ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
BUBBLEWRAP | Unspecified | 1 | Bubblewrap is a malware that was observed being uploaded by the admin@338 threat group to their Dropbox account. The malware is a second stage backdoor that can communicate using HTTP, HTTPS, or a SOCKS proxy and is set to run when the system boots. The admin@338 group has been previously seen using |
LOWBALL | Unspecified | 1 | LOWBALL is a sophisticated malware payload that was utilized by a China-based cyber threat group, often referred to as "admin@338". This advanced persistent threat (APT) group used LOWBALL in their operations targeting media organizations in Hong Kong and Taiwan. The malware's first stage allows the |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |