ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool InvisiMole

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: InvisiMole

NamesInvisiMole
CategoryMalware
TypeReconnaissance, Backdoor, Info stealer, Exfiltration
Description(ESET) InvisiMole has a modular architecture, starting its journey with a wrapper DLL, and performing its activities using two other modules that are embedded in its resources. Both of the modules are feature-rich backdoors, which together give it the ability to gather as much information about the target as possible.
Information<https://www.welivesecurity.com/2018/06/07/invisimole-equipped-spyware-undercover/>
<https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/>
MITRE ATT&CK<https://attack.mitre.org/software/S0260/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.invisimole>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:invisimole>

Last change to this tool card: 23 June 2020

Download this tool card in JSON format

All groups using tool InvisiMole

ChangedNameCountryObserved

APT groups

 InvisiMoleRussia2013-Late 2019 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key