S0649Windows

S0649SMOKEDHAM

Platforms
1
ATT&CK
14.1
References
3

Description

[SMOKEDHAM](https://attack.mitre.org/software/S0649) is a Powershell-based .NET backdoor that was first reported in May 2021; it has been used by at least one ransomware-as-a-service affiliate.(Citation: FireEye Shining A Light on DARKSIDE May 2021)(Citation: FireEye SMOKEDHAM June 2021) Documented platforms: Windows. Catalogued in ATT&CK 14.1. 3 references curated.

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0649
  2. https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html
  3. https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
POWERTON
Software
SombRAT
Software
SHARPSTATS
Software
EVILNUM
Software
FIVEHANDS
Software
QUADAGENT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.