DEPRIMON

DEPRIMONDePriMon

Description

DePriMon is a malicious downloader, with several stages and using many non-traditional techniques. To achieve persistence, the malware registers a new local port monitor – a trick falling under the “Port Monitors” technique in the MITRE ATT&CK knowledgebase. For that, the malware uses the “Windows Default Print Monitor” name; that’s why we have named it DePriMon. Due to its complexity and modular architecture, we consider it to be a framework.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
DecService
Sub-technique
Port Monitors
Software
PipeMon
Software
DecYourData
LOLbin
PrintBrm.exe
Software
Prikormka
Sourced from MITRE ATT&CK Enterprise . Curated by Adam Lundqvist, SQUR.