ElizaRAT
AlienVault
· Published 21/12/2025 01:11 · Modified 21/12/2025 01:11
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 21/12/2025 01:11
- Modified
- 21/12/2025 01:11
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 29 attack patterns (mitre), 1 intrusion sets (apt), 3 sectors, 3 countries, 40 indicators, 1 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (29)
-
T1547 usesBoot or Logon Autostart Execution
-
T1071 usesApplication Layer Protocol
-
T1518.001 usesSecurity Software Discovery
-
T1033 usesSystem Owner/User Discovery
-
T1078 usesValid Accounts
-
T1204.002 usesMalicious File
-
T1057 usesProcess Discovery
-
T1053.005 usesScheduled Task
-
T1036 usesMasquerading
-
T1127 usesTrusted Developer Utilities Proxy Execution
-
T1083 usesFile and Directory Discovery
-
T1059.001 usesPowerShell
-
T1218 usesSystem Binary Proxy Execution
-
T1566 usesPhishing
-
T1016 usesSystem Network Configuration Discovery
-
T1547.001 usesRegistry Run Keys / Startup Folder
-
T1105 usesIngress Tool Transfer
-
T1564 usesHide Artifacts
-
T1102 usesWeb Service
-
T1566.001 usesSpearphishing Attachment
-
T1140 usesDeobfuscate/Decode Files or Information
-
T1176 usesSoftware Extensions
-
T1119 usesAutomated Collection
-
T1027 usesObfuscated Files or Information
-
T1567 usesExfiltration Over Web Service
-
T1574 usesHijack Execution Flow
-
T1113 usesScreen Capture
-
T1082 usesSystem Information Discovery
-
T1134 usesAccess Token Manipulation
Intrusion sets (APT) (1)
-
The MITRE Corporation Confidence 100
[Transparent Tribe](https://attack.mitre.org/groups/G0134) is a suspected Pakistan-based threat group that has been active since at least 2013, primarily targeting diplomatic, defense, and research organizations in India and Afghanistan.(Citation: Proofpoint …
First seen 01/01/1970 · Last seen 16/11/5138 Published 16/12/2025 19:39 · Modified 27/03/2026 01:13
Sectors (3)
- Government targets
- Education targets
- Defense targets
Countries (3)
- India targets
- Pakistan targets
- British Indian Ocean Territory targets
Indicators (40)
-
6f839ded49ebf1dad014d79fbab396e2067c487685556a8402f3acdeb1600d98indicates -
60b0b6755cf03ea8f6748a1e8b74a80a3d7637c986df64ee292f5ffefcd610a2indicates -
7e04e62f337c5059757956594b703fc1a995d436c48efa17c45eb0f80af8a890indicates -
dca78e069bfd9ca4638b4f9cb21dff721530d16924e502c03d8c9aa334b7ca0dindicates -
admin-br.inindicates -
b9e10e83a270e1995acaceb88ce684fb97df6156a744565b20b6ec3bc08c2728indicates -
b41e1d6340388b08694ae649a54fa09372f92f4038fd84259a06716fa706b967indicates -
https://admin-dept.in/approved_copy.pdfindicates -
admin-desk.inindicates -
348c0980c61d7c682cce7521aaad13a20732f7115cb5559729b86ca255f1af7findicates -
06d9662572a47d31a51adf1e0085278e0233e4299e0d7477e5e4a3a328dea9d1indicates -
2216b700f2fa595ca263722b23fe6e62e9e3fe4d93d683ce282568eec3bf084cindicates -
0a52c0ac04251ac1a8bc193af47f33136ae502b0c237de5236d1136acc3b1140indicates -
2b6a273eae0fb1835393aea6c30521d9bf5e27421c2933bfb3beee8c5b27847eindicates -
263f9e965f4f0d042537034e33699cf6d852fb8a52ac320a0e964ce96c48f5e5indicates -
http://134.209.159.9/4200f0916f146d2ac5448e91a3afe1b3/ziputils-helpindicates -
adminbr.inindicates -
admincell.inindicates -
admindept.inindicates -
admindesk.inindicates -
admin-dept.inindicates -
http://indiauc.com/myf/test.phpindicates -
70bafcf666e8e821212f55ea302285bb860d2b7c18089592a4a093825adbaa71indicates -
http://103.2.232.82:8081/ISEPC-12-2023-Agenda-for-meeting/indicates -
6296fb22d94d1956fda2a6a48b36e37ddd15cf196c434ab409c787bf8aa47ac3indicates -
d66ba4ee97a2f42d85ca383f3f61a2fac4f0b374aad1337f5f29245242f2d990indicates -
8d552547fe045f6006f113527eb5dd4a8d5918c989bf11090c7cb44806d595beindicates -
2ede282d20a990d26711aee02493f18cb6874422f8b6bce8b604a13ea32293cdindicates -
a7fd97177186aff9f442beb9da6b1ab3aff47e611b94609404e755dd2f97dce8indicates -
coordbranch.inindicates -
adminsec.inindicates -
eb86fc6758446bdfdb9da293b67b1c33127464556e78d0451af658d96b0d85a4indicates -
7158dafa56c694de8ae4a1969cc8575ddc4374bb179f58769a23ccb70186d072indicates -
https://email9ov.in/VISIT_OF_MEDICALindicates -
308c84c68c18af8458ae61afe1f2eec78f229e188724e271bd192a144fd582fcindicates -
http://103.2.232.82:8081/Tri-Service-Exercise/Delegation_Saudi_Arabia.zipindicates -
b30a9e31b0897bfe6ab80aebcd0982eecf68e9d3d3353c1e146f72195cef0ef5indicates -
http://64.227.133.222/zswap-xbusdindicates -
coordbr.inindicates -
http://64.227.138.127/4200f0916f146d2ac5448e91a3afe1b3/pickle-helpindicates
Reports (1)
-
18 MITREs 2 Malwares 23 Observables 1 APTPublished 04/11/2024 22:12 · Modified 04/11/2024 22:43