Threats Tagged 'modular c2 framework'
View all threats tagged with 'modular c2 framework'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'modular c2 framework'
Click on any threat for detailed analysis and mitigation recommendations
Cavern Manticore: Exposing Iran-Linked Modular C2 Framework 0 Cavern Manticore is an Iran-linked threat actor campaign targeting Israeli government and IT sectors. The actor uses a modular command-and-control (C2) framework built on .NET, compiled into various formats including Mixed-Mode C++/CLI and Native AOT, which complicates analysis. Initial access is gained through abuse of Remote Monitoring and Management (RMM) software such as SysAid, leveraging supply-chain compromise tactics via IT providers. The framework includes core agents and specialized post-exploitation modules enabling file system operations, database browsing, LDAP querying, network reconnaissance, and tunneling. Technical overlaps connect this actor to Iranian MOIS-aligned groups like MuddyWater and the Lyceum subgroup of OilRig. No known exploits in the wild or patches are indicated. Join the discussion | AlienVault OTX General | 07/06/2026, 14:02:13 UTC Added: 07/07/2026, 14:14:38 UTC |
Showing 1 to 1 of 1 result