Candiru
AlienVault
· Published 20/12/2025 19:44 · Modified 21/12/2025 04:29
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:44
- Modified
- 21/12/2025 04:29
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 10 attack patterns (mitre), 1 intrusion sets (apt), 9 sectors, 5 countries, 47 indicators, 3 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (10)
-
T1608.004 usesDrive-by Target MITRE
-
T1059.005 usesVisual Basic MITRE
-
T1588.001 usesMalware MITRE
-
T1583.001 usesDomains MITRE
-
T1189 usesDrive-by Compromise MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1566.001 usesSpearphishing Attachment MITRE
-
T1583.004 usesServer MITRE
-
T1584.004 usesServer MITRE
-
Exploits usesT1588.005 MITRE
Intrusion sets (APT) (1)
-
Candiru usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (9)
-
Tech targets
-
Healthcare services targets
-
Electricity targets
-
Finance targets
-
Media targets
-
Ministries of foreign affairs targets
-
Government targets
-
Embassy targets
-
Air transport targets
Countries (5)
-
Russian Federation targets
-
Uzbekistan targets
-
Armenia targets
-
Albania targets
-
Yemen targets
Indicators (47)
-
https://piwiks.com/reconnect.jsindicatesstix 100/100 Revoked· Valid until 03/01/2022 · Source: AlienVault -
stix 100/100 Revoked· Valid until 03/01/2022 · Source: AlienVault
-
https://webfex.bz/f/gstatsindicatesstix 100/100 Revoked· Valid until 03/01/2022 · Source: AlienVault -
https://useproof.cc/1tUAE7A2Jn8WMmq/apiindicatesstix 100/100 Revoked· Valid until 03/01/2022 · Source: AlienVault
Vulnerabilities (CVE) (3)
Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. …
- Published
- 03/11/2021
- Modified
- 21/12/2025
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
- Published
- 03/11/2021
- Modified
- 21/12/2025
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted …
- Published
- 03/11/2021
- Modified
- 21/12/2025