S0663WindowsLinux

S0663SysUpdate

Platforms
2
ATT&CK
14.1
References
2

Description

[SysUpdate](https://attack.mitre.org/software/S0663) is a backdoor written in C++ that has been used by [Threat Group-3390](https://attack.mitre.org/groups/G0027) since at least 2020.(Citation: Trend Micro Iron Tiger April 2021) Documented platforms: Windows, Linux. Attributed to ATT&CK group: Threat Group-3390. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 2

WindowsLinux

Attributed to1

TypeTargetConfidenceTier
GroupThreat Group-3390g002795%live

References

  1. https://attack.mitre.org/software/S0663
  2. https://www.trendmicro.com/en_us/research/21/d/iron-tiger-apt-updates-toolkit-with-evolved-sysupdate-malware-va.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Clambling
Software
Sys10
Software
RCSession
Software
SDBbot
Software
Pandora
Software
SHOTPUT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.