information stealer
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:59
- Modified
- 21/12/2025 16:46
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 7 attack patterns (mitre), 1 intrusion sets (apt), 5 sectors, 3 countries, 48 indicators, 3 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (7)
Intrusion sets (APT) (1)
-
The MITRE Corporation Confidence 100
[APT28](https://attack.mitre.org/groups/G0007) is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165.(Citation: NSA/FBI Drovorub…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (5)
-
Transportation targets
-
Government targets
-
Finance targets
-
Energy targets
-
Defense targets
Countries (3)
-
Central African Republic targets
-
United States of America targets
-
South Africa targets
Indicators (48)
-
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
downloadingw.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
downloadx.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
downloadingq.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
document-c.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 27/03/2025 · Source: AlienVault -
filedwn.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 11/05/2025 · Source: AlienVault
-
downloadinge.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
filehosting.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 11/05/2025 · Source: AlienVault
-
online-shopping.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault
Vulnerabilities (CVE) (3)
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their …
- Attack vector
- Network
- Published
- 14/11/2023
- Modified
- 21/12/2025
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file …
- Attack vector
- Local
- Published
- 24/08/2023
- Modified
- 27/05/2026
Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the …
- Attack vector
- Network
- Published
- 14/03/2023
- Modified
- 21/12/2025