Reports on cyber espionage operations have been on the rise in the last decade. However, operations in Latin America are heavily under researched and potentially underestimated. In this paper we analyse and dissect a cyber espionage tool known as Machete. The results presented in this work are based on the collection, reversing and analysis of Machete samples from 2013 to 2019. The large collection of samples allowed us to analyse changes in features and the malware’s evolution, including the latest changes introduced in January 2019. Our research shows that Machete is operated by a highly coordinated and organized group that focuses on Latin American targets. We describe the five phases of the APT operations from delivery to exfiltration of information and we show why Machete is considered a cyber espionage tool. Furthermore, our analysis indicates that the targeted victims belong to military, political or diplomatic sectors. The review of the almost six years of Machete operations shows that it is likely operated by a single group, and their activities are possibly state-sponsored. Machete is still active and operational to this day.