Cервис управления информационной безопасностью
Cервис управления информационной безопасностью
Поиск
Вход Регистрация
MITRE ATT&CK - Инструмент China Chopper
Риски
Каталоги
MITRE ATT&CK
Инструмент
China Chopper
Куда я попал?
SECURITM это SGRC система, ? автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.
Подробнее
Наш канал

China Chopper

China Chopper is a Web Shell hosted on Web servers to provide access back into an enterprise network that does not rely on an infected system calling back to a remote command and control server.(Citation: Lee 2013) It has been used by several threat groups.(Citation: Dell TG-3390)(Citation: FireEye Periscope March 2018)(Citation: CISA AA21-200A APT40 July 2021)(Citation: Rapid7 HAFNIUM Mar 2021)
ID: S0020
Associated Software:
Type: MALWARE
Platforms: Windows
Version: 2.5
Created: 31 May 2017
Last Modified: 03 Jan 2024

Associated Software Descriptions
Name Description

Groups That Use This Software
ID Name References
G0093 GALLIUM

(Citation: Cybereason Soft Cell June 2019) (Citation: Microsoft GALLIUM December 2019)

G0135 BackdoorDiplomacy

(Citation: ESET BackdoorDiplomacy Jun 2021)

G0117 Fox Kitten

(Citation: CISA AA20-259A Iran-Based Actor September 2020)

G0027 Threat Group-3390

(Citation: Dell TG-3390) (Citation: SecureWorks BRONZE UNION June 2017) (Citation: Nccgroup Emissary Panda May 2018) (Citation: Unit42 Emissary Panda May 2019)

G0096 APT41

(Citation: apt41_dcsocytec_dec2022) (Citation: FireEye APT41 Aug 2019)

G1022 ToddyCat

(Citation: Kaspersky ToddyCat June 2022)

G0125 HAFNIUM

(Citation: FireEye Exchange Zero Days March 2021) (Citation: Rapid7 HAFNIUM Mar 2021) (Citation: Volexity Exchange Marauder March 2021)

G0065 Leviathan

(Citation: FireEye Periscope March 2018) (Citation: CISA AA21-200A APT40 July 2021) (Citation: Accenture MUDCARP March 2019)

References

  1. Cybereason Nocturnus. (2019, June 25). Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers. Retrieved July 18, 2019.
  2. Dell SecureWorks Counter Threat Unit Threat Intelligence. (2015, August 5). Threat Group-3390 Targets Organizations for Cyberespionage. Retrieved August 18, 2018.
  3. Eoin Miller. (2021, March 23). Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange. Retrieved October 27, 2022.
  4. MSTIC. (2019, December 12). GALLIUM: Targeting global telecom. Retrieved January 13, 2021.
  5. The Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), CERT New Zealand, the UK National Cyber Security Centre (UK NCSC) and the US National Cybersecurity and Communications Integration Center (NCCIC). (2018, October 11). Joint report on publicly available hacking tools. Retrieved March 11, 2019.
  6. Dedola, G. (2022, June 21). APT ToddyCat. Retrieved January 3, 2024.
  7. FireEye. (2018, March 16). Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering and Maritime Industries. Retrieved April 11, 2018.
  8. Counter Threat Unit Research Team. (2017, June 27). BRONZE UNION Cyberespionage Persists Despite Disclosures. Retrieved July 13, 2017.
  9. CISA. (2021, July 19). (AA21-200A) Joint Cybersecurity Advisory – Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department. Retrieved August 12, 2021.
  10. Lee, T., Hanzlik, D., Ahl, I. (2013, August 7). Breaking Down the China Chopper Web Shell - Part I. Retrieved March 27, 2015.
Навигация

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.