INTRUDINGDIVISOR

INTRUDINGDIVISORIntrudingDivisor

Description

Like TwoFace, the IntrudingDivisor webshell requires the threat actor to authenticate before issuing commands. To authenticate, the actor must provide two pieces of information, first an integer that is divisible by 5473 and a string whose MD5 hash is “9A26A0E7B88940DAA84FC4D5E6C61AD0”. Upon successful authentication, the webshell has a command handler that uses integers within the request to determine the command to execute - To complete

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
WEBC2-DIV
Software
TwoFace
Software
Indrik
Software
63256 botnet
Software
WEBC2-ADSPACE
Software
D2+D
Sourced from MITRE ATT&CK Enterprise . Curated by Adam Lundqvist, SQUR.