Galactic Ocelot
United States
Japan
Afghanistan
Albania
Angola
Argentina
Armenia
Aruba
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Belarus
Belgium
Bolivia
Bosnia/Herzegovina
Botswana
Brazil
Brunei Darussalam
Bulgaria
Cambodia
Canada
Cape Verde
Cayman Islands
Chile
China
Colombia
Congo
Costa Rica
Côte D'Ivoire
Croatia
Cyprus
Czech Republic
Denmark
Dominican Republic
Ecuador
Egypt
El Salvador
Estonia
Ethiopia
Fiji
Finland
France
Georgia
Germany
Ghana
Greece
Greenland
Guatemala
Haiti
Honduras
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Jamaica
Jordan
Kazakhstan
Kenya
Kuwait
Latvia
Lebanon
Liberia
Libyan Arab Jamahiriya
Liechtenstein
Lithuania
Luxembourg
Macao
Macedonia
Madagascar
Malaysia
Malta
Mauritius
Mexico
Moldova
Monaco
Mongolia
Montenegro
Morocco
Mozambique
Myanmar
Namibia
Nepal
Netherlands
New Zealand
Nicaragua
Nigeria
Norway
Oman
Pakistan
Palestine
Panama
Paraguay
Peru
Philippines
Poland
Portugal
Puerto Rico
Qatar
Romania
Russian Federation
Saudi Arabia
Senegal
Serbia
Sierra Leone
Singapore
Slovakia
Slovenia
South Africa
South Korea
Spain
Sri Lanka
Sudan
Sweden
Switzerland
Syrian Arab Republic
Taiwan
Tajikistan
Tanzania
Thailand
Timor-Leste
Tokelau
Tunisia
Turkey
Turkmenistan
Ukraine
United Arab Emirates
United Kingdom
Uruguay
Uzbekistan
Venezuela
Vietnam
Yemen
Zambia
Galactic Ocelot
Colombia
Details
GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...
Community Identifiers
Qa8eB2tGqghLvrm
Objective
- wbiGnxTar2oISV6cX9mYDlt
Motivation
- MgtbnmcK1XCk0Tf
Contact our team about
IOCs for this adversary
?
