You Dun
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 08:05
- Modified
- 21/12/2025 08:05
- Updated at
- 21/12/2025 08:05
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 2 reports, 13 attack patterns (mitre), 4 malware, 5 sectors, 4 countries, 98 indicators, 6 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (2)
-
1 CVE 13 MITREs 3 Malwares 7 Observables 1 APT
-
1 Malware 3 Observables 1 APT
Attack patterns (MITRE) (13)
-
T1090 usesProxy MITRE
-
T1021 usesRemote Services MITRE
-
T1486 usesData Encrypted for Impact MITRE
-
T1190 usesExploit Public-Facing Application MITRE
-
T1595 usesActive Scanning MITRE
-
T1573 usesEncrypted Channel MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1078 usesValid Accounts MITRE
-
T1102 usesWeb Service MITRE
-
T1588.002 usesTool MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1082 usesSystem Information Discovery MITRE
Malware (4)
-
LockBit usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
WebLogicApp usesFamily
-
Xray usesFamily
-
Vulmap usesFamily
Sectors (5)
-
Education targets
-
Government targets
-
Logistics targets
-
Transportation targets
-
Healthcare targets
Countries (4)
-
Iran, Islamic Republic of targets
-
Thailand targets
-
Taiwan targets
-
China targets
Indicators (98)
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 24/10/2025 · Source: AlienVault
Vulnerabilities (CVE) (6)
The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file …
- Attack vector
- NETWORK
- Published
- 14/03/2022
- Modified
- 21/12/2025
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 15/10/2014
- Modified
- 22/04/2026
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server …
- Published
- 10/02/2016
- Modified
- 07/05/2026
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An …
- Published
- 10/02/2022
- Modified
- 20/12/2025
An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code …
- Attack vector
- LOCAL
- Complexity
- LOW
- Published
- 21/04/2015
- Modified
- 22/04/2026
Microsoft Windows Print Spooler contains an unspecified vulnerability that allows for remote code execution.
- Published
- 03/11/2021
- Modified
- 20/12/2025