Galactic Ocelot

Colombia

Details

GALACTIC OCELOT is a targeted intrusion adversary active since at least 2010 with a nexus to the Colombian government. Over this period, this adversary has primarily relied on a single custom Python-based malware tool, Ragua (a.k.a. Machete), that they have iterated across operations while maintaining the malware’s core information-stealing functionality. Most recently, the malware has evolved to ...

Community Identifiers

HUfqTQu0dLGcbCg

Objective

  • nkbflT3WiLRpFmJNO8GHz2M

Motivation

  • RzUuoWxBLPYd9Fs

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo