S1020Windows

S1020Kevin

Platforms
1
ATT&CK
14.1
References
2

Description

[Kevin](https://attack.mitre.org/software/S1020) is a backdoor implant written in C++ that has been used by [HEXANE](https://attack.mitre.org/groups/G1001) since at least June 2020, including in operations against organizations in Tunisia.(Citation: Kaspersky Lyceum October 2021) Documented platforms: Windows. Attributed to ATT&CK group: HEXANE. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupHEXANEg100195%live

References

  1. https://attack.mitre.org/software/S1020
  2. https://vblocalhost.com/uploads/VB2021-Kayal-etal.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Milan
Software
KEYPLUG
Software
Shark
Software
DnsSystem
Software
Nerex
Software
Sys10
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.