S0129Windows

S0129AutoIt backdoor

Platforms
1
ATT&CK
14.1
References
2

Description

[AutoIt backdoor](https://attack.mitre.org/software/S0129) is malware that has been used by the actors responsible for the MONSOON campaign. The actors frequently used it in weaponized .pps files exploiting CVE-2014-6352. (Citation: Forcepoint Monsoon) This malware makes use of the legitimate scripting language for Windows GUI automation with the same name.

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0129
  2. https://www.forcepoint.com/sites/default/files/resources/files/forcepoint-security-labs-monsoon-analysis-report.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
RainyDay
Software
Zebrocy
Software
PowerDuke
Software
Unknown Logger
Software
CozyCar
Software
TINYTYPHON
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.