Galactic Ocelot

Colombia

Details

GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...

Community Identifiers

cufr1WVwR2tDpH5

Objective

  • RuproN5lTzFxOtQ6sgckWvU

Motivation

  • TrdUBj1X654Kcxv

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo