REDBALDKNIGHT’s Daserf Backdoor Now Uses Steganography
Tags
country: Japan Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID e864b2e2-eb78-493e-9de7-af9cdcd9b5fc
Fingerprint a6d0bddb8972c701
Analysis status DONE
Considered CTI value 1
Text language
Published Nov. 7, 2017, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Oct. 16, 2024, 2:27 a.m.
Headline REDBALDKNIGHT’s Daserf Backdoor Now Uses Steganography
Title REDBALDKNIGHT’s Daserf Backdoor Now Uses Steganography
Detected Hints/Tags/Attributes 74/3/1
Source URLs
Redirection Url
Details Source http://blog.trendmicro.com/trendlabs-security-intelligence/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography/
Details Source https://blog.trendmicro.com/trendlabs-security-intelligence/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography/
Details Source https://www.trendmicro.com/en_ie/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_gb/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_se/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_fi/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_ca/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_th/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_be/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_no/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
Details Source https://www.trendmicro.com/en_ph/research/17/k/redbaldknight-bronze-butler-daserf-backdoor-now-using-steganography.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Details trendmicro.com blog.trendmicro.com
Attributes
Details Type #Events CTI Value
Details CVE 6 
cve-2016-7836