CatB Active
Uses DLL side-loading via MSDTC service for deployment.1
Total Victims
2022-11-01
First Seen
2026-03-06
Last Seen
0
Known TTPs
5.9d
Avg Delay
0
Negotiations
ONION URLS
ehtcudurla2zbdy6gqvw5eme7vexbzr5vthh3qi72ckedf545ebar5ty.onion
bd62ogemzeq5f65oef73tlshfvg44mxryzrc4xmhmokpntryjmkyjyob.onion
TOOLS
DLL hijacking
MSDTC
FILE EXTENSIONS
.catB
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
| Date | Victim Name | Country | Sector | Status |
|---|---|---|---|---|
| 2026-03-06 | Frontier Technologies | Italy | Manufacturing | Removed |
No TTPs data
No YARA rules
No IoCs
No ransom notes