BLUELIGHT

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[BLUELIGHT](https://attack.mitre.org/software/S0657) is a remote access Trojan used by [APT37](https://attack.mitre.org/groups/G0067) that was first observed in early 2021.(Citation: Volexity InkySquid BLUELIGHT August 2021)

Associated Techniques (19)

ID	ATT&CK	Tactics
T1016	System Network Configuration Discovery	-
T1027.013	Encrypted/Encoded File	-
T1033	System Owner/User Discovery	-
T1041	Exfiltration Over C2 Channel	-
T1057	Process Discovery	-
T1070.004	File Deletion	-
T1071.001	Web Protocols	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1102.002	Bidirectional Communication	-
T1105	Ingress Tool Transfer	-
T1113	Screen Capture	-
T1124	System Time Discovery	-
T1497.001	System Checks	-
T1518.001	Security Software Discovery	-

Used by Actors (1)

APT37
Nation-state

Metadata

ID:	388
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00