XDealer

Search IOCs, vulnerabilities, APT…

216.73.216.36

← Back to malwares

AlienVault · Published 20/12/2025 19:43 · Modified 21/12/2025 03:33

Essential information

Confidence: 100/100
Is family: No
Published: 20/12/2025 19:43
Modified: 21/12/2025 03:33
Revoked: No
Author / Source: AlienVault
Related entities: 6 attack patterns (mitre), 1 intrusion sets (apt), 7 sectors, 4 countries, 99 indicators, 6 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.

Attack patterns (MITRE) (6)

T1071 uses

Application Layer Protocol MITRE
T1064 uses

Scripting MITRE
T1204 uses

User Execution MITRE
T1036 uses

Masquerading MITRE
T1027 uses

Obfuscated Files or Information MITRE
T1055 uses

Process Injection MITRE

Intrusion sets (APT) (1)

Earth Krahang uses

AlienVault Confidence 100

First seen 01/01/1970 · Last seen 16/11/5138 ·

Sectors (7)

Technology targets
Defense ministries (including the military) targets
Finance targets
Manufacturing targets
Retail targets
Healthcare targets
Government targets

Countries (4)

American Samoa targets
Central African Republic targets
South Africa targets
United States of America targets

Indicators (99)

0f0663fc26b18212485149e3e22c3dd4b8900ea8dca7c084dbe09fef02cfdade indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
8218c23361e9f1b25ee1a93796ef471ca8ca5ac672b7db69ad05f42eb90b0b8d indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
f34bd1d485de437fe18360d1e850c3fd64415e49d691e610711d8d232071a0b1 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
bb6afc28d610bfddcd0cf3497c152c081f63137fea9914a1fd461a0706c74288 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
tfirstdaily.store indicates

stix 100/100 Revoked

· Valid until 12/01/2025 · Source: AlienVault
d096c3a67634599bc47151f0e01a7423a3eb873377371b2b928c0d4f57635a1f indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
3d93b8954ed1441516302681674f4989bd0f20232ac2b211f4b601af0fcfc13b indicates

stix 100/100 Revoked

· Valid until 05/07/2025 · Source: AlienVault
4cb020a66fdbc99b0bce2ae24d5684685e2b1e9219fbdfda56b3aace4e8d5f66 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
57f64f170dfeaa1150493ed3f63ea6f1df3ca71ad1722e12ac0f77744fb1a829 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
ef4a2cfe4d9d3495d4957a65299f608f7b823fab0699fded728fd3900c0b2bb4 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
a4f59d4d42e42b882068cacf8b70f314add963e2cbbf7a52e70df130bfe23dff indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault
b3a6dfc196bdad381c18f9f861f8da3757479cec2a76b8e5908da5aaec072dd8 indicates

stix 100/100 Revoked

· Valid until 21/06/2025 · Source: AlienVault

← Previous

Page / 9

1–12 of 99

Vulnerabilities (CVE) (6)

CVE-2022-21587 KEV targets

9.8 Critical

Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications …

Attack vector: Network
Published: 02/02/2023
Modified: 21/12/2025

CVE-2021-4034 KEV targets

The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.

Published: 27/06/2022
Modified: 20/12/2025

CVE-2024-21412 KEV targets

8.1 High

Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.

Attack vector: Network
Published: 13/02/2024
Modified: 27/05/2026

CVE-2016-5195 KEV targets

7.0 High

Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.

Attack vector: LOCAL
Complexity: HIGH
Published: 10/11/2016
Modified: 22/04/2026

CWE-362

CVE-2021-22555 KEV targets

Linux Kernel contains a heap out-of-bounds write vulnerability that could allow an attacker to gain privileges or cause a DoS (via heap …

Published: 06/10/2025
Modified: 21/12/2025

CVE-2023-32315 KEV targets

8.6 High

Ignite Realtime Openfire contains a path traversal vulnerability that allows an unauthenticated attacker to access restricted pages in the Openfire Admin Console …

Attack vector: Network
Published: 24/08/2023
Modified: 21/12/2025

Contact About Legal notice Privacy policy Terms of use