VBShower - S0442
AlienVault
· Published 20/12/2025 19:49 · Modified 21/12/2025 08:33
Essential information
- Confidence
- 100/100
- Is family
- No
- Published
- 20/12/2025 19:49
- Modified
- 21/12/2025 08:33
- Revoked
- No
- Author / Source
- AlienVault
- Related entities
- 56 attack patterns (mitre), 1 intrusion sets (apt), 4 sectors, 6 countries, 49 indicators, 1 vulnerabilities (cve), 4 reports
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (56)
-
T1055 usesProcess Injection MITRE
-
T1547.001 usesRegistry Run Keys / Startup Folder MITRE
-
T1087.002 usesDomain Account MITRE
-
T1027 usesObfuscated Files or Information MITRE
-
T1553.005 usesMark-of-the-Web Bypass MITRE
-
T1573 usesEncrypted Channel MITRE
-
T1105 usesIngress Tool Transfer MITRE
-
T1016 usesSystem Network Configuration Discovery MITRE
-
T1071.001 usesWeb Protocols MITRE
-
T1057 usesProcess Discovery MITRE
-
T1560 usesArchive Collected Data MITRE
-
T1033 usesSystem Owner/User Discovery MITRE
Intrusion sets (APT) (1)
-
The MITRE Corporation Confidence 100
[Inception](https://attack.mitre.org/groups/G0100) is a cyber espionage group active since at least 2014. The group has targeted multiple industries and governmental entities primarily in Russia, but has also been active…
First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (4)
-
Manufacturing targets
-
Government targets
-
Telecommunications targets
-
Construction targets
Countries (6)
-
Moldova, Republic of targets
-
Belarus targets
-
Israel targets
-
Canada targets
-
Kyrgyzstan targets
-
Russian Federation targets
Indicators (49)
-
stix 100/100· Valid until 19/02/2027 · Source: AlienVault
-
stix 100/100· Valid until 19/02/2027 · Source: AlienVault
-
stix 100/100· Valid until 19/02/2027 · Source: AlienVault
-
stix 100/100· Valid until 19/02/2027 · Source: AlienVault
Vulnerabilities (CVE) (1)
Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code …
- Published
- 03/11/2021
- Modified
- 20/12/2025
Reports (4)
-
20 MITREs 8 Malwares
-
1 CVE 14 MITREs 2 Malwares 10 Observables 1 APT
-
13 MITREs 4 Malwares 1 APT
-
1 CVE 21 MITREs 3 Malwares 16 Observables 1 APT