Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
4 distinct techniques documented for this family, organized by ATT&CK tactic.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A phishing distribution tool associated with Kali365 that sends phishing emails from compromised accounts to additional victims for lateral phishing and propagation.
Companion mass-mailing tool used with Kali365 to conduct lateral phishing from compromised Microsoft 365 accounts. It refreshes stolen tokens, sends mail through Microsoft Graph using a draft-create/send/delete workflow, throttles delivery in waves to preserve reputation, and supports sustained outbound phishing from victim mailboxes.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.