Question 1

What is CORALDECK — CORALDECK?

Accepted Answer

CORALDECK is an exfiltration tool that searches for specified files and exfiltrates them in password protected archives using hardcoded HTTP POST headers. CORALDECK has been observed dropping and using Winrar to exfiltrate data in password protected RAR files as well as WinImage and zip archives

Question 2

What is the authoritative source for CORALDECK?

Accepted Answer

CORALDECK (CORALDECK) is catalogued in MITRE ATT&CK Enterprise and curated for EU compliance use cases by SQUR.

CORALDECKCORALDECK

Description

Related by meaning· 6