Void Arachne
· Published 21/12/2025 05:27 · Modified 21/12/2025 05:27
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 05:27
- Modified
- 21/12/2025 05:27
- Updated at
- 21/12/2025 05:27
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 3 reports, 26 attack patterns (mitre), 5 malware, 3 sectors, 2 countries, 69 indicators, 1 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (3)
-
16 MITREs 1 Malware 14 Observables 1 APTPublished 28/03/2026 16:12 · Modified 30/03/2026 10:12
-
15 MITREs 4 Malwares 2 Observables 1 APTPublished 06/11/2024 16:21 · Modified 06/11/2024 17:34
-
1 CVE 2 MITREs 1 Malware 46 Observables 1 APTPublished 19/06/2024 11:37 · Modified 19/06/2024 12:10
Attack patterns (MITRE) (26)
-
T1059 usesCommand and Scripting Interpreter
-
T1036 usesMasquerading
-
T1192 uses
-
T1566 usesPhishing
-
T1055 usesProcess Injection
-
T1573 usesEncrypted Channel
-
T1113 usesScreen Capture
-
T1140 usesDeobfuscate/Decode Files or Information
-
T1566.001 usesSpearphishing Attachment
-
T1078 usesValid Accounts
-
T1115 usesClipboard Data
-
T1193 uses
-
T1105 usesIngress Tool Transfer
-
T1005 usesData from Local System
-
T1057 usesProcess Discovery
-
T1204 usesUser Execution
-
T1082 usesSystem Information Discovery
-
T1132 usesData Encoding
-
T1608 usesStage Capabilities
-
T1566.002 usesSpearphishing Link
-
T1547 usesBoot or Logon Autostart Execution
-
T1071 usesApplication Layer Protocol
-
T1534 usesInternal Spearphishing
-
T1571 usesNon-Standard Port
-
T1056.001 usesKeylogging
-
T1027 usesObfuscated Files or Information
Malware (5)
-
Mydoor usesFamilyPublished 17/04/2026 23:18 · Modified 17/04/2026 23:18
-
ValleyRAT usesFamilyPublished 08/06/2026 10:30 · Modified 08/06/2026 10:30
-
gh0st RAT - S0032 usesFamilyPublished 17/04/2026 23:18 · Modified 17/04/2026 23:18
-
Winos 4.0 usesFamilyPublished 30/04/2026 09:42 · Modified 30/04/2026 09:42
-
Winos usesFamilyPublished 10/07/2024 10:19 · Modified 10/07/2024 10:19
Sectors (3)
- Education targets
- Entertainment industry targets
- Manufacturing targets
Countries (2)
- Japan targets
- China targets
Indicators (69)
-
154.36.152.151indicates -
244a2f4dc256f6d1c3710a2d27656a6bc21ffadca8f3236d63b327ff2f0b33dbindicates -
2962bb303b949e4a0826c723ee4aee2df8cb0806653a8ca6daaa67fd06f37e6findicates -
d2e15264c786917a6cb194bf0cf586a69b8678c6d4d4c87cc14082d7b76fe0b2indicates -
47dfa891fc347187ba4ac161980a7e7c47cf656ddbf7b269a74c32a5a1365d4eindicates -
6ce947e21128687ed37f247e297f29609251deed934b7b5722d27f4a1f72a90eindicates -
incometax.biz.idindicates -
b396bfd7bec043cf402e04fa810983c93c79d1a632fd4558098e68eb144abb17indicates -
5abc2006c7a3a27e033075ba881a668aba5e70797677ed2220f7ab9fb36fc927indicates -
5684fc4f33c168519b2fdcae59cc3be2e6db1f0b0f3718524ef57e0e7423f59dindicates -
149.104.24.24indicates -
65ac9f036b1d8a02e4c9041eeafc230562088e57f2535bd194e8bf592e62cb06indicates -
677e42b1d3d7bfc87e5dddd1c7aad2c7142afb26e7ac0ace53f2996c3005ff90indicates -
b71e6c4ff7c910dd666f442e98597f90bd2eb3fce4c8889af0ecc694f282bf64indicates -
78f86c3581ae893e17873e857aff0f0a82dcaed192ad82cd40ad269372366590indicates -
sjxcrojzkn.comindicates -
11a96c107b8d4254722a35ab9a4d25974819de1ce8aa212e12cae39354929d5findicates -
bc01cf528086de6a1b231dee01c1624cf58911b171904bf7a6b08ddfba661d83indicates -
616c7270a21ecc9ccd880e04563343e9ac53cce88a77244388dbb1fc7bfa4360indicates -
827ed4f36ea7032395bfa35da54c6e9d06d6633aa7396792e8511adf366c1fccindicates -
3ac0afec0ce29b69d57c54663c6e4fa6fee703696069cb5b8f00783b5504cf80indicates -
103.210.238.29indicates -
023822a8ad26f2d7330a2afa310ccf943058f2765b7cbc6975c51c144739b55findicates -
ca11ac11dc9dd8d2c6b95bc422a4c2f3d986f8dd5e508fb8d6e2b8aa7b4d5a31indicates -
govbrk.shopindicates -
103.214.147.14.webcamcn.xyzindicates -
61d73a8920c41483d0832c9a5c5bc9f57ac5f71146a98faefc0cb4d988e77babindicates -
fbc23b84b2c83e99ab1c5cb7075bd5d26b55dde4afc06eddc0471c6d6b2cc5f2indicates -
538382dc7a7839f125ffe08a854512b78fc4a657697227e53f832ae566ca2505indicates -
government1.icuindicates -
6f923b94a614e61cbde73c5b09036b9482f3770c02161ecb0875dbb56bc65843indicates -
976837663b25f793470f24925198b06e79a72ede014a84ba62311fadede5062findicates -
2d1904dfc5a555b8bfdd4fa2db46d532e19479fd99affb169449ff2a2a4b459aindicates -
2066dd040fe020ca32e5ebfeeb4fa75094d3ac43155c83fe222f380d4940df42indicates -
49120dfcef430df1c90c9c370b92b969c876b9b4327d81eae720cd71fcd75b87indicates -
03669424bdf8241a7ef7f8982cc3d0cf56280a5804f042961f3c6a111252ffd3indicates -
ecf5394d78392b11daec1016c6b447f9da7eae69f7702ecf8c4d1d3f69e3fe64indicates -
6ece1e12d50ade02bf424007a9b70b4a14580244a9a1f5cd32c0a129ec069d6eindicates -
ad59t82g.comindicates -
lolpartyanimals.comindicates -
8c4386cecc89f5f2dee323f2a1e0d9f42a28905be812de14173ca7ee9fc64e72indicates -
768881a43d2ffd9701bf2e241a1d59d8a0c116cf20e27a632a8b087bb81de409indicates -
5f7e00017b16db29fa7cba60993d7af909ef41d3fe9d3f7ca9f693c1f7ef6d37indicates -
7ed8c7ea5e2feeadb1966f53c48ab3a580f53a4d20725031d764db7e962607a9indicates -
a23640778b836420eecb5461938a98ad3588d2044359daf6b4b25ecaf35c996eindicates -
4791c23aff8a09061b76a05bb88ee37149995584a87aade236ea4eebab79ed1cindicates -
govbr.icuindicates -
c61c8ded2a9481c2e50b4872c8f7bcd8ecc33997a6004e62aa06b60742f54e57indicates -
ywdtwss.icuindicates -
fae4f96beda54a1ed4914537b0542182d3a020dd9db9d9995df37d303b88e6dfindicates -
escaperoomhub.comindicates -
202c378deb628a8104a1dd957bbd70b945beea8e11d55b9ce3e4787fbe496797indicates -
436499efe94c7a1bfefaa84c52f8187bffb3d4d1a49de1cbc8885e7807d11b42indicates -
516dd5f495d697b199a9e7cc71f686c992b65d14b57c55d91068c0909bcc7b00indicates -
b1398d15d45d439a2abd5f7341b870de0818df357ebc78e7410465b74409dfa5indicates -
b022e0f0b2ae9e27847cfc909bfcdbc89a732fcdde6e473443aaab2592a84910indicates -
tyjmbeexa.cnindicates -
9d7f8e321082b46dcf625d7b24dcb9c72710e87a1a66cccd265cdbe926e78813indicates -
7a3841a5315c01df299d8844b62dc150b1c3e5b5ebe7547c1a211349879659afindicates -
5759fc938f228579fc5e64e74cee083581a975d4054deb715c0f371b66b96263indicates -
16d3c176ca94c84b60e26981231bf59ebe75057ac10dd6f583ce65a3bed11dd0indicates -
61981a0324586ad83e6cb7015df91a6e4887537ad36a4674be82cb3cfcf5b18bindicates -
55b99f0d438800cad8288d81d2808728ce1bec8c22c5346a38a513dc6728b4baindicates -
77c77e728b98a923bb057943d0b5765b79106c0378d72814cb3db69749abaebbindicates -
103.236.63.138indicates -
409e09ac0fcf7d39044ef0b3eb798aea6dc0650e5214056760694c1340fc8488indicates -
206.206.77.224indicates -
6f5574d00ffce206525835f72ac083692a183e69114f1551b7ecb99dec3d1d19indicates -
186bf42bf48dc74ef12e369ca533422ce30a85791b6732016de079192f4aac5findicates
Vulnerabilities (CVE) (1)
CVE-2024-21412
KEV
8.1
High
Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.
- Attack vector
- Network
- Published
- 13/02/2024
- Modified
- 27/05/2026