Alias Description | Association Type | Votes |
---|---|---|
The Cobaltstrike Malware is associated with Beacon. CobaltStrike is a type of malware, or malicious software, that infiltrates systems to exploit and damage them. It can gain access via suspicious downloads, emails, or websites and then steal personal information, disrupt operations, or hold data for ransom. CobaltStrike has been observed in conjunct | Unspecified | 6 |
The Meterpreter Malware is associated with Beacon. Meterpreter is a type of malware that is part of the Metasploit penetration testing software. It serves as an attack payload and provides an interactive shell, allowing threat actors to control and execute code on a compromised system. Advanced Persistent Threat (APT) actors have created and used a | Unspecified | 4 |
The Cobalt Strike Beacon Malware is associated with Beacon. Cobalt Strike Beacon is a type of malware that has been linked to various ransomware activities. This malicious software has been loaded by HUI Loader in several instances, with different files such as mpc.tmp, dlp.ini, and vmtools.ini being used. A unique feature of this Cobalt Strike Beacon shellc | Unspecified | 4 |
The Reflective Loader Malware is associated with Beacon. A reflective loader is a type of malware that can load a Dynamic Link Library (DLL) into a process, often without the user's knowledge. This technique allows the malware to execute malicious code directly from memory, making it harder for antivirus software to detect and remove it. The loader operat | Unspecified | 3 |
The pythonw.exe Malware is associated with Beacon. Pythonw.exe, a malware that exploits and damages your computer or device, has been identified to execute malicious code on Windows systems. This harmful program infiltrates your system through suspicious downloads, emails, or websites without your knowledge, with the potential to steal personal info | Unspecified | 2 |
The Diceloader Malware is associated with Beacon. Diceloader is a type of malware, short for malicious software, that is designed to infiltrate and damage computer systems. It can infect systems through various means such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a system, it can steal personal in | Unspecified | 2 |
The Conti Malware is associated with Beacon. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | Unspecified | 2 |
The Carbanak Malware is associated with Beacon. Carbanak is a notorious malware developed by the cybercrime collective known as FIN7, also referred to as Carbon Spider, Cobalt Group, and Navigator Group. The group, which has been active since 2012, is of Russian origin and has been particularly focused on exploiting the restaurant, gambling, and | Unspecified | 2 |
The Ursnif Malware is associated with Beacon. Ursnif, also known as Gozi or ISFB, is a type of malware that has been distributed by threat actor group TA551. This harmful software can infiltrate systems via suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or even hold data for ra | Unspecified | 2 |
The PlugX Malware is associated with Beacon. PlugX is a Remote Access Trojan (RAT) malware known for its stealthy operations and destructive capabilities. It is often used by threat actors to exploit and damage computer systems, steal personal information, disrupt operations, or hold data hostage for ransom. Its deployment has been linked to s | Unspecified | 2 |
The Batloader Malware is associated with Beacon. Batloader is a malware downloader posing as installers or updates for legitimate applications such as Microsoft Teams, Zoom, and others. This malicious software can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal | Unspecified | 2 |
The Truebot Malware is associated with Beacon. Truebot is a malicious software (malware) utilized by the CL0P actors, designed to exploit and damage computer systems. This malware can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Truebot serves multiple purposes: it can dow | Unspecified | 2 |
The Systembc Malware is associated with Beacon. SystemBC is a type of malware that has been heavily used in cyber-attacks, often alongside other malicious software. It was observed being used with Quicksand and BlackBasta in 2023, during attacks attributed to a team deploying BlackBasta. The Play ransomware group also utilized SystemBC as part of | Unspecified | 2 |
The python310.dll Malware is associated with Beacon. Python310.dll is a malicious software (malware) that infiltrates systems by installing a trojanized version of itself and establishing persistence through a run key named "Python". This is achieved by manipulating the value to be "C:\Users\Public\Music\python\pythonw.exe". The malware can enter your | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The FIN12 Threat Actor is associated with Beacon. FIN12, also known as DEV-0237 and Pistachio Tempest, is a threat actor group notorious for its malicious cyber activities. Tracked by Microsoft, this group is primarily engaged in the distribution of Hive, Conti, and Ryuk ransomware. The group has been responsible for several high-profile ransomware | Unspecified | 3 |
The Lace Tempest Threat Actor is associated with Beacon. Lace Tempest, a threat actor known for executing actions with malicious intent, has been identified as the orchestrator behind a series of cyber attacks exploiting a zero-day vulnerability in SysAid. The exploit was first brought to light by SysAid and further detailed in a blog post on TuxCare. Thi | Unspecified | 3 |
The Pistachio Tempest Threat Actor is associated with Beacon. Pistachio Tempest, also known as FIN12, is a threat actor that has been identified as a significant cybersecurity risk, particularly to the healthcare industry. According to a report by the U.S. Department of Health and Human Services (HHS) in 2022, this group has specifically targeted healthcare en | Unspecified | 2 |
The Arid Viper Threat Actor is associated with Beacon. Arid Viper, also known as APT-C-23, Desert Falcons, or Two-tailed Scorpion, is a cyber espionage group that has been active since at least 2013, primarily targeting countries in the Middle East. The group's geographical location remains unknown, but it is associated with Palestinian interests and is | Unspecified | 2 |
The FIN7 Threat Actor is associated with Beacon. FIN7, also known as Carbanak, Carbon Spider, Cobalt Group, and Navigator Group, is a notorious cybercrime group that has been active since 2012. The group is recognized for its advanced combination of malware and social engineering tactics, having executed numerous successful attacks against global | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Trend Micro | 8 months ago | ||
CERT-EU | a year ago | ||
MITRE | 2 years ago | ||
CERT-EU | 2 years ago | ||
MITRE | 2 years ago | ||
CISA | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
SecurityIntelligence.com | a year ago | ||
MITRE | 2 years ago | ||
CISA | 2 years ago | ||
CERT-EU | 2 years ago | ||
Securelist | 2 years ago | ||
SecurityIntelligence.com | 2 years ago | ||
Trend Micro | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |