InvisiMole
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[InvisiMole](https://attack.mitre.org/software/S0260) is a modular spyware program that has been used by the InvisiMole Group since at least 2013. [InvisiMole](https://attack.mitre.org/software/S0260) has two backdoor modules called RC2FM and RC2CL that are used to perform post-exploitation activities. It has been discovered on compromised victims in the Ukraine and Russia. [Gamaredon Group](https://attack.mitre.org/groups/G0047) infrastructure has been used to download and execute [InvisiMole](https://attack.mitre.org/software/S0260) against a small number of victims.(Citation: ESET InvisiMole June 2018)(Citation: ESET InvisiMole June 2020)
Tecniche Associate (73)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1001.003 | Protocol or Service Impersonation | - |
| T1005 | Data from Local System | - |
| T1007 | System Service Discovery | - |
| T1008 | Fallback Channels | - |
| T1010 | Application Window Discovery | - |
| T1012 | Query Registry | - |
| T1016 | System Network Configuration Discovery | - |
| T1025 | Data from Removable Media | - |
| T1027 | Obfuscated Files or Information | - |
| T1027.005 | Indicator Removal from Tools | - |
| T1033 | System Owner/User Discovery | - |
| T1036.004 | Masquerade Task or Service | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1046 | Network Service Discovery | - |
| T1053.005 | Scheduled Task | - |
Metadata
| ID: | 186 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 04:00 |