TEMPLEDROP
AlienVault
· Published 21/12/2025 06:33 · Modified 21/12/2025 06:33
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 21/12/2025 06:33
- Modified
- 21/12/2025 06:33
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 19 attack patterns (mitre), 1 intrusion sets (apt), 2 sectors, 5 countries, 22 indicators, 1 vulnerabilities (cve), 1 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (19)
-
T1543.003 usesWindows Service
-
T1095 usesNon-Application Layer Protocol
-
T1562.002 usesDisable Windows Event Logging
-
T1078 usesValid Accounts
-
Direct Volume Access usesT1006
-
T1573 usesEncrypted Channel
-
T1207
-
T1190 usesExploit Public-Facing Application
-
T1553 usesSubvert Trust Controls
-
T1055 usesProcess Injection
-
T1140 usesDeobfuscate/Decode Files or Information
-
T1014 usesRootkit
-
T1583 usesAcquire Infrastructure
-
T1027 usesObfuscated Files or Information
-
T1112 usesModify Registry
-
T1505.003 usesWeb Shell
-
T1059 usesCommand and Scripting Interpreter
-
T1571 usesNon-Standard Port
-
T1068 usesExploitation for Privilege Escalation
Intrusion sets (APT) (1)
-
UNC1860 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 06:33 · Modified 21/12/2025 06:33
Sectors (2)
- Government targets
- Telecommunications targets
Countries (5)
- Albania targets
- Saudi Arabia targets
- Israel targets
- Iraq targets
- Qatar targets
Indicators (22)
-
f6c316e2385f2694d47e936b0ac4bc9b55e279d530dd5e805f0d963cb47c3c0dindicates -
8578bff36e3b02cc71495b647db88c67c3c5ca710b5a2bd539148550595d0330indicates -
a052413e65e025cbefdddff6eeae91161de17ffec16d3a741dd9b7c33d392435indicates -
a2598161e1efff623de6128ad8aafba9da0300b6f86e8c951e616bd19f0a572bindicates -
6f0a38c9eb9171cd323b0f599b74ee571620bc3f34aa07435e7c5822663de605indicates -
2097320e71990865f04b9484858d279875cf5c66a5f6d12c819a34e2385da838indicates -
c3fa9432243e1a2ab1991ab4c07a19392038e6a8e817e5fea0232c4caabbb950indicates -
fe14edf4db2a9838f15aaf24a5837ffc5c901313d6fd2fe60d15401154e44406indicates -
c5b4542d61af74cf7454d7f1c8d96218d709de38f94ccfa7c16b15f726dc08c0indicates -
9117bd328e37be121fb497596a2d0619a0eaca44752a1854523b8af46a5b0cebindicates -
f4639c63fb01875946a4272c3515f005d558823311d0ee4c34896c2b66122596indicates -
1485c0ed3e875cbdfc6786a5bd26d18ea9d31727deb8df290a1c00c780419a4eindicates -
3875ed58c0d42e05c83843b32ed33d6ba5e94e18ffe8fb1bf34fd7dedf3f82a7indicates -
36b61f94bdfc86e736a4ee30718e0b1ee1c07279db079d48d3fe78b1578dbf03indicates -
e1ad173e49eee1194f2a55afa681cef7c3b8f6c26572f474dec7a42e9f0cdc9dindicates -
596b2a90c1590eaf704295a2d95aae5d2fec136e9613e059fd37de4b02fd03bbindicates -
da450c639c9a50377233c0f195c3f6162beb253f320ed57d5c9bb9c7f0e83999indicates -
7495c1ea421063845eb8f4599a1c17c105f700ca0671ca874c5aa5aef3764c1cindicates -
fa2c5fa2814d4db288bf8733edc4f1a78cd2c72cde90f42cf5b14162ac648042indicates -
269d7faed3a01b5ff9181df32e3fdbf7f7f193cc53e4f28aa21290343e69f3cdindicates -
1146b1f38e420936b7c5f6b22212f3aa93515f3738c861f499ed1047865549cbindicates -
c0dc609e6fc8801bb902d14910c3ffd69d6bd5a26389836446dc4c23565ddcc7indicates
Vulnerabilities (CVE) (1)
CVE-2019-0604
KEV
Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote …
- Published
- 03/11/2021
- Modified
- 20/12/2025
Reports (1)
-
1 CVE 19 MITREs 16 Malwares 22 Observables 1 APTPublished 20/09/2024 11:10 · Modified 20/09/2024 11:36