Galactic Ocelot

Colombia

Details

GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...

Community Identifiers

pAqDl9orKiV4Y2z

Objective

  • QN5c4rkeImYF9WVL8bw0dl7

Motivation

  • 9Br4sth0YHfpqoS

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo