Art of Anti Detection 2 – PE Backdoor Manufacturing – Pentest Blog
Tags
| attack-pattern: | Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | c4cd59b9-b547-4898-8d0c-4f90b0dd922b |
| Fingerprint | 240c501064f9dfb1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 10, 2017, 10:26 p.m. |
| Added to db | Jan. 18, 2023, 10:07 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Art of Anti Detection 2 – PE Backdoor Manufacturing |
| Title | Art of Anti Detection 2 – PE Backdoor Manufacturing – Pentest Blog |
| Detected Hints/Tags/Attributes | 52/1/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://pentest.blog/art-of-anti-detection-2-pe-backdoor-manufacturing/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 5 | nodistribute.com |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 2 | www.shellterproject.com |
|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | File | 55 | putty.exe |
|
| Details | File | 1 | stager_reverse_tcp_nx.asm |
|
| Details | File | 1 | createthread.asm |
|
| Details | File | 1 | ye0pnghxiwvsverklftblmauq.png |
|
| Details | Github username | 2 | secretsquirrel |
|
| Details | Url | 1 | http://nodistribute.com/result/image/ye0pnghxiwvsverklftblmauq.png |
|
| Details | Url | 1 | https://github.com/secretsquirrel/the-backdoor-factory |
|
| Details | Url | 1 | https://www.shellterproject.com |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/red_team |
|
| Details | Url | 2 | https://en.wikipedia.org/wiki/address_space_layout_randomization |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/code_cave |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/checksum |