Micropsia

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Micropsia is a malicious software (malware) that we have been studying alongside another malware named KASPERAGENT. Both of these malwares are designed to infiltrate and exploit computer systems, potentially causing significant disruption and data theft. Micropsia, specifically, is a Remote Access Trojan (RAT) written in Delphi and has been used in recent hacking campaigns across the Middle East. We first identified the Command and Control (C2) server for these malwares as mailsinfo[.]com, which executes Micropsia on infected systems. Our research into Micropsia and KASPERAGENT led us to discover a new campaign linked to the server mail.pal4u[.]net on 148.251.135[.]117. This server houses the C2 infrastructure for this new operation, marking a continuation of our previous work. The discovery of this new campaign started from where our earlier research left off, leading to further insights into the C2 infrastructure associated with these malwares. According to an analysis by Symantec's Threat Hunter Team in April 2023, the group deploying Micropsia targets various sectors including government, military, financial, media, education, energy, and research and policy entities. They use updated versions of custom Micropsia and Arid Gopher backdoors to maintain a persistent presence on targeted networks. It's important to note that despite the different decoy documents used in attacks, the core Micropsia malware remains identical, highlighting its consistent threat.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Kasperagent
1
Kasperagent is a malicious software or malware that was identified in our recent research, along with another malware family named Micropsia. These harmful programs are designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the u
Arid Gopher
1
None
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Decoy
Payload
Trojan
Phishing
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Micropsia Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
DARKReading
7 months ago
Pro-Hamas Cyberattackers Aim 'Pierogi' Malware at Multiple Mideast Targets
CERT-EU
9 months ago
Hamas-linked app offers window into cyber infrastructure, possible links to Iran
MITRE
a year ago
Delphi Used To Score Against Palestine
MITRE
a year ago
BadPatch