Alias Description | Votes |
---|---|
ROKRAT is a possible alias for Amadey. RokRAT is a sophisticated malware that has been used by the cyber-espionage group ScarCruft, primarily to target South Korean media and research organizations. The malware is typically delivered via phishing emails with ZIP file attachments containing LNK files disguised as Word documents. However, | 3 |
Formbook is a possible alias for Amadey. Formbook is a type of malware, malicious software designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Formbook has been linked with other forms o | 2 |
Amadey Loader is a possible alias for Amadey. Amadey Loader is a notorious malware that has been identified as a significant threat to computer systems. This malicious software, designed to exploit and damage your computer or device, can infect systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once i | 2 |
Socks5systemz is a possible alias for Amadey. Socks5Systemz is a malicious software (malware) that has been identified as a significant threat to computer systems worldwide. The malware, delivered via the PrivateLoader and Amadey loaders, functions by exploiting and damaging infected devices, often without the user's knowledge. Once inside a sy | 2 |
Azorult is a possible alias for Amadey. Azorult is a type of malware, or malicious software, that infiltrates systems to exploit and damage them, often without the user's knowledge. It has historically been one of the favored infostealers sold on the marketplace 2easy, alongside RedLine, Raccoon, Vidar, and Taurus. However, as of late Feb | 2 |
Privateloader is a possible alias for Amadey. PrivateLoader is a notable malware that has been active since at least December 19, 2022. It acts as the first step in many malware schemes, often initiating an infection chain that leads to other malicious software. The malware can infiltrate systems through suspicious downloads, emails, or website | 2 |
GuLoader is a possible alias for Amadey. GuLoader is a potent malware that has been causing significant cybersecurity concerns. It operates by infecting systems through suspicious downloads, emails, or websites and then proceeds to exploit the system, often stealing personal information, disrupting operations, or holding data hostage for r | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Redline Malware is associated with Amadey. RedLine is a type of malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, RedLine can steal personal information, disrupt operations, or deliver further | Unspecified | 4 |
The Smokeloader Malware is associated with Amadey. SmokeLoader is a malicious software (malware) used by threat actors to infect systems and exfiltrate data. It operates in conjunction with other open-source tools like Cobalt Strike and Bloodhound, but most notably with Phobos ransomware. Threat actors often use SmokeLoader as a hidden payload in sp | Unspecified | 3 |
The KONNI Malware is associated with Amadey. Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba | Unspecified | 2 |
The Redline Stealer Malware is associated with Amadey. RedLine Stealer is a type of malware, or malicious software, that infiltrates computer systems with the intent to exploit and cause damage. It typically gains access through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside the system, it can steal personal i | Unspecified | 2 |
The Systembc Malware is associated with Amadey. SystemBC is a type of malware that has been heavily utilized in various cyber attacks, including those involving the BlackBasta ransomware group in 2023. The Play ransomware actors have also been known to use SystemBC alongside other command and control (C2) applications such as Cobalt Strike and to | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT37 Threat Actor is associated with Amadey. APT37, also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, and Group123, is a threat actor suspected to be linked with North Korea. This group has been active since at least 2012 and targets various industry verticals primarily in South Korea, but also in Japan, Vietnam, and the Middle East. These | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Bitdefender | 22 days ago | ||
Trend Micro | a month ago | ||
Securityaffairs | a month ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 4 months ago | ||
DARKReading | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
ESET | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago |