ChaosBot
AlienVault
· Published 20/12/2025 20:00 · Modified 21/12/2025 17:30
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 20:00
- Modified
- 21/12/2025 17:30
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 10 attack patterns (mitre), 1 sectors, 40 indicators, 2 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (10)
-
T1571 usesNon-Standard Port MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1133 usesExternal Remote Services MITRE
-
T1059.001 usesPowerShell MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1083 usesFile and Directory Discovery MITRE
-
T1056.001 usesKeylogging MITRE
-
T1078.001 usesDefault Accounts MITRE
-
T1497 usesVirtualization/Sandbox Evasion MITRE
-
T1113 usesScreen Capture MITRE
Sectors (1)
-
Finance targets
Indicators (40)
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
-
stix 100/100· Valid until 10/10/2026 · Source: AlienVault
Vulnerabilities (CVE) (2)
9.8
Critical
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration). Supported versions that are affected are 12.2.3-12.2.14. …
- Attack vector
- Network
- Published
- 06/10/2025
- Modified
- 21/12/2025
10.0
Critical
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to …
- Attack vector
- Network
- Published
- 29/09/2025
- Modified
- 29/05/2026