S1085Windows

S1085Sardonic

Platforms
1
ATT&CK
14.1
References
3

Description

[Sardonic](https://attack.mitre.org/software/S1085) is a backdoor written in C and C++ that is known to be used by [FIN8](https://attack.mitre.org/groups/G0061), as early as August 2021 to target a financial institution in the United States. [Sardonic](https://attack.mitre.org/software/S1085) has a plugin system that can load specially made DLLs and execute their functions.(Citation: Bitdefender Sardonic Aug 2021)(Citation: Symantec FIN8 Jul 2023)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupFIN8g006195%live

References

  1. https://attack.mitre.org/software/S1085
  2. https://www.bitdefender.com/files/News/CaseStudies/study/401/Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN.pdf
  3. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/syssphinx-fin8-backdoor

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
BADHATCH
Software
Sys10
Software
S-Type
Software
Milan
Software
FunnyDream
Software
EVILNUM
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.