SierraAlfa

Description

(Novetta) A self-install service-based executable, SierraAlfa begins a chain of infection that ultimately leads to the potential devastation of an entire network of computers. SierraAlfa is responsible for the distribution and activation of WhiskeyAlfa on a victim’s network. The observed samples of SierraAlfa were clearly built specifically for the SPE attacks as they contain infrastructure and account information specific to SPE’s networks.

Two variants have been observed: SierraAlfa-One and SierraAlfa-Two. SierraAlfa-One is the base model, while SierraAlfa-Two provides additional features to ensure the propagation of the malicious payload within.

Names

Name
SierraAlfa

Type

Worm
Loader

Information

https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-RAT-and-Staging-Report.pdf

Other Information

Uuid

4764835e-c81f-4279-97fb-131a3752dd25

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

SierraAlfa

SierraAlfa

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks