G0079 · 7 ATT&CK techniques · 0 correlated reports

DarkHydrus

Aliases: None listed

DarkHydrus is a threat group that has targeted government agencies and educational institutions in the Middle East since at least 2016. The group heavily leverages open-source tools and custom payloads for carrying out attacks.

Open interactive actor investigation

ATT&CK techniques

T1204.002
Malicious File T1187
Forced Authentication T1564.003
Hidden Window T1059.001
PowerShell T1566.001
Spearphishing Attachment T1221
Template Injection T1588.002
Tool

Correlated CTI and IR reports

Continue the investigation

Interactive ThreatMapper ThreatMapper documentation CTI Analyst Field Manual Israel Threat Actors CTI Anomaly Detection Atlas ITDR Handbook 1200km Medium research