Void BansheeVoid Banshee

Also known as: Void Banshee

Known aliases
1

Profile

Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CVE-2024-38112 to deliver the Atlantida info-stealer through malicious PDFs disguised as book files. The group uses internet shortcuts with MHTML protocol handlers to access and execute files through disabled Internet Explorer, posing a significant threat to organizations. Void Banshee's TTPs include crafting URL strings to control window sizes in IE and using HTML files to hide malicious downloads from victims.

Aliases· 1

Void Banshee

References

  1. https://www.trendmicro.com/en_us/research/24/g/CVE-2024-38112-void-banshee.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Void Arachne
Actor
Void Manticore
Actor
Void Rabisu
Actor
Void Blizzard
Actor
Avivore
Actor
UAC-0227
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.