Alias Description | Association Type | Votes |
---|---|---|
The KOPILUWAK Malware is associated with ANDROMEDA. KopiLuwak is a JavaScript-based malware used for command and control (C2) communications and victim profiling. It was initially dropped by Pensive Ursa using an MSIL dropper in a G20-themed attack in 2017, and later as a self-extracting archive (SFX) executable in late 2022. Upon execution, the SFX | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Turla Threat Actor is associated with ANDROMEDA. Turla, a threat actor linked to Russia, is known for its sophisticated cyber espionage operations. The group has been associated with numerous high-profile attacks, often utilizing advanced backdoors and fileless malware for infiltration and persistence. Turla's tactics, techniques, and procedures ( | Unspecified | 4 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
CERT-EU | a year ago | ||
CERT Polska | 2 years ago | ||
CERT-EU | a year ago | ||
CERT Polska | 2 years ago | ||
DARKReading | 2 years ago | ||
Checkpoint | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT Polska | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | a year ago | ||
MITRE | 2 years ago | ||
MITRE | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
MITRE | a year ago |