HTTP-Shell
AlienVault
· Published 20/12/2025 19:43 · Modified 21/12/2025 03:57
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:43
- Modified
- 21/12/2025 03:57
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 9 attack patterns (mitre), 1 intrusion sets (apt), 18 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (9)
-
T1027 usesObfuscated Files or Information MITRE
-
T1071 usesApplication Layer Protocol MITRE
-
T1090 usesProxy MITRE
-
T1012 usesQuery Registry MITRE
-
T1007 usesSystem Service Discovery MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1041 usesExfiltration Over C2 Channel MITRE
-
T1219 usesRemote Access Tools MITRE
Intrusion sets (APT) (1)
-
Russia-nexus usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Indicators (18)
-
stix 100/100 Revoked· Valid until 05/07/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 28/06/2026 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/07/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 05/07/2025 · Source: AlienVault