BADFLICK

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[BADFLICK](https://attack.mitre.org/software/S0642) is a backdoor used by [Leviathan](https://attack.mitre.org/groups/G0065) in spearphishing campaigns first reported in 2018 that targeted the U.S. engineering and maritime industries.(Citation: FireEye Periscope March 2018)(Citation: Accenture MUDCARP March 2019)

Associated Techniques (10)

ID	ATT&CK	Tactics
T1005	Data from Local System	-
T1016	System Network Configuration Discovery	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1105	Ingress Tool Transfer	-
T1140	Deobfuscate/Decode Files or Information	-
T1204.002	Malicious File	-
T1497.003	Time Based Checks	-
T1560.002	Archive via Library	-
T1566.001	Spearphishing Attachment	-

Used by Actors (1)

Leviathan
Unknown

Metadata

ID:	250
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00