Common Information
| Type | Value |
|---|---|
| Value |
ANDROMEDA - S1074 |
| Category | Tool |
| Type | Mitre-Malware |
| Misp Type | Cluster |
| Description | [ANDROMEDA](https://attack.mitre.org/software/S1074) is commodity malware that was widespread in the early 2010's and continues to be observed in infections across a wide variety of industries. During the 2022 [C0026](https://attack.mitre.org/campaigns/C0026) campaign, threat actors re-registered expired [ANDROMEDA](https://attack.mitre.org/software/S1074) C2 domains to spread malware to select targets in Ukraine.(Citation: Mandiant Suspected Turla Campaign February 2023) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2035-08-05 | 23 | Inside Jahoo (Otlard.A ?) - A spam Botnet | ||
| Details | Website | 2024-10-28 | 4 | Scammers' delivery service: exclusively dangerous | #philippines | #philippinesscams | #lovescams | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting | ||
| Details | Website | 2024-10-21 | 138 | Intro to Active Directory HTB-Academy | ||
| Details | Website | 2024-10-11 | 2 | Why You Need 2-Factor Authentication | ||
| Details | Website | 2023-10-16 | 11 | Andromeda: The latest Brazilian DTO malware | ||
| Details | Website | 2023-08-11 | 39 | Stealthy Malicious MSI Loader - Overlapping Technique and Infrastructure with BatLoader - CYFIRMA | ||
| Details | Website | 2023-08-10 | 0 | Android | Microsoft has Randomly Updated the Surface Duo | ||
| Details | Website | 2023-07-19 | 26 | What Is Advanced Persistent Threat (APT)? | ||
| Details | Website | 2023-07-14 | 5 | Top 10s in Cybersecurity for June’23: 365° Security | ||
| Details | Website | 2023-06-07 | 4 | The Origin Story of the APT Turla, the Hunt for "The Snake" Malware, and Current Steps for Prevention | ||
| Details | Website | 2023-05-20 | 2 | The Underground History of Russia's Most Ingenious Hacker Group | ||
| Details | Website | 2023-05-19 | 64 | Turla - Threat hunting with hints of incident response | ||
| Details | Website | 2023-05-18 | 0 | Turla Disrupted: What Does That Mean for Russian Cyber Operations? | ||
| Details | Website | 2023-05-09 | 0 | FBI Disarms Russian FSB 'Snake' Malware Network | ||
| Details | Website | 2023-04-25 | 0 | Kaspersky Analyzes Links Between Russian State-Sponsored APTs | ||
| Details | Website | 2023-04-20 | 481 | ATT&CK Changes | ||
| Details | Website | 2023-03-30 | 0 | How To Overcome The State Of Startup Security For 2022? | ||
| Details | Website | 2023-03-14 | 0 | How Do Integrations And Automation Help You In Building A Robust Security Program? | ||
| Details | Website | 2023-03-02 | 199 | Russia/Ukraine Update - February 2023 | ||
| Details | Website | 2023-02-21 | 1 | Nuspire Q4 2022 and Year in Review Threat Report: Cyber Threat Numbers Make History | ||
| Details | Website | 2023-02-16 | 4 | Malware Reverse Engineering for Beginners - Part 2 | ||
| Details | Website | 2023-01-13 | 14 | Cyber security week in review: January 13, 2023 | ||
| Details | Website | 2023-01-11 | 2 | New Analysis Reveals Raspberry Robin Can be Repurposed by Other Threat Actors | ||
| Details | Website | 2023-01-10 | 9 | Raspberry Robin's botnet second life | ||
| Details | Website | 2023-01-10 | 40 | Anomali Cyber Watch: Turla Re-Registered Andromeda Domains, SpyNote Is More Popular after the Source Code Publication, Typosquatted Site Used to Leak Company’s Data |