Skip to content

Hide Navigation Hide TOC

Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a)

Catchamas is a Windows Trojan that steals information from compromised systems. (Citation: Symantec Catchamas April 2018)

Cluster A Galaxy A Cluster B Galaxy B Level
Clipboard Data - T1115 (30973a08-aed9-4edf-8604-9084ce1b5c4f) Attack Pattern Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware 1
System Network Configuration Discovery - T1016 (707399d6-ab3e-4963-9315-d9d3818cd6a0) Attack Pattern Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware 1
Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware Local Data Staging - T1074.001 (1c34f7aa-9341-4a48-bfab-af22e51aca6c) Attack Pattern 1
Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware Keylogging - T1056.001 (09a60ea3-a8d1-4ae5-976e-5783248b72a4) Attack Pattern 1
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware 1
Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) Attack Pattern 1
Screen Capture - T1113 (0259baeb-9f63-4c69-bf10-eb038c390688) Attack Pattern Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware 1
Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware Masquerade Task or Service - T1036.004 (7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c) Attack Pattern 1
Catchamas - S0261 (8d9e758b-735f-4cbc-ba7c-32cd15138b2a) Malware Application Window Discovery - T1010 (4ae4f953-fe58-4cc8-a327-33257e30a830) Attack Pattern 1
Local Data Staging - T1074.001 (1c34f7aa-9341-4a48-bfab-af22e51aca6c) Attack Pattern Data Staged - T1074 (7dd95ff6-712e-4056-9626-312ea4ab4c5e) Attack Pattern 2
Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) Attack Pattern Keylogging - T1056.001 (09a60ea3-a8d1-4ae5-976e-5783248b72a4) Attack Pattern 2
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5) Attack Pattern 2
Masquerading - T1036 (42e8de7b-37b2-4258-905a-6897815e58e0) Attack Pattern Masquerade Task or Service - T1036.004 (7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c) Attack Pattern 2