🇷🇺

InvisiMole

APT Group Information theft and espionage 1 zero-day CVE ETDA ✓

Also Known As

No alias recorded

Target Countries 5

Countries highlighted in red

Estonia Russian Federation Ukraine United States South Africa

Sectors Targeted

Public Administration 92 National Security and International Affairs 928110 Publishing Industries (except Internet) 511 Government Periodical Publishers 51112 Construction 23 Space Research and Technology 927 Defense Telecommunications 517 National Security and International Affairs 928

Details

Origin 🇷🇺 RU

Last Updated 03 Oct 2025

MITRE ATT&CK 41

T1001 T1002 T1003 - OS Credential Dumping T1010 - Application Window Discovery T1012 - Query Registry T1021 - Remote Services T1027 - Obfuscated Files or Information T1036 - Masquerading T1041 T1055 T1057 - Process Discovery T1059 - Command and Scripting Interpreter T1059.001 T1064 T1071 - Application Layer Protocol T1071.001 T1082 - System Information Discovery T1083 - File and Directory Discovery T1102 - Web Service T1105 T1106 - Native API T1140 - Deobfuscate/Decode Files or Information T1203 T1204 T1218 - Signed Binary Proxy Execution T1219 T1221 T1480 - Execution Guardrails T1497 T1543 T1547 - Boot or Logon Autostart Execution T1555 T1560 T1562.001 T1564 T1566 T1573 - Encrypted Channel T1574 - Hijack Execution Flow T1583 - Acquire Infrastructure T1584 - Compromise Infrastructure T1608 - Stage Capabilities

Related Zero-Days 1

CVE-2017-0147

InvisiMole

Also Known As

Target Countries 5

Sectors Targeted

Details

MITRE ATT&CK 41

Related Zero-Days 1

Known Names 2 entries

Observed Target Countries 3

Description

Tools Used 1

Operations 2

Reports & References 1

ETDA Profile