ioc[.]one - OSINT Cyber Threat Intelligence Database

New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors

Tags

country:	China
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	b2fb5140-7161-4d47-88cf-639fc5bceee8
Fingerprint	b59a9dfd8898e457
Analysis status	DONE
Considered CTI value	1
Text language
Published	Feb. 25, 2022, 10:51 p.m.
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Title	New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Detected Hints/Tags/Attributes	32/2/2

Source URLs

	Redirection	Url
Details	Source	https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

URL Provider

Details	Provider	Source level domain
Details	thehackernews.com	thehackernews.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	16		cve-2021-28799
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	11		DEV-0322