[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:09
[ALL_FAMILIES]

Claimloader

loader7 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Claimloader
CATEGORY:
LOADER
DESCRIPTION:
Claimloader is a loader malware associated with the Hive0154 threat group and Mustang Panda. It is designed to download and execute additional payloads on compromised systems and has been observed in targeted attacks against organizations in the US, Philippines, Pakistan, and Taiwan.
ALIASES:
Claimloader
TAGS:
payload_deliverytargeted_attackmulti_stagehive0154mustang_panda

[MUTEX_SIGNATURES](7)

[MUTEX_01]
TB<yearmonthdate>
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_02]
MTM<yearmonthdate>
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_03]
CATM<yearmonthdate>
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_04]
GameBoxABC
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_05]
GameGpu0428
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_06]
GameFind057
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan
[MUTEX_07]
GameBoxTV59
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://www.ibm.com/think/x-force/hive0154-targeting-us-philippines-pakistan-taiwan

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Hive0154
Mustang Panda
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:7
THREAT_ACTORS:2
ALIASES:1
TAGS:5
CATEGORY:LOADER
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]