Skip to content

Hide Navigation Hide TOC

INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901)

INSOMNIA is spyware that has been used by the group Evil Eye.(Citation: Volexity Insomnia)

Cluster A Galaxy A Cluster B Galaxy B Level
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Ptrace System Calls - T1631.001 (1ff89c1b-7615-4fe8-b9cb-63aaf52e6dee) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Non-Standard Port - T1509 (948a447c-d783-4ba0-8516-a64140fcacd5) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Exploitation for Privilege Escalation - T1404 (351c0927-2fc1-4a2c-ad84-cbbee7eb8172) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Drive-By Compromise - T1456 (fd339382-bfec-4bf0-8d47-1caedc9e7e57) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 1
INSOMNIA - S0463 (21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901) Malware Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 1
Ptrace System Calls - T1631.001 (1ff89c1b-7615-4fe8-b9cb-63aaf52e6dee) Attack Pattern Process Injection - T1631 (b7c0e45f-0206-4f75-96e7-fe7edad3aaff) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002) Attack Pattern 2
Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) Attack Pattern 2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) Attack Pattern 2
Credentials from Password Store - T1634 (cc6e0637-76d2-4af3-a604-9d8d3ff8a6b3) Attack Pattern Keychain - T1634.001 (8605a0ec-b44a-4e98-a7fc-87d4bd3acb66) Attack Pattern 2
Application Layer Protocol - T1437 (6a3f6490-9c44-40de-b059-e5940f246673) Attack Pattern Web Protocols - T1437.001 (2282a98b-5049-4f61-9381-55baca7c1add) Attack Pattern 2