S0568Windows

S0568EVILNUM

Platforms
1
ATT&CK
14.1
References
3

Description

[EVILNUM](https://attack.mitre.org/software/S0568) is fully capable backdoor that was first identified in 2018. [EVILNUM](https://attack.mitre.org/software/S0568) is used by the APT group [Evilnum](https://attack.mitre.org/groups/G0120) which has the same name.(Citation: ESET EvilNum July 2020)(Citation: Prevailion EvilNum May 2020)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupEvilnumg0120100%live

References

  1. https://attack.mitre.org/software/S0568
  2. https://www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/
  3. https://www.prevailion.com/phantom-in-the-command-shell-2/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
SDBbot
Software
FatDuke
Software
TinyTurla
Software
Clambling
Software
ShadowPad
Software
Anchor
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.