CoralRaiderCoralRaider

Also known as: CoralRaider

Known aliases
1

Profile

CoralRaider is a financially motivated threat actor of Vietnamese origin, targeting victims in Asian and Southeast Asian countries since at least 2023. They use the RotBot loader family and XClient stealer to steal victim information, with hardcoded Vietnamese words in their payloads. CoralRaider operates from Hanoi, Vietnam, and uses a Telegram bot as a C2 channel for their malicious campaigns. Their activities include system reconnaissance, data exfiltration, and targeting victims in multiple countries in the region.

Aliases· 1

CoralRaider

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
CostaRicto
Actor
RANCOR
Actor
Raspberry Typhoon
Actor
CardinalLizard
Actor
Water Curupira
Actor
GhostR
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.