{ "id": "e1383f3c-b87f-4a1f-bd26-3b4bc91afb90", "created_at": "2026-04-06T00:16:01.838711Z", "updated_at": "2026-04-10T03:35:52.791211Z", "deleted_at": null, "sha1_hash": "83e54aa4fa3e3d8b49ee277b143ba207f54d32bc", "title": "Threat Intelligence Blog", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 503164, "plain_text": "Threat Intelligence Blog\r\nArchived: 2026-04-02 10:39:15 UTC\r\nThreat Intel Blog\r\nThe latest updates in threat intelligence: breaking news, expert analysis, and thought leadership to help security\r\npractitioners stay ahead. Subscribe to The Flashpoint Newsletter!\r\nFeatured\r\nNavigating 2026’s Converged Threats: Insights from Flashpoint’s Global Threat Intelligence Report\r\nIn this post, we preview the critical findings of the 2026 Global Threat Intelligence Report, highlighting how the\r\ncollapse of traditional security silos and the rise of autonomous, machine-speed attacks are forcing a total\r\nreimagining of modern defense.\r\nhttps://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/\r\nPage 1 of 2\n\nTrending Articles\r\nCorporate and Physical Security\r\nCourt Documents\r\nCurrent Events\r\nCyber Threat Intelligence\r\nData Breaches\r\nDevSecOps\r\nFlashpoint\r\nFraud\r\nIllicit Communities\r\nInfostealer\r\nInsider Threats\r\nIsrael-Hamas Conflict\r\nProduct Features\r\nPublic Sector and Government\r\nRansomware\r\nVulnerability Management\r\nThere are no results that match your criteria.\r\nSource: https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/\r\nhttps://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "MITRE", "MISPGALAXY", "ETDA", "Malpedia" ], "references": [ "https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/" ], "report_names": [ "fin7-revisited-inside-astra-panel-and-sqlrat-malware" ], "threat_actors": [ { "id": "9de1979b-40fc-44dc-855d-193edda4f3b8", "created_at": "2025-08-07T02:03:24.92723Z", "updated_at": "2026-04-10T02:00:03.755516Z", "deleted_at": null, "main_name": "GOLD LOCUST", "aliases": [ "Anunak", "Carbanak", "Carbon Spider ", "FIN7 ", "Silicon " ], "source_name": "Secureworks:GOLD LOCUST", "tools": [ "Carbanak" ], "source_id": "Secureworks", "reports": null }, { "id": "bb8702c5-52ac-4359-8409-998a7cc3eeaf", "created_at": "2023-01-06T13:46:38.405479Z", "updated_at": "2026-04-10T02:00:02.961112Z", "deleted_at": null, "main_name": "FIN7", "aliases": [ "ATK32", "G0046", "G0008", "Sangria Tempest", "ELBRUS", "GOLD NIAGARA", "Coreid", "Carbanak", "Carbon Spider", "JokerStash", "CARBON SPIDER" ], "source_name": "MISPGALAXY:FIN7", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "f4f16213-7a22-4527-aecb-b964c64c2c46", "created_at": "2024-06-19T02:03:08.090932Z", "updated_at": "2026-04-10T02:00:03.6289Z", "deleted_at": null, "main_name": "GOLD NIAGARA", "aliases": [ "Calcium ", "Carbanak", "Carbon Spider ", "FIN7 ", "Navigator ", "Sangria Tempest ", "TelePort Crew " ], "source_name": "Secureworks:GOLD NIAGARA", "tools": [ "Bateleur", "Carbanak", "Cobalt Strike", "DICELOADER", "DRIFTPIN", "GGLDR", "GRIFFON", "JSSLoader", "Meterpreter", "OFFTRACK", "PILLOWMINT", "POWERTRASH", "SUPERSOFT", "TAKEOUT", "TinyMet" ], "source_id": "Secureworks", "reports": null }, { "id": "bfded1cf-be73-44f9-a391-0751c9996f9a", "created_at": "2022-10-25T15:50:23.337107Z", "updated_at": "2026-04-10T02:00:05.252413Z", "deleted_at": null, "main_name": "FIN7", "aliases": [ "FIN7", "GOLD NIAGARA", "ITG14", "Carbon Spider", "ELBRUS", "Sangria Tempest" ], "source_name": "MITRE:FIN7", "tools": [ "Mimikatz", "AdFind", "JSS Loader", "HALFBAKED", "REvil", "PowerSploit", "CrackMapExec", "Carbanak", "Pillowmint", "Cobalt Strike", "POWERSOURCE", "RDFSNIFFER", "SQLRat", "Lizar", "TEXTMATE", "BOOSTWRITE" ], "source_id": "MITRE", "reports": null }, { "id": "d85adfe3-e1c3-40b0-b8bb-d1bacadc4d82", "created_at": "2022-10-25T16:07:23.619566Z", "updated_at": "2026-04-10T02:00:04.690061Z", "deleted_at": null, "main_name": "FIN7", "aliases": [ "APT-C-11", "ATK 32", "G0046", "Gold Niagara", "GrayAlpha", "ITG14", "TAG-CR1" ], "source_name": "ETDA:FIN7", "tools": [ "7Logger", "Agentemis", "Anubis Backdoor", "Anunak", "Astra", "BIOLOAD", "BIRDWATCH", "Bateleur", "Boostwrite", "CROWVIEW", "Carbanak", "Cobalt Strike", "CobaltStrike", "DICELOADER", "DNSMessenger", "FOWLGAZE", "HALFBAKED", "JSSLoader", "KillACK", "LOADOUT", "Lizar", "Meterpreter", "Mimikatz", "NetSupport", "NetSupport Manager", "NetSupport Manager RAT", "NetSupport RAT", "NetSupportManager RAT", "POWERPLANT", "POWERSOURCE", "RDFSNIFFER", "Ragnar Loader", "SQLRAT", "Sardonic", "Sekur", "Sekur RAT", "TEXTMATE", "Tirion", "VB Flash", "cobeacon" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434561, "ts_updated_at": 1775792152, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/83e54aa4fa3e3d8b49ee277b143ba207f54d32bc.pdf", "text": "https://archive.orkl.eu/83e54aa4fa3e3d8b49ee277b143ba207f54d32bc.txt", "img": "https://archive.orkl.eu/83e54aa4fa3e3d8b49ee277b143ba207f54d32bc.jpg" } }