S0043Windows

S0043BUBBLEWRAP

Platforms
1
ATT&CK
14.1
References
2

Description

[BUBBLEWRAP](https://attack.mitre.org/software/S0043) is a full-featured, second-stage backdoor used by the [admin@338](https://attack.mitre.org/groups/G0018) group. It is set to run when the system boots and includes functionality to check, upload, and register plug-ins that can further enhance its capabilities. (Citation: FireEye admin@338)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
Groupadmin@338g001895%live

References

  1. https://attack.mitre.org/software/S0043
  2. https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Exaramel for Windows
Software
Spark
Software
Briba
Software
CozyCar
Software
Goopy
Software
Bumblebee
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.