Pennywise
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:34
- Modified
- 20/12/2025 21:29
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 20 attack patterns (mitre), 8 countries, 14 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (20)
-
T1562 usesImpair Defenses MITRE
-
T1518 usesSoftware Discovery MITRE
-
T1552 usesUnsecured Credentials MITRE
-
T1007 usesSystem Service Discovery MITRE
-
T1047 usesWindows Management Instrumentation MITRE
-
T1555 usesCredentials from Password Stores MITRE
-
T1560 usesArchive Collected Data MITRE
-
T1055 usesProcess Injection MITRE
-
T1528 usesSteal Application Access Token MITRE
-
T1041 usesExfiltration Over C2 Channel MITRE
-
T1195 usesSupply Chain Compromise MITRE
-
T1113 usesScreen Capture MITRE
Countries (8)
-
Russian Federation targets
-
Georgia targets
-
Singapore targets
-
Belarus targets
-
Kazakhstan targets
-
Ukraine targets
-
Australia targets
-
India targets
Indicators (14)
-
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of 35a06ba7f2cffaf5c2f97c7fe02d235c6317ebf2
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of e341cd9abfca8e02bef0d0af94343949a23ce6c4
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked· Valid until 03/10/2023 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 03/10/2023 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 03/10/2023 · Source: AlienVault
-
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of b6bfbbd9c49cc94e4fcab413f62a12bb23485cdf
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked· Valid until 03/10/2023 · Source: AlienVault
-
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of 2ba8275af7b7708a7f79bb442c980ec3d3c04b91
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of 8cfc5d40a8008e91464fd89a1d6cb3a7b3b7a282
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of ebf6edd68e97bd13d4ed3e878c7bd11dfb5a628c
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked
TrojanDownloader:MSIL/Seraph.MR!MTB SHA256 of b28568c19eaafd0e8212b81ea7b87340554e1340
· Valid until 03/10/2023 · Source: AlienVault -
stix 100/100 Revoked
stack_string SHA256 of fd3c1844af6af1552ff08e88c1553cc6565fe455
· Valid until 03/10/2023 · Source: AlienVault