Profiling Trafficers: Cerberus
· Published 10/05/2024 09:02 · Modified 10/05/2024 09:26
Essential information
- Published
- 10/05/2024 09:02
- Modified
- 10/05/2024 09:26
- Tags
- 2024-05-05 2024-05-06 2024-05-07 2024-05-08 2024-05-09 2024-05-10 aurora stealer casbaneiro cybercrime dracula stealer (samurai) hacking infostealer lumma stealer malware metamorfo redline rhadamanthys stealer russia
- Related entities
- 24 observables, 1 intrusion sets (apt), 7 malware, 200 others
Description
This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specialize in spreading infostealers, particularly in the Commonwealth of Independent States (CIS) region. It provides insights into their operations, tactics, and the evolution of their malware campaigns over time, shedding light on the ever-evolving landscape of cybercriminal activities.
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Observables (24)
5.42.65.3637.220.87.13195.10.205.74147.45.44.55.42.65.101ffadffdb70628e31d82c7f79dbb60ee917f09d47c085a19e1ac6e6e1e35f65d2ddd48bf86fb56853f8d7ec54bdd9922044f4f6a97aa16c4b1b6da4d162c63f50e50ffa2b9fd2f72117215aae4bd556181a1c43f0e485ee2ede668ae67ff8b37db9161bebfa420e361053fe2d28cbacb9f59e12bb2e9ae6dc241326ec5b32429ab86815c10b68f1108530338128c8f0a79d358ee91bc43082a2314985fa4db1baaa79dd98bfa1024797b92c3016e931180faf9baa462e751a8eb9061fbfd7a06c9f8a9a96bcd4b50414604cbd67f282226a2af227972833725e133c60da35ad437eca655f69b3b43c4f228dbd149b73247166872ba92691f7fb00f7f35bb89e4148660eb510470d5ebf35a0dfdb4c592117eaec4f07cbf01d428099f052a2fdca2f51a381d2fc22009dd2e7e27d555b7e10de4fbc954d27e506c5c3ba8348157724952724df0a06ae1d58350bacc43c37981e46267c9f7575192e222028eb762616fbabbe3842fee9262fd42da0151f81e4375652d59b01f75a1f0dff46cda69f0aa93d611bbbe91ef03cce5ad22160fa4cea54a8e5b322f85be9b2a139e069e2fc43e409ca887fe8f98079100e54a442b7ab01a2743d7e195ba2c8358a1152dff1317fa1e70ad44256d1282121c8ad5e12faf9a32fc6b743212726d666408967c4b216b616c005c7ae84dfbdc5f2a99172825e1ee362555ddad8ed29f23313d6495d6698ee5c9a61d68bfd5328fa2e0979ff0ae04d1a2655e5d580e73fe6b9982318f5ddf39a7576e33513557c3af1498e841cef7b36acc53e80ddd700ac0d62005360f36d6b7bf31717fb5ba88f844bdf5455dfbd9f84894a8c1e53f7f5ef51
Intrusion sets (APT) (1)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 04:38 · Modified 29/05/2026 12:20
Malware (7)
-
FamilyPublished 26/08/2025 16:14 · Modified 26/08/2025 16:14
-
FamilyPublished 10/05/2024 09:02 · Modified 10/05/2024 09:02
-
FamilyPublished 19/05/2026 22:26 · Modified 19/05/2026 22:26
-
FamilyPublished 19/05/2026 22:26 · Modified 19/05/2026 22:26
-
FamilyPublished 08/06/2026 19:36 · Modified 08/06/2026 19:36
-
FamilyPublished 08/05/2026 11:31 · Modified 08/05/2026 11:31
-
FamilyPublished 10/05/2024 09:02 · Modified 10/05/2024 09:02
Others (200)
- Palau
- Northern Mariana Islands
- Turkmenistan
- Micronesia, Federated States of
- Norfolk Island
- Monaco
- Kiribati
- Comoros
- Djibouti
- Bermuda
- Antigua and Barbuda
- Anguilla
- Virgin Islands, U.S.
- Virgin Islands, British
- Turks and Caicos Islands
- Guernsey
- Grenada
- Greenland
- Faroe Islands
- Dominica
- Cayman Islands
- San Marino
- New Caledonia
- Saint Martin (French part)
- Liechtenstein
- Isle of Man
- Eswatini
- Burundi
- Martinique
- Lesotho
- French Polynesia
- Curaçao
- Timor-Leste
- Niger
- Gambia
- Chad
- Guinea-Bissau
- Guinea
- Guadeloupe
- French Guiana
- Saint Lucia
- Bhutan
- Sierra Leone
- Belize
- Barbados
- Macao
- Liberia
- Iceland
- Suriname
- Bahamas
- Saint Kitts and Nevis
- Cabo Verde
- Mauritania
- Brunei Darussalam
- Guyana
- Maldives
- Haiti
- Malawi
- Jersey
- Zimbabwe
- Mali
- Namibia
- Gabon
- Rwanda
- Congo, Democratic Republic of the
- Benin
- Puerto Rico
- Burkina Faso
- Mozambique
- South Sudan
- Jamaica
- Equatorial Guinea
- El Salvador
- Uganda
- Zambia
- Senegal
- Togo
- Cameroon
- Madagascar
- Honduras
- Paraguay
- Costa Rica
- Croatia
- Tunisia
- Dominican Republic
- Syrian Arab Republic
- Bolivia, Plurinational State of
- Andorra
- South Georgia and the South Sandwich Islands
- Georgia
- Ethiopia
- Papua New Guinea
- Palestine
- North Macedonia
- Estonia
- Central African Republic
- Trinidad and Tobago
- Botswana
- Angola
- Mauritius
- Somalia
- Mongolia
- Malta
- British Indian Ocean Territory
- Tanzania, United Republic of
- Sudan
- Guam
- Montenegro
- Luxembourg
- Nigeria
- Kenya
- Slovenia
- Finland
- Latvia
- Slovakia
- Albania
- Lebanon
- Ireland
- Iraq
- Kuwait
- Greece
- Hungary
- Congo
- Sweden
- New Zealand
- Guatemala
- Cuba
- Libya
- Austria
- Venezuela, Bolivarian Republic of
- Uruguay
- Panama
- Nicaragua
- Qatar
- Yemen
- Algeria
- Egypt
- South Africa
- Fiji
- Afghanistan
- Kyrgyzstan
- Tajikistan
- Azerbaijan
- Hong Kong
- Cyprus
- Bulgaria
- Chile
- Colombia
- Uzbekistan
- Myanmar
- Ghana
- Singapore
- Armenia
- Belgium
- Portugal
- Serbia
- Iran, Islamic Republic of
- Sri Lanka
- Nepal
- Bangladesh
- India
- Czechia
- Denmark
- Lithuania
- Australia
- Taiwan
- Saudi Arabia
- Jordan
- China
- United Arab Emirates
- Netherlands
- Norway
- Argentina
- Switzerland
- Poland
- Spain
- Italy
- Thailand
- Peru
- Canada
- Japan
- Moldova, Republic of
- Belarus
- Malaysia
- Indonesia
- Bosnia and Herzegovina
- France
- Germany
- Romania
- Oman
- Morocco
- Bahrain
- Kazakhstan
- Cambodia
- Philippines
- Ecuador
- Mexico
- Pakistan
- United Kingdom of Great Britain and Northern Ireland
- Ukraine