IMAPLoader (0e5c0f19-db3d-5061-a0b9-3b55e4f3f50b)
IMAPLoader is a .NET-based loader malware exclusively associated with CURIUM operations since at least 2022. IMAPLoader leverages email protocols for command and control and payload delivery.[PWC Yellow Liderc 2023]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
IMAPLoader (0e5c0f19-db3d-5061-a0b9-3b55e4f3f50b) | Tidal Software | CURIUM (ab15a328-c41e-5701-993f-3cab29ac4544) | Tidal Groups | 1 |