LITTLELAMB.WOOLTEA

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[LITTLELAMB.WOOLTEA](https://attack.mitre.org/software/S1121) is a backdoor that was used by UNC5325 during [Cutting Edge](https://attack.mitre.org/campaigns/C0029) to deploy malware on targeted Ivanti Connect Secure VPNs and to establish persistence across system upgrades and patches.(Citation: Mandiant Cutting Edge Part 3 February 2024)

Tecniche Associate (7)

ID	ATT&CK	Tattiche
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1090	Proxy	-
T1095	Non-Application Layer Protocol	-
T1543	Create or Modify System Process	-
T1554	Compromise Host Software Binary	-
T1573.002	Asymmetric Cryptography	-

Metadata

ID:	71
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00