Galactic Ocelot

Colombia

Details

GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...

Community Identifiers

1ArCZ8XMI9LbzR6

Objective

  • 958IWLfd2ZXS4UeOYMutDP3

Motivation

  • qHE78dR5JmrZoDI

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo