S0585Windows

S0585Kerrdown

Platforms
1
ATT&CK
14.1
References
3

Description

[Kerrdown](https://attack.mitre.org/software/S0585) is a custom downloader that has been used by [APT32](https://attack.mitre.org/groups/G0050) since at least 2018 to install spyware from a server on the victim's network.(Citation: Amnesty Intl. Ocean Lotus February 2021)(Citation: Unit 42 KerrDown February 2019)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0585
  2. https://www.amnestyusa.org/wp-content/uploads/2021/02/Click-and-Bait_Vietnamese-Human-Rights-Defenders-Targeted-with-Spyware-Attacks.pdf
  3. https://unit42.paloaltonetworks.com/tracking-oceanlotus-new-downloader-kerrdown/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Raindrop
Software
TEARDROP
Software
MoleNet
Software
CSPY Downloader
Software
PolyglotDuke
Software
down_new
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.