-
Family
-
Hijackloader usesFamily
Sectors (1)
-
Technology targets
Indicators (26)
-
27cf1ecb18d6f669dfbd4cf4dd552c4db87ab8727a873a580166411f93aabaa5indicates -
d3ba1adbfeef8f19e4aa570299c06d39a87dfc5fe3d85946270b722e44dacda7indicates -
e958f4ed8272a96e599ff9f0a79331e7b5109104a9d20d3f760c7eb162daf7e0indicates -
8103f2cce6a864ceefe6c5b0c05087ac85ab04a2abf150e93bc9db90c54d9d20indicates -
33286a66f457328432180f9a7d2b82e456aacef6b2aa0833d74ecd1d51687f55indicates -
15600ccdef5a64b40d206d89234a51be1e11bd878dcefc5986590bcf40d9d571indicates -
f9675304d13efaee32e6b4a3317b64231a59b684532a898d12b4e7ed88518afdindicates -
725f50650cb9490027b633a1ff0ae166cb6fc42037dbe72d9a09dd65be323a1findicates -
0f2b3d012a9abe420bc36c62847bba6ca4478ceebc018bad2b19f22d481fcc10indicates -
db46b6106dc1b30041ce3f287ded91166895ff3f1928250fc79dd46c444b1e45indicates -
629b4cef2c394c6a1fad37e5ac6f497b3bdac489270d54f4e98c5dfc925ea883indicates -
5d447f1fe007dae3b9ad0687212e71cdec0343f6385fcc2db4ee3e0198e995c0indicates
Vulnerabilities (CVE) (1)
CVE-2024-3094
targets
10.0
Critical
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma …
- Attack vector
- NETWORK
- Published
- 29/03/2024
- Modified
- 21/12/2025