SYMBOLCOMMON_NAMEaka. SYNONYMS
vbs.cageychameleon (Back to overview)

CageyChameleon

aka: Cabbage RAT

CageyChameleon Malware is a VBS-based backdoor which has the capability to enumerate the list of running processes and check for the presence of several antivirus products. CageyChameleon will collect user host information, system current process information, etc. The collected information is sent back to the C2 server, and continue to initiate requests to perform subsequent operations.

References
2023-11-20PWCSveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket
2023-05-01JPCERT/CCShusei Tomonaga
Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto
2023-01-25ProofpointGreg Lesnewich, Proofpoint Threat Research Team
TA444: The APT Startup Aimed at Acquisition (of Your Funds)
CageyChameleon Lazarus Group TA444
2022-11-29QianxinRed Raindrop Team
Job hunting trap: Analysis of Lazarus attack activities using recruitment information such as Mizuho Bank of Japan as bait
CageyChameleon Cur1Downloader
2022-08-11PWCAllison Wikoff, Sveva Vittoria Scenarelli
Talent Need Not Apply. Tradecraft and Objectives of Job-themed APT Social Engineering
CageyChameleon
2022-01-13Kaspersky LabsSeongsu Park, Vitaly Kamluk
The BlueNoroff cryptocurrency hunt is still on
CageyChameleon SnatchCrypto WebbyTea
2021-05-01ClearSkyClearSky
Attributing Attacks Against Crypto Exchanges to LAZARUS – North Korea
CageyChameleon
2020-10-03VB LocalhostRintaro Koike, Shogo Hayashi, Takai Hajime
Unveiling the CryptoMimic
CageyChameleon SnatchCrypto
2020-06-26Atlas CybersecurityAtlas Cybersecurity
CryptoCore – Cryptocurrency Exchanges Under Attack
CageyChameleon
2020-06-24ClearSkyClearSky Research Team
CryptoCore: A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-06-24ClearSkyClearSky Research Team
CryptoCore Group : A Threat Actor Targeting Cryptocurrency Exchanges
CageyChameleon
2020-05-06Cyber StruggleCyber Struggle
Leery Turtle Threat Report
CageyChameleon
2020-04-02Github (StrangerealIntel)StrangerealIntel
Dangerous Password
CageyChameleon
2019-11-21ThreatBookThreatBook
The Nightmare of Global Cryptocurrency Companies -Demystifying the “DangerousPassword” of the APT Organization
CageyChameleon SnatchCrypto
2019-07-09JPCERT/CCTomoaki Tani, Yukako Uchida
Spear Phishing against Cryptocurrency Businesses
CageyChameleon
2019-03-14ProofpointProofpoint
Daily Ruleset Update Summary 2019/03/14
CageyChameleon

There is no Yara-Signature yet.