
Also Known As
Chafer | Remix Kitten | Cobalt Hickman
Origin
Iran
Target Countries
Australia | Egypt | Iraq | Israel | Jordan | Kuwait | Norway | Qatar | Saudi Arabia | South Korea | Turkey | United Arab Emirates
Targeted Verticals
Critical Infrastructure
Government | Military
Telecommunications
Retail | Commercial
MITRE TTPs
Application Layer Protocol: DNS
Application Layer Protocol: Web Protocols
Archive Collected Data: Archive via Utility
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
Boot or Logon Autostart Execution: Shortcut Modification
Command and Scripting Interpreter
Credentials from Password Stores
Exploit Public-Facing Application
Masquerading: Match Legitimate Name or Location
Obfuscated Files or Information: Software Packing
Phishing: Spearphishing Attachment
Remote Services: Remote Desktop Protocol
Remote Services: SMB/Windows Admin Shares
Scheduled Task/Job: Scheduled Task
Server Software Component: Web Shell
System Services: Service Execution
User Execution: Malicious File