TEXTMATE

Malware Profile Updated 2 months ago
Download STIX
Preview STIX
Textmate is a type of malware that is designed to cause harm to computers and other devices. It can infect a system without the user's knowledge, often through suspicious downloads or emails. Once inside, it can steal personal information, disrupt operations, or hold data hostage for ransom. Textmate is described as "memory resident," which means it is fileless malware. FireEye iSIGHT Intelligence MySIGHT Portal has additional information regarding the investigation into Textmate, as well as other related topics such as FIN7 and POWERSOURCE malware. The Textmate backdoor provides attackers with a reverse shell and utilizes DNS TXT queries to tunnel interactive commands and other data. Additionally, POWERSOURCE was observed being used to download a second-stage PowerShell backdoor called Textmate in an attempt to further infect victim machines. Overall, Textmate is a highly dangerous form of malware that poses a significant threat to computer security. It is essential to take preventative measures such as avoiding suspicious downloads and emails, using robust antivirus software, and keeping systems updated to prevent these types of attacks.
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Fireeye
Backdoor
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
POWERSOURCEUnspecified
1
Powersource is a newly discovered malware family, classified as a backdoor, that has been spotted by cybersecurity firm FireEye iSIGHT Intelligence. Malware is a dangerous program that can enter your computer or device through downloads, emails, or websites, and can steal personal information or dis
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
FIN7Unspecified
1
FIN7, a known threat actor in the cybersecurity world, has been recognized for its malicious activities against various entities. This group, which could be an individual, a private company, or part of a government body, is notorious for executing actions with harmful intent. One notable instance of
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the TEXTMATE Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings « FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings