Muldrop
AlienVault
· Published 20/12/2025 19:32 · Modified 20/12/2025 19:40
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:32
- Modified
- 20/12/2025 19:40
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 14 attack patterns (mitre), 29 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (14)
-
T1566 usesPhishing MITRE
-
T1070 usesIndicator Removal MITRE
-
T1546 usesEvent Triggered Execution MITRE
-
T1059 usesCommand and Scripting Interpreter MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1140 usesDeobfuscate/Decode Files or Information MITRE
-
T1134 usesAccess Token Manipulation MITRE
-
T1573 usesEncrypted Channel MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1560 usesArchive Collected Data MITRE
-
T1090 usesProxy MITRE
-
T1053 usesScheduled Task/Job MITRE
Indicators (29)
-
http://96.30.196.207:4177indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://154.35.175.225:80indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://31.44.185.6:4001indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://171.25.193.9:443indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://45.32.132.182:4177indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://193.23.244.244:80indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://131.188.40.189:80indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://204.13.164.118:80indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://db2.pushsecs.info:40690indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://db1.pushsecs.info:40690indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault -
http://dfhg72lymw7s3d7b.onion:4044indicatesstix 100/100 Revoked· Valid until 29/05/2022 · Source: AlienVault