Venom Spider
· Published 21/12/2025 08:45 · Modified 21/12/2025 08:45
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 08:45
- Modified
- 21/12/2025 08:45
- Updated at
- 21/12/2025 08:45
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 20 attack patterns (mitre), 8 malware, 3 sectors, 1 countries, 31 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
8 MITREs 1 Malware 3 Observables 1 APTPublished 03/05/2025 03:04 · Modified 05/05/2025 18:09
-
11 MITREs 7 Malwares 11 Observables 1 APTPublished 10/12/2024 13:45 · Modified 10/12/2024 14:04
Attack patterns (MITRE) (20)
-
T1059.007 usesJavaScript
-
T1566.002 usesSpearphishing Link
-
T1041 usesExfiltration Over C2 Channel
-
T1059 usesCommand and Scripting Interpreter
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1105 usesIngress Tool Transfer
-
T1204.002 usesMalicious File
-
T1090 usesProxy
-
T1518.001 usesSecurity Software Discovery
-
T1573.001 usesSymmetric Cryptography
-
T1016.001
-
T1071.001 usesWeb Protocols
-
T1571 usesNon-Standard Port
-
T1574.002 uses
-
T1113 usesScreen Capture
-
T1140 usesDeobfuscate/Decode Files or Information
-
T1497.003 usesTime Based Checks
-
T1059.003 usesWindows Command Shell
-
T1555 usesCredentials from Password Stores
-
T1539 usesSteal Web Session Cookie
Malware (8)
-
TerraCryptor usesFamilyPublished 10/12/2024 13:45 · Modified 10/12/2024 13:45
-
TerraStealer usesFamilyPublished 10/12/2024 13:45 · Modified 10/12/2024 13:45
-
VenomLNK usesFamilyPublished 01/05/2025 20:55 · Modified 01/05/2025 20:55
-
TerraLoader usesFamilyPublished 01/05/2025 20:55 · Modified 01/05/2025 20:55
-
Retdoor usesFamilyPublished 10/12/2024 13:45 · Modified 10/12/2024 13:45
-
Venom Loader usesFamilyPublished 10/12/2024 13:45 · Modified 10/12/2024 13:45
-
More_eggs - S0284 usesFamilyPublished 11/06/2025 09:28 · Modified 11/06/2025 09:28
-
RevC2 usesFamilyPublished 01/05/2025 20:55 · Modified 01/05/2025 20:55
Sectors (3)
- Culture and entertainment targets
- Pharmacy targets
- Retail targets
Countries (1)
- United States of America targets
Indicators (31)
-
developer.master.org.kzindicates -
184788267738dfa09c82462821b1363dbec1191d843da5b7392ee3add19b06fbindicates -
ssl.gstatic.kzindicates -
doefstf.ryanberardi.comindicates -
contactlistsagregator.comindicates -
bd49b2db669f920d96008047a81e847ba5c2fd12f55cfcc0bb2b11f475cdf76findicates -
46a982ec4ea400f8df403fa8384e1752dca070bd84beef06284f1d412e159e67indicates -
cf45f68219c4a105fffc212895312ca9dc7f4abe37306d2f3b0f098fb6975ec7indicates -
ccb05ca9250093479a6a23c0c4d2c587c843974f229929cd3a8acd109424700dindicates -
dtde.ryanberardi.comindicates -
cast.voxcdn.kzindicates -
f7a405795f11421f0996be0d0a12da743cc5aaf65f79e0b063be6965c8fb8016indicates -
0af266246c905431e9982deab4ad38aaa63d33a725ff7f7675eb23dd75ca4d83indicates -
onlinemail.kzindicates -
municipiodechepo.orgindicates -
ryanberardi.comindicates -
f93134f9b4ee2beb1998d8ea94e3da824e7d71f19dfb3ce566e8e9da65b1d7a2indicates -
9b0b58aa10577244bc0e174d588ffa8d34a54a34c1b59371acba52772b584707indicates -
tool.municipiodechepo.orgindicates -
report.monicabellucci.kzindicates -
2fef6c59fbf16504db9790fcc6759938e2886148fc8acab84dbd4f1292875c6cindicates -
8e16378a59eb692de2c3a53b8a966525b0d36412bfd79c20b48c2ee546f13d04indicates -
http://nopsec.org:8082/indicates -
host.moresecurity.kzindicates -
api.incapdns.kzindicates -
d68d0668ee588e9229e7c1eb20da20b7b04e15c3indicates -
153cd5a005b553927a94cc7759a8909bd1b351407d8d036a1bf5fcf9ee83192eindicates -
blog.jasonlees.comindicates -
http://65.38.121.211/api/infosindicates -
376c809afd6aad06121e199e70477ad9ebaf0795indicates -
f873352564a6bd6bd162f07eb9f7a137671054f7ef6e71d89a1398fb237c7a7bindicates