TA422
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:42
- Modified
- 21/12/2025 02:51
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 6 attack patterns (mitre), 1 intrusion sets (apt), 10 sectors, 21 indicators, 3 vulnerabilities (cve)
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (6)
Intrusion sets (APT) (1)
-
The MITRE Corporation Confidence 100
[APT28](https://attack.mitre.org/groups/G0007) is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165.(Citation: NSA/FBI Drovorub…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (10)
-
Universities targets
-
Defense targets
-
Technology targets
-
Construction targets
-
Education targets
-
Manufacturing targets
-
Consulting targets
-
Finance targets
-
Air transport targets
-
Government targets
Indicators (21)
-
stix 100/100 Revoked· Valid until 09/03/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 09/03/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
downloadingf.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
downloaddoc.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 27/03/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 09/03/2025 · Source: AlienVault
-
opendoc.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 17/03/2025 · Source: AlienVault
-
downloadfile.infinityfreeapp.comindicatesstix 100/100 Revoked· Valid until 21/05/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 09/03/2025 · Source: AlienVault
Vulnerabilities (CVE) (3)
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file …
- Attack vector
- Local
- Published
- 24/08/2023
- Modified
- 27/05/2026
An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in …
- Attack vector
- NETWORK
- Published
- 25/07/2023
- Modified
- 21/12/2025
Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the …
- Attack vector
- Network
- Published
- 14/03/2023
- Modified
- 21/12/2025