Malware: SpicyOmelette

Description

[SpicyOmelette](https://attack.mitre.org/software/S0646) is a JavaScript based remote access tool that has been used by [Cobalt Group](https://attack.mitre.org/groups/G0080) since at least 2018.(Citation: Secureworks GOLD KINGSWOOD September 2018)

External References

• mitre-attack
• Secureworks GOLD KINGSWOOD September 2018

Techniques Used by This Malware

• T1005 — Data from Local System
• T1016 — System Network Configuration Discovery
• T1018 — Remote System Discovery
• T1059.007 — JavaScript
• T1082 — System Information Discovery
• T1105 — Ingress Tool Transfer
• T1204.001 — Malicious Link
• T1518 — Software Discovery
• T1518.001 — Security Software Discovery
• T1553.002 — Code Signing
• T1566.002 — Spearphishing Link

APT Groups Using This Malware

• Cobalt Group