Curly COMradesCurly COMrades

Also known as: Curly COMrades

Known aliases
1

Profile

Curly COMrades is a threat actor identified by Amazon Threat Intelligence and Bitdefender, believed to operate in support of Russian interests. They employ techniques such as Hyper-V abuse for EDR evasion and utilize proxy tools like Resocks, SSH, and Stunnel to gain access to internal networks. Their activities include repeated attempts to extract the NTDS database from domain controllers and establishing covert access through virtualization features on compromised Windows 10 machines.

Aliases· 1

Curly COMrades

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
CloudSorcerer
Actor
People's Cyber Army of Russia
Actor
RomCom
Actor
APT29
Actor
UNC3524
Actor
SloppyLemming
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.