S0153Windows

S0153RedLeaves

Platforms
1
ATT&CK
14.1
References
4

Description

[RedLeaves](https://attack.mitre.org/software/S0153) is a malware family used by [menuPass](https://attack.mitre.org/groups/G0045). The code overlaps with [PlugX](https://attack.mitre.org/software/S0013) and may be based upon the open source tool Trochilus. (Citation: PWC Cloud Hopper Technical Annex April 2017) (Citation: FireEye APT10 April 2017)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0153
  2. https://twitter.com/ItsReallyNick/status/850105140589633536
  3. https://www.fireeye.com/blog/threat-research/2017/04/apt10_menupass_grou.html
  4. https://www.pwc.co.uk/cyber-security/pdf/pwc-uk-operation-cloud-hopper-technical-annex-april-2017.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
SNUGRIDE
Software
EvilGrab
Software
UPPERCUT
Software
RedRum
Software
ChChes
Software
NOKKI
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.