Storm-1865
APT Group
8 zero-day CVEs
Also Known As
No alias recordedTarget Countries 47
Countries highlighted in red
United Arab Emirates
Austria
Australia
Azerbaijan
Belgium
Bulgaria
Canada
Switzerland
Cameroon
China
Colombia
Cuba
Czech Republic
Germany
Denmark
Spain
Finland
France
United Kingdom
Greece
Hong Kong
Hungary
Indonesia
Ireland
Israel
India
Italy
Morocco
Malaysia
Netherlands
Norway
New Zealand
Panama
Philippines
Poland
Portugal
Romania
Sweden
Singapore
Thailand
Turkey
Province of China Taiwan
United Republic of Tanzania
Ukraine
United States
Vietnam
South Africa
Sectors Targeted
Educational Services
611
Religious, Grantmaking, Civic, Professional, and Similar Organizations
813
Pharma
Telephone Apparatus Manufacturing
33421
Government
Legal Services
5411
Religious Organizations
8131
Professional, Scientific, and Technical Services
54
Newspaper Publishers
51111
Telecommunications
517
Accommodation and Food Services
72
Manufacturing
Multiple industries
Educational Services
61
Travel Agencies
561510
Computer Systems Design Services
541512
Air Transportation
481
Advertising Agencies
54181
Executive, Legislative, and Other General Government Support
9211
Offices of Lawyers
541110
Financial
Management, Scientific, and Technical Consulting Services
5416
National Security and International Affairs
9281
Finance and Insurance
52
Grantmaking and Giving Services
8132
Educational Support Services
6117
Hospitality
Paint, Coating, and Adhesive Manufacturing
3255
Automobile Dealers
4411
Hotels (except Casino Hotels) and Motels
721110
Human Resources Consulting Services
541612
Pharmaceutical and Medicine Manufacturing
32541
Health Care and Social Assistance
62
Food Services and Drinking Places
722
Data Processing, Hosting, and Related Services
51821
Various
Business, Professional, Labor, Political, and Similar Organizations
8139
Computer Systems Design and Related Services
54151
Finance
Promoters of Performing Arts, Sports, and Similar Events
7113
Chemical Manufacturing
325
Arts, Entertainment, and Recreation
71
Periodical Publishers
51112
National Security and International Affairs
928
Electronic Shopping and Mail-Order Houses
4541
NAICS:31
31
NAICS:44
44
Motion Picture and Video Production
51211
Public Administration
92
Technology
Motor Vehicle Manufacturing
3361
Accommodation
721
Toilet Preparation Manufacturing
32562
Healthcare
Hospitals
622
Details
Last Updated
27 Mar 2025
Malware Families 7
Netsupport Manager
netsupportmanager_rat
Waledac
venom
kelihos
venomous
ASYNCRAT
MITRE ATT&CK 29
T1003 - Credential Dumping
T1005 - Data from Local System
T1012 - Query Registry
T1016 - System Network Configuration Discovery
T1033 - System Owner/User Discovery
T1056 - Input Capture
T1057 - Process Discovery
T1059 - Command and Scripting Interpreter
T1059.001 - Command and Scripting Interpreter PowerShell
T1071.004 - Application Layer Protocol DNS
T1082 - System Information Discovery
T1083 - File and Directory Discovery
T1112 - Modify Registry
T1113 - Screen Capture
T1114 - Email Collection
T1119 - Automated Collection
T1123 - Audio Capture
T1193 - Spearphishing Attachment
T1204 - User Execution
T1204.002 - User Execution Malicious File
T1218.005 - System Binary Proxy Execution Mshta
T1543 - Create or Modify System Process
T1547 - Boot or Logon Autostart Execution
T1555 - Credentials from Password Stores
T1559 - Inter-Process Communication
T1566 - Phishing
T1566.001 - Phishing Spearphishing Attachment
T1566.002 - Phishing Spearphishing Link
T1566.003 - Phishing Spearphishing via Service