LevelBlue - Open Threat Exchange
By TheNewRaikage
Archived: 2026-04-06 02:51:01 UTC
https://otx.alienvault.com/browse/pulses?q=tag:KASPERAGENT
Page 1 of 4

Threat Research | FireEye Inc
Find out more about FireEye.com, the world's leading cyber security company, which provides security services to
more than 1.5 million customers across the globe, and offers a wide range of products and services.
https://otx.alienvault.com/browse/pulses?q=tag:KASPERAGENT
Page 2 of 4

17 Subscribers
BadPatch: 5 Years Old Espionage Campaign Targeting Middle East Discovered
In April 2017, in collaboration with Clearsky, Palo Alto Networks Unit 42 published an article about our research
into targeted attacks in the Middle East. In that research we discussed two new malware families we named
KASPERAGENT and MICROPSIA. Since then, we have continued our research into the Command and Control
(C2) infrastructure associated with KASPERAGENT and MICROPSIA. This ongoing research lead us to a new
Middle Eastern campaign. Our findings from this new campaign include C2 infrastructure, new attack methods,
four types of malware (including Android malware), a system for management of stolen victim data and some
detail of the actors. It is notable that our research has shown that this newly-identified attack campaign dates back
to at least June 2012, over five years ago.
55 Subscribers
https://otx.alienvault.com/browse/pulses?q=tag:KASPERAGENT
Page 3 of 4

BadPatch
CVE: 1 | FileHash-SHA256: 150 | URL: 10 | Domain: 8 | Email: 5 | Hostname: 4
In April 2017, in collaboration with Clearsky, Palo Alto Networks Unit 42 published an article about our research
into targeted attacks in the Middle East. In that research we discussed two new malware families we named
KASPERAGENT and MICROPSIA. Since then, we have continued our research into the Command and Control
(C2) infrastructure associated with KASPERAGENT and MICROPSIA. This ongoing research lead us to a new
Middle Eastern campaign. Our findings from this new campaign include C2 infrastructure, new attack methods,
four types of malware (including Android malware), a system for management of stolen victim data and some
detail of the actors.
374,056 Subscribers
157 Subscribers
Source: https://otx.alienvault.com/browse/pulses?q=tag:KASPERAGENT
https://otx.alienvault.com/browse/pulses?q=tag:KASPERAGENT
Page 4 of 4