Threat Intelligence Report

TAMECAT - Analysis of an Iranian PowerShell-Based Backdoor

📅 January 29, 2026 📰 blog.pulsedive.com 🔍 0 CVE(s) referenced

Iranian state-sponsored APT42 is deploying the modular PowerShell-based TAMECAT malware in highly targeted espionage campaigns against senior defense and government officials, leveraging advanced obfuscation, social engineering, and encrypted C2 channels to exfiltrate sensitive data.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle